Go modules · proxy.golang.org

github.com/maistra/istio

Go Generate Shell, Tls Verification Disabled, Remote Payload

Why PkgRadar flagged v0.0.0-20260619085659-b657bcf2488b

Severity	Signal	Evidence
medium	Go Generate Shell	github.com/maistra/[email protected]/cni/pkg/ebpf/server/redirectionServer_linux.go
medium	Go Generate Shell	github.com/maistra/[email protected]/pkg/config/xds/filter_types.go
medium	Tls Verification Disabled	github.com/maistra/[email protected]/istioctl/pkg/config/config.go
medium	Remote Payload	github.com/maistra/[email protected]/istioctl/pkg/proxyconfig/proxyconfig.go
medium	Remote Payload	github.com/maistra/[email protected]/istioctl/pkg/proxystatus/proxystatus.go
medium	Tls Verification Disabled	github.com/maistra/[email protected]/istioctl/pkg/xds/client.go
medium	Tls Verification Disabled	github.com/maistra/[email protected]/pilot/cmd/pilot-agent/status/server.go
medium	Remote Payload	github.com/maistra/[email protected]/pkg/config/analysis/diag/message.go
medium	Tls Verification Disabled	github.com/maistra/[email protected]/pkg/istio-agent/health/health_probers.go
medium	Tls Verification Disabled	github.com/maistra/[email protected]/pkg/kube/spdy.go
medium	Remote Payload	github.com/maistra/[email protected]/pkg/url/url.go
medium	Tls Verification Disabled	github.com/maistra/[email protected]/pkg/wasm/httpfetcher.go

Showing signal labels only. Sign in to view the exact matched indicators for each finding.

Scanned versions

Version	Verdict	Score	Scanned (UTC)
`v0.0.0-20260619085659-b657bcf2488b`	Review	116	2026-06-21

Block this in CI

PkgRadar gates github.com/maistra/istio (and every other dependency) before it merges. One line in your pipeline:

pkgradar gate --ecosystem go github.com/maistra/[email protected]