Go modules · proxy.golang.org
github.com/mrz1836/go-mage
Remote Payload: matched "curl "
Why PkgRadar flagged v1.24.1-0.20260531041056-2aa03295e3b2
| Severity | Signal | Evidence |
|---|---|---|
| medium | Remote Payload | matched "curl " · github.com/mrz1836/[email protected]/pkg/mage/agentos.go |
| medium | Remote Payload | matched "Curl " · github.com/mrz1836/[email protected]/pkg/mage/constants.go |
| medium | Remote Payload | matched "curl " · github.com/mrz1836/[email protected]/pkg/mage/lint.go |
| medium | Remote Payload | matched "curl " · github.com/mrz1836/[email protected]/pkg/mage/speckit.go |
| medium | Remote Payload | matched "Curl " · github.com/mrz1836/[email protected]/pkg/mage/speckit_release.go |
Scanned versions
| Version | Verdict | Score | Scanned (UTC) |
|---|---|---|---|
v1.24.1-0.20260531041056-2aa03295e3b2 | High risk | 60 | 2026-06-04 |
v1.22.1 | High risk | 60 | 2026-06-04 |
v1.22.0 | High risk | 60 | 2026-06-04 |
v1.23.1-0.20260526221159-4bbdb3f714dc | Review | 60 | 2026-05-31 |
v1.23.0 | Review | 60 | 2026-05-31 |
Block this in CI
pkgradar gate --ecosystem go github.com/mrz1836/[email protected]