Go modules · proxy.golang.org
github.com/qoliber/magebox
Remote Payload: matched "curl "
Why PkgRadar flagged v1.18.0
| Severity | Signal | Evidence |
|---|---|---|
| medium | Remote Payload | matched "curl " · github.com/qoliber/[email protected]/cmd/magebox/blackfire.go |
| medium | Remote Payload | matched "curl " · github.com/qoliber/[email protected]/cmd/magebox/new.go |
| medium | Remote Payload | matched "wget " · github.com/qoliber/[email protected]/internal/blackfire/installer.go |
| medium | Remote Payload | matched "curl " · github.com/qoliber/[email protected]/internal/bootstrap/installer/fedora.go |
| medium | Remote Payload | matched "github.com/netz98/n98-magerun2/releases/download" · github.com/qoliber/[email protected]/internal/magerunwrapper/downloader.go |
| medium | Remote Payload | matched "curl " · github.com/qoliber/[email protected]/internal/php/extensions.go |
| medium | Remote Payload | matched "curl " · github.com/qoliber/[email protected]/internal/platform/platform.go |
| medium | Remote Payload | matched "curl " · github.com/qoliber/[email protected]/internal/tideways/installer.go |
Scanned versions
| Version | Verdict | Score | Scanned (UTC) |
|---|---|---|---|
v1.18.0 | High risk | 94 | 2026-06-12 |
Block this in CI
pkgradar gate --ecosystem go github.com/qoliber/[email protected]