Go modules · proxy.golang.org
github.com/qwexvf/aegis-cli
Known Indicator Filename: github.com/qwexvf/[email protected]/examples/incidents/npm/tanstack-router-1.169.5/router_init.js
Why PkgRadar flagged v0.28.0
| Severity | Signal | Evidence |
|---|---|---|
| high | Known Indicator Filename | github.com/qwexvf/[email protected]/examples/incidents/npm/tanstack-router-1.169.5/router_init.js · github.com/qwexvf/[email protected]/examples/incidents/npm/tanstack-router-1.169.5/router_init.js |
| high | Webhook Exfil Endpoint | matched "ngrok-free.app" · github.com/qwexvf/[email protected]/internal/infra/scan/ast/js/taint.go |
| high | Webhook Exfil Endpoint | matched "ngrok-free.app" · github.com/qwexvf/[email protected]/internal/infra/scan/heuristics/source_patterns.go |
Scanned versions
| Version | Verdict | Score | Scanned (UTC) |
|---|---|---|---|
v0.28.0 | High risk | 95 | 2026-06-12 |
v0.29.1 | High risk | 95 | 2026-06-12 |
Block this in CI
pkgradar gate --ecosystem go github.com/qwexvf/[email protected]