PkgRadar

Go modules · proxy.golang.org

github.com/safedep/vet

Remote Payload: matched "Curl "

Why PkgRadar flagged v1.17.4

SeveritySignalEvidence
mediumRemote Payloadmatched "Curl " · github.com/safedep/[email protected]/gen/insightapi/insights.types.go

Scanned versions

VersionVerdictScoreScanned (UTC)
v1.17.4Review122026-06-12
v1.17.4-0.20260530042045-21e6a4bb3abaReview122026-05-31
v1.17.3Review122026-05-31

Block this in CI

PkgRadar gates github.com/safedep/vet (and every other dependency) before it merges. One line in your pipeline:

pkgradar gate --ecosystem go github.com/safedep/[email protected]
Start free — 25 scans / moView full evidence