PkgRadar

Go modules · proxy.golang.org

github.com/xelhaku/golang-hermes-agent

Credential file access, Remote Payload, Obfuscation Density

Why PkgRadar flagged v0.2.28-0.20260621224855-3332452d28b4

SeveritySignalEvidence
highCredential file access
mediumRemote Payload
mediumRemote Payload
mediumRemote Payload
mediumRemote Payload
mediumRemote Payload
mediumRemote Payload
mediumRemote Payload
mediumRemote Payload
mediumRemote Payload
mediumRemote Payload
mediumRemote Payload

Showing signal labels only. Sign in to view the exact matched indicators for each finding.

Scanned versions

VersionVerdictScoreScanned (UTC)
v0.2.28-0.20260621224855-3332452d28b4High risk842026-06-27
v0.2.27High risk792026-06-27

Block this in CI

PkgRadar gates github.com/xelhaku/golang-hermes-agent (and every other dependency) before it merges. One line in your pipeline:

pkgradar gate --ecosystem go github.com/xelhaku/[email protected]
Start free — 25 scans / moView full evidence
github.com/xelhaku/golang-hermes-agent — Go modules security scan | PkgRadar