Go modules · proxy.golang.org

github.com/znasllc-io/memql

Remote Payload: matched "cURL\n\t"

Why PkgRadar flagged v0.9.7-0.20260602203324-8dbc21b0811d

Severity	Signal	Evidence
medium	Remote Payload	matched "cURL\n\t" · github.com/znasllc-io/[email protected]/component/polyphon/localroom.go
medium	Remote Payload	matched "curl " · github.com/znasllc-io/[email protected]/component/safety/llm/prompt.go
medium	Remote Payload	matched "cURL " · github.com/znasllc-io/[email protected]/integrations/avatardirect/avatardirect.go
medium	Remote Payload	matched "curl " · github.com/znasllc-io/[email protected]/integrations/knowledge/seed.go

Scanned versions

Version	Verdict	Score	Scanned (UTC)
`v0.9.7-0.20260602203324-8dbc21b0811d`	High risk	53	2026-06-03
`v0.9.6`	High risk	41	2026-06-03
`v0.9.0`	High risk	41	2026-05-31

Block this in CI

PkgRadar gates github.com/znasllc-io/memql (and every other dependency) before it merges. One line in your pipeline:

pkgradar gate --ecosystem go github.com/znasllc-io/[email protected]