Go modules · proxy.golang.org

mygithub.libinneed.workers.dev/ardanlabs/service

Shell Credential File Read, Obfuscation Density

Why PkgRadar flagged v0.0.0-20260622172641-43e8ae07abdc

Severity	Signal	Evidence
high	Shell Credential File Read	mygithub.libinneed.workers.dev/ardanlabs/[email protected]/foundation/keystore/keystore.go

Showing signal labels only. Sign in to view the exact matched indicators for each finding.

Scanned versions

Version	Verdict	Score	Scanned (UTC)
`v0.0.0-20260622172641-43e8ae07abdc`	High risk	45	2026-06-24
`v0.0.0-20260610140725-dada719f7a85`	Low risk	0	2026-06-14
`v0.0.0-20260526181336-1356e781eed5`	Low risk	0	2026-06-01

Block this in CI

PkgRadar gates mygithub.libinneed.workers.dev/ardanlabs/service (and every other dependency) before it merges. One line in your pipeline:

pkgradar gate --ecosystem go mygithub.libinneed.workers.dev/ardanlabs/[email protected]