PkgRadar

Coverage cargo

Cargo crates.io

Rust. build.rs runs on `cargo build`; proc-macro crates' library code runs during the consumer's compilation. Detection focuses on Process::Command + network/base64/env-token combos at build time.

Packages scanned

30,792

High risk

257

Review

4,089

High-severity findings

182

Last scan

1m ago

Install-time attack surface

build.rs + proc-macro crate library code — both execute at the consumer's compile time

Supported lockfile formats

Spec format

pkgradar gate --ecosystem cargo [email protected]

Recent activity

The corpus-wide release feed lives on /campaigns. A per-ecosystem release feed for Cargo is on the roadmap — the stats above are filtered to this ecosystem in the meantime.

Other ecosystems

npmPyPIRubyGemsMavenNuGetComposerGo modulesPub (Dart)