Cargo · crates.io
bctx-weave
Remote Payload: matched "curl "
Why PkgRadar flagged 0.1.28
| Severity | Signal | Evidence |
|---|---|---|
| medium | Remote Payload | matched "curl " · bctx-weave-0.1.28/src/domains/lint/syft.rs |
| medium | Remote Payload | matched "curl " · bctx-weave-0.1.28/src/domains/lint/trivy.rs |
| medium | Remote Payload | matched "curl " · bctx-weave-0.1.28/src/domains/pkg/apt.rs |
Scanned versions
| Version | Verdict | Score | Scanned (UTC) |
|---|---|---|---|
0.1.28 | High risk | 41 | 2026-06-08 |
0.1.27 | High risk | 41 | 2026-06-08 |
0.1.26 | High risk | 41 | 2026-06-07 |
Block this in CI
pkgradar gate --ecosystem cargo [email protected]