PkgRadar

Cargo · crates.io

cc-token-usage

Remote Payload: matched "github.com/{GITHUB_REPO}/releases/download"

Why PkgRadar flagged 3.1.0

SeveritySignalEvidence
mediumRemote Payloadmatched "github.com/{GITHUB_REPO}/releases/download" · cc-token-usage-3.1.0/src/update.rs

Scanned versions

VersionVerdictScoreScanned (UTC)
3.1.0Review122026-06-02

Block this in CI

PkgRadar gates cc-token-usage (and every other dependency) before it merges. One line in your pipeline:

pkgradar gate --ecosystem cargo [email protected]
Start free — 25 scans / moView full evidence