PkgRadar

Cargo · crates.io

cgx-core

Remote Payload: matched "github.com/eza-community/eza/releases/download"

Why PkgRadar flagged 0.0.11

SeveritySignalEvidence
mediumRemote Payloadmatched "github.com/eza-community/eza/releases/download" · cgx-core-0.0.11/src/bin_resolver/providers/binstall.rs
mediumRemote Payloadmatched "github.com/cargo-bins/cargo-quickinstall/releases/download" · cgx-core-0.0.11/src/bin_resolver/providers/quickinstall.rs

Scanned versions

VersionVerdictScoreScanned (UTC)
0.0.11Review242026-06-03
0.0.10Review292026-05-28

Block this in CI

PkgRadar gates cgx-core (and every other dependency) before it merges. One line in your pipeline:

pkgradar gate --ecosystem cargo [email protected]
Start free — 25 scans / moView full evidence
cgx-core — Cargo security scan | PkgRadar