PkgRadar

Cargo · crates.io

garudust-tools

Remote Payload: matched "raw.githubusercontent.com"

Why PkgRadar flagged 0.13.8

SeveritySignalEvidence
mediumRemote Payloadmatched "raw.githubusercontent.com" · garudust-tools-0.13.8/src/hub.rs
mediumRemote Payloadmatched "raw.githubusercontent.com" · garudust-tools-0.13.8/src/skill_hub.rs
mediumRemote Payloadmatched "curl " · garudust-tools-0.13.8/src/toolsets/script.rs

Scanned versions

VersionVerdictScoreScanned (UTC)
0.13.8High risk412026-06-13
0.13.7High risk412026-06-06
0.13.6High risk412026-06-05
0.13.5High risk412026-06-05
0.13.4High risk412026-06-05
0.13.3High risk412026-06-04
0.13.2High risk412026-06-03

Block this in CI

PkgRadar gates garudust-tools (and every other dependency) before it merges. One line in your pipeline:

pkgradar gate --ecosystem cargo [email protected]
Start free — 25 scans / moView full evidence
garudust-tools — Cargo security scan | PkgRadar