PkgRadar

Cargo · crates.io

gsigner

Shell Credential File Read, Suspicious Publish Context

Why PkgRadar flagged 2.0.0-pre.1

SeveritySignalEvidence
highShell Credential File Read
highShell Credential File Read
mediumSuspicious Publish Context

Showing signal labels only. Sign in to view the exact matched indicators for each finding.

Scanned versions

VersionVerdictScoreScanned (UTC)
2.0.0-pre.1High risk1002026-06-26

Block this in CI

PkgRadar gates gsigner (and every other dependency) before it merges. One line in your pipeline:

pkgradar gate --ecosystem cargo [email protected]
Start free — 25 scans / moView full evidence
gsigner — Cargo security scan | PkgRadar