PkgRadar

Cargo · crates.io

lib-q-keccak

Rs Build Time Command: Process spawn (std::process::Command) at build time.

Why PkgRadar flagged 0.0.6

SeveritySignalEvidence
mediumRs Build Time CommandProcess spawn (std::process::Command) at build time. · lib-q-keccak-0.0.6/build.rs
mediumRemote Payloadmatched "raw.githubusercontent.com" · lib-q-keccak-0.0.6/src/lib.rs

Scanned versions

VersionVerdictScoreScanned (UTC)
0.0.6Review422026-06-07
0.0.5Review422026-05-31

Block this in CI

PkgRadar gates lib-q-keccak (and every other dependency) before it merges. One line in your pipeline:

pkgradar gate --ecosystem cargo [email protected]
Start free — 25 scans / moView full evidence
lib-q-keccak — Cargo security scan | PkgRadar