PkgRadar

Cargo · crates.io

opencrabs

Remote Payload: matched "curl "

Why PkgRadar flagged 0.3.38

SeveritySignalEvidence
mediumRemote Payloadmatched "curl " · opencrabs-0.3.38/src/brain/rsi.rs
mediumRemote Payloadmatched "raw.githubusercontent.com" · opencrabs-0.3.38/src/brain/rsi_sync.rs
mediumRemote Payloadmatched "curl " · opencrabs-0.3.38/src/tui/onboarding/types.rs
mediumRemote Payloadmatched "curl " · opencrabs-0.3.38/src/utils/sanitize.rs

Scanned versions

VersionVerdictScoreScanned (UTC)
0.3.38High risk582026-06-13
0.3.37High risk582026-06-12
0.3.36High risk582026-06-07
0.3.35High risk582026-06-04
0.3.34High risk582026-06-02
0.3.33High risk582026-05-31
0.3.32High risk582026-05-31
0.3.31Review582026-05-30
0.3.30High risk582026-05-30

Block this in CI

PkgRadar gates opencrabs (and every other dependency) before it merges. One line in your pipeline:

pkgradar gate --ecosystem cargo [email protected]
Start free — 25 scans / moView full evidence