PkgRadar

Cargo · crates.io

renso-code-graph-mcp

Rs Build Time Network: HTTP / TCP network call inside build.rs — downloads at compile time.

Why PkgRadar flagged 1.2.1

SeveritySignalEvidence
highRs Build Time NetworkHTTP / TCP network call inside build.rs — downloads at compile time. · renso-code-graph-mcp-1.2.1/build.rs
mediumRemote Payloadmatched "curl " · renso-code-graph-mcp-1.2.1/build.rs
mediumRemote Payloadmatched "curl " · renso-code-graph-mcp-1.2.1/src/main.rs
mediumRemote Payloadmatched "github.com/Renso-AI/code-graph-dist/releases/download" · renso-code-graph-mcp-1.2.1/src/manifest.rs

Scanned versions

VersionVerdictScoreScanned (UTC)
1.2.1High risk862026-06-13
1.2.0High risk862026-06-11
1.1.13High risk862026-06-11
1.1.12High risk862026-06-11
1.1.11High risk862026-06-10
1.1.10High risk862026-06-10
1.1.9High risk862026-06-10
1.1.8High risk862026-06-09
1.1.7High risk862026-06-09
1.1.6High risk862026-06-09
1.1.5High risk862026-06-09
1.1.4High risk862026-06-09
1.1.3High risk862026-06-08
1.1.2High risk862026-06-08
1.1.1High risk862026-06-08
1.1.0High risk862026-06-07
1.0.27High risk862026-06-05
1.0.26High risk862026-06-04
1.0.25High risk862026-06-04
1.0.24High risk862026-06-04
1.0.23High risk862026-06-04
1.0.22High risk862026-06-02
1.0.20High risk862026-05-31
1.0.19High risk862026-05-30
1.0.18High risk862026-05-30
1.0.17High risk862026-05-30
1.0.16High risk862026-05-30
1.0.15High risk862026-05-30
1.0.14High risk862026-05-30
1.0.13High risk862026-05-30
1.0.12High risk862026-05-30

Block this in CI

PkgRadar gates renso-code-graph-mcp (and every other dependency) before it merges. One line in your pipeline:

pkgradar gate --ecosystem cargo [email protected]
Start free — 25 scans / moView full evidence