Cargo · crates.io
revka
Webhook Exfil Endpoint: matched "api.telegram.org/bot"
Why PkgRadar flagged 2026.6.11
| Severity | Signal | Evidence |
|---|---|---|
| high | Webhook Exfil Endpoint | matched "api.telegram.org/bot" · revka-2026.6.11/src/onboard/wizard.rs |
| medium | Rs Build Time Command | Process spawn (std::process::Command) at build time. · revka-2026.6.11/build.rs |
| medium | Remote Payload | matched "curl " · revka-2026.6.11/src/agent/loop_.rs |
| medium | Remote Payload | matched "curl " · revka-2026.6.11/src/cron/mod.rs |
| medium | Remote Payload | matched "curl " · revka-2026.6.11/src/cron/scheduler.rs |
| medium | Remote Payload | matched "curl " · revka-2026.6.11/src/peripherals/arduino_flash.rs |
| medium | Remote Payload | matched "curl " · revka-2026.6.11/src/peripherals/nucleo_flash.rs |
| medium | Remote Payload | matched "curl " · revka-2026.6.11/src/security/policy.rs |
| medium | Remote Payload | matched "curl " · revka-2026.6.11/src/skills/audit.rs |
| medium | Remote Payload | matched "curl " · revka-2026.6.11/src/skills/mod.rs |
| medium | Remote Payload | matched "curl " · revka-2026.6.11/src/tools/cron_add.rs |
| medium | Remote Payload | matched "curl " · revka-2026.6.11/src/tools/cron_update.rs |
Scanned versions
| Version | Verdict | Score | Scanned (UTC) |
|---|---|---|---|
2026.6.11 | High risk | 155 | 2026-06-12 |
Block this in CI
pkgradar gate --ecosystem cargo [email protected]