Cargo · crates.io
rr-rtk
Remote Payload: matched "curl "
Why PkgRadar flagged 0.42.3-rr.1
| Severity | Signal | Evidence |
|---|---|---|
| medium | Remote Payload | matched "curl " · rr-rtk-0.42.3-rr.1/src/discover/registry.rs |
| medium | Remote Payload | matched "curl " · rr-rtk-0.42.3-rr.1/src/hooks/hook_cmd.rs |
| medium | Remote Payload | matched "curl " · rr-rtk-0.42.3-rr.1/src/hooks/init.rs |
| medium | Remote Payload | matched "curl " · rr-rtk-0.42.3-rr.1/src/hooks/integrity.rs |
| medium | Remote Payload | matched "curl " · rr-rtk-0.42.3-rr.1/src/hooks/permissions.rs |
| medium | Remote Payload | matched "Wget " · rr-rtk-0.42.3-rr.1/src/main.rs |
Scanned versions
| Version | Verdict | Score | Scanned (UTC) |
|---|---|---|---|
0.42.3-rr.1 | High risk | 72 | 2026-06-08 |
Block this in CI
pkgradar gate --ecosystem cargo [email protected]