Cargo · crates.io
tina4
Remote Payload: matched "curl "
Why PkgRadar flagged 3.8.28
| Severity | Signal | Evidence |
|---|---|---|
| medium | Remote Payload | matched "curl " · tina4-3.8.28/src/init.rs |
| medium | Remote Payload | matched "curl " · tina4-3.8.28/src/install.rs |
| medium | Remote Payload | matched "github.com/{}/releases/download" · tina4-3.8.28/src/main.rs |
Scanned versions
| Version | Verdict | Score | Scanned (UTC) |
|---|---|---|---|
3.8.28 | High risk | 36 | 2026-06-03 |
3.8.27 | High risk | 36 | 2026-06-03 |
3.8.26 | High risk | 36 | 2026-06-01 |
Block this in CI
pkgradar gate --ecosystem cargo [email protected]