Cargo · crates.io
tirith-core
Remote Payload: matched "Invoke-WebRequest"
Why PkgRadar flagged 0.3.2
| Severity | Signal | Evidence |
|---|---|---|
| medium | Remote Payload | matched "Invoke-WebRequest" · tirith-core-0.3.2/build.rs |
| medium | Remote Payload | matched "curl " · tirith-core-0.3.2/src/aliases.rs |
| medium | Remote Payload | matched "curl " · tirith-core-0.3.2/src/audit_aggregator.rs |
| medium | Remote Payload | matched "curl " · tirith-core-0.3.2/src/dashboard.rs |
| medium | Remote Payload | matched "invoke-webrequest" · tirith-core-0.3.2/src/install_script_analysis.rs |
| medium | Remote Payload | matched "curl " · tirith-core-0.3.2/src/mcp/dispatcher.rs |
| medium | Remote Payload | matched "curl " · tirith-core-0.3.2/src/output.rs |
| medium | Remote Payload | matched "curl " · tirith-core-0.3.2/src/package_risk.rs |
| medium | Remote Payload | matched "curl " · tirith-core-0.3.2/src/pending.rs |
| medium | Remote Payload | matched "curl " · tirith-core-0.3.2/src/persistence.rs |
| medium | Remote Payload | matched "raw.githubusercontent.com" · tirith-core-0.3.2/src/policy.rs |
| medium | Remote Payload | matched "curl " · tirith-core-0.3.2/src/redact.rs |
Scanned versions
| Version | Verdict | Score | Scanned (UTC) |
|---|---|---|---|
0.3.2 | High risk | 165 | 2026-06-16 |
Block this in CI
pkgradar gate --ecosystem cargo [email protected]