PkgRadar

Cargo · crates.io

vvva_pm

Remote Payload: matched "Wget "

Why PkgRadar flagged 2.0.1

SeveritySignalEvidence
mediumRemote Payloadmatched "Wget " · vvva_pm-2.0.1/src/malware_scanner.rs

Scanned versions

VersionVerdictScoreScanned (UTC)
2.0.1Review172026-06-09

Block this in CI

PkgRadar gates vvva_pm (and every other dependency) before it merges. One line in your pipeline:

pkgradar gate --ecosystem cargo [email protected]
Start free — 25 scans / moView full evidence