Generated source
This hub uses the same local package data as individual package pages: Nucleus package metadata, Homebrew enrichment, Geiger classifier output, secret-handling manifests, and approval-gate seeds where available.
security
Package publishing tools can use registry tokens, sign artifacts, and push releases from an agent-controlled shell.
summary
Package publisher tools currently includes 360 package catalog entries. 0 have protected-tool coverage, 3 have approval-gate metadata, and 72 have non-low Geiger classifier findings. The grouping comes from package metadata, so it can stay current as that metadata changes.
This hub uses the same local package data as individual package pages: Nucleus package metadata, Homebrew enrichment, Geiger classifier output, secret-handling manifests, and approval-gate seeds where available.
Use the hub to find command families that need tighter secret injection, approval gates, or manual review before agents run them.
packages
| Package | Manager | Signals | Why it appears here |
|---|---|---|---|
| go | Homebrew | approval gate, yellow risk, v1.26.5 | 7 approval-gate rules are present. |
| node | Homebrew | approval gate, yellow risk, v26.4.0 | 7 approval-gate rules are present. |
| uv | Homebrew | approval gate, v0.11.28 | 6 approval-gate rules are present. |
| build2 | Homebrew | yellow risk, v0.18.1 | generalized runtime or code generation signal |
| bunster | Homebrew | yellow risk, v0.14.0 | generalized runtime or code generation signal |
| cargo-make | Homebrew | yellow risk, v0.37.24 | generalized runtime or code generation signal |
| create-dmg | Homebrew | yellow risk, v1.3.0 | generalized runtime or code generation signal |
| dub | Homebrew | yellow risk, v1.41.0 | generalized runtime or code generation signal |
| opal | Homebrew | yellow risk, v1.8.3 | generalized runtime or code generation signal |
| portable-ruby | Homebrew | yellow risk, v4.0.5 | generalized runtime or code generation signal |
| ruby | Homebrew | yellow risk, v4.0.5 | doc example: interpreter runtime |
| abi3audit | Homebrew | v0.0.26 | no executable entrypoint in the package index |
| apprise | Homebrew | v1.12.0 | no executable entrypoint in the package index |
| auditwheel | Homebrew | green risk, v6.7.0 | narrow executable package without higher-risk signals |
| brew-gem | Homebrew | v1.3.4 | no executable entrypoint in the package index |
| cargo-about | Homebrew | green risk, v0.9.1 | narrow executable package without higher-risk signals |
| cargo-all-features | Homebrew | green risk, v1.12.0 | narrow executable package without higher-risk signals |
| cargo-audit | Homebrew | green risk, v0.22.2 | narrow executable package without higher-risk signals |
| cargo-auditable | Homebrew | green risk, v0.7.5 | narrow executable package without higher-risk signals |
| cargo-binstall | Homebrew | green risk, v1.20.1 | narrow executable package without higher-risk signals |
| cargo-binutils | Homebrew | green risk, v0.4.0 | narrow executable package without higher-risk signals |
| cargo-bloat | Homebrew | green risk, v0.12.1 | narrow executable package without higher-risk signals |
| cargo-bundle | Homebrew | green risk, v0.11.0 | narrow executable package without higher-risk signals |
| cargo-c | Homebrew | green risk, v0.10.23 | narrow executable package without higher-risk signals |
| cargo-cache | Homebrew | green risk, v0.8.3 | narrow executable package without higher-risk signals |
| cargo-careful | Homebrew | green risk, v0.4.10 | narrow executable package without higher-risk signals |
| cargo-chef | Homebrew | green risk, v0.1.77 | narrow executable package without higher-risk signals |
| cargo-clone | Homebrew | green risk, v1.2.4 | narrow executable package without higher-risk signals |
| cargo-component | Homebrew | green risk, v0.21.1 | narrow executable package without higher-risk signals |
| cargo-cyclonedx | Homebrew | green risk, v0.5.9 | narrow executable package without higher-risk signals |
| cargo-deny | Homebrew | v0.19.9 | no executable entrypoint in the package index |
| cargo-depgraph | Homebrew | green risk, v1.6.0 | narrow executable package without higher-risk signals |
| cargo-docset | Homebrew | green risk, v0.3.1 | narrow executable package without higher-risk signals |
| cargo-edit | Homebrew | green risk, v0.13.11 | narrow executable package without higher-risk signals |
| cargo-expand | Homebrew | v1.0.123 | no executable entrypoint in the package index |
| cargo-features-manager | Homebrew | green risk, v0.11.1 | narrow executable package without higher-risk signals |
| cargo-flamegraph | Homebrew | green risk, v0.6.13 | narrow executable package without higher-risk signals |
| cargo-fuzz | Homebrew | green risk, v0.13.2 | narrow executable package without higher-risk signals |
| cargo-geiger | Homebrew | green risk, v0.13.0 | narrow executable package without higher-risk signals |
| cargo-generate | Homebrew | v0.23.12 | no executable entrypoint in the package index |
| cargo-hack | Homebrew | green risk, v0.6.45 | narrow executable package without higher-risk signals |
| cargo-insta | Homebrew | v1.48.0 | no executable entrypoint in the package index |
| cargo-instruments | Homebrew | v0.4.17 | no executable entrypoint in the package index |
| cargo-llvm-cov | Homebrew | v0.8.7 | no executable entrypoint in the package index |
| cargo-llvm-lines | Homebrew | v0.4.46 | no executable entrypoint in the package index |
| cargo-msrv | Homebrew | green risk, v0.19.3 | narrow executable package without higher-risk signals |
| cargo-nextest | Homebrew | v0.9.140 | no executable entrypoint in the package index |
| cargo-outdated | Homebrew | green risk, v0.19.0 | narrow executable package without higher-risk signals |
| cargo-public-api | Homebrew | green risk, v0.52.0 | library-like package without higher-risk signals |
| cargo-release | Homebrew | green risk, v1.1.2 | narrow executable package without higher-risk signals |
| cargo-run-bin | Homebrew | green risk, v1.7.4 | narrow executable package without higher-risk signals |
| cargo-shear | Homebrew | v1.13.1 | no executable entrypoint in the package index |
| cargo-sort | Homebrew | green risk, v2.1.4 | narrow executable package without higher-risk signals |
| cargo-spellcheck | Homebrew | green risk, v0.15.7 | narrow executable package without higher-risk signals |
| cargo-sweep | Homebrew | green risk, v0.8.0 | narrow executable package without higher-risk signals |
| cargo-udeps | Homebrew | green risk, v0.1.61 | narrow executable package without higher-risk signals |
| cargo-update | Homebrew | green risk, v20.0.3 | narrow executable package without higher-risk signals |
| cargo-zigbuild | Homebrew | green risk, v0.23.0 | narrow executable package without higher-risk signals |
| cariddi | Homebrew | green risk, v1.4.6 | narrow executable package without higher-risk signals |
| charmcraft | Homebrew | v4.3.0 | no executable entrypoint in the package index |
| chruby | Homebrew | green risk, v0.3.9 | narrow executable package without higher-risk signals |
| classifier | Homebrew | v2.6.0 | no executable entrypoint in the package index |
| conda-lock | Homebrew | v4.0.2 | no executable entrypoint in the package index |
| cpanminus | Homebrew | green risk, v1.7049 | narrow executable package without higher-risk signals |
| cpplint | Homebrew | green risk, v2.0.2 | narrow executable package without higher-risk signals |
| cucumber-ruby | Homebrew | green risk, v11.1.1 | narrow executable package without higher-risk signals |
| docker-ls | Homebrew | green risk, v0.5.1 | narrow executable package without higher-risk signals |
| dpkg | Homebrew | green risk, v1.23.7 | narrow executable package without higher-risk signals |
| dum | Homebrew | green risk, v0.1.20 | narrow executable package without higher-risk signals |
| fakeroot | Homebrew | v1.38.1 | no executable entrypoint in the package index |
| flit | Homebrew | v3.12.0 | no executable entrypoint in the package index |
| ghi | Homebrew | green risk, v1.2.1 | narrow executable package without higher-risk signals |