# Package publisher tools

Package publishing tools can use registry tokens, sign artifacts, and push releases from an agent-controlled shell.

- **Packages:** 360
- **Protected tools:** 0
- **Approval gates:** 3
- **Non-low risk:** 72
- **Updated:** 2026-07-08

## Why this package group is here

Package publisher tools currently includes 360 package catalog entries. 0 have protected-tool coverage, 3 have approval-gate metadata, and 72 have non-low Geiger classifier findings. The grouping comes from package metadata, so it can stay current as that metadata changes.

## Generated source

This hub uses the same local package data as individual package pages: Nucleus package metadata, Homebrew enrichment, Geiger classifier output, secret-handling manifests, and approval-gate seeds where available.

## Review model

Use the hub to find command families that need tighter secret injection, approval gates, or manual review before agents run them.

## Indexed package pages

- [go](https://www.automicvault.com/pkg/brew/go/) - 7 approval-gate rules are present.
- [node](https://www.automicvault.com/pkg/brew/node/) - 7 approval-gate rules are present.
- [uv](https://www.automicvault.com/pkg/brew/uv/) - 6 approval-gate rules are present.
- [build2](https://www.automicvault.com/pkg/brew/build2/) - generalized runtime or code generation signal
- [bunster](https://www.automicvault.com/pkg/brew/bunster/) - generalized runtime or code generation signal
- [cargo-make](https://www.automicvault.com/pkg/brew/cargo-make/) - generalized runtime or code generation signal
- [create-dmg](https://www.automicvault.com/pkg/brew/create-dmg/) - generalized runtime or code generation signal
- [dub](https://www.automicvault.com/pkg/brew/dub/) - generalized runtime or code generation signal
- [opal](https://www.automicvault.com/pkg/brew/opal/) - generalized runtime or code generation signal
- [portable-ruby](https://www.automicvault.com/pkg/brew/portable-ruby/) - generalized runtime or code generation signal
- [ruby](https://www.automicvault.com/pkg/brew/ruby/) - doc example: interpreter runtime
- [abi3audit](https://www.automicvault.com/pkg/brew/abi3audit/) - no executable entrypoint in the package index
- [apprise](https://www.automicvault.com/pkg/brew/apprise/) - no executable entrypoint in the package index
- [auditwheel](https://www.automicvault.com/pkg/brew/auditwheel/) - narrow executable package without higher-risk signals
- [brew-gem](https://www.automicvault.com/pkg/brew/brew-gem/) - no executable entrypoint in the package index
- [cargo-about](https://www.automicvault.com/pkg/brew/cargo-about/) - narrow executable package without higher-risk signals
- [cargo-all-features](https://www.automicvault.com/pkg/brew/cargo-all-features/) - narrow executable package without higher-risk signals
- [cargo-audit](https://www.automicvault.com/pkg/brew/cargo-audit/) - narrow executable package without higher-risk signals
- [cargo-auditable](https://www.automicvault.com/pkg/brew/cargo-auditable/) - narrow executable package without higher-risk signals
- [cargo-binstall](https://www.automicvault.com/pkg/brew/cargo-binstall/) - narrow executable package without higher-risk signals
- [cargo-binutils](https://www.automicvault.com/pkg/brew/cargo-binutils/) - narrow executable package without higher-risk signals
- [cargo-bloat](https://www.automicvault.com/pkg/brew/cargo-bloat/) - narrow executable package without higher-risk signals
- [cargo-bundle](https://www.automicvault.com/pkg/brew/cargo-bundle/) - narrow executable package without higher-risk signals
- [cargo-c](https://www.automicvault.com/pkg/brew/cargo-c/) - narrow executable package without higher-risk signals
- [cargo-cache](https://www.automicvault.com/pkg/brew/cargo-cache/) - narrow executable package without higher-risk signals
- [cargo-careful](https://www.automicvault.com/pkg/brew/cargo-careful/) - narrow executable package without higher-risk signals
- [cargo-chef](https://www.automicvault.com/pkg/brew/cargo-chef/) - narrow executable package without higher-risk signals
- [cargo-clone](https://www.automicvault.com/pkg/brew/cargo-clone/) - narrow executable package without higher-risk signals
- [cargo-component](https://www.automicvault.com/pkg/brew/cargo-component/) - narrow executable package without higher-risk signals
- [cargo-cyclonedx](https://www.automicvault.com/pkg/brew/cargo-cyclonedx/) - narrow executable package without higher-risk signals
- [cargo-deny](https://www.automicvault.com/pkg/brew/cargo-deny/) - no executable entrypoint in the package index
- [cargo-depgraph](https://www.automicvault.com/pkg/brew/cargo-depgraph/) - narrow executable package without higher-risk signals
- [cargo-docset](https://www.automicvault.com/pkg/brew/cargo-docset/) - narrow executable package without higher-risk signals
- [cargo-edit](https://www.automicvault.com/pkg/brew/cargo-edit/) - narrow executable package without higher-risk signals
- [cargo-expand](https://www.automicvault.com/pkg/brew/cargo-expand/) - no executable entrypoint in the package index
- [cargo-features-manager](https://www.automicvault.com/pkg/brew/cargo-features-manager/) - narrow executable package without higher-risk signals
- [cargo-flamegraph](https://www.automicvault.com/pkg/brew/cargo-flamegraph/) - narrow executable package without higher-risk signals
- [cargo-fuzz](https://www.automicvault.com/pkg/brew/cargo-fuzz/) - narrow executable package without higher-risk signals
- [cargo-geiger](https://www.automicvault.com/pkg/brew/cargo-geiger/) - narrow executable package without higher-risk signals
- [cargo-generate](https://www.automicvault.com/pkg/brew/cargo-generate/) - no executable entrypoint in the package index
- [cargo-hack](https://www.automicvault.com/pkg/brew/cargo-hack/) - narrow executable package without higher-risk signals
- [cargo-insta](https://www.automicvault.com/pkg/brew/cargo-insta/) - no executable entrypoint in the package index
- [cargo-instruments](https://www.automicvault.com/pkg/brew/cargo-instruments/) - no executable entrypoint in the package index
- [cargo-llvm-cov](https://www.automicvault.com/pkg/brew/cargo-llvm-cov/) - no executable entrypoint in the package index
- [cargo-llvm-lines](https://www.automicvault.com/pkg/brew/cargo-llvm-lines/) - no executable entrypoint in the package index
- [cargo-msrv](https://www.automicvault.com/pkg/brew/cargo-msrv/) - narrow executable package without higher-risk signals
- [cargo-nextest](https://www.automicvault.com/pkg/brew/cargo-nextest/) - no executable entrypoint in the package index
- [cargo-outdated](https://www.automicvault.com/pkg/brew/cargo-outdated/) - narrow executable package without higher-risk signals
- [cargo-public-api](https://www.automicvault.com/pkg/brew/cargo-public-api/) - library-like package without higher-risk signals
- [cargo-release](https://www.automicvault.com/pkg/brew/cargo-release/) - narrow executable package without higher-risk signals
- [cargo-run-bin](https://www.automicvault.com/pkg/brew/cargo-run-bin/) - narrow executable package without higher-risk signals
- [cargo-shear](https://www.automicvault.com/pkg/brew/cargo-shear/) - no executable entrypoint in the package index
- [cargo-sort](https://www.automicvault.com/pkg/brew/cargo-sort/) - narrow executable package without higher-risk signals
- [cargo-spellcheck](https://www.automicvault.com/pkg/brew/cargo-spellcheck/) - narrow executable package without higher-risk signals
- [cargo-sweep](https://www.automicvault.com/pkg/brew/cargo-sweep/) - narrow executable package without higher-risk signals
- [cargo-udeps](https://www.automicvault.com/pkg/brew/cargo-udeps/) - narrow executable package without higher-risk signals
- [cargo-update](https://www.automicvault.com/pkg/brew/cargo-update/) - narrow executable package without higher-risk signals
- [cargo-zigbuild](https://www.automicvault.com/pkg/brew/cargo-zigbuild/) - narrow executable package without higher-risk signals
- [cariddi](https://www.automicvault.com/pkg/brew/cariddi/) - narrow executable package without higher-risk signals
- [charmcraft](https://www.automicvault.com/pkg/brew/charmcraft/) - no executable entrypoint in the package index
- [chruby](https://www.automicvault.com/pkg/brew/chruby/) - narrow executable package without higher-risk signals
- [classifier](https://www.automicvault.com/pkg/brew/classifier/) - no executable entrypoint in the package index
- [conda-lock](https://www.automicvault.com/pkg/brew/conda-lock/) - no executable entrypoint in the package index
- [cpanminus](https://www.automicvault.com/pkg/brew/cpanminus/) - narrow executable package without higher-risk signals
- [cpplint](https://www.automicvault.com/pkg/brew/cpplint/) - narrow executable package without higher-risk signals
- [cucumber-ruby](https://www.automicvault.com/pkg/brew/cucumber-ruby/) - narrow executable package without higher-risk signals
- [docker-ls](https://www.automicvault.com/pkg/brew/docker-ls/) - narrow executable package without higher-risk signals
- [dpkg](https://www.automicvault.com/pkg/brew/dpkg/) - narrow executable package without higher-risk signals
- [dum](https://www.automicvault.com/pkg/brew/dum/) - narrow executable package without higher-risk signals
- [fakeroot](https://www.automicvault.com/pkg/brew/fakeroot/) - no executable entrypoint in the package index
- [flit](https://www.automicvault.com/pkg/brew/flit/) - no executable entrypoint in the package index
- [ghi](https://www.automicvault.com/pkg/brew/ghi/) - narrow executable package without higher-risk signals
