Secrets — Package Registries
npm, PyPI, RubyGems, NuGet, Artifactory, Crates and other registry tokens.
All rules in this category are kind secrets. They run under vulnetix secrets and the secrets stage of vulnetix scan.
| Rule ID | Name | Severity | Detection |
|---|---|---|---|
| VNX-SEC-098 | Crates.io (Rust) API token | Critical | keyword + regex + entropy |
Remediation
Rotate any exposed credential immediately, remove it from source, and load it from a secrets manager or environment variable instead. Purge it from git history with git filter-repo. See CWE-798 and the OWASP Secrets Management Cheat Sheet.