# cargo-binstall

Binary installation for Rust projects

**Score:** 73% pass rate
**Principles:** 3/8 met

## Embed the badge

This score (73%) clears the [badge floor](https://anc.dev/badge) (70%). Copy this into your README:

```markdown
[![agent-native](https://anc.dev/badge/cargo-binstall.svg)](https://anc.dev/score/cargo-binstall)
```

| Status | Audit | Principle | Evidence |
|--------|-------|-----------|----------|
| PASS | Help flag produces useful output | [P3](https://anc.dev/p3) |  |
| FAIL | Version flag works (`--version` plus short alias) | [P3](https://anc.dev/p3) | `--version` exited with code 2 |
| FAIL | Version flag works (`--version` plus short alias) | [P3](https://anc.dev/p3) | `--version` exited with code 2 |
| OPT-OUT | Structured output support | [P2](https://anc.dev/p2) | no --output/--format flag detected — tool does not ship structured output. Schema-discovery requirements (p2-must-schema-print, p2-should-schema-file) collapse to n/a via antecedent propagation. |
| PASS | Rejects invalid arguments | [P4](https://anc.dev/p4) |  |
| PASS | Quiet mode available | [P7](https://anc.dev/p7) |  |
| PASS | Handles SIGPIPE gracefully | [P6](https://anc.dev/p6) |  |
| PASS | Non-interactive by default | [P1](https://anc.dev/p1) |  |
| SKIP | Non-interactive gate flag advertised in --help | [P1](https://anc.dev/p1) | target satisfies P1 via alternative gate (help-on-bare or stdin-primary) |
| PASS | Flags advertise env-var bindings in --help | [P1](https://anc.dev/p1) |  |
| WARN | Pager-using CLI ships --no-pager escape hatch | [P6](https://anc.dev/p6) | pager referenced in --help but no --no-pager escape hatch advertised |
| PASS | Respects NO_COLOR | [P6](https://anc.dev/p6) |  |
| FAIL | Secret-bearing flags expose stdin or *-file companion | [P1](https://anc.dev/p1) | secret-bearing flag(s) without `*-file` companion or stdin path: --no-discover-github-token, --github-token. Flag values leak via process tables, shell history, and CI logs; provide stdin support or a `--<flag>-file` variant. |
| N/A | Structured-output CLI exposes its schema at runtime | [P2](https://anc.dev/p2) | antecedent `p2-json-output` is opt_out: no --output/--format flag detected — tool does not ship structured output. Schema-discovery requirements (p2-must-schema-print, p2-should-schema-file) collapse to n/a via antecedent propagation. |
| WARN | --json / --jsonl short aliases for --output | [P2](https://anc.dev/p2) | no --json or --jsonl short alias found. Agents and pipelines benefit from short forms alongside the canonical `--output` enum. |
| SKIP | Subcommand verbs follow community-standard names | [P6](https://anc.dev/p6) | no subcommands parsed from --help |
| PASS | Skill bundle has install path (`tool skill install [<host>]`) | [P8](https://anc.dev/p8) |  |
| PASS | `skill install --all` for multi-runtime install | [P8](https://anc.dev/p8) |  |
| PASS | `skill update` / `skill upgrade` for bundle refresh | [P8](https://anc.dev/p8) |  |
| WARN | `--raw` flag for pipe-safe unformatted output | [P2](https://anc.dev/p2) | no `--raw` flag advertised. MAY-tier — useful for pipelines that want to strip formatting before piping to other tools. |
| SKIP | `--output` advertises additional formats beyond text/json | [P2](https://anc.dev/p2) | no `--output` or `--format` flag advertised; vacuous skip for MAY-tier extra formats. |
| WARN | `examples` subcommand or `--examples` flag for curated usage patterns | [P3](https://anc.dev/p3) | no `examples` subcommand or `--examples` flag found. MAY-tier — a curated usage block keeps agents from hunting through long help text. |
| WARN | `--color` flag for explicit color control | [P6](https://anc.dev/p6) | no `--color` flag advertised. MAY-tier — `auto\|always\|never` lets agents and pipelines override the TTY-based default. |
| PASS | `--verbose` flag for diagnostic escalation | [P7](https://anc.dev/p7) |  |
| SKIP | `--limit` / `--max-results` flag for list operations | [P7](https://anc.dev/p7) | no list-style subcommand detected (list/ls/search/query/find/show/get); vacuous skip for the list-only SHOULD. |
| SKIP | Cursor-based pagination flags for list traversal | [P7](https://anc.dev/p7) | no list-style subcommand detected; vacuous skip for the list-only MAY. |
| PASS | `--help` advertises default values for flags | [P1](https://anc.dev/p1) |  |
| PASS | Rich-TUI affordance for TTY contexts | [P1](https://anc.dev/p1) |  |
| PASS | Short `-h` summary differs from `--help` long form | [P3](https://anc.dev/p3) |  |
| SKIP | Input-accepting commands read from stdin when no file is given | [P6](https://anc.dev/p6) | no input-accepting subcommand detected (process/parse/convert/transform/analyze/validate/format/lint/audit); vacuous skip for the conditional SHOULD. |
| SKIP | Subcommand naming follows a consistent verb/noun convention | [P6](https://anc.dev/p6) | fewer than 2 user-defined subcommands; vacuous skip for the conditional SHOULD. |
| SKIP | `--timeout` flag for long-running operations | [P7](https://anc.dev/p7) | no long-running subcommand detected (serve/daemon/watch/tail/monitor/follow/run/start/stream); vacuous skip for the conditional SHOULD. |
| PASS | Bad invocation exits with structured usage-error code (2) | [P2](https://anc.dev/p2) |  |
| PASS | Error messages include a hint or remediation phrase | [P4](https://anc.dev/p4) |  |
| SKIP | Errors emit JSON envelope with `error`/`kind`/`message` under `--output json` | [P2](https://anc.dev/p2) | binary does not advertise `--output json` in --help; MUST applies only to CLIs that opt into the JSON contract. |
| SKIP | `--output json` produces JSON-formatted errors | [P4](https://anc.dev/p4) | binary does not advertise `--output json` in --help; SHOULD applies only to CLIs that opt into the JSON contract. |
| SKIP | JSON success and error envelopes share their non-payload key set | [P2](https://anc.dev/p2) | binary does not advertise `--output json` in --help; envelope-consistency only applies to CLIs that opt into the JSON contract. |
| SKIP | Each subcommand's `--help` ships at least one invocation example | [P3](https://anc.dev/p3) | binary has no subcommands; MUST applies conditionally to CLIs that use them. |
| WARN | Help text pairs human and `--output json` example invocations | [P3](https://anc.dev/p3) | no paired text + `--output json` example found within 5 lines in top-level or any subcommand `--help`. Pairing keeps agents from reverse-engineering the JSON invocation from the text one. |
| PASS | Operations are subcommands, not verb-shaped flags | [P6](https://anc.dev/p6) |  |
| SKIP | Destructive subcommands require `--force` or `--yes` | [P5](https://anc.dev/p5) | no destructive subcommands detected; MUST applies conditionally to CLIs with destructive operations. |
| SKIP | Read and write surfaces are both visible in subcommand list | [P5](https://anc.dev/p5) | no recognizable read or write subcommand verbs; the read/write distinction is unobservable from the help surface alone. |
| WARN | Help text advertises TTY-aware verbosity behavior | [P7](https://anc.dev/p7) | no TTY-aware language found in `--help`. MAY-tier — automatic verbosity reduction when stdout is piped or redirected lets agents skip the explicit `--quiet` flag. Behavioral probes cannot simulate a real TTY without a pty crate, so this audit relies on documented intent. |

**Repo:** [cargo-bins/cargo-binstall](https://github.com/cargo-bins/cargo-binstall)
**Language:** Rust
**Version scored:** 1.19.1
**Audit date:** 2026-06-01 17:35:32 UTC
**Duration:** 94ms
**Platform:** `linux/x86_64`
**Mode:** command
**Anc build:** 0.5.0
**Install:** `brew install cargo-binstall`

## Reproduce locally

```bash
anc audit --command cargo-binstall --output json
```