From time to time it's reasonable to update dependencies. Use the following command
cargo updateThe dependencies audit procedure should be automated by leveraging tools like Dependabot, or GitHub Actions in conjunction with Snyk and similar tools.
Source code should be regularly checked for vulnerabilities by leveraging GitHub Actions with tools like CodeQL and similar. See more here CodeQL Action
Always inspect shell scripts before executing it on your machine.