From time to time it's reasonable to update dependencies. Use the following command

cargo update

The dependencies audit procedure should be automated by leveraging tools like Dependabot, or GitHub Actions in conjunction with Snyk and similar tools.

Source code should be regularly checked for vulnerabilities by leveraging GitHub Actions with tools like CodeQL and similar. See more here CodeQL Action

Always inspect shell scripts before executing it on your machine.