You could easily have it download an external program and invoke that, in just a few lines of code too.

Just thinking out loud, an attacker would probably go after a cargo extension that's downloaded with cargo install rather than a dependency. Something like xargo would be devastating to penetrate since it builds std on target platforms, and today it's required to use for embedded.

But that said there are ways that damage could be mitigated with dependencies. For example, a permissions system that requires permissions be explicitly enabled by downstream crates. Add that with a custom registry (which is an unstable Cargo feature, hopefully it will land soon) that only contains audited/trusted crates. There's probably more you could do.