diff --git a/pkgs/development/tools/rust/cargo-vet/default.nix b/pkgs/development/tools/rust/cargo-vet/default.nix
new file mode 100644
index 000000000000..638bc0bdea22
--- /dev/null
+++ b/pkgs/development/tools/rust/cargo-vet/default.nix
@@ -0,0 +1,29 @@
+{ lib, rustPlatform, fetchFromGitHub, stdenv, Security }:
+
+rustPlatform.buildRustPackage rec {
+  pname = "cargo-vet";
+  version = "0.3.0";
+
+  src = fetchFromGitHub {
+    owner = "mozilla";
+    repo = pname;
+    rev = "0.3";
+    sha256 = "sha256-m+2Rbaa7wtzdUyl8VzrGsxtZPhQMwlrx6okhc4zZNsI=";
+  };
+
+  cargoSha256 = "sha256-2Ri/CvTZ/RQqxHSgl05kaCbg0ATJapaFEF6y8fWGSwM=";
+
+  buildInputs = lib.optional stdenv.isDarwin Security;
+
+  # the test_project tests require internet access
+  checkFlags = [
+    "--skip=test_project"
+  ];
+
+  meta = with lib; {
+    description = "A tool to help projects ensure that third-party Rust dependencies have been audited by a trusted source";
+    homepage = "https://mozilla.github.io/cargo-vet";
+    license = with licenses; [ asl20 /* or */ mit ];
+    maintainers = with maintainers; [ figsoda jk ];
+  };
+}
diff --git a/pkgs/top-level/all-packages.nix b/pkgs/top-level/all-packages.nix
index 33b4de78f5c5..21e7c3b437ac 100644
--- a/pkgs/top-level/all-packages.nix
+++ b/pkgs/top-level/all-packages.nix
@@ -14747,6 +14747,9 @@ with pkgs;
   cargo-tauri = callPackage ../development/tools/rust/cargo-tauri { };
 
   cargo-valgrind = callPackage ../development/tools/rust/cargo-valgrind { };
+  cargo-vet = callPackage ../development/tools/rust/cargo-vet {
+    inherit (darwin.apple_sdk.frameworks) Security;
+  };
   cargo-wasi = callPackage ../development/tools/rust/cargo-wasi {
     inherit (darwin.apple_sdk.frameworks) Security;
   };