diff --git a/rust/package-crate/action.yaml b/rust/package-crate/action.yaml
index c7c0561..9576186 100644
--- a/rust/package-crate/action.yaml
+++ b/rust/package-crate/action.yaml
@@ -70,5 +70,11 @@ runs:
         if [ -d "target/package" ]; then
           echo ""
           echo "Packaged crate(s):"
-          ls -lh target/package/*.crate 2>/dev/null || echo "No .crate files found in target/package"
+          if compgen -G "target/package/*.crate" > /dev/null 2>&1; then
+            for file in target/package/*.crate; do
+              ls -lh "$file"
+            done
+          else
+            echo "No .crate files found in target/package"
+          fi
         fi
diff --git a/rust/publish-crate/action.yaml b/rust/publish-crate/action.yaml
index a37e198..9af7e85 100644
--- a/rust/publish-crate/action.yaml
+++ b/rust/publish-crate/action.yaml
@@ -38,13 +38,23 @@ runs:
       with:
         require-cargo: true
 
+    - name: Login to crates.io
+      shell: bash
+      env:
+        CARGO_REGISTRY_TOKEN: ${{ inputs.token }}
+      run: |
+        # Use cargo login with token from environment variable
+        # This is the recommended approach instead of --token flag
+        cargo login
+
     - name: Publish crate
       shell: bash
       run: |
         set -e
 
         # Build cargo command
-        CMD="cargo publish --token ${{ inputs.token }}"
+        # Note: Authentication is handled by cargo login step above
+        CMD="cargo publish"
 
         # Add package flag for workspace crates
         if [ "${{ inputs.workspace }}" = "true" ] && [ -n "${{ inputs.package }}" ]; then
@@ -73,7 +83,7 @@ runs:
           CMD="$CMD ${{ inputs.cargo-args }}"
         fi
 
-        echo "Running: cargo publish [token hidden] ..."
+        echo "Running: $CMD"
         $CMD
 
         if [ "${{ inputs.dry-run }}" = "true" ]; then
diff --git a/rust/security-scan/action.yaml b/rust/security-scan/action.yaml
index 454f4bc..2f7d8b2 100644
--- a/rust/security-scan/action.yaml
+++ b/rust/security-scan/action.yaml
@@ -13,7 +13,7 @@ inputs:
   cargo-audit-version:
     description: 'Version of cargo-audit to install'
     required: false
-    default: '0.21.0'
+    default: '0.22.0'
   upload-artifact-name:
     description: 'Name for the audit report artifact'
     required: false
@@ -50,7 +50,7 @@ runs:
     - name: Install cargo-audit
       if: steps.cache-cargo-audit.outputs.cache-hit != 'true'
       shell: bash
-      run: cargo install cargo-audit --version ${{ inputs.cargo-audit-version }} --locked
+      run: cargo install cargo-audit --version ${{ inputs.cargo-audit-version }} --locked --force
 
     - name: Run cargo audit (JSON output for reporting)
       id: audit_json