Some of my work analyzing use of unsafe by crates on crates.io.
Right now the repository is set up to run a backwards dataflow analysis to see if dereferenced pointers originate in public interfaces.
To see it in action, check out examples/v1.rs and run cargo run --bin analyze -- --sysroot ~/.multirust/toolchains/nightly-x86_64-unknown-linux-gnu examples/v1.rs, where you will need to replace ~/.multirust/toolchains/nightly-x86_64-unknown-linux-gnu with the location of your nightly install.
As a work on the analysis, I intend to keep my (in progress) write-up and some data online.