diff --git a/.github/workflows/test-suite.yml b/.github/workflows/test-suite.yml
index cc7282c3517..061aec4b059 100644
--- a/.github/workflows/test-suite.yml
+++ b/.github/workflows/test-suite.yml
@@ -337,6 +337,8 @@ jobs:
       run:  make arbitrary-fuzz
     - name: Run cargo audit
       run: make audit-CI
+    - name: Check for HTTPS links in Cargo.toml
+      run: make https-links
     - name: Run cargo vendor to make sure dependencies can be vendored for packaging, reproducibility and archival purpose
       run:  CARGO_HOME=$(readlink -f $HOME) make vendor
     - name: Markdown-linter
diff --git a/Makefile b/Makefile
index 2edc9f86328..66bfeb512ee 100644
--- a/Makefile
+++ b/Makefile
@@ -235,6 +235,10 @@ cli-local:
 mdlint:
 	./scripts/mdlint.sh
 
+# Check for HTTPS links in Cargo.toml
+https-links:
+	./scripts/ci/check-https-links.sh
+
 # Runs the entire test suite, downloading test vectors if required.
 test-full: cargo-fmt test-release test-debug test-ef test-exec-engine
 
diff --git a/scripts/ci/check-https-links.sh b/scripts/ci/check-https-links.sh
new file mode 100644
index 00000000000..0a8fc992d71
--- /dev/null
+++ b/scripts/ci/check-https-links.sh
@@ -0,0 +1,40 @@
+#! /usr/bin/env bash
+
+# Check for insecure HTTP links in Cargo.toml files
+# This script ensures all git dependencies use HTTPS instead of HTTP
+
+set -e
+
+# Find all Cargo.toml files, excluding those in target/ directories
+cargo_toml_files=$(find . -name "Cargo.toml" -type f ! -path "*/target/*")
+
+# Track if we found any HTTP links
+found_http_links=false
+
+echo "Checking for HTTP links in Cargo.toml files..."
+
+# Check each Cargo.toml file
+for file in $cargo_toml_files; do
+    # Check for HTTP links (but not HTTPS)
+    # We look for patterns like: git = "http://..." or url = "http://..."
+    # Using -E for extended regex to handle whitespace variations
+    http_links=$(grep -nE '(git|url)\s*=\s*"http://' "$file" 2>/dev/null || true)
+
+    if [ -n "$http_links" ]; then
+        echo "ERROR: Found HTTP link(s) in $file:"
+        echo "$http_links"
+        found_http_links=true
+    fi
+done
+
+if [ "$found_http_links" = true ]; then
+    echo ""
+    echo "Please replace all HTTP links with HTTPS links in the Cargo.toml files above."
+    echo "For example, change: git = \"http://github.com/...\""
+    echo "                 to: git = \"https://github.com/...\""
+    exit 1
+else
+    echo "✓ All Cargo.toml files use HTTPS links."
+    exit 0
+fi
+