The pkg-config program retrieves information about installed libraries, usually for the purposes of compiling against and linking to them. ExtUtils::PkgConfig is a very simplistic interface to this utility, intended for use in the Makefile.PL of perl extensions which bind libraries that pkg-config knows. It is really just boilerplate code that you would've written yourself.
Binary packages can be installed with pkgin or pkg_add(1). The NetBSD packages collection is also designed to permit easy installation from source.
The pkg_admin audit command locates any installed package which has been mentioned in security advisories as having vulnerabilities.
Please note the vulnerabilities database might not be fully accurate, and not every bug is exploitable with every configuration.
Problem reports, updates or suggestions for this package should be reported with send-pr.