Static Scan Results
scanned 3h ago · by rust-scannerStatic analysis flagged 13 finding(s) at 72.0% confidence. This version is warn-only unless an AI or security-team review confirms malicious behavior.
Static reason
One or more suspicious static signals were detected.
Decision evidence
public snapshotBehavioral surface
ChildProcessCryptoEnvironmentVarsFilesystemNetworkShell
HighEntropyStringsUrlStrings
NoLicense
Source & flagged code
4 flagged · loading sourcebin/cli.jsView file
3import { createRequire } from 'module';
L4: import { execSync, spawn } from 'child_process';
L5: import { platform } from 'os';
High
47const vbsFile = `${process.env.TEMP || ''}\\antigravity_elevate.vbs`;
L48: const vbs = `Set oShell = CreateObject("Shell.Application")\noShell.ShellExecute "cmd.exe", "/c ""${tmpFile}""", "", "runas", 1`;
L49: fs.writeFileSync(vbsFile, vbs, 'ascii');
High
dist/cli/utils/cert.jsView file
2import path from 'path';
L3: import { execSync } from 'child_process';
L4: import { platform } from 'os';
...
L38: const b64 = lines.join('');
L39: const derBytes = Buffer.from(b64, 'base64');
L40: const crypto = require('crypto');
Low
Weak Crypto
Package source references weak cryptographic algorithms.
dist/cli/utils/cert.jsView on unpkg · L2dist/cli/commands/start.jsView file
134depSpinner.text = 'Installing dependencies...';
L135: execSync('npm install --production', { cwd: PROXY_DIR, stdio: 'pipe', timeout: 120000 });
L136: succeedSpinner(depSpinner, 'Dependencies installed');
High
Runtime Package Install
Package source invokes a package manager install command at runtime.
dist/cli/commands/start.jsView on unpkg · L134Findings
3 High3 Medium7 Low
HighChild Processbin/cli.js
HighShellbin/cli.js
HighRuntime Package Installdist/cli/commands/start.js
MediumNetwork
MediumEnvironment Vars
MediumStructural Risk Force Deep Review
LowNon Install Lifecycle Scripts
LowScripts Present
LowWeak Cryptodist/cli/utils/cert.js
LowFilesystem
LowHigh Entropy Strings
LowUrl Strings
LowNo License