Static Scan Results
scanned 1h ago · by rust-scannerStatic analysis flagged 9 finding(s) at 72.0% confidence. This version is warn-only unless an AI or security-team review confirms malicious behavior.
Static reason
One or more suspicious static signals were detected.
Decision evidence
public snapshotBehavioral surface
ChildProcessEnvironmentVarsFilesystemNetworkShell
HighEntropyStringsUrlStrings
Source & flagged code
1 flagged · loading sourcedist/web-client.jsView file
6* structured entity instead of scraping the HTML.
L7: * Tier 2 — live fetch (undici global fetch, proxy-aware via kg-client's
L8: * EnvHttpProxyAgent) + Mozilla Readability ("Reader Mode") extraction.
...
L56: if (!res.body) {
L57: const ab = await res.arrayBuffer();
L58: const u = new Uint8Array(ab);
L59: return { bytes: u.length > cap ? u.slice(0, cap) : u, truncatedBody: u.length > cap };
L60: }
High
Cloud Metadata Access
Source reaches cloud instance metadata or link-local credential endpoints.
dist/web-client.jsView on unpkg · L6Findings
1 High3 Medium5 Low
HighCloud Metadata Accessdist/web-client.js
MediumNetwork
MediumEnvironment Vars
MediumStructural Risk Force Deep Review
LowNon Install Lifecycle Scripts
LowScripts Present
LowFilesystem
LowHigh Entropy Strings
LowUrl Strings