registry  /  @acedatacloud/nexior  /  3.314.0

@acedatacloud/nexior@3.314.0

⚠ Under review

<div align="center">

Static Scan Results

scanned 1h ago · by rust-scanner

Static analysis flagged 11 finding(s) at 86.0% confidence. This version is warn-only unless an AI or security-team review confirms malicious behavior.

Static reason
High-risk behavior combination matched malicious policy.

Decision evidence

public snapshot
Behavioral surface
Source
ChildProcessCryptoNetworkWebSocket
Supply chain
HighEntropyStringsMinifiedObfuscatedProtestwareTelemetryUrlStrings
ManifestNo manifest risk signals triggered.
scanned 1,089 file(s), 14.9 MB of source, external domains: api-test.acedata.cloud, api.acedata.cloud, api.devnet.solana.com, api.mainnet-beta.solana.com, api.testnet.solana.com, api.web3modal.org, auth-test.acedata.cloud, auth.acedata.cloud, basescan.org, cdn.acedata.cloud, cdn.plyr.io, coding-bridge-test.acedata.cloud, coding-bridge.acedata.cloud, connect.solflare.com, echo.walletconnect.com, element-plus.org, example.com, exemplo.com, fonts.googleapis.com, fpjs.dev, github.com, go.aniview.com, go.cb-w.com, hub-test.acedata.cloud, hub.acedata.cloud, i.ytimg.com, imasdk.googleapis.com, m1.openfpcdn.io, mainnet.base.org, midas.gtimg.cn, next.vuex.vuejs.org, nightly.app, noembed.com, phantom.app, platform-test.acedata.cloud, platform.acedata.cloud, player.vimeo.com, pulse.walletconnect.org, rpc.walletconnect.org, rumt-zh.com, schema.org, secure.walletconnect.org, sepolia.base.org, sepolia.basescan.org, skale-base-explorer.skalenodes.com, skale-base.skalenodes.com, solanamobile.com, solflare.com, solscan.io, static.aipedias.com

Source & flagged code

2 flagged · loading source
dist/assets/index-DJu8BXX6.jsView file
1const __vite__mapDeps=(i,m=__vite__mapDeps,d=(m.f||(m.f=["assets/aegis.min-C7H4WXnC.js","assets/rolldown-runtime--c01j_DQ.js","assets/vendor-highlight-BtIeKitL.js","assets/vendor-h... L2: import{o as e,r as t,t as n}from"./rolldown-runtime--c01j_DQ.js";import{A as r,B as i,Bt as a,C as o,Ct as s,D as c,E as l,Et as u,F as d,G as f,H as p,I as m,It as h,J as g,Lt as ... L3: `)>=0)return!1;return!0}function Oe(e,t){var n;if(e.indent===` `)n=` `;else if(typeof e.indent==`number`&&e.indent>0)n=C.call(Array(e.indent+1),` `);else return null;return{base:n,... ... L5: `+t.prev}function Ae(e,t){var n=ie(e),r=[];if(n){r.length=e.length;for(var i=0;i<e.length;i++)r[i]=pe(e,i)?t(e[i],e):``}var a=typeof D==`function`?D(e):[],o;if(k){o={};for(var s=0;... L6: `);l=u.pop()||``;for(let e of u){let i=e.trim();if(i&&i.startsWith(`data: `)){let e=i.substring(6).trim();if(e===`[DONE]`){n({answer:s,delta_answer:``});return}try{let n=JSON.parse... L7: ]))+`;e.KANJI=new RegExp(r,`g`),e.BYTE_KANJI=RegExp(`[^A-Z0-9 $%*+\\-./:]+`,`g`),e.BYTE=new RegExp(i,`g`),e.NUMERIC=new RegExp(t,`g`),e.ALPHANUMERIC=new RegExp(n,`g`);var a=RegExp(...
Critical
Clipboard Crypto Hijack

Source reads and rewrites clipboard contents matching cryptocurrency wallet addresses.

dist/assets/index-DJu8BXX6.jsView on unpkg · L1
dist/assets/KaTeX_Script-Regular-D3wIWfF6.woff2View file
path = dist/assets/KaTeX_Script-Regular-D3wIWfF6.woff2 kind = high_entropy_blob sizeBytes = 9644 magicHex = [redacted]
High
Ships High Entropy Blob

Package ships high-entropy non-source blobs.

dist/assets/KaTeX_Script-Regular-D3wIWfF6.woff2View on unpkg

Findings

1 Critical1 High3 Medium6 Low
CriticalClipboard Crypto Hijackdist/assets/index-DJu8BXX6.js
HighShips High Entropy Blobdist/assets/KaTeX_Script-Regular-D3wIWfF6.woff2
MediumNetwork
MediumProtestware
MediumStructural Risk Force Deep Review
LowNon Install Lifecycle Scripts
LowScripts Present
LowObfuscated
LowHigh Entropy Strings
LowTelemetry
LowUrl Strings