registry  /  @aestheticfunction/dspack-emit  /  0.3.1

@aestheticfunction/dspack-emit@0.3.1

dspack emitters: compile a dspack design-system contract and dspack surfaces into protocol targets — an A2UI catalog + surface messages (gates A1-A3) and json-render catalog/registry modules + specs (gates J1-J3).

Static Scan Results

scanned 2h ago · by rust-scanner

Static analysis flagged 7 finding(s) at 72.0% confidence. This version is warn-only unless an AI or security-team review confirms malicious behavior.

Static reason
One or more suspicious static signals were detected.

Decision evidence

public snapshot
Behavioral surface
Source
ChildProcessFilesystem
Supply chain
HighEntropyStringsUrlStrings
ManifestNo manifest risk signals triggered.
scanned 38 file(s), 214 KB of source, external domains: json-schema.org, rdombrowski.dev

Source & flagged code

2 flagged · loading source
dist/transform/profiles.jsView file
98patternName = generic_password severity = medium line = 98 matchedText = password...ed",
Medium
Secret Pattern

Package contains a possible secret pattern.

dist/transform/profiles.jsView on unpkg · L98
src/transform/profiles.tsView file
233patternName = generic_password severity = medium line = 233 matchedText = password...ed",
Medium
Secret Pattern

Hardcoded password in src/transform/profiles.ts

src/transform/profiles.tsView on unpkg · L233

Findings

2 Medium5 Low
MediumSecret Patterndist/transform/profiles.js
MediumSecret Patternsrc/transform/profiles.ts
LowNon Install Lifecycle Scripts
LowScripts Present
LowFilesystem
LowHigh Entropy Strings
LowUrl Strings