registry  /  @aooth/auth-moost  /  0.1.34

@aooth/auth-moost@0.1.34

Moost auth integration for aoothjs — AuthGuard interceptor, useAuth composable, REST endpoints, workflows

Static Scan Results

scanned 3d ago · by rust-scanner

Static analysis flagged 6 finding(s) at 72.0% confidence. This version is warn-only unless an AI or security-team review confirms malicious behavior.

Static reason
One or more suspicious static signals were detected.

Decision evidence

public snapshot
Behavioral surface
Source
CryptoDynamicRequireFilesystem
Supply chain
HighEntropyStrings
ManifestNo manifest risk signals triggered.
scanned 3 file(s), 333 KB of source

Source & flagged code

3 flagged · loading source
dist/index.mjsView file
3326patternName = generic_password severity = medium line = 3326 matchedText = if (!awa... });
Medium
Secret Pattern

Package contains a possible secret pattern.

dist/index.mjsView on unpkg · L3326
676* Explicit string DI tokens for the ABSTRACT authorization-server stores L677: * ({@link import("@aooth/auth/authz").PendingAuthorizationStore}, L678: * {@link import("@aooth/auth/authz").AuthCodeStore}) — the framework-agnostic
Medium
Dynamic Require

Package source references dynamic require/import behavior.

dist/index.mjsView on unpkg · L676
5005patternName = generic_password severity = medium line = 5005 matchedText = throw th... });
Medium
Secret Pattern

Hardcoded password in dist/index.mjs

dist/index.mjsView on unpkg · L5005

Findings

3 Medium3 Low
MediumSecret Patterndist/index.mjs
MediumDynamic Requiredist/index.mjs
MediumSecret Patterndist/index.mjs
LowScripts Present
LowFilesystem
LowHigh Entropy Strings