registry  /  @arche-cms/cms  /  0.1.4

@arche-cms/cms@0.1.4

The main Arche CMS package. Provides a `cms` binary for development, building, code generation, and schema management.

Static Scan Results

scanned 17m ago · by rust-scanner

Static analysis flagged 11 finding(s) at 72.0% confidence. This version is warn-only unless an AI or security-team review confirms malicious behavior.

Static reason
One or more suspicious static signals were detected.

Decision evidence

public snapshot
Behavioral surface
Source
ChildProcessCryptoEnvironmentVarsFilesystemNetworkShell
Supply chain
HighEntropyStringsMinifiedObfuscatedUrlStrings
Manifest
NoLicense
scanned 36 file(s), 512 KB of source, external domains: react.dev, www.w3.org

Source & flagged code

2 flagged · loading source
dist/server/routes/schemas.jsView file
81patternName = generic_password severity = medium line = 81 matchedText = password...rd",
Medium
Secret Pattern

Package contains a possible secret pattern.

dist/server/routes/schemas.jsView on unpkg · L81
admin/assets/index-3ZMFoPjq.jsView file
9patternName = generic_password severity = medium line = 9 matchedText = `).repla...ma";
Medium
Secret Pattern

Hardcoded password in admin/assets/index-3ZMFoPjq.js

admin/assets/index-3ZMFoPjq.jsView on unpkg · L9

Findings

5 Medium6 Low
MediumSecret Patterndist/server/routes/schemas.js
MediumNetwork
MediumEnvironment Vars
MediumStructural Risk Force Deep Review
MediumSecret Patternadmin/assets/index-3ZMFoPjq.js
LowScripts Present
LowFilesystem
LowObfuscated
LowHigh Entropy Strings
LowUrl Strings
LowNo License