Static Scan Results
scanned 1d ago · by rust-scannerStatic analysis flagged 13 finding(s) at 72.0% confidence. This version is warn-only unless an AI or security-team review confirms malicious behavior.
Static reason
One or more suspicious static signals were detected.
Decision evidence
public snapshotBehavioral surface
ChildProcessCryptoDynamicRequireEnvironmentVarsFilesystemNetworkShell
HighEntropyStringsUrlStrings
NoLicense
Source & flagged code
4 flagged · loading sourcedist/index.jsView file
447// src/core/notify.ts
L448: import { execFile as execFile2 } from "child_process";
L449: import { platform } from "os";
High
442AI_MAX_RETRIES = 10;
L443: DEFAULT_API_URL = "https://autonoma.app";
L444: }
...
L447: // src/core/notify.ts
L448: import { execFile as execFile2 } from "child_process";
L449: import { platform } from "os";
L450: function notify(title, message) {
L451: process.stderr.write("\x07");
L452: const os = platform();
High
Command Output Exfiltration
Source combines command execution, command-output handling, and outbound requests; review data flow before blocking.
dist/index.jsView on unpkg · L4424019patternName = generic_password
severity = medium
line = 4019
matchedText = - Email/... } }
Medium
2456patternName = generic_password
severity = medium
line = 2456
matchedText = // Sugge...' })
Medium
Findings
3 High5 Medium5 Low
HighChild Processdist/index.js
HighShell
HighCommand Output Exfiltrationdist/index.js
MediumSecret Patterndist/index.js
MediumDynamic Require
MediumNetwork
MediumEnvironment Vars
MediumSecret Patterndist/index.js
LowScripts Present
LowFilesystem
LowHigh Entropy Strings
LowUrl Strings
LowNo License