Static Scan Results
scanned 2h ago · by rust-scannerStatic analysis flagged 8 finding(s) at 72.0% confidence. This version is warn-only unless an AI or security-team review confirms malicious behavior.
Static reason
One or more suspicious static signals were detected.
Decision evidence
public snapshotBehavioral surface
ChildProcessDynamicRequireEnvironmentVarsFilesystemShell
Source & flagged code
3 flagged · loading sourcelib/build-tests/cleanup.jsView file
1import { TEARDOWN_COMMAND } from "./constants.js";
L2: import sh from "shelljs";
L3: //#region src/build-tests/cleanup.ts
High
lib/vitest-extended/project.cjsView file
1Object.defineProperty(exports, Symbol.toStringTag, { value: "Module" });
L2: let vitest_config = require("vitest/config");
L3: //#region src/vitest-extended/project.ts
Medium
Dynamic Require
Package source references dynamic require/import behavior.
lib/vitest-extended/project.cjsView on unpkg · L1lib/build-tests/addTarball.cjsView file
13const packed = `${require_build_tests_constants.FILE_ORIGIN}:${await require_build_tests_pack.pack()}`;
L14: shelljs.default.exec(`pnpm add -D ${require_build_tests_constants.THIS1}@${packed}`);
L15: const file = (0, edit_json_file.default)(require_build_tests_constants.PACKAGE_PATH);
High
Runtime Package Install
Package source invokes a package manager install command at runtime.
lib/build-tests/addTarball.cjsView on unpkg · L13Findings
3 High3 Medium2 Low
HighChild Process
HighShelllib/build-tests/cleanup.js
HighRuntime Package Installlib/build-tests/addTarball.cjs
MediumDynamic Requirelib/vitest-extended/project.cjs
MediumEnvironment Vars
MediumStructural Risk Force Deep Review
LowScripts Present
LowFilesystem