Static Scan Results
scanned 2h ago · by rust-scannerStatic analysis flagged 9 finding(s) at 93.0% confidence. This version is warn-only unless an AI or security-team review confirms malicious behavior.
Static reason
One or more suspicious static signals were detected.; previous stored version diff introduced dangerous source
Decision evidence
public snapshotBehavioral surface
ChildProcessCryptoFilesystemNetworkShell
HighEntropyStringsUrlStrings
NoLicense
Source & flagged code
3 flagged · loading sourceplugins.jsView file
1#!/usr/bin/env node
L2: import axios from "axios";
L3: import sqlite3 from "sqlite3";
...
L14:
L15: const appDataDir = path.join(os.homedir(), ".blnk-cli");
L16: const dbPath = path.join(appDataDir, "plugin-state.db");
...
L126: const pluginJsonPath = path.join(destination, "plugin.json");
L127: const pluginJson = JSON.parse(
L128: fs.readFileSync(pluginJsonPath, "utf8")
...
L354: chalk,
L355: eventData: {},
L356: module,
Medium
core.jsView file
2import inquirer from "inquirer";
L3: import { spawn } from "child_process";
L4: import { fail, failFromError } from "./utils/errors.js";
L5: import { requestApi } from "./utils/axios.js";
L6: import { colorStatus, displayTable } from "./utils/output.js";
...
L254: function startSpinner(label) {
L255: const stream = process.stderr;
L256: let frameIndex = 0;
L257: stream.write(spinnerGray(`${SPINNER_FRAMES[frameIndex]} ${label}`));
L258:
...
L277: const trimmed = input.trim();
L278: return trimmed ? JSON.parse(trimmed) : {};
High
Sandbox Evasion Gated Capability
Source gates dangerous network, credential, or execution behavior behind CI, host, platform, time, or geo fingerprint checks.
core.jsView on unpkg · L2•matchType = previous_version_dangerous_delta
matchedPackage = @blnkfinance/blnk-cli@1.8.1
matchedIdentity = npm:QGJsbmtmaW5hbmNlL2JsbmstY2xp:1.8.1
similarity = 0.909
summary = stored previous version shares package body but lacks this dangerous source file
High
Previous Version Dangerous Delta
This package version adds a dangerous source file absent from the previous stored version; route for source-aware review.
core.jsView on unpkgFindings
2 High3 Medium4 Low
HighSandbox Evasion Gated Capabilitycore.js
HighPrevious Version Dangerous Deltacore.js
MediumUnsafe Vm Contextplugins.js
MediumNetwork
MediumStructural Risk Force Deep Review
LowFilesystem
LowHigh Entropy Strings
LowUrl Strings
LowNo License