Static Scan Results
scanned 2h ago · by rust-scannerStatic analysis flagged 9 finding(s) at 72.0% confidence. This version is warn-only unless an AI or security-team review confirms malicious behavior.
Static reason
One or more suspicious static signals were detected.
Decision evidence
public snapshotBehavioral surface
ChildProcessCryptoDynamicRequireEnvironmentVarsFilesystemNetwork
UrlStrings
WildcardDependency
Source & flagged code
3 flagged · loading sourcedist/runtime/server/lib/oauth/apple.d.tsView file
20patternName = private_key_rsa
severity = critical
line = 20
matchedText = * @examp...---'
Critical
Critical Secret
Package contains a critical-looking secret pattern.
dist/runtime/server/lib/oauth/apple.d.tsView on unpkg · L2020patternName = private_key_rsa
severity = critical
line = 20
matchedText = * @examp...---'
Critical
Secret Pattern
RSA private key in dist/runtime/server/lib/oauth/apple.d.ts
dist/runtime/server/lib/oauth/apple.d.tsView on unpkg · L20dist/module.mjsView file
47for (const pkg of peerDeps) {
L48: await import(pkg).catch(() => {
L49: missingDeps.push(pkg);
Medium
Dynamic Require
Package source references dynamic require/import behavior.
dist/module.mjsView on unpkg · L47Findings
2 Critical4 Medium3 Low
CriticalCritical Secretdist/runtime/server/lib/oauth/apple.d.ts
CriticalSecret Patterndist/runtime/server/lib/oauth/apple.d.ts
MediumDynamic Requiredist/module.mjs
MediumNetwork
MediumEnvironment Vars
MediumWildcard Dependency
LowScripts Present
LowFilesystem
LowUrl Strings