Static Scan Results
scanned 2h ago · by rust-scannerStatic analysis flagged 9 finding(s) at 72.0% confidence. This version is warn-only unless an AI or security-team review confirms malicious behavior.
Static reason
One or more suspicious static signals were detected.
Decision evidence
public snapshotBehavioral surface
ChildProcessEnvironmentVarsFilesystemNetwork
HighEntropyStringsUrlStrings
NoLicense
Source & flagged code
1 flagged · loading sourcedist/cli.jsView file
6Object.defineProperty(exports, "__esModule", { value: true });
L7: const http_1 = __importDefault(require("http"));
L8: const url_1 = __importDefault(require("url"));
...
L12: const axios_1 = __importDefault(require("axios"));
L13: const child_process_1 = require("child_process");
L14: const PORTAL_URL = 'https://agents.boostyourleads.ca';
...
L28: // Spawns native OS open command to open default browser
L29: const platform = process.platform;
L30: if (platform === 'darwin') {
...
L44: res.writeHead(400, { 'Content-Type': 'text/html' });
L45: res.end("<h3>Authentication Failed: Missing authorization code</h3>");
L46: return;
High
Sandbox Evasion Gated Capability
Source gates dangerous network, credential, or execution behavior behind CI, host, platform, time, or geo fingerprint checks.
dist/cli.jsView on unpkg · L6Findings
1 High3 Medium5 Low
HighSandbox Evasion Gated Capabilitydist/cli.js
MediumNetwork
MediumEnvironment Vars
MediumStructural Risk Force Deep Review
LowScripts Present
LowFilesystem
LowHigh Entropy Strings
LowUrl Strings
LowNo License