Static Scan Results
scanned 5d ago · by rust-scannerStatic analysis flagged 13 finding(s) at 93.0% confidence. This version is warn-only unless an AI or security-team review confirms malicious behavior.
Static reason
One or more suspicious static signals were detected.; previous stored version diff introduced dangerous source
Decision evidence
public snapshotBehavioral surface
ChildProcessCryptoEnvironmentVarsFilesystemNetworkShellWebSocket
HighEntropyStringsUrlStrings
NoLicense
Oversized source lightweight scan
dist/cli/index.js2.02 MB file, sampled 256 KB
FilesystemNetworkChildProcessEnvironmentVarsHighEntropyStringsUrlStringsmanifest.local
dist/dist-TGKVYIA7.js2.00 MB file, sampled 256 KB
FilesystemNetworkChildProcessEnvironmentVarsCryptoShellHighEntropyStringsUrlStringsmanifest.local
Source & flagged code
4 flagged · loading sourcedist/chunk-H3WRFI54.jsView file
•matchType = previous_version_dangerous_delta
matchedPackage = @botiverse/raft-daemon@0.66.0
matchedIdentity = npm:QGJvdGl2ZXJzZS9yYWZ0LWRhZW1vbg:0.66.0
similarity = 0.857
summary = stored previous version shares package body but lacks this dangerous source file
High
Previous Version Dangerous Delta
This package version adds a dangerous source file absent from the previous stored version; route for source-aware review.
dist/chunk-H3WRFI54.jsView on unpkg12773patternName = generic_password
severity = medium
line = 12773
matchedText = if (url....D]";
Medium
Secret Pattern
Package contains a possible secret pattern.
dist/chunk-H3WRFI54.jsView on unpkg · L12773dist/dist-TGKVYIA7.jsView file
•path = dist/dist-TGKVYIA7.js
kind = oversized_source_file
sizeBytes = 2097337
magicHex = [redacted]
High
Oversized Source File
Package contains source files above the static scanner size ceiling.
dist/dist-TGKVYIA7.jsView on unpkg•path = dist/dist-TGKVYIA7.js
kind = oversized_cli_entrypoint
sizeBytes = 2097337
magicHex = [redacted]
Medium
Oversized Cli Entrypoint
Package contains an oversized executable-looking CLI entrypoint.
dist/dist-TGKVYIA7.jsView on unpkgFindings
2 High5 Medium6 Low
HighOversized Source Filedist/dist-TGKVYIA7.js
HighPrevious Version Dangerous Deltadist/chunk-H3WRFI54.js
MediumSecret Patterndist/chunk-H3WRFI54.js
MediumNetwork
MediumEnvironment Vars
MediumOversized Cli Entrypointdist/dist-TGKVYIA7.js
MediumStructural Risk Force Deep Review
LowNon Install Lifecycle Scripts
LowScripts Present
LowFilesystem
LowHigh Entropy Strings
LowUrl Strings
LowNo License