Static Scan Results
scanned 6h ago · by rust-scannerStatic analysis flagged 9 finding(s) at 72.0% confidence. This version is warn-only unless an AI or security-team review confirms malicious behavior.
Static reason
One or more suspicious static signals were detected.
Decision evidence
public snapshotBehavioral surface
ChildProcessCryptoEnvironmentVarsFilesystemNetwork
HighEntropyStringsUrlStrings
Source & flagged code
1 flagged · loading sourcedst/nano-banana.mjsView file
6const __filename = __nanoFileURLToPath(import.meta.url);
L7: const __dirname = __nanoDirname(__filename);
L8: var __create = Object.create;
...
L62: }
L63: this._originalTimeouts = JSON.parse(JSON.stringify(timeouts));
L64: this._timeouts = timeouts;
...
L453:
L454: // node_modules/gaxios/package.json
L455: var require_package = __commonJS({
...
L770: return;
L771: } else if (obj instanceof FormData || obj instanceof URLSearchParams || // support `node-fetch` FormData/URLSearchParams
L772: "forEach" in obj && "set" in obj) {
High
Cloud Metadata Access
Source reaches cloud instance metadata or link-local credential endpoints.
dst/nano-banana.mjsView on unpkg · L6Findings
1 High3 Medium5 Low
HighCloud Metadata Accessdst/nano-banana.mjs
MediumNetwork
MediumEnvironment Vars
MediumStructural Risk Force Deep Review
LowNon Install Lifecycle Scripts
LowScripts Present
LowFilesystem
LowHigh Entropy Strings
LowUrl Strings