Static Scan Results
scanned 2h ago · by rust-scannerStatic analysis flagged 5 finding(s) at 72.0% confidence. This version is warn-only unless an AI or security-team review confirms malicious behavior.
Static reason
One or more suspicious static signals were detected.
Decision evidence
public snapshotBehavioral surface
ChildProcessEnvironmentVarsFilesystem
UrlStrings
NoLicense
Source & flagged code
1 flagged · loading sourcebin/byteask.jsView file
12L13: const { spawnSync } = require("child_process");
L14: const { existsSync, mkdirSync, copyFileSync, writeFileSync, chmodSync, renameSync } = require("fs");
...
L17:
L18: const BUNDLE = (process.env.BYTEASK_BUNDLE_URL || "https://code.byteask.ai").replace(/\/+$/, "");
L19: const GATEWAY = (process.env.BYTEASK_GATEWAY || BUNDLE).replace(/\/+$/, "");
L20: const HOME = process.env.BYTEASK_HOME || path.join(os.homedir(), ".byteask");
L21: const VENDOR = path.join(HOME, "runtime");
L22: const isWin = process.platform === "win32";
L23: const engine = path.join(VENDOR, isWin ? "byteask-engine.exe" : "byteask-engine");
...
L43: const r = "\x1b[0m";
L44: process.stderr.write(
High
Sandbox Evasion Gated Capability
Source gates dangerous network, credential, or execution behavior behind CI, host, platform, time, or geo fingerprint checks.
bin/byteask.jsView on unpkg · L12Findings
1 High1 Medium3 Low
HighSandbox Evasion Gated Capabilitybin/byteask.js
MediumEnvironment Vars
LowFilesystem
LowUrl Strings
LowNo License