Static Scan Results
scanned 2h ago · by rust-scannerStatic analysis flagged 18 finding(s) at 86.0% confidence. This version is warn-only unless an AI or security-team review confirms malicious behavior.
Decision evidence
public snapshotSource & flagged code
8 flagged · loading sourcePackage contains a high-severity secret pattern.
dist/server/src/remote/push.jsView on unpkg · L16Google API key in dist/server/src/remote/push.js
dist/server/src/remote/push.jsView on unpkg · L16Package source references dynamic require/import behavior.
dist/interface/assets/worker-base-ybazWkNy.jsView on unpkg · L51Package source references weak cryptographic algorithms.
dist/server/src/camera/sensors/stable-id.jsView on unpkg · L1Source contains bidi control or invisible Unicode characters associated with Trojan Source attacks.
dist/interface/assets/vendor-primevue-BdB7McKg.jsView on unpkg · L3372Package ships non-JavaScript build or shell helper files.
dist/server/src/plugins/runtime/python/store.pyView on unpkgPackage ships high-entropy non-source blobs.
dist/interface/fonts/InterVariable.woff2View on unpkgHardcoded password in dist/interface/assets/Cameras-DT62fcZK.js
dist/interface/assets/Cameras-DT62fcZK.jsView on unpkg · L539