Static Scan Results
scanned 4d ago · by rust-scannerStatic analysis flagged 18 finding(s) at 86.0% confidence. This version is warn-only unless an AI or security-team review confirms malicious behavior.
Decision evidence
public snapshotSource & flagged code
8 flagged · loading sourcePackage contains a high-severity secret pattern.
dist/server/src/remote/push.jsView on unpkg · L16Google API key in dist/server/src/remote/push.js
dist/server/src/remote/push.jsView on unpkg · L16Package source references dynamic require/import behavior.
dist/interface/assets/vendor-cameraui-DDdtrYBn.jsView on unpkg · L4Package source references weak cryptographic algorithms.
dist/server/src/camera/sensors/stable-id.jsView on unpkg · L1Source contains bidi control or invisible Unicode characters associated with Trojan Source attacks.
dist/interface/assets/vendor-primevue-DB14kOh6.jsView on unpkg · L3433Package ships non-JavaScript build or shell helper files.
dist/server/src/plugins/runtime/python/store.pyView on unpkgPackage ships high-entropy non-source blobs.
dist/interface/fonts/InterVariable.woff2View on unpkgHardcoded password in dist/interface/assets/Cameras-DNsE3_T0.js
dist/interface/assets/Cameras-DNsE3_T0.jsView on unpkg · L539