Static Scan Results
scanned 4h ago · by rust-scannerStatic analysis flagged 6 finding(s) at 72.0% confidence. This version is warn-only unless an AI or security-team review confirms malicious behavior.
Static reason
One or more suspicious static signals were detected.
Decision evidence
public snapshotBehavioral surface
CryptoFilesystemNetwork
HighEntropyStringsUrlStrings
Source & flagged code
1 flagged · loading sourcedist/index.jsView file
221if (opts2.body !== void 0) init.body = opts2.body;
L222: return fetch(url, init);
L223: }
...
L226: if (body === null) {
L227: const buf = await res.arrayBuffer();
L228: if (buf.byteLength > maxBytes) {
...
L679: "SIG_ENTRY_KID_COSE_KEY_CONFLICT",
L680: "SIG_PRIVATE_KEY_LEAKED",
L681: "SUPERSEDES_TX_INVALID_LENGTH",
...
L6024: if (auxFirstByte === 246 || auxFirstByte === 247) {
L6025: return { txBody, witnessSet, auxiliaryData: null };
L6026: }
High
Cloud Metadata Access
Source reaches cloud instance metadata or link-local credential endpoints.
dist/index.jsView on unpkg · L221Findings
1 High1 Medium4 Low
HighCloud Metadata Accessdist/index.js
MediumNetwork
LowScripts Present
LowFilesystem
LowHigh Entropy Strings
LowUrl Strings