Static Scan Results
scanned 6h ago · by rust-scannerStatic analysis completed at 65.0% confidence. No malicious behavior was detected; 11 low-signal pattern(s) were surfaced and cleared.
Static reason
No blocking static signals were detected.
Decision evidence
public snapshotBehavioral surface
ChildProcessEnvironmentVarsFilesystemNetworkShell
HighEntropyStringsMinifiedUrlStrings
Source & flagged code
3 flagged · loading sourcedist/server/dist/routes/benchmarks.jsView file
3import path from 'node:path';
L4: import { spawn } from 'node:child_process';
L5: import { z } from 'zod';
High
Child Process
Package source references child process execution.
dist/server/dist/routes/benchmarks.jsView on unpkg · L3dist/cli.jsView file
583stdio: "inherit",
L584: shell: true,
L585: env
High
573const grpcPort = await findAvailablePort(DEFAULT_GRPC_PORT, MAX_GRPC_PORT);
L574: apiUrl = `http://localhost:${port.toString()}`;
L575: process.env.HARNESS_API_URL = apiUrl;
L576: const env = {
...
L581: };
L582: server = startBundledServer(env) ?? spawn("pnpm", ["--filter", "@omega/server", "dev"], {
L583: stdio: "inherit",
High
Same File Env Network Execution
A single source file combines environment access, network access, and code or shell execution; review context before blocking.
dist/cli.jsView on unpkg · L573Findings
3 High3 Medium5 Low
HighChild Processdist/server/dist/routes/benchmarks.js
HighShelldist/cli.js
HighSame File Env Network Executiondist/cli.js
MediumNetwork
MediumEnvironment Vars
MediumStructural Risk Force Deep Review
LowNon Install Lifecycle Scripts
LowScripts Present
LowFilesystem
LowHigh Entropy Strings
LowUrl Strings