Static Scan Results
scanned 8d ago · by rust-scannerStatic analysis flagged 9 finding(s) at 72.0% confidence. This version is warn-only unless an AI or security-team review confirms malicious behavior.
Static reason
One or more suspicious static signals were detected.
Decision evidence
public snapshotBehavioral surface
ChildProcessCryptoEnvironmentVarsFilesystemNetworkShell
UrlStrings
NoLicense
Source & flagged code
2 flagged · loading sourcescripts/lib/portal-sources.mjsView file
2import path from 'node:path';
L3: import { execFileSync } from 'node:child_process';
L4: import { readFile } from 'node:fs/promises';
High
Child Process
Package source references child process execution.
scripts/lib/portal-sources.mjsView on unpkg · L2scripts/lib/portal-c4.mjsView file
1// scripts/lib/portal-c4.mjs — lazy `npx likec4 serve` lifecycle + liveness probe + group kill.
L2: import { spawn as nodeSpawn } from 'node:child_process';
L3: import { request } from 'node:http';
High
Runtime Package Install
Package source invokes a package manager install command at runtime.
scripts/lib/portal-c4.mjsView on unpkg · L1Findings
3 High2 Medium4 Low
HighChild Processscripts/lib/portal-sources.mjs
HighShell
HighRuntime Package Installscripts/lib/portal-c4.mjs
MediumNetwork
MediumEnvironment Vars
LowScripts Present
LowFilesystem
LowUrl Strings
LowNo License