registry  /  @codeseedelearning/mool  /  0.0.5

@codeseedelearning/mool@0.0.5

CLI for the Mool framework — scaffold and run Mool projects.

Static Scan Results

scanned 34m ago · by rust-scanner

Static analysis flagged 6 finding(s) at 72.0% confidence. This version is warn-only unless an AI or security-team review confirms malicious behavior.

Static reason
One or more suspicious static signals were detected.

Decision evidence

public snapshot
Behavioral surface
Source
ChildProcessCryptoDynamicRequireEnvironmentVarsFilesystemShell
Supply chainNo supply-chain packaging signals triggered.
Manifest
NoLicense
scanned 33 file(s), 30.2 KB of source

Source & flagged code

3 flagged · loading source
src/templates/basic/routes/web.tsView file
37patternName = generic_password severity = medium line = 37 matchedText = password...:6",
Medium
Secret Pattern

Package contains a possible secret pattern.

src/templates/basic/routes/web.tsView on unpkg · L37
61patternName = generic_password severity = medium line = 61 matchedText = password...ng",
Medium
Secret Pattern

Hardcoded password in src/templates/basic/routes/web.ts

src/templates/basic/routes/web.tsView on unpkg · L61
src/commands/dev-command.tsView file
22L23: const module = await import(pathToFileURL(bootstrapPath).href); L24: const app: Application = module.default;
Medium
Dynamic Require

Package source references dynamic require/import behavior.

src/commands/dev-command.tsView on unpkg · L22

Findings

4 Medium2 Low
MediumSecret Patternsrc/templates/basic/routes/web.ts
MediumDynamic Requiresrc/commands/dev-command.ts
MediumEnvironment Vars
MediumSecret Patternsrc/templates/basic/routes/web.ts
LowFilesystem
LowNo License