Static Scan Results
scanned 2h ago · by rust-scannerStatic analysis flagged 12 finding(s) at 72.0% confidence. This version is warn-only unless an AI or security-team review confirms malicious behavior.
Static reason
One or more suspicious static signals were detected.
Decision evidence
public snapshotBehavioral surface
ChildProcessDynamicRequireFilesystemNetwork
HighEntropyStringsMinifiedUrlStrings
CopyleftLicense
Source & flagged code
5 flagged · loading sourcedist/js/timeline.jsView file
11patternName = google_api_key
severity = high
line = 11
matchedText = */(funct...}]);
High
11patternName = google_api_key
severity = high
line = 11
matchedText = */(funct...}]);
High
tasks/compile_less.jsView file
1const fs = require('fs-extra')
L2: const less = require('less')
Medium
Dynamic Require
Package source references dynamic require/import behavior.
tasks/compile_less.jsView on unpkg · L1src/js/core/ConfigFactory.jsView file
214patternName = google_api_key
severity = high
line = 214
matchedText = return "...xg";
High
Secret Pattern
Google API key in src/js/core/ConfigFactory.js
src/js/core/ConfigFactory.jsView on unpkg · L214src/js/media/Media.jsView file
63patternName = google_api_key
severity = high
line = 63
matchedText = api_key_...YI",
High
Findings
4 High3 Medium5 Low
HighHigh Secretdist/js/timeline.js
HighSecret Patterndist/js/timeline.js
HighSecret Patternsrc/js/core/ConfigFactory.js
HighSecret Patternsrc/js/media/Media.js
MediumDynamic Requiretasks/compile_less.js
MediumNetwork
MediumStructural Risk Force Deep Review
LowScripts Present
LowFilesystem
LowHigh Entropy Strings
LowUrl Strings
LowCopyleft License