Static Scan Results
scanned 3h ago · by rust-scannerStatic analysis flagged 11 finding(s) at 86.0% confidence. This version is warn-only unless an AI or security-team review confirms malicious behavior.
Static reason
High-risk behavior combination matched malicious policy.
Decision evidence
public snapshotBehavioral surface
ChildProcessCryptoDynamicRequireEnvironmentVarsNetworkWebSocket
HighEntropyStringsTelemetryUrlStrings
NoLicense
Oversized source lightweight scan
dist/index-4KbSEunM.js2.31 MB file, sampled 256 KB
NetworkCryptoHighEntropyStringsUrlStrings1click.chaindefuser.comapi.delora.buildexplorer.mayan.financegateway.ipfs.iogithub.comsupport.metamask.iowww.w3.org
dist/index-BTC2pbSq.js2.29 MB file, sampled 256 KB
NetworkCryptoHighEntropyStringsUrlStringsapi.delora.buildexplorer.mayan.financegateway.ipfs.iogithub.comsupport.metamask.iowww.w3.org
dist/index-Bo8ff2NK.js2.33 MB file, sampled 256 KB
NetworkCryptoHighEntropyStringsUrlStrings1click.chaindefuser.comapi.delora.builddelora.buildexplorer.mayan.financegateway.ipfs.iogithub.comsupport.metamask.iowww.w3.org
dist/index-BvgMw1Ta.js2.29 MB file, sampled 256 KB
NetworkCryptoHighEntropyStringsUrlStringsapi.delora.buildexplorer.mayan.financegateway.ipfs.iogithub.comsupport.metamask.iowww.w3.org
dist/index-C2TWEyo2.js2.29 MB file, sampled 256 KB
NetworkCryptoHighEntropyStringsUrlStringsapi.delora.buildexplorer.mayan.financegateway.ipfs.iogithub.comsupport.metamask.iowww.w3.org
dist/index-C3HOzno2.js2.33 MB file, sampled 256 KB
NetworkCryptoHighEntropyStringsUrlStrings1click.chaindefuser.comapi.delora.builddelora.buildexplorer.mayan.financegateway.ipfs.iogithub.comsupport.metamask.iowww.w3.org
dist/index-C7D5SyXS.js2.34 MB file, sampled 256 KB
NetworkCryptoHighEntropyStringsUrlStrings1click.chaindefuser.comapi.delora.builddelora.buildexplorer.mayan.financegateway.ipfs.iogithub.comsupport.metamask.iowww.w3.org
dist/index-D9icDgL2.js2.31 MB file, sampled 256 KB
NetworkCryptoHighEntropyStringsUrlStrings1click.chaindefuser.comapi.delora.buildexplorer.mayan.financegateway.ipfs.iogithub.comsupport.metamask.iowww.w3.org
dist/index-DFlOmaTv.js2.34 MB file, sampled 256 KB
NetworkCryptoHighEntropyStringsUrlStrings1click.chaindefuser.comapi.delora.builddelora.buildexplorer.mayan.financegateway.ipfs.iogithub.comsupport.metamask.iowww.w3.org
dist/index-Du_76KPF.js2.33 MB file, sampled 256 KB
NetworkCryptoHighEntropyStringsUrlStrings1click.chaindefuser.comapi.delora.builddelora.buildexplorer.mayan.financegateway.ipfs.iogithub.comsupport.metamask.iowww.w3.org
dist/index-TUstsMGc.js2.29 MB file, sampled 256 KB
NetworkCryptoHighEntropyStringsUrlStringsapi.delora.buildexplorer.mayan.financegateway.ipfs.iogithub.comsupport.metamask.iowww.w3.org
Source & flagged code
3 flagged · loading sourcedist/index-DdlPC7CM.jsView file
245function t(e) {
L246: this.version = e, this.type = "node", this.name = "node", this.os = process.platform;
L247: }
...
L655: if (!e.has(t))
L656: throw new TypeError("attempted to get private field on non-instance");
L657: return e.get(t);
...
L683: __makeTemplateObject: Yg,
L684: __metadata: Lg,
L685: __param: kg,
...
L932: return r.cause && "details" in r.cause && typeof r.cause.details == "string" ? r.cause.details : (c = r.cause) != null && c.message ? r.cause.message : r.details;
L933: })(), i = r.cause instanceof oe && r.cause.docsPath || r.docsPath, o = `https://oxlib.sh${i ?? ""}`, a = [
L934: e || "An error occurred.",
Critical
Credential Exfiltration
Source appears to send environment or credential material to an external endpoint.
dist/index-DdlPC7CM.jsView on unpkg · L24511018};
L11019: const _S = () => typeof WebSocket < "u" ? WebSocket : typeof global < "u" && typeof global.WebSocket < "u" ? global.WebSocket : typeof window < "u" && typeof window.WebSocket < "u"...
L11020: let AS = class {
Medium
Dynamic Require
Package source references dynamic require/import behavior.
dist/index-DdlPC7CM.jsView on unpkg · L11018dist/index-C7D5SyXS.jsView file
•path = dist/index-C7D5SyXS.js
kind = oversized_source_file
sizeBytes = 2449496
magicHex = [redacted]
High
Oversized Source File
Package contains source files above the static scanner size ceiling.
dist/index-C7D5SyXS.jsView on unpkgFindings
1 Critical1 High4 Medium5 Low
CriticalCredential Exfiltrationdist/index-DdlPC7CM.js
HighOversized Source Filedist/index-C7D5SyXS.js
MediumDynamic Requiredist/index-DdlPC7CM.js
MediumNetwork
MediumEnvironment Vars
MediumStructural Risk Force Deep Review
LowScripts Present
LowHigh Entropy Strings
LowTelemetry
LowUrl Strings
LowNo License