Static Scan Results
scanned 7d ago · by rust-scannerStatic analysis completed at 93.0% confidence. No malicious behavior was detected; 11 low-signal pattern(s) were surfaced and cleared.
Static reason
No blocking static signals were detected.; previous stored version diff introduced dangerous source
Decision evidence
public snapshotBehavioral surface
ChildProcessCryptoEnvironmentVarsFilesystem
HighEntropyStringsUrlStrings
Source & flagged code
4 flagged · loading sourcedocs.zipView file
•path = docs.zip
kind = high_entropy_blob
sizeBytes = 42072965
magicHex = [redacted]
High
•path = docs.zip
kind = compressed_blob
sizeBytes = 42072965
magicHex = [redacted]
Medium
•path = docs.zip
kind = nested_archive_needs_inspection
sizeBytes = 42072965
magicHex = [redacted]
Low
Nested Archive Needs Inspection
Package ships a nested archive or MCP bundle that was inventoried but not recursively analyzed.
docs.zipView on unpkgdist/cli.jsView file
•matchType = previous_version_dangerous_delta
matchedPackage = @deveco-test/deveco-cli@1.2.0-Test.3
matchedIdentity = npm:QGRldmVjby10ZXN0L2RldmVjby1jbGk:1.2.0-Test.3
similarity = 0.667
summary = stored previous version shares package body but lacks this dangerous source file
High
Previous Version Dangerous Delta
This package version adds a dangerous source file absent from the previous stored version; route for source-aware review.
dist/cli.jsView on unpkgFindings
2 High3 Medium6 Low
HighShips High Entropy Blobdocs.zip
HighPrevious Version Dangerous Deltadist/cli.js
MediumEnvironment Vars
MediumShips Compressed Blobdocs.zip
MediumStructural Risk Force Deep Review
LowNon Install Lifecycle Scripts
LowScripts Present
LowFilesystem
LowHigh Entropy Strings
LowUrl Strings
LowNested Archive Needs Inspectiondocs.zip