Static Scan Results
scanned 3h ago · by rust-scannerStatic analysis flagged 3 finding(s) at 72.0% confidence. This version is warn-only unless an AI or security-team review confirms malicious behavior.
Static reason
One or more suspicious static signals were detected.
Decision evidence
public snapshotBehavioral surface
ChildProcess
UrlStrings
CopyleftLicense
Source & flagged code
1 flagged · loading sourcebin/hapi.cjsView file
2L3: const { execFileSync } = require('child_process');
L4: const path = require('path');
L5:
L6: const platform = process.platform;
L7: const arch = process.arch;
L8: const OFFICIAL_NPM_REGISTRY = 'https://registry.npmjs.org';
L9: const SUPPORTED_PLATFORMS = [
...
L40: // Try to find the platform-specific package
L41: const pkgPath = require.resolve(`${pkgName}/package.json`);
L42: const binName = platformName === 'win32' ? 'hapi.exe' : 'hapi';
High
Sandbox Evasion Gated Capability
Source gates dangerous network, credential, or execution behavior behind CI, host, platform, time, or geo fingerprint checks.
bin/hapi.cjsView on unpkg · L2Findings
1 High2 Low
HighSandbox Evasion Gated Capabilitybin/hapi.cjs
LowUrl Strings
LowCopyleft License