Static Scan Results
scanned 13d ago · by rust-scannerStatic analysis flagged 9 finding(s) at 72.0% confidence. This version is warn-only unless an AI or security-team review confirms malicious behavior.
Static reason
One or more suspicious static signals were detected.
Decision evidence
public snapshotBehavioral surface
ChildProcessDynamicRequireEnvironmentVarsFilesystemNetworkShell
HighEntropyStringsUrlStrings
Source & flagged code
3 flagged · loading sourcesrc/cli/examples.jsView file
86patternName = private_key_openssh
severity = critical
line = 86
matchedText = $ dotenv...----
Critical
Critical Secret
Package contains a critical-looking secret pattern.
src/cli/examples.jsView on unpkg · L8686patternName = private_key_openssh
severity = critical
line = 86
matchedText = $ dotenv...----
Critical
src/shared/logger.jsView file
1const packageJson = require('../lib/helpers/packageJson')
L2: const Errors = require('../lib/helpers/errors')
Medium
Dynamic Require
Package source references dynamic require/import behavior.
src/shared/logger.jsView on unpkg · L1Findings
2 Critical3 Medium4 Low
CriticalCritical Secretsrc/cli/examples.js
CriticalSecret Patternsrc/cli/examples.js
MediumDynamic Requiresrc/shared/logger.js
MediumNetwork
MediumEnvironment Vars
LowScripts Present
LowFilesystem
LowHigh Entropy Strings
LowUrl Strings