registry  /  @drupal-forge/server-content-model  /  0.1.5

@drupal-forge/server-content-model@0.1.5

Static Scan Results

scanned 7h ago · by rust-scanner

Static analysis flagged 10 finding(s) at 72.0% confidence. This version is warn-only unless an AI or security-team review confirms malicious behavior.

Static reason
One or more suspicious static signals were detected.

Decision evidence

public snapshot
Behavioral surface
Source
ChildProcessCryptoEnvironmentVarsEvalFilesystemShell
Supply chain
HighEntropyStringsUrlStrings
Manifest
NoLicenseWildcardDependency
scanned 1 file(s), 576 KB of source, external domains: json-schema.org

Source & flagged code

2 flagged · loading source
dist/index.jsView file
17ZodArray: () => ZodArray, L18: ZodBase64: () => ZodBase64, L19: ZodBase64URL: () => ZodBase64URL, ... L1478: error: new (_Err ?? $ZodError)(result.issues.map((iss) => finalizeIssue(iss, ctx, config()))) L1479: } : { success: true, data: result.value }; L1480: }; ... L2562: try { L2563: new URL(`http://[${payload.value}]`); L2564: } catch { ... L14917: // servers/drupal-content-model/src/runtime/drushRunner.ts L14918: import { exec, execFile } from "node:child_process"; L14919: import { existsSync, writeFileSync, unlinkSync } from "node:fs";
High
Obfuscated Payload Loader

Source contains an obfuscator-style string-array loader that reconstructs and executes hidden code.

dist/index.jsView on unpkg · L17
14966try { L14967: $result = eval(base64_decode('${base64Payload}')); L14968: echo "\\n---MCP-BEGIN---\\n";
Low
Eval

Package source references a known benign dynamic code generation pattern.

dist/index.jsView on unpkg · L14966

Findings

1 High3 Medium6 Low
HighObfuscated Payload Loaderdist/index.js
MediumEnvironment Vars
MediumStructural Risk Force Deep Review
MediumWildcard Dependency
LowScripts Present
LowEvaldist/index.js
LowFilesystem
LowHigh Entropy Strings
LowUrl Strings
LowNo License