Static Scan Results
scanned 5d ago · by rust-scannerStatic analysis flagged 9 finding(s) at 86.0% confidence. This version is warn-only unless an AI or security-team review confirms malicious behavior.
Static reason
High-risk behavior combination matched malicious policy.
Decision evidence
public snapshotBehavioral surface
ChildProcessEnvironmentVarsNetwork
HighEntropyStringsMinifiedObfuscatedUrlStrings
Source & flagged code
2 flagged · loading sourcedist/browser/index.jsView file
1import {QueryClient,useQuery,useInfiniteQuery,useMutation,queryOptions,infiniteQueryOptions,useQueryClient}from'@tanstack/react-query';import {hexToBytes,bytesToHex}from'@noble/has...
L2: `).filter(Boolean))},staleTime:1440*60*1e3,gcTime:1/0})}var IK=1.1,Il=(r=>(r.NUMBER_OF_VOTES="number_of_votes",r.TOKENS="tokens",r))(Il||{});function DK(e){return e?e.map((t,r)=>({...
Critical
Credential Exfiltration
Source appears to send environment or credential material to an external endpoint.
dist/browser/index.jsView on unpkg · L1dist/node/index.cjsView file
1Trigger-reachable chain: manifest.main -> dist/node/index.cjs
L1: 'use strict';var reactQuery=require('@tanstack/react-query'),utils_js=require('@noble/hashes/utils.js'),legacy_js=require('@noble/hashes/legacy.js'),Fr=require('bs58'),secp256k1_js...
L2: `).filter(Boolean))},staleTime:1440*60*1e3,gcTime:1/0})}var AK=1.1,ql=(r=>(r.NUMBER_OF_VOTES="number_of_votes",r.TOKENS="tokens",r))(ql||{});function OK(e){return e?e.map((t,r)=>({...
Critical
Trigger Reachable Dangerous Capability
A package entrypoint or install-time lifecycle script reaches a source file with blocking dangerous behavior.
dist/node/index.cjsView on unpkg · L1Findings
2 Critical3 Medium4 Low
CriticalCredential Exfiltrationdist/browser/index.js
CriticalTrigger Reachable Dangerous Capabilitydist/node/index.cjs
MediumNetwork
MediumEnvironment Vars
MediumStructural Risk Force Deep Review
LowScripts Present
LowObfuscated
LowHigh Entropy Strings
LowUrl Strings