Static Scan Results
scanned 6d ago · by rust-scannerStatic analysis flagged 14 finding(s) at 93.0% confidence. This version is warn-only unless an AI or security-team review confirms malicious behavior.
Decision evidence
public snapshotSource & flagged code
6 flagged · loading sourcePackage contains a critical-looking secret pattern.
src/lib/push-provider.tsView on unpkg · L278RSA private key in src/lib/push-provider.ts
src/lib/push-provider.tsView on unpkg · L278This package version adds a dangerous source file absent from the previous stored version; route for source-aware review.
src/durable-objects/database-do.tsView on unpkgRSA private key in src/__tests__/push-provider.test.ts
src/__tests__/push-provider.test.tsView on unpkg · L64Hardcoded password in src/__tests__/admin-user-management.test.ts
src/__tests__/admin-user-management.test.tsView on unpkg · L158Hardcoded password in src/__tests__/admin-user-management.test.ts
src/__tests__/admin-user-management.test.tsView on unpkg · L308