registry  /  @elytracms/studio  /  0.0.29

@elytracms/studio@0.0.29

The Elytra studio engine (UI + lib + routes + data-only Convex schema) as an importable package. Extraction staged in EXTRACTION.md (EC-223); Stages 1-2 = UI primitives + router-free lib leaves.

Static Scan Results

scanned 2h ago · by rust-scanner

Static analysis flagged 11 finding(s) at 72.0% confidence. This version is warn-only unless an AI or security-team review confirms malicious behavior.

Static reason
One or more suspicious static signals were detected.

Decision evidence

public snapshot
Behavioral surface
Source
ChildProcessEnvironmentVarsNetworkShell
Supply chain
HighEntropyStringsUrlStrings
ManifestNo manifest risk signals triggered.
scanned 239 file(s), 1.14 MB of source, external domains: placehold.co

Source & flagged code

6 flagged · loading source
dist/lib/auth/local-auth-adapter.jsView file
23patternName = generic_password severity = medium line = 23 matchedText = { user: ...' },
Medium
Secret Pattern

Package contains a possible secret pattern.

dist/lib/auth/local-auth-adapter.jsView on unpkg · L23
24patternName = generic_password severity = medium line = 24 matchedText = { user: ...' },
Medium
Secret Pattern

Hardcoded password in dist/lib/auth/local-auth-adapter.js

dist/lib/auth/local-auth-adapter.jsView on unpkg · L24
25patternName = generic_password severity = medium line = 25 matchedText = { user: ...' },
Medium
Secret Pattern

Hardcoded password in dist/lib/auth/local-auth-adapter.js

dist/lib/auth/local-auth-adapter.jsView on unpkg · L25
dist/lib/auth/local-auth-adapter.d.tsView file
28patternName = generic_password severity = medium line = 28 matchedText = readonly...in";
Medium
Secret Pattern

Hardcoded password in dist/lib/auth/local-auth-adapter.d.ts

dist/lib/auth/local-auth-adapter.d.tsView on unpkg · L28
35patternName = generic_password severity = medium line = 35 matchedText = readonly...or";
Medium
Secret Pattern

Hardcoded password in dist/lib/auth/local-auth-adapter.d.ts

dist/lib/auth/local-auth-adapter.d.tsView on unpkg · L35
42patternName = generic_password severity = medium line = 42 matchedText = readonly...er";
Medium
Secret Pattern

Hardcoded password in dist/lib/auth/local-auth-adapter.d.ts

dist/lib/auth/local-auth-adapter.d.tsView on unpkg · L42

Findings

8 Medium3 Low
MediumSecret Patterndist/lib/auth/local-auth-adapter.js
MediumNetwork
MediumEnvironment Vars
MediumSecret Patterndist/lib/auth/local-auth-adapter.js
MediumSecret Patterndist/lib/auth/local-auth-adapter.js
MediumSecret Patterndist/lib/auth/local-auth-adapter.d.ts
MediumSecret Patterndist/lib/auth/local-auth-adapter.d.ts
MediumSecret Patterndist/lib/auth/local-auth-adapter.d.ts
LowScripts Present
LowHigh Entropy Strings
LowUrl Strings