registry  /  @erdify/cli  /  0.1.5

@erdify/cli@0.1.5

Command-line interface for [ERDify](https://erdify-app.kro.kr) — manage your database schemas and ERD diagrams directly from the terminal.

Static Scan Results

scanned 2d ago · by rust-scanner

Static analysis flagged 8 finding(s) at 72.0% confidence. This version is warn-only unless an AI or security-team review confirms malicious behavior.

Static reason
One or more suspicious static signals were detected.

Decision evidence

public snapshot
Behavioral surface
Source
ChildProcessEnvironmentVarsNetwork
Supply chain
HighEntropyStringsMinifiedUrlStrings
Manifest
NoLicense
scanned 2 file(s), 50.3 KB of source, external domains: erdify-app.kro.kr

Source & flagged code

1 flagged · loading source
dist/index.jsView file
1var He=Object.create;var _e=Object.defineProperty;var je=Object.getOwnPropertyDescriptor;var Me=Object.getOwnPropertyNames;var Re=Object.getPrototypeOf,Ue=Object.prototype.hasOwnPr... L2: `).replace(/^/gm," ".repeat(r))}let u=[`Usage: ${t.commandUsage(e)}`,""],c=t.commandDescription(e);c.length>0&&(u=u.concat([t.wrap(c,i,0),""]));let m=t.visibleArguments(e).map(h=>l... ... L9: (Did you mean one of ${n.join(", ")}?)`:n.length===1?` L10: (Did you mean ${n[0]}?)`:""}$e.suggestSimilar=Ye});var xe=x(Ee=>{"use strict";var Ze=I("events").EventEmitter,J=I("child_process"),O=I("path"),Y=I("fs"),f=I("process"),{Argument:Xe... L11: - specify the name in Command constructor or using .name()`);return t=t||{},t.isDefault&&(this._defaultCommandName=e._name),(t.noHelp||t.hidden)&&(e._hidden=!0),this._registerComma... ... L37: -- Seed Data L38: ${t}`:t:e}import{existsSync as ft,mkdirSync as pt,readFileSync as gt,writeFileSync as _t}from"fs";import{homedir as qe}from"os";import{dirname as yt,join as me}from"path";function ... L39: \u26A0 erdify export \uACBD\uACE0 ${n.length}\uAC74 (\uD574\uB2F9 \uD56D\uBAA9\uC740 \uC8FC\uC11D\uC73C\uB85C \uAC15\uB4F1\uB428):`);for(let i of n)console.error(` [$
High
Sandbox Evasion Gated Capability

Source gates dangerous network, credential, or execution behavior behind CI, host, platform, time, or geo fingerprint checks.

dist/index.jsView on unpkg · L1

Findings

1 High3 Medium4 Low
HighSandbox Evasion Gated Capabilitydist/index.js
MediumNetwork
MediumEnvironment Vars
MediumStructural Risk Force Deep Review
LowScripts Present
LowHigh Entropy Strings
LowUrl Strings
LowNo License