Static Scan Results
scanned 4h ago · by rust-scannerStatic analysis flagged 9 finding(s) at 72.0% confidence. This version is warn-only unless an AI or security-team review confirms malicious behavior.
Static reason
One or more suspicious static signals were detected.
Decision evidence
public snapshotBehavioral surface
ChildProcessDynamicRequireEvalNetworkShell
HighEntropyStringsMinifiedObfuscatedUrlStrings
NoLicense
Source & flagged code
3 flagged · loading sourcedist/user-login/user-login.entry.jsView file
1patternName = generic_password
severity = medium
line = 1
matchedText = import{r...)}))
Medium
Secret Pattern
Package contains a possible secret pattern.
dist/user-login/user-login.entry.jsView on unpkg · L1dist/esm/user-login.entry.jsView file
1845subject to an additional IP rights grant found at http://polymer.github.io/PATENTS.txt
L1846: */const b=Qa(HTMLElement),el=/\/\*[\*!]\s+vaadin-dev-mode:start([\s\S]*)vaadin-dev-mode:end\s+\*\*\//i,dt=window.Vaadin&&window.Vaadin.Flow&&window.Vaadin.Flow.clients;function tl(...
L1847: (function () {
Low
Eval
Package source references a known benign dynamic code generation pattern.
dist/esm/user-login.entry.jsView on unpkg · L1845dist/index.cjs.jsView file
1module.exports = require('./cjs/index.cjs.js');
Medium
Dynamic Require
Package source references dynamic require/import behavior.
dist/index.cjs.jsView on unpkg · L1Findings
4 Medium5 Low
MediumSecret Patterndist/user-login/user-login.entry.js
MediumDynamic Requiredist/index.cjs.js
MediumNetwork
MediumStructural Risk Force Deep Review
LowEvaldist/esm/user-login.entry.js
LowObfuscated
LowHigh Entropy Strings
LowUrl Strings
LowNo License