Static Scan Results
scanned 3d ago · by rust-scannerStatic analysis completed at 65.0% confidence. No malicious behavior was detected; 11 low-signal pattern(s) were surfaced and cleared.
Static reason
No blocking static signals were detected.
Decision evidence
public snapshotBehavioral surface
ChildProcessCryptoDynamicRequireEnvironmentVarsFilesystemNetworkShell
HighEntropyStringsUrlStrings
CopyleftLicense
Source & flagged code
2 flagged · loading sourcesrc/env.jsView file
8* Usage:
L9: * const { extra } = require('@everystack/cli/env').load();
L10: * module.exports = { expo: { extra } };
Medium
Dynamic Require
Package source references dynamic require/import behavior.
src/env.jsView on unpkg · L8src/handler/signing.tsView file
2L3: export function signRSASHA256(data: string, privateKey: string): string {
L4: const sign = crypto.createSign('RSA-SHA256');
...
L6: sign.end();
L7: return sign.sign(privateKey, 'base64');
L8: }
Low
Weak Crypto
Package source references weak cryptographic algorithms.
src/handler/signing.tsView on unpkg · L2Findings
4 Medium7 Low
MediumDynamic Requiresrc/env.js
MediumNetwork
MediumEnvironment Vars
MediumStructural Risk Force Deep Review
LowNon Install Lifecycle Scripts
LowScripts Present
LowWeak Cryptosrc/handler/signing.ts
LowFilesystem
LowHigh Entropy Strings
LowUrl Strings
LowCopyleft License