Static Scan Results
scanned 9d ago · by rust-scannerStatic analysis flagged 7 finding(s) at 86.0% confidence. This version is warn-only unless an AI or security-team review confirms malicious behavior.
Static reason
High-risk behavior combination matched malicious policy.
Decision evidence
public snapshotBehavioral surface
ChildProcessDynamicRequireNetworkShell
HighEntropyStringsMinifiedUrlStrings
Source & flagged code
2 flagged · loading sourcedist/lib/index.cjs.jsView file
1module.exports = require('./cjs/index.cjs.js');
Medium
Dynamic Require
Package source references dynamic require/import behavior.
dist/lib/index.cjs.jsView on unpkg · L1dist/lib/cars-calculator/cars-calculator.jsView file
10* core-js 3.6.5
L11: * https://github.com/zloirock/core-js
L12: * License: http://rock.mit-license.org
...
L14: */
L15: !function(t){"use strict";!function(t){var n={};function e(r){if(n[r])return n[r].exports;var o=n[r]={i:r,l:!1,exports:{}};return t[r].call(o.exports,o,o.exports,e),o.l=!0,o.export...
L16:
...
L18: // IIFE version
L19: !function(t){"use strict";var e="URLSearchParams"in self,r="Symbol"in self&&"iterator"in Symbol,o="FileReader"in self&&"Blob"in self&&function(){try{return new Blob,!0}catch(t){ret...
L20:
Critical
Builtin Api Tampering Exfiltration
Source mutates builtin networking, serialization, module-loading, or filesystem APIs while forwarding data to an external endpoint.
dist/lib/cars-calculator/cars-calculator.jsView on unpkg · L10Findings
1 Critical3 Medium3 Low
CriticalBuiltin Api Tampering Exfiltrationdist/lib/cars-calculator/cars-calculator.js
MediumDynamic Requiredist/lib/index.cjs.js
MediumNetwork
MediumStructural Risk Force Deep Review
LowScripts Present
LowHigh Entropy Strings
LowUrl Strings