Static Scan Results
scanned 2h ago · by rust-scannerStatic analysis flagged 11 finding(s) at 72.0% confidence. This version is warn-only unless an AI or security-team review confirms malicious behavior.
Static reason
One or more suspicious static signals were detected.
Decision evidence
public snapshotBehavioral surface
CryptoDynamicRequireEnvironmentVarsFilesystemNetwork
HighEntropyStringsUrlStrings
Source & flagged code
4 flagged · loading sourcepackages/fr-config-common/src/authenticate.jsView file
13patternName = private_key_rsa
severity = critical
line = 13
matchedText = return p...--")
Critical
Critical Secret
Package contains a critical-looking secret pattern.
packages/fr-config-common/src/authenticate.jsView on unpkg · L1313patternName = private_key_rsa
severity = critical
line = 13
matchedText = return p...--")
Critical
Secret Pattern
RSA private key in packages/fr-config-common/src/authenticate.js
packages/fr-config-common/src/authenticate.jsView on unpkg · L13scripts/update-versions.jsView file
2L3: const fs = require('fs');
L4: const path = require('path');
Medium
Dynamic Require
Package source references dynamic require/import behavior.
scripts/update-versions.jsView on unpkg · L2packages/fr-config-common/tests/authenticate.test.jsView file
135patternName = private_key_rsa
severity = critical
line = 135
matchedText = "-----BE...--";
Critical
Secret Pattern
RSA private key in packages/fr-config-common/tests/authenticate.test.js
packages/fr-config-common/tests/authenticate.test.jsView on unpkg · L135Findings
3 Critical3 Medium5 Low
CriticalCritical Secretpackages/fr-config-common/src/authenticate.js
CriticalSecret Patternpackages/fr-config-common/tests/authenticate.test.js
CriticalSecret Patternpackages/fr-config-common/src/authenticate.js
MediumDynamic Requirescripts/update-versions.js
MediumNetwork
MediumEnvironment Vars
LowNon Install Lifecycle Scripts
LowScripts Present
LowFilesystem
LowHigh Entropy Strings
LowUrl Strings