registry  /  @futdevpro/nts-dynamo  /  1.15.88

@futdevpro/nts-dynamo@1.15.88

Dynamic NodeTS (NodeJS-Typescript), MongoDB Backend System Framework by Future Development Program Ltd.

Static Scan Results

scanned 7h ago · by rust-scanner

Static analysis flagged 13 finding(s) at 72.0% confidence. This version is warn-only unless an AI or security-team review confirms malicious behavior.

Static reason
One or more suspicious static signals were detected.

Decision evidence

public snapshot
Behavioral surface
Source
ChildProcessCryptoEnvironmentVarsFilesystemNetworkWebSocket
Supply chain
HighEntropyStringsUrlStrings
ManifestNo manifest risk signals triggered.
scanned 625 file(s), 3.45 MB of source, external domains: api.example.com, app.clickup.com, attacker.com, discord.com, evil.com, example.com, oauth2.example.com, organizer.futdevpro.hu, test.example.com, test.organizer.futdevpro.hu

Source & flagged code

5 flagged · loading source
scripts/run-coverage-tests.jsView file
1const { execSync } = require('child_process'); L2: const path = require('path');
High
Child Process

Package source references child process execution.

scripts/run-coverage-tests.jsView on unpkg · L1
16try { L17: execSync(`npx jasmine --config="${configPath}"`, { L18: stdio: 'inherit',
High
Runtime Package Install

Package source invokes a package manager install command at runtime.

scripts/run-coverage-tests.jsView on unpkg · L16
BuildPackage.batView file
path = BuildPackage.bat kind = build_helper sizeBytes = 20 magicHex = [redacted]
Medium
Ships Build Helper

Package ships non-JavaScript build or shell helper files.

BuildPackage.batView on unpkg
src/_modules/oauth2/_services/oauth2.control-service.spec.tsView file
298patternName = generic_password severity = medium line = 298 matchedText = password...23',
Medium
Secret Pattern

Hardcoded password in src/_modules/oauth2/_services/oauth2.control-service.spec.ts

src/_modules/oauth2/_services/oauth2.control-service.spec.tsView on unpkg · L298
404patternName = generic_password severity = medium line = 404 matchedText = password...rd',
Medium
Secret Pattern

Hardcoded password in src/_modules/oauth2/_services/oauth2.control-service.spec.ts

src/_modules/oauth2/_services/oauth2.control-service.spec.tsView on unpkg · L404

Findings

2 High6 Medium5 Low
HighChild Processscripts/run-coverage-tests.js
HighRuntime Package Installscripts/run-coverage-tests.js
MediumNetwork
MediumEnvironment Vars
MediumShips Build HelperBuildPackage.bat
MediumStructural Risk Force Deep Review
MediumSecret Patternsrc/_modules/oauth2/_services/oauth2.control-service.spec.ts
MediumSecret Patternsrc/_modules/oauth2/_services/oauth2.control-service.spec.ts
LowNon Install Lifecycle Scripts
LowScripts Present
LowFilesystem
LowHigh Entropy Strings
LowUrl Strings