Static Scan Results
scanned 2h ago · by rust-scannerStatic analysis flagged 4 finding(s) at 72.0% confidence. This version is warn-only unless an AI or security-team review confirms malicious behavior.
Static reason
One or more suspicious static signals were detected.
Decision evidence
public snapshotBehavioral surface
ChildProcessEnvironmentVars
UrlStrings
NoLicense
Source & flagged code
1 flagged · loading sourcebin/gng.jsView file
7L8: const { spawnSync } = require('child_process');
L9: const path = require('path');
L10:
L11: const PLATFORM = `${process.platform}-${process.arch}`;
L12:
...
L24: `Supported: linux-x64, linux-arm64, darwin-x64, darwin-arm64, win32-x64\n` +
L25: `Or install manually: curl -fsSL https://ganglia.dev/install.sh | bash`,
L26: );
...
L53: stdio: 'inherit',
L54: env: process.env,
L55: windowsHide: false,
High
Sandbox Evasion Gated Capability
Source gates dangerous network, credential, or execution behavior behind CI, host, platform, time, or geo fingerprint checks.
bin/gng.jsView on unpkg · L7Findings
1 High1 Medium2 Low
HighSandbox Evasion Gated Capabilitybin/gng.js
MediumEnvironment Vars
LowUrl Strings
LowNo License