registry  /  @geoly-ai/social-hub-cli  /  0.2.0

@geoly-ai/social-hub-cli@0.2.0

social-hub CLI for Social Ops Hub

Static Scan Results

scanned 12d ago · by rust-scanner

Static analysis flagged 10 finding(s) at 72.0% confidence. This version is warn-only unless an AI or security-team review confirms malicious behavior.

Static reason
One or more suspicious static signals were detected.

Decision evidence

public snapshot
Behavioral surface
Source
ChildProcessCryptoDynamicRequireEnvironmentVarsFilesystemNetworkShell
Supply chain
HighEntropyStringsUrlStrings
Manifest
NoLicense
scanned 55 file(s), 369 KB of source, external domains: codeload.github.com, example.com, github.com, hub.example, redd.eclick-geo.com, registry.npmjs.org, www.reddit.com

Source & flagged code

2 flagged · loading source
package.jsonView file
scripts.postinstall = node postinstall-guard.cjs
High
Install Time Lifecycle Scripts

Package defines install-time lifecycle scripts.

package.jsonView on unpkg
postinstall-guard.cjsView file
5try { L6: const fs = require("node:fs"); L7: const path = require("node:path");
Medium
Dynamic Require

Package source references dynamic require/import behavior.

postinstall-guard.cjsView on unpkg · L5

Findings

1 High4 Medium5 Low
HighInstall Time Lifecycle Scriptspackage.json
MediumDynamic Requirepostinstall-guard.cjs
MediumNetwork
MediumEnvironment Vars
MediumStructural Risk Force Deep Review
LowScripts Present
LowFilesystem
LowHigh Entropy Strings
LowUrl Strings
LowNo License