Static Scan Results
scanned 2h ago · by rust-scannerStatic analysis flagged 10 finding(s) at 72.0% confidence. This version is warn-only unless an AI or security-team review confirms malicious behavior.
Static reason
One or more suspicious static signals were detected.
Decision evidence
public snapshotBehavioral surface
ChildProcessEnvironmentVarsFilesystemNetworkShell
HighEntropyStringsUrlStrings
NoLicenseWildcardDependency
Source & flagged code
1 flagged · loading sourcesrc/commands/auth.tsView file
1import { exec } from "node:child_process";
L2: import { CodexClient, CodexOAuth, type CurrentUser } from "@getcodex/sdk";
...
L6: const CLI_CLIENT_ID = "codex_cli";
L7: const DEFAULT_BASE_URL = "https://codex.cane1712.dev";
L8:
...
L11: crypto.getRandomValues(buf);
L12: return Buffer.from(buf).toString("base64url");
L13: }
...
L22: const cmd =
L23: process.platform === "win32"
L24: ? `start "" "${url}"`
...
L69: } else {
High
Sandbox Evasion Gated Capability
Source gates dangerous network, credential, or execution behavior behind CI, host, platform, time, or geo fingerprint checks.
src/commands/auth.tsView on unpkg · L1Findings
1 High4 Medium5 Low
HighSandbox Evasion Gated Capabilitysrc/commands/auth.ts
MediumNetwork
MediumEnvironment Vars
MediumStructural Risk Force Deep Review
MediumWildcard Dependency
LowScripts Present
LowFilesystem
LowHigh Entropy Strings
LowUrl Strings
LowNo License