Static Scan Results
scanned 2h ago · by rust-scannerStatic analysis flagged 9 finding(s) at 72.0% confidence. This version is warn-only unless an AI or security-team review confirms malicious behavior.
Static reason
One or more suspicious static signals were detected.
Decision evidence
public snapshotBehavioral surface
ChildProcessCryptoEnvironmentVarsFilesystemNetwork
HighEntropyStringsUrlStrings
Source & flagged code
2 flagged · loading sourcedist/setup.cjsView file
1473function wrapAnsi(string, columns, options) {
L1474: return String(string).normalize().replaceAll("\r\n", "\n").split("\n").map((line) => exec(line, columns, options)).join("\n");
L1475: }
High
8547const installCommand = {
L8548: npm: `npm install ${pkg} --save-dev`,
L8549: yarn: `yarn add ${pkg} --dev`,
...
L8553: try {
L8554: (0, import_node_child_process.execSync)(installCommand, { stdio: "inherit" });
L8555: } catch {
High
Runtime Package Install
Package source invokes a package manager install command at runtime.
dist/setup.cjsView on unpkg · L8547Findings
2 High3 Medium4 Low
HighChild Processdist/setup.cjs
HighRuntime Package Installdist/setup.cjs
MediumNetwork
MediumEnvironment Vars
MediumStructural Risk Force Deep Review
LowScripts Present
LowFilesystem
LowHigh Entropy Strings
LowUrl Strings