Static Scan Results
scanned 8h ago · by rust-scannerStatic analysis flagged 6 finding(s) at 72.0% confidence. This version is warn-only unless an AI or security-team review confirms malicious behavior.
Static reason
One or more suspicious static signals were detected.
Decision evidence
public snapshotBehavioral surface
ChildProcessEnvironmentVars
HighEntropyStrings
NoLicense
Source & flagged code
2 flagged · loading sourcebin/scout.jsView file
9L10: const { spawn } = require('child_process');
L11:
High
49'(the npm optional-dependencies pitfall). Remove node_modules and the ' +
L50: 'lockfile, reinstall, or run npx with a fresh cache. ' +
L51: 'Set SCOUT_BINARY_PATH to a locally built scout binary to override.',
...
L55:
L56: const child = spawn(resolveBinary(), process.argv.slice(2), {
L57: stdio: 'inherit',
High
Runtime Package Install
Package source invokes a package manager install command at runtime.
bin/scout.jsView on unpkg · L49Findings
2 High2 Medium2 Low
HighChild Processbin/scout.js
HighRuntime Package Installbin/scout.js
MediumEnvironment Vars
MediumStructural Risk Force Deep Review
LowHigh Entropy Strings
LowNo License