registry  /  @goplusvn/core  /  0.1.36

@goplusvn/core@0.1.36

GoPlusVN Platform Kit - ERP kernel: layout, RBAC, CRUD, multi-tenant, system pages

Static Scan Results

scanned 2h ago · by rust-scanner

Static analysis flagged 8 finding(s) at 72.0% confidence. This version is warn-only unless an AI or security-team review confirms malicious behavior.

Static reason
One or more suspicious static signals were detected.

Decision evidence

public snapshot
Behavioral surface
Source
ChildProcessCryptoEnvironmentVarsNetwork
Supply chain
HighEntropyStringsUrlStrings
Manifest
NoLicense
scanned 413 file(s), 1.85 MB of source, external domains: google.com, goplus.vn, purecatamphetamine.github.io, www.example.com, www.w3.org

Source & flagged code

2 flagged · loading source
src/user/components/unified-profile-dialog.tsxView file
283patternName = generic_password severity = medium line = 283 matchedText = payload....56";
Medium
Secret Pattern

Package contains a possible secret pattern.

src/user/components/unified-profile-dialog.tsxView on unpkg · L283
src/ui/forms/update_search.pyView file
path = src/ui/forms/update_search.py kind = build_helper sizeBytes = 1662 magicHex = [redacted]
Medium
Ships Build Helper

Package ships non-JavaScript build or shell helper files.

src/ui/forms/update_search.pyView on unpkg

Findings

4 Medium4 Low
MediumSecret Patternsrc/user/components/unified-profile-dialog.tsx
MediumNetwork
MediumEnvironment Vars
MediumShips Build Helpersrc/ui/forms/update_search.py
LowScripts Present
LowHigh Entropy Strings
LowUrl Strings
LowNo License