registry  /  @haimiya/baileys  /  9.4.6

@haimiya/baileys@9.4.6

Full source fork Baileys by HAIMIYA SERVER

Static Scan Results

scanned 2h ago · by rust-scanner

Static analysis flagged 15 finding(s) at 72.0% confidence. This version is warn-only unless an AI or security-team review confirms malicious behavior.

Static reason
One or more suspicious static signals were detected.

Decision evidence

public snapshot
Behavioral surface
Source
ChildProcessCryptoDynamicRequireFilesystemNetworkShellWebSocket
Supply chain
HighEntropyStringsUrlStrings
ManifestNo manifest risk signals triggered.
scanned 131 file(s), 1.96 MB of source, external domains: call.whatsapp.com, example.com, mmg.whatsapp.net, quicklatex.com, raw.githubusercontent.com, web.whatsapp.com, www.whatsapp.com
Oversized source lightweight scan
WAProto/index.js4.23 MB file, sampled 256 KB
ChildProcess

Source & flagged code

9 flagged · loading source
package.jsonView file
scripts.preinstall = node ./engine-requirements.js
High
Install Time Lifecycle Scripts

Package defines install-time lifecycle scripts.

package.jsonView on unpkg
Remote tarball dependency specs: libsignal@https://registry.npmjs.org/@queenanya/libsignal/-/libsignal-5.0.5.tgz
Medium
Remote Tarball Dependency

Package manifest contains a dependency pinned to a remote tarball URL.

package.jsonView on unpkg
lib/WABinary/constants.jsView file
600patternName = google_api_key severity = high line = 600 matchedText = 'AIzaSyD...Lk',
High
High Secret

Package contains a high-severity secret pattern.

lib/WABinary/constants.jsView on unpkg · L600
600patternName = google_api_key severity = high line = 600 matchedText = 'AIzaSyD...Lk',
High
Secret Pattern

Google API key in lib/WABinary/constants.js

lib/WABinary/constants.jsView on unpkg · L600
lib/addons/templates.jsView file
86} L87: import(json, overwrite = false) { L88: const templates = JSON.parse(json);
Medium
Dynamic Require

Package source references dynamic require/import behavior.

lib/addons/templates.jsView on unpkg · L86
lib/Utils/validate-connection.jsView file
114pull: false, L115: devicePairingData: { L116: buildHash: appVersionBuf, ... L141: const { details, hmac, accountType } = proto.ADVSignedDeviceIdentityHMAC.decode(deviceIdentityNode.content); L142: let hmacPrefix = Buffer.from([]); L143: if (accountType !== undefined && accountType === proto.ADVEncryptionType.HOSTED) { ... L165: ]); L166: account.deviceSignature = Curve.sign(signedIdentityKey.private, deviceMsg); L167: const identity = createSignalIdentity(lid, accountSignatureKey);
Low
Weak Crypto

Package source references weak cryptographic algorithms.

lib/Utils/validate-connection.jsView on unpkg · L114
WAProto/GenerateStatics.shView file
path = WAProto/GenerateStatics.sh kind = build_helper sizeBytes = 302 magicHex = [redacted]
Medium
Ships Build Helper

Package ships non-JavaScript build or shell helper files.

WAProto/GenerateStatics.shView on unpkg
WAProto/index.jsView file
path = WAProto/index.js kind = oversized_source_file sizeBytes = 4435208 magicHex = [redacted]
High
Oversized Source File

Package contains source files above the static scanner size ceiling.

WAProto/index.jsView on unpkg
lib/WABinary/constants.d.tsView file
20patternName = google_api_key severity = high line = 20 matchedText = export d..."]];
High
Secret Pattern

Google API key in lib/WABinary/constants.d.ts

lib/WABinary/constants.d.tsView on unpkg · L20

Findings

5 High5 Medium5 Low
HighInstall Time Lifecycle Scriptspackage.json
HighHigh Secretlib/WABinary/constants.js
HighOversized Source FileWAProto/index.js
HighSecret Patternlib/WABinary/constants.js
HighSecret Patternlib/WABinary/constants.d.ts
MediumDynamic Requirelib/addons/templates.js
MediumNetwork
MediumShips Build HelperWAProto/GenerateStatics.sh
MediumStructural Risk Force Deep Review
MediumRemote Tarball Dependencypackage.json
LowScripts Present
LowWeak Cryptolib/Utils/validate-connection.js
LowFilesystem
LowHigh Entropy Strings
LowUrl Strings