registry  /  @hasna/shortlinks  /  0.2.0

@hasna/shortlinks@0.2.0

Shortlink manager for custom domains and click tracking, with local SQLite or self-hosted cloud (/v1 API + bearer key) storage and Cloudflare setup helpers

Static Scan Results

scanned 5h ago · by rust-scanner

Static analysis flagged 10 finding(s) at 72.0% confidence. This version is warn-only unless an AI or security-team review confirms malicious behavior.

Static reason
One or more suspicious static signals were detected.

Decision evidence

public snapshot
Behavioral surface
Source
ChildProcessCryptoEnvironmentVarsFilesystemNetworkShell
Supply chain
HighEntropyStringsUrlStrings
ManifestNo manifest risk signals triggered.
scanned 9 file(s), 1.30 MB of source, external domains: api.cloudflare.com, github.com, registry.npmjs.org, shortlinks.example.com, truststore.pki.rds.amazonaws.com, www.postgresql.org

Source & flagged code

2 flagged · loading source
infra/aws-ec2-user-data.shView file
50patternName = generic_password severity = medium line = 50 matchedText = db_passw...}")"
Medium
Secret Pattern

Package contains a possible secret pattern.

infra/aws-ec2-user-data.shView on unpkg · L50
path = infra/aws-ec2-user-data.sh kind = build_helper sizeBytes = 4901 magicHex = [redacted]
Medium
Ships Build Helper

Package ships non-JavaScript build or shell helper files.

infra/aws-ec2-user-data.shView on unpkg

Findings

5 Medium5 Low
MediumSecret Patterninfra/aws-ec2-user-data.sh
MediumNetwork
MediumEnvironment Vars
MediumShips Build Helperinfra/aws-ec2-user-data.sh
MediumStructural Risk Force Deep Review
LowNon Install Lifecycle Scripts
LowScripts Present
LowFilesystem
LowHigh Entropy Strings
LowUrl Strings