Static Scan Results
scanned 7d ago · by rust-scannerStatic analysis completed at 65.0% confidence. No malicious behavior was detected; 6 low-signal pattern(s) were surfaced and cleared.
Static reason
No blocking static signals were detected.
Decision evidence
public snapshotBehavioral surface
ChildProcessCryptoEnvironmentVarsFilesystemNetworkShell
UrlStrings
Source & flagged code
1 flagged · loading sourcedist/cli.jsView file
12import readline from "readline";
L13: var on = process.stdout.isTTY && !process.env.NO_COLOR;
L14: var wrap = (code) => (s) => on ? `\x1B[${code}m${s}\x1B[0m` : s;
...
L38: const ask = (q) => new Promise((resolve) => {
L39: if (q) process.stdout.write(q);
L40: if (buffer.length) resolve(buffer.shift());
...
L47: // src/workspace.ts
L48: var GLOBAL_DIR = join(homedir(), ".holt");
L49: var TRUST_PATH = join(GLOBAL_DIR, "trust.json");
...
L60: try {
L61: return JSON.parse(readFileSync(TRUST_PATH, "utf8"));
L62: } catch {
Medium
Install Persistence
Source writes installer persistence such as shell profile or service configuration.
dist/cli.jsView on unpkg · L12Findings
3 Medium3 Low
MediumNetwork
MediumEnvironment Vars
MediumInstall Persistencedist/cli.js
LowScripts Present
LowFilesystem
LowUrl Strings