Static Scan Results
scanned 2h ago · by rust-scannerStatic analysis flagged 9 finding(s) at 72.0% confidence. This version is warn-only unless an AI or security-team review confirms malicious behavior.
Static reason
One or more suspicious static signals were detected.
Decision evidence
public snapshotBehavioral surface
ChildProcessFilesystemNetworkShell
HighEntropyStringsUrlStrings
Source & flagged code
3 flagged · loading sourcesrc/modules/install.jsView file
4import chalk from 'chalk'
L5: import { execSync } from 'child_process'
L6: import { execa } from 'execa'
High
Child Process
Package source references child process execution.
src/modules/install.jsView on unpkg · L45import { execSync } from 'child_process'
L6: import { execa } from 'execa'
L7: import http from 'http'
High
15try {
L16: execSync('npm install -g @icyfenix-dmla/cli', { stdio: 'inherit' })
L17: console.log(chalk.green('✔ npm 包安装完成'))
High
Runtime Package Install
Package source invokes a package manager install command at runtime.
src/modules/install.jsView on unpkg · L15Findings
3 High2 Medium4 Low
HighChild Processsrc/modules/install.js
HighShellsrc/modules/install.js
HighRuntime Package Installsrc/modules/install.js
MediumNetwork
MediumStructural Risk Force Deep Review
LowScripts Present
LowFilesystem
LowHigh Entropy Strings
LowUrl Strings