registry  /  @iflyrpa/actions  /  4.0.6

@iflyrpa/actions@4.0.6

@iflyrpa/playwright 包中发布逻辑的具体实现

Static Scan Results

scanned 4h ago · by rust-scanner

Static analysis flagged 12 finding(s) at 72.0% confidence. This version is warn-only unless an AI or security-team review confirms malicious behavior.

Static reason
One or more suspicious static signals were detected.

Decision evidence

public snapshot
Behavioral surface
Source
ChildProcessCryptoEnvironmentVarsEvalFilesystemNetwork
Supply chain
HighEntropyStringsObfuscatedUrlStrings
ManifestNo manifest risk signals triggered.
scanned 2 file(s), 2.78 MB of source, external domains: baijiahao.baidu.com, channels.weixin.qq.com, creator.douyin.com, creator.xiaohongshu.com, customer.xiaohongshu.com, edith.xiaohongshu.com, fetdev.iflysec.com, finder.video.qq.com, finderassistancea.video.qq.com, imagex.bytedanceapi.com, m.baidu.com, mbd.baidu.com, mp.toutiao.com, mp.weixin.qq.com, passport.baidu.com, tsearch.amemv.com, turbodesk.xfyun.cn, www.douyin.com, www.toutiao.com, www.xiaohongshu.com
Oversized source lightweight scan
dist/bundle.js2.60 MB file, sampled 256 KB
FilesystemNetworkChildProcessEnvironmentVarsCryptoHighEntropyStringsUrlStringscreator.xiaohongshu.comcustomer.xiaohongshu.comedith.xiaohongshu.comwww.xiaohongshu.com

Source & flagged code

4 flagged · loading source
dist/index.jsView file
1702if (_0x383dd4 === _0x16c0e0) break; L1703: _0x46fb59['push'](_0x46fb59['shift']()); L1704: } catch (_0x4fc071) {
High
Obfuscated Payload Loader

Source contains an obfuscator-style string-array loader that reconstructs and executes hidden code.

dist/index.jsView on unpkg · L1702
3804}; L3805: const _0x2055b1 = new function() { L3806: eval('this[\'a\'] = 2;');
Low
Eval

Package source references a known benign dynamic code generation pattern.

dist/index.jsView on unpkg · L3804
185} L186: function encrypt_tripletToBase64(t) { L187: var e = 11, r = 15, n = 199, o = 34, i = 4, a = 102, u = 276, s = 205, c = 218, l = 11, f = 115, p = 34, h = 161, d = 123, v = 335, g = {}; ... L1228: } L1229: function getPrivateScalarHex(privateKeyPem) { L1230: const privateKey = crypto.createPrivateKey(privateKeyPem); ... L1304: return { L1305: headers_bd_ticket_guard_client_data: headersBdTicketGuardClientData, L1306: headers_bd_ticket_guard_ree_public_key: responseObj.bd_ticket_guard_ree_public_key ... L1365: try { L1366: const urlObj = new URL(url, 'https://creator.douyin.com'); L1367: pathname = urlObj.pathname;
Low
Weak Crypto

Package source references weak cryptographic algorithms.

dist/index.jsView on unpkg · L185
dist/bundle.jsView file
path = dist/bundle.js kind = oversized_source_file sizeBytes = 2721556 magicHex = [redacted]
High
Oversized Source File

Package contains source files above the static scanner size ceiling.

dist/bundle.jsView on unpkg

Findings

2 High3 Medium7 Low
HighObfuscated Payload Loaderdist/index.js
HighOversized Source Filedist/bundle.js
MediumNetwork
MediumEnvironment Vars
MediumStructural Risk Force Deep Review
LowScripts Present
LowEvaldist/index.js
LowWeak Cryptodist/index.js
LowFilesystem
LowObfuscated
LowHigh Entropy Strings
LowUrl Strings