Static Scan Results
scanned 3d ago · by rust-scannerStatic analysis flagged 12 finding(s) at 72.0% confidence. This version is warn-only unless an AI or security-team review confirms malicious behavior.
Static reason
One or more suspicious static signals were detected.
Decision evidence
public snapshotBehavioral surface
ChildProcessCryptoEnvironmentVarsFilesystemNetworkShell
HighEntropyStringsUrlStrings
Source & flagged code
3 flagged · loading sourcedist/chunk-CH3QJX6G.jsView file
3// src/shared/utils/system-context.ts
L4: import { execSync } from "child_process";
L5: import { platform, arch } from "os";
High
Child Process
Package source references child process execution.
dist/chunk-CH3QJX6G.jsView on unpkg · L3dist/knowledge-VZYH555V.jsView file
80/^(?:export\s+)?const\s+\w+\s*=\s*(?:async\s*)?\(/,
L81: /^(?:public|private|protected)\s+(?:static\s+)?(?:async\s+)?\w+\s*\(/,
L82: /^def\s+\w+/,
...
L176: try {
L177: const data = JSON.parse(readFileSync(storePath, "utf-8"));
L178: this.chunks = data.chunks;
Low
Weak Crypto
Package source references weak cryptographic algorithms.
dist/knowledge-VZYH555V.jsView on unpkg · L80dist/update-5MGTB2UK.jsView file
19console.log(chalk.blue(" \u280B \uC5C5\uB370\uC774\uD2B8 \uC911..."));
L20: execSync("npm install -g @intellicore/cli@latest", {
L21: encoding: "utf-8",
High
Runtime Package Install
Package source invokes a package manager install command at runtime.
dist/update-5MGTB2UK.jsView on unpkg · L19Findings
3 High3 Medium6 Low
HighChild Processdist/chunk-CH3QJX6G.js
HighShell
HighRuntime Package Installdist/update-5MGTB2UK.js
MediumNetwork
MediumEnvironment Vars
MediumStructural Risk Force Deep Review
LowNon Install Lifecycle Scripts
LowScripts Present
LowWeak Cryptodist/knowledge-VZYH555V.js
LowFilesystem
LowHigh Entropy Strings
LowUrl Strings