Static Scan Results
scanned 3d ago · by rust-scannerStatic analysis flagged 9 finding(s) at 93.0% confidence. This version is warn-only unless an AI or security-team review confirms malicious behavior.
Static reason
No blocking static signals were detected.; previous stored version diff introduced dangerous source
Decision evidence
public snapshotBehavioral surface
ChildProcessCryptoDynamicRequireEnvironmentVarsEvalFilesystemNetworkShell
HighEntropyStringsUrlStrings
Source & flagged code
3 flagged · loading sourcedist/registry/bsDetector.jsView file
118category: 'security',
L119: message: 'eval() 사용 — 코드 인젝션 위험',
L120: pattern: /\beval\s*\(/,
Low
Eval
Package source references a known benign dynamic code generation pattern.
dist/registry/bsDetector.jsView on unpkg · L118dist/cli/doctorHandler.jsView file
50try {
L51: await import(mod);
L52: line('ok', `native: ${mod}`, 'loads');
Medium
Dynamic Require
Package source references dynamic require/import behavior.
dist/cli/doctorHandler.jsView on unpkg · L50dist/adapters/tools.jsView file
•matchType = previous_version_dangerous_delta
matchedPackage = @intrect/openswarm@0.11.0
matchedIdentity = npm:QGludHJlY3Qvb3BlbnN3YXJt:0.11.0
similarity = 0.467
summary = stored previous version shares package body but lacks this dangerous source file
Critical
Previous Version Dangerous Delta
This package version adds a dangerous source file absent from the previous stored version.
dist/adapters/tools.jsView on unpkgFindings
1 Critical3 Medium5 Low
CriticalPrevious Version Dangerous Deltadist/adapters/tools.js
MediumDynamic Requiredist/cli/doctorHandler.js
MediumNetwork
MediumEnvironment Vars
LowScripts Present
LowEvaldist/registry/bsDetector.js
LowFilesystem
LowHigh Entropy Strings
LowUrl Strings