Static Scan Results
scanned 2h ago · by rust-scannerStatic analysis flagged 12 finding(s) at 72.0% confidence. This version is warn-only unless an AI or security-team review confirms malicious behavior.
Decision evidence
public snapshotSource & flagged code
5 flagged · loading sourcePackage contains a high-severity secret pattern.
src/components/editor/tools/drawing/excalidraw.production.min.jsView on unpkg · L2Google API key in src/components/editor/tools/drawing/excalidraw.production.min.js
src/components/editor/tools/drawing/excalidraw.production.min.jsView on unpkg · L2Package source references a known benign dynamic code generation pattern.
src/directives/sticky.jsView on unpkg · L262Package ships high-entropy non-source blobs.
src/components/pdf-viewer/pdfjs-dist/cmaps/Adobe-GB1-UCS2.bcmapView on unpkgHardcoded password in src/components/pdf-viewer/pdfjs-dist/lib/test/unit/api_spec.js
src/components/pdf-viewer/pdfjs-dist/lib/test/unit/api_spec.jsView on unpkg · L207