Static Scan Results
scanned 2h ago · by rust-scannerStatic analysis flagged 11 finding(s) at 72.0% confidence. This version is warn-only unless an AI or security-team review confirms malicious behavior.
Static reason
One or more suspicious static signals were detected.
Decision evidence
public snapshotBehavioral surface
ChildProcessEnvironmentVarsEval
HighEntropyStringsMinifiedObfuscatedTelemetryUrlStrings
Source & flagged code
4 flagged · loading sourcedist/index-sarAILcU.jsView file
325patternName = generic_password
severity = medium
line = 325
matchedText = return e..., e;
Medium
458patternName = generic_password
severity = medium
line = 458
matchedText = return e..., e;
Medium
Secret Pattern
Hardcoded password in dist/index-sarAILcU.js
dist/index-sarAILcU.jsView on unpkg · L458dist/index-DI17hZPH.jsView file
961d.push("a" + (++v).toString(36));
L962: return new Function("fn", "return function (" + d.join(", ") + ") { return fn.apply(this, arguments); };");
L963: };
Low
Eval
Package source references a known benign dynamic code generation pattern.
dist/index-DI17hZPH.jsView on unpkg · L961dist/index-BoenezD8.cjsView file
1patternName = generic_password
severity = medium
line = 1
matchedText = "use str...r"?`
Medium
Secret Pattern
Hardcoded password in dist/index-BoenezD8.cjs
dist/index-BoenezD8.cjsView on unpkg · L1Findings
5 Medium6 Low
MediumSecret Patterndist/index-sarAILcU.js
MediumEnvironment Vars
MediumStructural Risk Force Deep Review
MediumSecret Patterndist/index-sarAILcU.js
MediumSecret Patterndist/index-BoenezD8.cjs
LowScripts Present
LowEvaldist/index-DI17hZPH.js
LowObfuscated
LowHigh Entropy Strings
LowTelemetry
LowUrl Strings