registry  /  @jjlmoya/landings  /  0.5.0

@jjlmoya/landings@0.5.0

Static Scan Results

scanned 2h ago · by rust-scanner

Static analysis flagged 6 finding(s) at 72.0% confidence. This version is warn-only unless an AI or security-team review confirms malicious behavior.

Static reason
One or more suspicious static signals were detected.

Decision evidence

public snapshot
Behavioral surface
Source
ChildProcessFilesystem
Supply chainNo supply-chain packaging signals triggered.
Manifest
NoLicense
scanned 22 file(s), 60.0 KB of source

Source & flagged code

2 flagged · loading source
package.jsonView file
scripts.postinstall = node ./scripts/copy-public-assets.mjs
High
Install Time Lifecycle Scripts

Package defines install-time lifecycle scripts.

package.jsonView on unpkg
src/landing/team/assets/music/bob-techno.mp3View file
path = [redacted]-techno.mp3 kind = high_entropy_blob sizeBytes = 2130758 magicHex = [redacted]
High
Ships High Entropy Blob

Package ships high-entropy non-source blobs.

src/landing/team/assets/music/bob-techno.mp3View on unpkg

Findings

2 High1 Medium3 Low
HighInstall Time Lifecycle Scriptspackage.json
HighShips High Entropy Blobsrc/landing/team/assets/music/bob-techno.mp3
MediumStructural Risk Force Deep Review
LowScripts Present
LowFilesystem
LowNo License