registry  /  @jskit-ai/auth-provider-supabase-core  /  0.1.99

@jskit-ai/auth-provider-supabase-core@0.1.99

Static Scan Results

scanned 14d ago · by rust-scanner

Static analysis flagged 7 finding(s) at 72.0% confidence. This version is warn-only unless an AI or security-team review confirms malicious behavior.

Static reason
One or more suspicious static signals were detected.

Decision evidence

public snapshot
Behavioral surface
Source
CryptoEnvironmentVarsWebSocket
Supply chain
HighEntropyStringsUrlStrings
Manifest
NoLicense
scanned 26 file(s), 132 KB of source, external domains: your-project.supabase.co

Source & flagged code

2 flagged · loading source
src/server/lib/authErrorMappers.jsView file
147patternName = generic_password severity = medium line = 147 matchedText = password...rd."
Medium
Secret Pattern

Package contains a possible secret pattern.

src/server/lib/authErrorMappers.jsView on unpkg · L147
152patternName = generic_password severity = medium line = 152 matchedText = password...ue."
Medium
Secret Pattern

Hardcoded password in src/server/lib/authErrorMappers.js

src/server/lib/authErrorMappers.jsView on unpkg · L152

Findings

3 Medium4 Low
MediumSecret Patternsrc/server/lib/authErrorMappers.js
MediumEnvironment Vars
MediumSecret Patternsrc/server/lib/authErrorMappers.js
LowScripts Present
LowHigh Entropy Strings
LowUrl Strings
LowNo License