registry  /  @keragon/connector-cli  /  0.0.31

@keragon/connector-cli@0.0.31

Keragon connector CLI

Static Scan Results

scanned 4d ago · by rust-scanner

Static analysis flagged 8 finding(s) at 72.0% confidence. This version is warn-only unless an AI or security-team review confirms malicious behavior.

Static reason
One or more suspicious static signals were detected.

Decision evidence

public snapshot
Behavioral surface
Source
DynamicRequireFilesystemNetwork
Supply chain
HighEntropyStringsMinifiedObfuscatedTrivial
Manifest
NoLicense
scanned 2 file(s), 481 KB of source

Source & flagged code

2 flagged · loading source
main.jsView file
1#!/usr/bin/env node L2: const _0x1e527f=_0x2fbe;(function(_0x5a419a,_0x2b1075){const _0x3f02b7=_0x2fbe,_0x1974a2=_0x5a419a();while(!![]){try{const _0x2a76ea=-parseInt(_0x3f02b7(0xbb8))/(-0x1*0x53+-0x1c16+...
High
Obfuscated Payload Loader

Source contains an obfuscator-style string-array loader that reconstructs and executes hidden code.

main.jsView on unpkg · L1
1#!/usr/bin/env node L2: const _0x1e527f=_0x2fbe;(function(_0x5a419a,_0x2b1075){const _0x3f02b7=_0x2fbe,_0x1974a2=_0x5a419a();while(!![]){try{const _0x2a76ea=-parseInt(_0x3f02b7(0xbb8))/(-0x1*0x53+-0x1c16+...
Medium
Dynamic Require

Package source references dynamic require/import behavior.

main.jsView on unpkg · L1

Findings

2 High3 Medium3 Low
HighObfuscated Payload Loadermain.js
HighObfuscated
MediumDynamic Requiremain.js
MediumNetwork
MediumStructural Risk Force Deep Review
LowFilesystem
LowHigh Entropy Strings
LowNo License