Static Scan Results
scanned 2h ago · by rust-scannerStatic analysis flagged 12 finding(s) at 72.0% confidence. This version is warn-only unless an AI or security-team review confirms malicious behavior.
Decision evidence
public snapshotSource & flagged code
6 flagged · loading sourcePackage contains a critical-looking secret pattern.
hooks/__tests__/pre-tool-block-destructive.test.jsView on unpkg · L79GitHub personal access token in hooks/__tests__/pre-tool-block-destructive.test.js
hooks/__tests__/pre-tool-block-destructive.test.jsView on unpkg · L79AWS access key ID in hooks/__tests__/pre-tool-block-destructive.test.js
hooks/__tests__/pre-tool-block-destructive.test.jsView on unpkg · L87Package source references child process execution.
enterprise/research/research.test.jsView on unpkg · L4Package source invokes a package manager install command at runtime.
enterprise/tests/collect.jsView on unpkg · L49