Static Scan Results
scanned 5h ago · by rust-scannerStatic analysis flagged 9 finding(s) at 72.0% confidence. This version is warn-only unless an AI or security-team review confirms malicious behavior.
Static reason
One or more suspicious static signals were detected.
Decision evidence
public snapshotBehavioral surface
ChildProcessEnvironmentVarsFilesystemNetworkShell
HighEntropyStringsUrlStrings
Source & flagged code
2 flagged · loading sourcedist/index.jsView file
12import { dirname, join } from "path";
L13: var DEFAULT_BASE_URL = "https://krova.cloud/api/v1";
L14: var DEFAULT_CONTEXT_NAME = "default";
...
L21: function configDir() {
L22: const xdg = (process.env.XDG_CONFIG_HOME ?? "").trim();
L23: if (xdg) return join(xdg, "krova");
L24: return join(homedir(), ".config", "krova");
L25: }
...
L31: try {
L32: cfg = JSON.parse(readFileSync(configPath(), "utf8"));
L33: } catch {
...
L135: function printJSON(value) {
High
Sandbox Evasion Gated Capability
Source gates dangerous network, credential, or execution behavior behind CI, host, platform, time, or geo fingerprint checks.
dist/index.jsView on unpkg · L1212import { dirname, join } from "path";
L13: var DEFAULT_BASE_URL = "https://krova.cloud/api/v1";
L14: var DEFAULT_CONTEXT_NAME = "default";
...
L21: function configDir() {
L22: const xdg = (process.env.XDG_CONFIG_HOME ?? "").trim();
L23: if (xdg) return join(xdg, "krova");
L24: return join(homedir(), ".config", "krova");
L25: }
...
L31: try {
L32: cfg = JSON.parse(readFileSync(configPath(), "utf8"));
L33: } catch {
...
L135: function printJSON(value) {
Medium
Install Persistence
Source writes installer persistence such as shell profile or service configuration.
dist/index.jsView on unpkg · L12Findings
1 High4 Medium4 Low
HighSandbox Evasion Gated Capabilitydist/index.js
MediumNetwork
MediumEnvironment Vars
MediumInstall Persistencedist/index.js
MediumStructural Risk Force Deep Review
LowScripts Present
LowFilesystem
LowHigh Entropy Strings
LowUrl Strings