Static Scan Results
scanned 3h ago · by rust-scannerStatic analysis flagged 4 finding(s) at 72.0% confidence. This version is warn-only unless an AI or security-team review confirms malicious behavior.
Static reason
One or more suspicious static signals were detected.
Decision evidence
public snapshotBehavioral surface
ChildProcessEnvironmentVarsFilesystem
Source & flagged code
1 flagged · loading sourcelib/flow-context.jsView file
9package = @lensmcp/node-instrumentation; repositoryIdentity = lensmcp; dependency = @lensmcp/nest-instrumentation
L9: function primeFlowContext() {
L10: import('@lensmcp/nest-instrumentation')
L11: .then((m) => {
High
Copied Package Dependency Bridge
Package metadata claims a different repository identity while copied source loads a runtime dependency bridge.
lib/flow-context.jsView on unpkg · L9Findings
1 High2 Medium1 Low
HighCopied Package Dependency Bridgelib/flow-context.js
MediumEnvironment Vars
MediumStructural Risk Force Deep Review
LowFilesystem