Static Scan Results
scanned 8h ago · by rust-scannerStatic analysis flagged 7 finding(s) at 72.0% confidence. This version is warn-only unless an AI or security-team review confirms malicious behavior.
Static reason
One or more suspicious static signals were detected.
Decision evidence
public snapshotBehavioral surface
ChildProcessEnvironmentVars
HighEntropyStringsUrlStrings
Source & flagged code
1 flagged · loading sourcedist/blocks-entry.cjsView file
109const g = globalThis;
L110: return typeof g.process !== "undefined" && g.process.env?.NODE_ENV !== "production";
L111: }
...
L154: showSolutions: opts.showSolutions,
L155: getXAPIData: opts.getXAPIData,
L156: ...opts.getCurrentState ? { getCurrentState: opts.getCurrentState } : {},
...
L3206: try {
L3207: const base = typeof window !== "undefined" ? window.location.href : "https://example.com/";
L3208: const url = new URL(trimmed, base);
...
L7894: for (let i = 0; i < seed.length; i += 1) {
L7895: hash ^= seed.charCodeAt(i);
L7896: hash = Math.imul(hash, 16777619);
High
Cloud Metadata Access
Source reaches cloud instance metadata or link-local credential endpoints.
dist/blocks-entry.cjsView on unpkg · L109Findings
1 High2 Medium4 Low
HighCloud Metadata Accessdist/blocks-entry.cjs
MediumEnvironment Vars
MediumStructural Risk Force Deep Review
LowNon Install Lifecycle Scripts
LowScripts Present
LowHigh Entropy Strings
LowUrl Strings