registry  /  @limina-labs/momentum  /  0.33.0

@limina-labs/momentum@0.33.0

Agent-agnostic, specs-driven development framework — single project or multi-project ecosystem

Static Scan Results

scanned 17h ago · by rust-scanner

Static analysis completed at 65.0% confidence. No malicious behavior was detected; 10 low-signal pattern(s) were surfaced and cleared.

Static reason
No blocking static signals were detected.

Decision evidence

public snapshot
Behavioral surface
Source
ChildProcessCryptoDynamicRequireEnvironmentVarsFilesystemNetworkShell
Supply chain
HighEntropyStringsUrlStrings
ManifestNo manifest risk signals triggered.
scanned 58 file(s), 591 KB of source, external domains: antigravity.google, github.com, registry.npmjs.org

Source & flagged code

2 flagged · loading source
core/ecosystem/lib/index.jsView file
20L21: const fs = require('fs'); L22: const path = require('path');
Medium
Dynamic Require

Package source references dynamic require/import behavior.

core/ecosystem/lib/index.jsView on unpkg · L20
core/ecosystem/scripts/session-append.shView file
path = core/ecosystem/scripts/session-append.sh kind = build_helper sizeBytes = 5436 magicHex = [redacted]
Medium
Ships Build Helper

Package ships non-JavaScript build or shell helper files.

core/ecosystem/scripts/session-append.shView on unpkg

Findings

5 Medium5 Low
MediumDynamic Requirecore/ecosystem/lib/index.js
MediumNetwork
MediumEnvironment Vars
MediumShips Build Helpercore/ecosystem/scripts/session-append.sh
MediumStructural Risk Force Deep Review
LowNon Install Lifecycle Scripts
LowScripts Present
LowFilesystem
LowHigh Entropy Strings
LowUrl Strings