registry  /  @linyjs/cli  /  0.0.12

@linyjs/cli@0.0.12

## 📦 简介

Static Scan Results

scanned 2h ago · by rust-scanner

Static analysis flagged 9 finding(s) at 72.0% confidence. This version is warn-only unless an AI or security-team review confirms malicious behavior.

Static reason
One or more suspicious static signals were detected.

Decision evidence

public snapshot
Behavioral surface
Source
ChildProcessFilesystemShell
Supply chain
HighEntropyStringsUrlStrings
Manifest
NoLicense
scanned 8 file(s), 45.9 KB of source, external domains: github.com

Source & flagged code

2 flagged · loading source
dist/utils/open-browser.jsView file
4*/ L5: import { execSync } from 'child_process'; L6: export function openBrowser(url) {
High
Child Process

Package source references child process execution.

dist/utils/open-browser.jsView on unpkg · L4
dist/utils/builder.jsView file
158// Execute tsc L159: execSync('npx tsc', { L160: stdio: verbose ? 'inherit' : 'pipe',
High
Runtime Package Install

Package source invokes a package manager install command at runtime.

dist/utils/builder.jsView on unpkg · L158

Findings

3 High1 Medium5 Low
HighChild Processdist/utils/open-browser.js
HighShell
HighRuntime Package Installdist/utils/builder.js
MediumStructural Risk Force Deep Review
LowScripts Present
LowFilesystem
LowHigh Entropy Strings
LowUrl Strings
LowNo License