Static Scan Results
scanned 2h ago · by rust-scannerStatic analysis flagged 10 finding(s) at 72.0% confidence. This version is warn-only unless an AI or security-team review confirms malicious behavior.
Static reason
One or more suspicious static signals were detected.
Decision evidence
public snapshotBehavioral surface
ChildProcessCryptoEnvironmentVarsFilesystemNetworkWebSocket
HighEntropyStringsTelemetryUrlStrings
Source & flagged code
1 flagged · loading sourcedist/index.jsView file
721try {
L722: content = fs.readFileSync(filePath, "utf8");
L723: } catch (error) {
...
L812: async function [redacted](options) {
L813: const base = options.baseUrl.replace(/\/+$/u, "");
L814: const store = options.store?.trim() ? options.store.trim() : "kv";
...
L11528: `You are a delegated subagent at depth ${params.depth}/${params.maxDepth}.`,
L11529: "Focus on the delegated task, use available tools when needed, and return concise actionable output.",
L11530: "Other agents may share the workspace. Preserve unrelated changes, stay within your assigned write scope, and report files you changed.",
High
Remote Agent Bridge
Source exposes local file and command tools to a remote model endpoint.
dist/index.jsView on unpkg · L721Findings
2 High3 Medium5 Low
HighChild Process
HighRemote Agent Bridgedist/index.js
MediumNetwork
MediumEnvironment Vars
MediumStructural Risk Force Deep Review
LowScripts Present
LowFilesystem
LowHigh Entropy Strings
LowTelemetry
LowUrl Strings