Static Scan Results
scanned 2h ago · by rust-scannerStatic analysis flagged 11 finding(s) at 72.0% confidence. This version is warn-only unless an AI or security-team review confirms malicious behavior.
Static reason
One or more suspicious static signals were detected.
Decision evidence
public snapshotBehavioral surface
ChildProcessCryptoDynamicRequireEvalFilesystemNetworkShellWebSocket
HighEntropyStringsUrlStrings
CopyleftLicense
Source & flagged code
4 flagged · loading sourcediagrams/generate.jsView file
11import { join, dirname } from 'path';
L12: import { execSync } from 'child_process';
L13: const DIAGRAMS_DIR = dirname(new URL(import.meta.url).pathname);
High
Child Process
Package source references child process execution.
diagrams/generate.jsView on unpkg · L11153const svgPath = join(generatedDir, `${file}.svg`);
L154: execSync(`npx @mermaid-js/mermaid-cli -i "${mmdPath}" -o "${svgPath}" -b transparent -p /dev/null`, { stdio: 'inherit' });
L155: console.log(`Rendered ${svgPath}`);
High
Runtime Package Install
Package source invokes a package manager install command at runtime.
diagrams/generate.jsView on unpkg · L153tsonValidator/testUtils.jsView file
2const keyDeclaration = key === 'value' ? '' : `const ${key} = value;`;
L3: const validateFn = new Function('value', `
L4: let allErrors = [];
Low
Eval
Package source references a known benign dynamic code generation pattern.
tsonValidator/testUtils.jsView on unpkg · L2cli.tsView file
67const resolved = resolve(modulePath);
L68: return import(resolved);
L69: }
Medium
Findings
3 High3 Medium5 Low
HighChild Processdiagrams/generate.js
HighShell
HighRuntime Package Installdiagrams/generate.js
MediumDynamic Requirecli.ts
MediumNetwork
MediumStructural Risk Force Deep Review
LowEvaltsonValidator/testUtils.js
LowFilesystem
LowHigh Entropy Strings
LowUrl Strings
LowCopyleft License