Static Scan Results
scanned 3h ago · by rust-scannerStatic analysis flagged 12 finding(s) at 86.0% confidence. This version is warn-only unless an AI or security-team review confirms malicious behavior.
Static reason
High-risk behavior combination matched malicious policy.
Decision evidence
public snapshotBehavioral surface
ChildProcessCryptoDynamicRequireFilesystemNetwork
HighEntropyStringsMinifiedObfuscatedTelemetryUrlStrings
NoLicense
Oversized source lightweight scan
dist/assets/index-8E2uLeV9.js3.27 MB file, sampled 256 KB
ChildProcessHighEntropyStringsUrlStringsvega.github.iowww.w3.org
dist/assets/index-aYtt-ovi.js2.35 MB file, sampled 256 KB
ChildProcessCryptoHighEntropyStringsMinifiedUrlStringsdocs.malloydata.devgithub.com
Source & flagged code
2 flagged · loading sourcedist/assets/index-BxDMCn3s.jsView file
432contains invisible/control Unicode U+200E (left-to-right mark)
`));return typeof n=="string"?{type:n,contentType:n==="meridiem"?"letter":"digit",maxLength:void 0}:{type:n.sectionType,contentType:n.contentType,maxLength:n.maxLength}},lwe=e=>{switch(e){case"ArrowUp":return 1;case"ArrowDown":return-1;case
Critical
Trojan Source Unicode
Source contains bidi control or invisible Unicode characters associated with Trojan Source attacks.
dist/assets/index-BxDMCn3s.jsView on unpkg · L432dist/assets/index-8E2uLeV9.jsView file
•path = dist/assets/index-8E2uLeV9.js
kind = oversized_source_file
sizeBytes = 3432515
magicHex = [redacted]
High
Oversized Source File
Package contains source files above the static scanner size ceiling.
dist/assets/index-8E2uLeV9.jsView on unpkgFindings
1 Critical1 High3 Medium7 Low
CriticalTrojan Source Unicodedist/assets/index-BxDMCn3s.js
HighOversized Source Filedist/assets/index-8E2uLeV9.js
MediumDynamic Require
MediumNetwork
MediumStructural Risk Force Deep Review
LowScripts Present
LowFilesystem
LowObfuscated
LowHigh Entropy Strings
LowTelemetry
LowUrl Strings
LowNo License