Static Scan Results
scanned 5d ago · by rust-scannerStatic analysis flagged 12 finding(s) at 86.0% confidence. This version is warn-only unless an AI or security-team review confirms malicious behavior.
Static reason
High-risk behavior combination matched malicious policy.
Decision evidence
public snapshotBehavioral surface
ChildProcessCryptoDynamicRequireFilesystemNetwork
HighEntropyStringsMinifiedObfuscatedTelemetryUrlStrings
NoLicense
Oversized source lightweight scan
dist/assets/index-C_AT6ZZw.js2.33 MB file, sampled 256 KB
ChildProcessCryptoHighEntropyStringsMinifiedUrlStringsdocs.malloydata.devgithub.com
dist/assets/index.umd-BxzPw_1E.js3.25 MB file, sampled 256 KB
ChildProcessHighEntropyStringsUrlStringsvega.github.iowww.w3.org
Source & flagged code
2 flagged · loading sourcedist/assets/index-gjr27uMq.jsView file
432contains invisible/control Unicode U+200E (left-to-right mark)
`));return typeof n=="string"?{type:n,contentType:n==="meridiem"?"letter":"digit",maxLength:void 0}:{type:n.sectionType,contentType:n.contentType,maxLength:n.maxLength}},HTe=e=>{switch(e){case"ArrowUp":return 1;case"ArrowDown":return-1;case
Critical
Trojan Source Unicode
Source contains bidi control or invisible Unicode characters associated with Trojan Source attacks.
dist/assets/index-gjr27uMq.jsView on unpkg · L432dist/assets/index.umd-BxzPw_1E.jsView file
•path = dist/assets/index.umd-BxzPw_1E.js
kind = oversized_source_file
sizeBytes = 3404486
magicHex = [redacted]
High
Oversized Source File
Package contains source files above the static scanner size ceiling.
dist/assets/index.umd-BxzPw_1E.jsView on unpkgFindings
1 Critical1 High3 Medium7 Low
CriticalTrojan Source Unicodedist/assets/index-gjr27uMq.js
HighOversized Source Filedist/assets/index.umd-BxzPw_1E.js
MediumDynamic Require
MediumNetwork
MediumStructural Risk Force Deep Review
LowScripts Present
LowFilesystem
LowObfuscated
LowHigh Entropy Strings
LowTelemetry
LowUrl Strings
LowNo License