Static Scan Results
scanned 4d ago · by rust-scannerStatic analysis completed at 93.0% confidence. No malicious behavior was detected; 12 low-signal pattern(s) were surfaced and cleared.
Static reason
No blocking static signals were detected.; previous stored version diff introduced dangerous source
Decision evidence
public snapshotBehavioral surface
ChildProcessDynamicRequireEnvironmentVarsFilesystemNetwork
HighEntropyStringsMinifiedObfuscatedUrlStrings
Oversized source lightweight scan
dist/studio/assets/main-DND5bBdQ.js6.51 MB file, sampled 256 KB
HighEntropyStringsMinifiedUrlStringsmastra.airadix-ui.comreact.dev
Source & flagged code
4 flagged · loading sourcedist/studio/assets/babel-CmeIX3PZ.jsView file
2- Did you mean \`export { '${t}' as '${e}' } from 'some-module'\`?`,ExportDefaultFromAsIdentifier:"'from' is not allowed as an identifier after 'export default'.",ForInOfLoopInitia...
L3: - Did you mean \`import { "${t}" as foo }\`?`,ImportCallArity:"`import()` requires exactly one or two arguments.",ImportCallNotNewExpression:"Cannot use new with import(...).",Impo...
L4: `:`\r
Medium
Dynamic Require
Package source references dynamic require/import behavior.
dist/studio/assets/babel-CmeIX3PZ.jsView on unpkg · L2dist/studio/assets/CommitMono-700-Regular-DmOSN4kd.woff2View file
•path = dist/studio/assets/CommitMono-700-Regular-DmOSN4kd.woff2
kind = high_entropy_blob
sizeBytes = 68648
magicHex = [redacted]
High
Ships High Entropy Blob
Package ships high-entropy non-source blobs.
dist/studio/assets/CommitMono-700-Regular-DmOSN4kd.woff2View on unpkgdist/studio/assets/main-DND5bBdQ.jsView file
•path = dist/studio/assets/main-DND5bBdQ.js
kind = oversized_source_file
sizeBytes = 6822967
magicHex = [redacted]
High
Oversized Source File
Package contains source files above the static scanner size ceiling.
dist/studio/assets/main-DND5bBdQ.jsView on unpkgdist/index.cjsView file
•matchType = previous_version_dangerous_delta
matchedPackage = @mastra/deployer-vercel@1.2.3
matchedIdentity = npm:QG1hc3RyYS9kZXBsb3llci12ZXJjZWw:1.2.3
similarity = 0.909
summary = stored previous version shares package body but lacks this dangerous source file
High
Previous Version Dangerous Delta
This package version adds a dangerous source file absent from the previous stored version; route for source-aware review.
dist/index.cjsView on unpkgFindings
3 High4 Medium5 Low
HighShips High Entropy Blobdist/studio/assets/CommitMono-700-Regular-DmOSN4kd.woff2
HighOversized Source Filedist/studio/assets/main-DND5bBdQ.js
HighPrevious Version Dangerous Deltadist/index.cjs
MediumDynamic Requiredist/studio/assets/babel-CmeIX3PZ.js
MediumNetwork
MediumEnvironment Vars
MediumStructural Risk Force Deep Review
LowScripts Present
LowFilesystem
LowObfuscated
LowHigh Entropy Strings
LowUrl Strings