Static Scan Results
scanned 2h ago · by rust-scannerStatic analysis flagged 11 finding(s) at 72.0% confidence. This version is warn-only unless an AI or security-team review confirms malicious behavior.
Static reason
One or more suspicious static signals were detected.
Decision evidence
public snapshotBehavioral surface
ChildProcessEnvironmentVarsFilesystemNetworkShell
HighEntropyStringsUrlStrings
NoLicense
Source & flagged code
3 flagged · loading sourcedist/chunk-2BUCWWFO.jsView file
16// src/commands/db.ts
L17: import { execSync } from "child_process";
L18: import * as fs2 from "fs";
High
Child Process
Package source references child process execution.
dist/chunk-2BUCWWFO.jsView on unpkg · L16dist/index.jsView file
77stdio: "inherit",
L78: shell: true
L79: });
High
dist/chunk-PN6UGJ7Q.jsView file
1754// ../providers/dist/index.js
L1755: import { execSync } from "child_process";
L1756: var NextjsProviderV16 = class {
...
L1758: label = "Next.js 16 (App Router)";
L1759: initCommand = 'npx create-next-app@16.2.3 . --typescript --eslint --tailwind --app --src-dir --import-alias "@/*" --yes';
L1760: async generate(config, appDir, options) {
High
Runtime Package Install
Package source invokes a package manager install command at runtime.
dist/chunk-PN6UGJ7Q.jsView on unpkg · L1754Findings
3 High3 Medium5 Low
HighChild Processdist/chunk-2BUCWWFO.js
HighShelldist/index.js
HighRuntime Package Installdist/chunk-PN6UGJ7Q.js
MediumNetwork
MediumEnvironment Vars
MediumStructural Risk Force Deep Review
LowScripts Present
LowFilesystem
LowHigh Entropy Strings
LowUrl Strings
LowNo License