Static Scan Results
scanned 2d ago · by rust-scannerStatic analysis flagged 10 finding(s) at 93.0% confidence. This version is warn-only unless an AI or security-team review confirms malicious behavior.
Static reason
One or more suspicious static signals were detected.; previous stored version diff introduced dangerous source
Decision evidence
public snapshotBehavioral surface
ChildProcessCryptoEnvironmentVarsFilesystemNetworkShellWebSocket
HighEntropyStringsUrlStrings
NoLicense
Source & flagged code
2 flagged · loading sourcedist/winsetup.jsView file
5* All system integration lives HERE, in Node, on purpose: an installer-shaped
L6: * PowerShell script (writing .cmd shims, registry shell verbs, uninstall
L7: * scripts) trips AV script heuristics — Bitdefender's Boxter family flagged
L8: * exactly that. The PS script stays trivial (download, unzip, npm install) and
L9: * everything AV-sensitive happens in a regular program via reg.exe/powershell
...
L20: const VERB_KEY = "HKCU\\Software\\Classes\\SystemFileAssociations\\.omp\\shell\\OMPStudio";
L21: /** `omps` shim: runs this package with the private runtime two dirs up. */
L22: export function ompsShim() {
...
L51: if (r.status !== 0)
L52: throw new Error(`${what} failed (exit code ${String(r.status)})`);
L53: }
L54: function defaultRoot() {
High
Sandbox Evasion Gated Capability
Source gates dangerous network, credential, or execution behavior behind CI, host, platform, time, or geo fingerprint checks.
dist/winsetup.jsView on unpkg · L5dist/cloud.jsView file
•matchType = previous_version_dangerous_delta
matchedPackage = @omp-studio/omps@0.1.7
matchedIdentity = npm:QG9tcC1zdHVkaW8vb21wcw:0.1.7
similarity = 0.933
summary = stored previous version shares package body but lacks this dangerous source file
High
Previous Version Dangerous Delta
This package version adds a dangerous source file absent from the previous stored version; route for source-aware review.
dist/cloud.jsView on unpkgFindings
2 High3 Medium5 Low
HighSandbox Evasion Gated Capabilitydist/winsetup.js
HighPrevious Version Dangerous Deltadist/cloud.js
MediumNetwork
MediumEnvironment Vars
MediumStructural Risk Force Deep Review
LowScripts Present
LowFilesystem
LowHigh Entropy Strings
LowUrl Strings
LowNo License