Static Scan Results
scanned 1d ago · by rust-scannerStatic analysis flagged 22 finding(s) at 72.0% confidence. This version is warn-only unless an AI or security-team review confirms malicious behavior.
Decision evidence
public snapshotSource & flagged code
13 flagged · loading sourcePackage contains a critical-looking secret pattern.
Tests/Server/Utils/AI/ToolResultSerializer.test.tsView on unpkg · L172RSA private key in Tests/Server/Utils/AI/ToolResultSerializer.test.ts
Tests/Server/Utils/AI/ToolResultSerializer.test.tsView on unpkg · L159AWS access key ID in Tests/Server/Utils/AI/ToolResultSerializer.test.ts
Tests/Server/Utils/AI/ToolResultSerializer.test.tsView on unpkg · L172AWS access key ID in Tests/Server/Utils/AI/ToolResultSerializer.test.ts
Tests/Server/Utils/AI/ToolResultSerializer.test.tsView on unpkg · L175Package source executes code through a VM context API.
Server/Utils/VM/VMRunner.tsView on unpkg · L3Package source references weak cryptographic algorithms.
Server/Services/DockerHostService.tsView on unpkg · L57Source reaches cloud instance metadata or link-local credential endpoints.
Server/Services/UserWebhookService.tsView on unpkg · L99Package ships non-JavaScript build or shell helper files.
test-setup.shView on unpkgPackage ships high-entropy non-source blobs.
UI/Fonts/materialdesignicons-webfont.woff2View on unpkgStripe test secret key in Models/DatabaseModels/RunbookSecret.ts
Models/DatabaseModels/RunbookSecret.tsView on unpkg · L239Stripe test secret key in Models/DatabaseModels/MonitorSecret.ts
Models/DatabaseModels/MonitorSecret.tsView on unpkg · L239Stripe test secret key in build/dist/Models/DatabaseModels/MonitorSecret.js
build/dist/Models/DatabaseModels/MonitorSecret.jsView on unpkg · L197Stripe test secret key in build/dist/Models/DatabaseModels/RunbookSecret.js
build/dist/Models/DatabaseModels/RunbookSecret.jsView on unpkg · L197