Static Scan Results
scanned 1d ago · by rust-scannerStatic analysis flagged 14 finding(s) at 72.0% confidence. This version is warn-only unless an AI or security-team review confirms malicious behavior.
Static reason
One or more suspicious static signals were detected.
Decision evidence
public snapshotBehavioral surface
ChildProcessCryptoEnvironmentVarsFilesystemNetwork
HighEntropyStringsMinifiedUrlStrings
Source & flagged code
6 flagged · loading sourcestatic/certs/key.pemView file
1patternName = private_key_rsa
severity = critical
line = 1
matchedText = -----BEG...----
Critical
Critical Secret
Package contains a critical-looking secret pattern.
static/certs/key.pemView on unpkg · L11patternName = private_key_rsa
severity = critical
line = 1
matchedText = -----BEG...----
Critical
public/mockpass/resources/plugins/bootstrap-3.4.1/fonts/glyphicons-halflings-regular.woff2View file
•path = [redacted]-3.4.1/fonts/glyphicons-halflings-regular.woff2
kind = high_entropy_blob
sizeBytes = 18028
magicHex = [redacted]
High
Ships High Entropy Blob
Package ships high-entropy non-source blobs.
public/mockpass/resources/plugins/bootstrap-3.4.1/fonts/glyphicons-halflings-regular.woff2View on unpkgREADME.mdView file
48patternName = private_key_rsa
severity = critical
line = 48
matchedText = | epheme... |
Critical
public/mockpass/resources/js/login-common.jsView file
11patternName = generic_password
severity = medium
line = 11
matchedText = var pass...rd";
Medium
Secret Pattern
Hardcoded password in public/mockpass/resources/js/login-common.js
public/mockpass/resources/js/login-common.jsView on unpkg · L11static/certs/spcp-key.pemView file
1patternName = private_key_rsa
severity = critical
line = 1
matchedText = -----BEG...----
Critical
Secret Pattern
RSA private key in static/certs/spcp-key.pem
static/certs/spcp-key.pemView on unpkg · L1Findings
4 Critical1 High4 Medium5 Low
CriticalCritical Secretstatic/certs/key.pem
CriticalSecret PatternREADME.md
CriticalSecret Patternstatic/certs/key.pem
CriticalSecret Patternstatic/certs/spcp-key.pem
HighShips High Entropy Blobpublic/mockpass/resources/plugins/bootstrap-3.4.1/fonts/glyphicons-halflings-regular.woff2
MediumNetwork
MediumEnvironment Vars
MediumStructural Risk Force Deep Review
MediumSecret Patternpublic/mockpass/resources/js/login-common.js
LowNon Install Lifecycle Scripts
LowScripts Present
LowFilesystem
LowHigh Entropy Strings
LowUrl Strings