Static Scan Results
scanned 8h ago · by rust-scannerStatic analysis completed at 65.0% confidence. No malicious behavior was detected; 8 low-signal pattern(s) were surfaced and cleared.
Static reason
No blocking static signals were detected.
Decision evidence
public snapshotBehavioral surface
ChildProcessCryptoEnvironmentVarsFilesystemNetworkShell
HighEntropyStringsUrlStrings
Source & flagged code
1 flagged · loading sourcedist/cli.jsView file
9import { join } from "path";
L10: var AUTH_DIR = join(homedir(), ".opensea");
L11: var AUTH_FILE = join(AUTH_DIR, "auth.json");
...
L25: const data = readFileSync(AUTH_FILE, "utf-8");
L26: return JSON.parse(data);
L27: } catch {
...
L73: // src/client.ts
L74: var DEFAULT_BASE_URL = "https://api.opensea.io";
L75: var DEFAULT_TIMEOUT_MS = 3e4;
...
L170: async post(path, body, params) {
L171: return this.write("POST", path, body, params);
L172: }
High
Credential Exfiltration
Source combines credential-like environment material and outbound requests; review data flow before blocking.
dist/cli.jsView on unpkg · L9Findings
1 High2 Medium5 Low
HighCredential Exfiltrationdist/cli.js
MediumNetwork
MediumEnvironment Vars
LowNon Install Lifecycle Scripts
LowScripts Present
LowFilesystem
LowHigh Entropy Strings
LowUrl Strings