Static Scan Results
scanned 1h ago · by rust-scannerStatic analysis flagged 9 finding(s) at 72.0% confidence. This version is warn-only unless an AI or security-team review confirms malicious behavior.
Static reason
One or more suspicious static signals were detected.
Decision evidence
public snapshotBehavioral surface
ChildProcessEnvironmentVarsFilesystemNetworkShell
HighEntropyStringsUrlStrings
Source & flagged code
2 flagged · loading sourcepackage.jsonView file
•scripts.postinstall = node start.js
High
Install Time Lifecycle Scripts
Package defines install-time lifecycle scripts.
package.jsonView on unpkgstart.jsView file
13import { fileURLToPath } from 'node:url';
L14: import { get } from 'node:https';
L15: import { homedir, platform, arch } from 'node:os';
L16: import { spawnSync, spawn } from 'node:child_process';
L17:
...
L21: function isInWorkspace() {
L22: const __dirname = dirname(fileURLToPath(import.meta.url));
L23: const workspaceRoot = resolve(__dirname, '../../');
...
L31: const sep = platform() === 'win32' ? ';' : ':';
L32: const pathDirs = (process.env.PATH || '').split(sep);
L33: const ext = platform() === 'win32' ? '.exe' : '';
...
L42: const result = spawnSync('file', [binPath], { encoding: 'utf8' });
Medium
Install Persistence
Source writes installer persistence such as shell profile or service configuration.
start.jsView on unpkg · L13Findings
1 High4 Medium4 Low
HighInstall Time Lifecycle Scriptspackage.json
MediumNetwork
MediumEnvironment Vars
MediumInstall Persistencestart.js
MediumStructural Risk Force Deep Review
LowScripts Present
LowFilesystem
LowHigh Entropy Strings
LowUrl Strings