registry  /  @pagelines/widget  /  1.0.643

@pagelines/widget@1.0.643

⚠ Under review

Embeddable PageLines agent widget for any website

Static Scan Results

scanned 5d ago · by rust-scanner

Static analysis flagged 7 finding(s) at 86.0% confidence. This version is warn-only unless an AI or security-team review confirms malicious behavior.

Static reason
High-risk behavior combination matched malicious policy.

Decision evidence

public snapshot
Behavioral surface
Source
ChildProcessEvalNetwork
Supply chain
HighEntropyStringsMinifiedProtestwareTelemetryTrivialUrlStrings
ManifestNo manifest risk signals triggered.
scanned 1 file(s), 540 KB of source, external domains: app.pagelines.com, json-schema.org, vuejs.org, www.w3.org

Source & flagged code

1 flagged · loading source
dist/widget.jsView file
1var PLWidget=function(e){"use strict";const t=globalThis.process,n="undefined"!=typeof window,a=void 0!==t&&!n,r=n?"undefined"!=typeof window&&window.location&&!window.location.hos...
Low
Eval

Package source references a known benign dynamic code generation pattern.

dist/widget.jsView on unpkg · L1

Findings

1 Critical1 Medium5 Low
CriticalProtestware
MediumNetwork
LowScripts Present
LowEvaldist/widget.js
LowHigh Entropy Strings
LowTelemetry
LowUrl Strings