Static Scan Results
scanned 2d ago · by rust-scannerStatic analysis flagged 8 finding(s) at 72.0% confidence. This version is warn-only unless an AI or security-team review confirms malicious behavior.
Static reason
One or more suspicious static signals were detected.
Decision evidence
public snapshotBehavioral surface
ChildProcessCryptoEnvironmentVarsEvalFilesystemNetworkShellWebSocket
HighEntropyStrings
Source & flagged code
2 flagged · loading sourcedist/index.bundle.mjsView file
122var _a;
L123: const api = _global[GLOBAL_OPENTELEMETRY_API_KEY] = (_a = _global[GLOBAL_OPENTELEMETRY_API_KEY]) !== null && _a !== void 0 ? _a : {
L124: version: VERSION
High
Obfuscated Payload Loader
Source contains an obfuscator-style string-array loader that reconstructs and executes hidden code.
dist/index.bundle.mjsView on unpkg · L1226586try {
L6587: var mod = eval("quire".replace(/^/, "re"))(moduleName);
L6588: if (mod && (mod.length || Object.keys(mod).length))
Low
Eval
Package source references a known benign dynamic code generation pattern.
dist/index.bundle.mjsView on unpkg · L6586Findings
1 High3 Medium4 Low
HighObfuscated Payload Loaderdist/index.bundle.mjs
MediumNetwork
MediumEnvironment Vars
MediumStructural Risk Force Deep Review
LowScripts Present
LowEvaldist/index.bundle.mjs
LowFilesystem
LowHigh Entropy Strings