Static Scan Results
scanned 2h ago · by rust-scannerStatic analysis flagged 9 finding(s) at 72.0% confidence. This version is warn-only unless an AI or security-team review confirms malicious behavior.
Static reason
One or more suspicious static signals were detected.
Decision evidence
public snapshotBehavioral surface
CryptoEnvironmentVarsFilesystemNetwork
HighEntropyStringsUrlStrings
Source & flagged code
1 flagged · loading sourcedist/protect.cjsView file
30// src/protect/engine/client.js
L31: var DEFAULT_BASE_URL = "https://api.patchstack.com";
L32: var DEFAULT_CACHE_TTL = 3e5;
...
L39: constructor({ token, baseUrl, cacheTtl } = {}) {
L40: this.#token = token ?? process.env.PATCHSTACK_WAF_TOKEN;
L41: this.#baseUrl = baseUrl ?? process.env.PATCHSTACK_WAF_API_URL ?? DEFAULT_BASE_URL;
...
L61: },
L62: body: JSON.stringify({}),
L63: signal: AbortSignal.timeout(3e4)
...
L73: }
L74: const data = await response.json();
L75: const result = {
High
Cloud Metadata Access
Source reaches cloud instance metadata or link-local credential endpoints.
dist/protect.cjsView on unpkg · L30Findings
1 High3 Medium5 Low
HighCloud Metadata Accessdist/protect.cjs
MediumNetwork
MediumEnvironment Vars
MediumStructural Risk Force Deep Review
LowNon Install Lifecycle Scripts
LowScripts Present
LowFilesystem
LowHigh Entropy Strings
LowUrl Strings