registry  /  @pikku/better-auth  /  0.12.15

@pikku/better-auth@0.12.15

Static Scan Results

scanned 6d ago · by rust-scanner

Static analysis flagged 7 finding(s) at 72.0% confidence. This version is warn-only unless an AI or security-team review confirms malicious behavior.

Static reason
One or more suspicious static signals were detected.

Decision evidence

public snapshot
Behavioral surface
Source
EnvironmentVars
Supply chain
UrlStrings
ManifestNo manifest risk signals triggered.
scanned 29 file(s), 78.7 KB of source, external domains: example.com

Source & flagged code

3 flagged · loading source
dist/dev-quick-login.jsView file
4patternName = generic_password severity = medium line = 4 matchedText = password...rd',
Medium
Secret Pattern

Package contains a possible secret pattern.

dist/dev-quick-login.jsView on unpkg · L4
run-tests.shView file
path = run-tests.sh kind = build_helper sizeBytes = 1206 magicHex = [redacted]
Medium
Ships Build Helper

Package ships non-JavaScript build or shell helper files.

run-tests.shView on unpkg
src/dev-quick-login.tsView file
7patternName = generic_password severity = medium line = 7 matchedText = password...rd',
Medium
Secret Pattern

Hardcoded password in src/dev-quick-login.ts

src/dev-quick-login.tsView on unpkg · L7

Findings

4 Medium3 Low
MediumSecret Patterndist/dev-quick-login.js
MediumEnvironment Vars
MediumShips Build Helperrun-tests.sh
MediumSecret Patternsrc/dev-quick-login.ts
LowNon Install Lifecycle Scripts
LowScripts Present
LowUrl Strings