Static Scan Results
scanned 2h ago · by rust-scannerStatic analysis flagged 9 finding(s) at 72.0% confidence. This version is warn-only unless an AI or security-team review confirms malicious behavior.
Static reason
One or more suspicious static signals were detected.
Decision evidence
public snapshotBehavioral surface
EnvironmentVarsFilesystemNetwork
HighEntropyStringsUrlStrings
NoLicenseWildcardDependency
Source & flagged code
1 flagged · loading sourcedist/lib/auth/client.jsView file
3export const CLIENT_ID = "cmm3lndn701oo0uefvxzo0ivw";
L4: export const DEFAULT_API_BASE_URL = "https://api.prisma.io";
L5: export const AUTH_FILE_ENV_VAR = "PRISMA_COMPUTE_AUTH_FILE";
...
L7: export function getApiBaseUrl() {
L8: const configuredBaseUrl = process.env.PRISMA_MANAGEMENT_API_URL?.trim();
L9: return configuredBaseUrl || DEFAULT_API_BASE_URL;
...
L15: }
L16: if (process.platform === "darwin") {
L17: return path.join(os.homedir(), "Library", "Application Support", "prisma-compute", "auth.json");
L18: }
High
Sandbox Evasion Gated Capability
Source gates dangerous network, credential, or execution behavior behind CI, host, platform, time, or geo fingerprint checks.
dist/lib/auth/client.jsView on unpkg · L3Findings
1 High3 Medium5 Low
HighSandbox Evasion Gated Capabilitydist/lib/auth/client.js
MediumNetwork
MediumEnvironment Vars
MediumWildcard Dependency
LowScripts Present
LowFilesystem
LowHigh Entropy Strings
LowUrl Strings
LowNo License