registry  /  @prisma/compute-cli  /  0.34.0

@prisma/compute-cli@0.34.0

Command-line interface for deploying and managing [Prisma Compute](https://www.prisma.io/compute) services.

Static Scan Results

scanned 2h ago · by rust-scanner

Static analysis flagged 9 finding(s) at 72.0% confidence. This version is warn-only unless an AI or security-team review confirms malicious behavior.

Static reason
One or more suspicious static signals were detected.

Decision evidence

public snapshot
Behavioral surface
Source
EnvironmentVarsFilesystemNetwork
Supply chain
HighEntropyStringsUrlStrings
Manifest
NoLicenseWildcardDependency
scanned 38 file(s), 166 KB of source, external domains: api.prisma.io

Source & flagged code

1 flagged · loading source
dist/lib/auth/client.jsView file
3export const CLIENT_ID = "cmm3lndn701oo0uefvxzo0ivw"; L4: export const DEFAULT_API_BASE_URL = "https://api.prisma.io"; L5: export const AUTH_FILE_ENV_VAR = "PRISMA_COMPUTE_AUTH_FILE"; ... L7: export function getApiBaseUrl() { L8: const configuredBaseUrl = process.env.PRISMA_MANAGEMENT_API_URL?.trim(); L9: return configuredBaseUrl || DEFAULT_API_BASE_URL; ... L15: } L16: if (process.platform === "darwin") { L17: return path.join(os.homedir(), "Library", "Application Support", "prisma-compute", "auth.json"); L18: }
High
Sandbox Evasion Gated Capability

Source gates dangerous network, credential, or execution behavior behind CI, host, platform, time, or geo fingerprint checks.

dist/lib/auth/client.jsView on unpkg · L3

Findings

1 High3 Medium5 Low
HighSandbox Evasion Gated Capabilitydist/lib/auth/client.js
MediumNetwork
MediumEnvironment Vars
MediumWildcard Dependency
LowScripts Present
LowFilesystem
LowHigh Entropy Strings
LowUrl Strings
LowNo License