Static Scan Results
scanned 1h ago · by rust-scannerStatic analysis flagged 16 finding(s) at 86.0% confidence. This version is warn-only unless an AI or security-team review confirms malicious behavior.
Decision evidence
public snapshotSource & flagged code
6 flagged · loading sourceSource spawns a local helper that also contains network and dynamic execution context; review data flow before blocking.
bin/proofkit.cjsView on unpkg · L5Source fetches a remote non-code asset, decodes its contents, and dynamically executes the decoded payload.
dist/install-fm-addon-CJt415Nv.jsView on unpkg · L1A package entrypoint or install-time lifecycle script reaches a source file with blocking dangerous behavior.
dist/install-fm-addon-CJt415Nv.jsView on unpkgPackage ships non-JavaScript build or shell helper files.
template/extras/start-database/postgres.shView on unpkgPackage contains source files above the static scanner size ceiling.
dist/mcp-CTrK90xI.jsView on unpkg