registry  /  @punica/editor  /  1.1.0

@punica/editor@1.1.0

Punica Editor

Static Scan Results

scanned 3d ago · by rust-scanner

Static analysis flagged 10 finding(s) at 72.0% confidence. This version is warn-only unless an AI or security-team review confirms malicious behavior.

Static reason
One or more suspicious static signals were detected.

Decision evidence

public snapshot
Behavioral surface
Source
ChildProcessFilesystemNetwork
Supply chain
HighEntropyStringsMinifiedTrivial
Manifest
NoLicenseWildcardDependency
scanned 2 file(s), 1.35 MB of source

Source & flagged code

2 flagged · loading source
dist/index.bundle.umd.jsView file
1!function(e,t){"object"==typeof exports&&"undefined"!=typeof module?t(exports):"function"==typeof define&&define.amd?define(["exports"],t):t((e="undefined"!=typeof globalThis?globa... L2: /* webpackIgnore: true */"child_process"),t=globalThis,n=t.process?.env??{};this.#yn=e.spawn(this.#fn,this.#mn,{env:{...n,...this.#gn},stdio:["pipe","pipe","inherit"]}),this.#yn.st...
High
Child Process

Package source references child process execution.

dist/index.bundle.umd.jsView on unpkg · L1
1!function(e,t){"object"==typeof exports&&"undefined"!=typeof module?t(exports):"function"==typeof define&&define.amd?define(["exports"],t):t((e="undefined"!=typeof globalThis?globa... L2: /* webpackIgnore: true */"child_process"),t=globalThis,n=t.process?.env??{};this.#yn=e.spawn(this.#fn,this.#mn,{env:{...n,...this.#gn},stdio:["pipe","pipe","inherit"]}),this.#yn.st...
High
Command Output Exfiltration

Source combines command execution, command-output handling, and outbound requests; review data flow before blocking.

dist/index.bundle.umd.jsView on unpkg · L1

Findings

2 High3 Medium5 Low
HighChild Processdist/index.bundle.umd.js
HighCommand Output Exfiltrationdist/index.bundle.umd.js
MediumNetwork
MediumStructural Risk Force Deep Review
MediumWildcard Dependency
LowNon Install Lifecycle Scripts
LowScripts Present
LowFilesystem
LowHigh Entropy Strings
LowNo License