registry  /  @pylonsync/webhooks  /  0.3.309

@pylonsync/webhooks@0.3.309

Static Scan Results

scanned 2d ago · by rust-scanner

Static analysis flagged 5 finding(s) at 72.0% confidence. This version is warn-only unless an AI or security-team review confirms malicious behavior.

Static reason
One or more suspicious static signals were detected.

Decision evidence

public snapshot
Behavioral surface
Source
Network
Supply chainNo supply-chain packaging signals triggered.
Manifest
NoLicense
scanned 7 file(s), 23.7 KB of source

Source & flagged code

2 flagged · loading source
src/signature.test.tsView file
5patternName = stripe_webhook_secret severity = high line = 5 matchedText = const SE...ue')
High
High Secret

Package contains a high-severity secret pattern.

src/signature.test.tsView on unpkg · L5
5patternName = stripe_webhook_secret severity = high line = 5 matchedText = const SE...ue')
High
Secret Pattern

Stripe webhook signing secret in src/signature.test.ts

src/signature.test.tsView on unpkg · L5

Findings

2 High1 Medium2 Low
HighHigh Secretsrc/signature.test.ts
HighSecret Patternsrc/signature.test.ts
MediumNetwork
LowScripts Present
LowNo License