registry  /  @retinalabsllc/zairusjs  /  12.0.40

@retinalabsllc/zairusjs@12.0.40

⚠ Under review

A perceptive, Ai data driven Next.js UI component library.

Static Scan Results

scanned 2h ago · by rust-scanner

Static analysis flagged 7 finding(s) at 86.0% confidence. This version is warn-only unless an AI or security-team review confirms malicious behavior.

Static reason
High-risk behavior combination matched malicious policy.

Decision evidence

public snapshot
Behavioral surface
Source
Network
Supply chain
HighEntropyStringsUrlStrings
ManifestNo manifest risk signals triggered.
scanned 2 file(s), 510 KB of source, external domains: aeona.finance, basescan.org, retinalabs.company, www.w3.org, x.com

Source & flagged code

2 flagged · loading source
dist/index.jsView file
135className: "absolute inset-0 pointer-events-none opacity-[0.03] z-0", L136: style: { backgroundImage: `url("data:image/svg+xml,%3Csvg viewBox='0 0 200 200' xmlns='http://www.w3.org/2000/svg'%3E%3Cfilter id='noiseFilter'%3E%3CfeTurbulence type='fractalNoise... L137: } ... L483: if (res.success) { L484: window.location.href = res.redirect || redirectUrl; L485: } else { ... L1346: try { L1347: await navigator.clipboard.writeText(reference); L1348: import_react_hot_toast5.default.success("Copied"); ... L2487: }); L2488: const data = await response.json(); L2489: if (response.ok && data.success) {
Critical
Clipboard Crypto Hijack

Source reads and rewrites clipboard contents matching cryptocurrency wallet addresses.

dist/index.jsView on unpkg · L135
Trigger-reachable chain: manifest.main -> dist/index.js Reachable file contains a blocking source-risk pattern.
Critical
Trigger Reachable Dangerous Capability

A package entrypoint or install-time lifecycle script reaches a source file with blocking dangerous behavior.

dist/index.jsView on unpkg

Findings

2 Critical2 Medium3 Low
CriticalClipboard Crypto Hijackdist/index.js
CriticalTrigger Reachable Dangerous Capabilitydist/index.js
MediumNetwork
MediumStructural Risk Force Deep Review
LowScripts Present
LowHigh Entropy Strings
LowUrl Strings