Static analysis flagged 21 finding(s) at 97.0% confidence. This version is warn-only unless an AI or security-team review confirms malicious behavior.
Package source references child process execution.
dist/chunk-4L6CLWJC.jsView on unpkg · L4235Package source references a known benign dynamic code generation pattern.
Package source references weak cryptographic algorithms.
dist/chunk-PSDYB45U.jsView on unpkg · L28A single source file combines environment access, network access, and code or shell execution; review context before blocking.
dist/plugins/fusion-plugin-compound-engineering/skills/ce-brainstorm/scripts/visual-probe-server.jsView on unpkg · L2Package ships non-JavaScript build or shell helper files.
dist/plugins/fusion-plugin-compound-engineering/skills/ce-code-review/scripts/cross-model-adversarial-review.shView on unpkgPackage contains source files above the static scanner size ceiling.
dist/bin.jsView on unpkgPackage contains an oversized executable-looking CLI entrypoint.
dist/bin.jsView on unpkgSource file is highly similar to a previously finalized malicious package; route for source-aware review.
dist/client/assets/cytoscape.esm-OyMbaexL.jsView on unpkgSource file is highly similar to a previously finalized malicious package; route for source-aware review.
dist/desktop/client/assets/cytoscape.esm-OyMbaexL.jsView on unpkgPackage source references child process execution.
dist/chunk-4L6CLWJC.jsView on unpkg · L4235Package ships non-JavaScript build or shell helper files.
dist/plugins/fusion-plugin-compound-engineering/skills/ce-code-review/scripts/cross-model-adversarial-review.shView on unpkgPackage contains source files above the static scanner size ceiling.
dist/bin.jsView on unpkgPackage contains an oversized executable-looking CLI entrypoint.
dist/bin.jsView on unpkgSource file is highly similar to a previously finalized malicious package; route for source-aware review.
dist/client/assets/cytoscape.esm-OyMbaexL.jsView on unpkgSource file is highly similar to a previously finalized malicious package; route for source-aware review.
dist/desktop/client/assets/cytoscape.esm-OyMbaexL.jsView on unpkgPackage source references a known benign dynamic code generation pattern.
dist/chunk-AWKNRUOR.jsView on unpkg · L663Package source references weak cryptographic algorithms.
dist/chunk-PSDYB45U.jsView on unpkg · L28A single source file combines environment access, network access, and code or shell execution; review context before blocking.
dist/plugins/fusion-plugin-compound-engineering/skills/ce-brainstorm/scripts/visual-probe-server.jsView on unpkg · L2