Static Scan Results
scanned 7h ago · by rust-scannerStatic analysis flagged 15 finding(s) at 93.0% confidence. This version is warn-only unless an AI or security-team review confirms malicious behavior.
Decision evidence
public snapshotSource & flagged code
6 flagged · loading sourceSource writes installer persistence such as shell profile or service configuration.
dist/install.jsView on unpkg · L1Package ships native binary artifacts.
dist/native/darwin-arm64/s-gw-coreView on unpkgPackage ships non-JavaScript build or shell helper files.
dist/windows/s-gw-client.ps1View on unpkgPackage ships high-entropy non-source blobs.
dist/console-ui/assets/geist-cyrillic-wght-normal-BEAKL7Jp.woff2View on unpkgThis package version adds a dangerous source file absent from the previous stored version; route for source-aware review.
dist/package-update.jsView on unpkg