Static Scan Results
scanned 1d ago · by rust-scannerStatic analysis flagged 11 finding(s) at 72.0% confidence. This version is warn-only unless an AI or security-team review confirms malicious behavior.
Static reason
One or more suspicious static signals were detected.
Decision evidence
public snapshotBehavioral surface
ChildProcessCryptoEnvironmentVarsFilesystemNetworkShell
HighEntropyStringsMinifiedUrlStrings
Source & flagged code
3 flagged · loading sourcecore/swagger.jsView file
1import { execSync } from "node:child_process";
L2:
High
8console.log(`Installing swagger-jsdoc...`);
L9: execSync(`npm install swagger-jsdoc@6.2.8`, { stdio: "inherit" });
L10: console.log(`Installing swagger-ui-express...`);
High
Runtime Package Install
Package source invokes a package manager install command at runtime.
core/swagger.jsView on unpkg · L8frontend/public/favicon.icoView file
•path = frontend/public/favicon.ico
kind = high_entropy_blob
sizeBytes = 82563
magicHex = [redacted]
High
Ships High Entropy Blob
Package ships high-entropy non-source blobs.
frontend/public/favicon.icoView on unpkgFindings
4 High3 Medium4 Low
HighChild Processcore/swagger.js
HighShell
HighRuntime Package Installcore/swagger.js
HighShips High Entropy Blobfrontend/public/favicon.ico
MediumNetwork
MediumEnvironment Vars
MediumStructural Risk Force Deep Review
LowScripts Present
LowFilesystem
LowHigh Entropy Strings
LowUrl Strings