registry  /  @sibvisions/reactui  /  3.1.4

@sibvisions/reactui@3.1.4

Static Scan Results

scanned 2h ago · by rust-scanner

Static analysis flagged 8 finding(s) at 72.0% confidence. This version is warn-only unless an AI or security-team review confirms malicious behavior.

Static reason
One or more suspicious static signals were detected.

Decision evidence

public snapshot
Behavioral surface
Source
ChildProcessEnvironmentVarsNetwork
Supply chain
HighEntropyStringsMinifiedUrlStrings
Manifest
GitDependency
scanned 0 file(s), 768 KB of source, external domains: fb.me, rolldown.rs, www.w3.org
Oversized source lightweight scan
moduleIndex.cjs2.96 MB file, sampled 256 KB
NetworkChildProcessEnvironmentVarsHighEntropyStringsMinifiedUrlStringsfb.mewww.w3.org
moduleIndex.js3.78 MB file, sampled 256 KB
NetworkChildProcessEnvironmentVarsHighEntropyStringsUrlStringsfb.merolldown.rswww.w3.org
moduleIndex.umd.cjs2.96 MB file, sampled 256 KB
NetworkChildProcessEnvironmentVarsHighEntropyStringsMinifiedUrlStringsfb.mewww.w3.org

Source & flagged code

2 flagged · loading source
moduleIndex.jsView file
path = moduleIndex.js kind = oversized_source_file sizeBytes = 3967142 magicHex = [redacted]
High
Oversized Source File

Package contains source files above the static scanner size ceiling.

moduleIndex.jsView on unpkg
package.jsonView file
Runtime dependency names matching Node built-ins: stream, timers
High
Node Builtin Dependency Squat

Package declares a runtime dependency whose name matches a Node built-in module.

package.jsonView on unpkg

Findings

2 High4 Medium2 Low
HighOversized Source FilemoduleIndex.js
HighNode Builtin Dependency Squatpackage.json
MediumNetwork
MediumEnvironment Vars
MediumStructural Risk Force Deep Review
MediumGit Dependency
LowHigh Entropy Strings
LowUrl Strings