Static Scan Results
scanned 6d ago · by rust-scannerStatic analysis completed at 65.0% confidence. No malicious behavior was detected; 9 low-signal pattern(s) were surfaced and cleared.
Static reason
No blocking static signals were detected.
Decision evidence
public snapshotBehavioral surface
EnvironmentVarsFilesystemNetworkShell
HighEntropyStringsUrlStrings
NoLicense
Source & flagged code
2 flagged · loading sourcedist/commands/add.jsView file
5import fetch from "node-fetch";
L6: import { execa } from "execa";
L7: const REGISTRY_URL = process.env.REGISTRY_URL || "http://localhost:3000/registry";
High
5import fetch from "node-fetch";
L6: import { execa } from "execa";
L7: const REGISTRY_URL = process.env.REGISTRY_URL || "http://localhost:3000/registry";
L8: export const add = new Command()
High
Same File Env Network Execution
A single source file combines environment access, network access, and code or shell execution; review context before blocking.
dist/commands/add.jsView on unpkg · L5Findings
2 High2 Medium5 Low
HighShelldist/commands/add.js
HighSame File Env Network Executiondist/commands/add.js
MediumNetwork
MediumEnvironment Vars
LowScripts Present
LowFilesystem
LowHigh Entropy Strings
LowUrl Strings
LowNo License