registry  /  @skeweei/cli  /  0.1.7

@skeweei/cli@0.1.7

Static Scan Results

scanned 4h ago · by rust-scanner

Static analysis completed at 65.0% confidence. No malicious behavior was detected; 8 low-signal pattern(s) were surfaced and cleared.

Static reason
No blocking static signals were detected.

Decision evidence

public snapshot
Behavioral surface
Source
EnvironmentVarsFilesystemNetworkShell
Supply chain
UrlStrings
Manifest
NoLicense
scanned 5 file(s), 12.6 KB of source, external domains: nice-showers-kiss.loca.lt, skeweei.com

Source & flagged code

2 flagged · loading source
dist/commands/add.jsView file
5import fetch from "node-fetch"; L6: import { execa } from "execa"; L7: import ora from "ora";
High
Shell

Package source references shell execution.

dist/commands/add.jsView on unpkg · L5
5import fetch from "node-fetch"; L6: import { execa } from "execa"; L7: import ora from "ora"; L8: import { getPackageManager, getInstallArgs } from "../utils/pm.js"; L9: const REGISTRY_URL = process.env.REGISTRY_URL || "https://nice-showers-kiss.loca.lt/registry"; L10: export const add = new Command()
High
Same File Env Network Execution

A single source file combines environment access, network access, and code or shell execution; review context before blocking.

dist/commands/add.jsView on unpkg · L5

Findings

2 High2 Medium4 Low
HighShelldist/commands/add.js
HighSame File Env Network Executiondist/commands/add.js
MediumNetwork
MediumEnvironment Vars
LowScripts Present
LowFilesystem
LowUrl Strings
LowNo License