Static Scan Results
scanned 3h ago · by rust-scannerStatic analysis flagged 15 finding(s) at 72.0% confidence. This version is warn-only unless an AI or security-team review confirms malicious behavior.
Decision evidence
public snapshotSource & flagged code
8 flagged · loading sourceSource gates dangerous network, credential, or execution behavior behind CI, host, platform, time, or geo fingerprint checks.
dist/bin/prim.cjsView on unpkg · L61Source exposes local file and command tools to a remote model endpoint.
dist/bin/prim.cjsView on unpkg · L61Source writes installer persistence such as shell profile or service configuration.
dist/bin/prim.cjsView on unpkg · L61Package source references a known benign dynamic code generation pattern.
dist/bin/prim.cjsView on unpkg · L23890Package source references dynamic require/import behavior.
dist/temporal/now.jsView on unpkg · L3Package source references weak cryptographic algorithms.
dist/external/npm-pack.jsView on unpkg · L79