registry  /  @souldi/try-on  /  0.1.37

@souldi/try-on@0.1.37

⚠ Under review

Embeddable virtual try-on widget for e-commerce

Static Scan Results

scanned 3d ago · by rust-scanner

Static analysis flagged 8 finding(s) at 86.0% confidence. This version is warn-only unless an AI or security-team review confirms malicious behavior.

Static reason
High-risk behavior combination matched malicious policy.

Decision evidence

public snapshot
Behavioral surface
Source
Network
Supply chain
HighEntropyStringsMinifiedObfuscatedProtestwareTrivial
Manifest
NoLicense
scanned 2 file(s), 1.76 MB of source

Source & flagged code

1 flagged · loading source
dist/widget.umd.jsView file
1function a0_0x3eb3(_0x4791a3,_0x19e770){_0x4791a3=_0x4791a3-(0xca8+-0xf4*-0x21+-0x2b2f);const _0x14c788=a0_0x18e8();let _0xf32cf2=_0x14c788[_0x4791a3];if(a0_0x3eb3['pAyjwn']===unde...
High
Obfuscated Payload Loader

Source contains an obfuscator-style string-array loader that reconstructs and executes hidden code.

dist/widget.umd.jsView on unpkg · L1

Findings

1 Critical2 High2 Medium3 Low
CriticalProtestware
HighObfuscated Payload Loaderdist/widget.umd.js
HighObfuscated
MediumNetwork
MediumStructural Risk Force Deep Review
LowScripts Present
LowHigh Entropy Strings
LowNo License