registry  /  @souldi/try-on  /  0.1.38

@souldi/try-on@0.1.38

⚠ Under review

Embeddable virtual try-on widget for e-commerce

Static Scan Results

scanned 3d ago · by rust-scanner

Static analysis flagged 7 finding(s) at 86.0% confidence. This version is warn-only unless an AI or security-team review confirms malicious behavior.

Static reason
High-risk behavior combination matched malicious policy.

Decision evidence

public snapshot
Behavioral surface
SourceNo risky source behavior triggered.
Supply chain
HighEntropyStringsMinifiedObfuscatedProtestwareTrivial
Manifest
NoLicense
scanned 2 file(s), 1.76 MB of source

Source & flagged code

1 flagged · loading source
dist/widget.umd.jsView file
1function a0_0x2e1e(_0x5bbb6a,_0x56a242){_0x5bbb6a=_0x5bbb6a-(0x10a6+-0x1575+-0x2*-0x2cf);const _0x48d930=a0_0x1869();let _0x19f62f=_0x48d930[_0x5bbb6a];if(a0_0x2e1e['qaIqrp']===und...
High
Obfuscated Payload Loader

Source contains an obfuscator-style string-array loader that reconstructs and executes hidden code.

dist/widget.umd.jsView on unpkg · L1

Findings

1 Critical2 High1 Medium3 Low
CriticalProtestware
HighObfuscated Payload Loaderdist/widget.umd.js
HighObfuscated
MediumStructural Risk Force Deep Review
LowScripts Present
LowHigh Entropy Strings
LowNo License