Static Scan Results
scanned 2h ago · by rust-scannerStatic analysis flagged 9 finding(s) at 72.0% confidence. This version is warn-only unless an AI or security-team review confirms malicious behavior.
Static reason
One or more suspicious static signals were detected.
Decision evidence
public snapshotBehavioral surface
ChildProcessCryptoEnvironmentVarsFilesystemNetworkShellWebSocket
HighEntropyStringsUrlStrings
NoLicense
Source & flagged code
1 flagged · loading sourcedist/index.jsView file
5import readline2 from 'readline/promises';
L6: import { spawn, execFile } from 'child_process';
L7: import { stdout, stdin } from 'process';
L8: import fsp from 'fs/promises';
...
L67: reason: `TLS problem talking to ${host}: ${text.slice(0, 120)}`,
L68: hint: "For local/self-signed endpoints, use the http:// URL or trust the local CA."
L69: };
...
L102: });
L103: const text = await res.text();
L104: if (!res.ok) {
...
L171: method: "POST",
L172: body: JSON.stringify({ agent_id: agentId, tags })
High
Sandbox Evasion Gated Capability
Source gates dangerous network, credential, or execution behavior behind CI, host, platform, time, or geo fingerprint checks.
dist/index.jsView on unpkg · L5Findings
1 High3 Medium5 Low
HighSandbox Evasion Gated Capabilitydist/index.js
MediumNetwork
MediumEnvironment Vars
MediumStructural Risk Force Deep Review
LowScripts Present
LowFilesystem
LowHigh Entropy Strings
LowUrl Strings
LowNo License