Static Scan Results
scanned 2h ago · by rust-scannerStatic analysis flagged 5 finding(s) at 72.0% confidence. This version is warn-only unless an AI or security-team review confirms malicious behavior.
Static reason
One or more suspicious static signals were detected.
Decision evidence
public snapshotBehavioral surface
ChildProcessFilesystemNetwork
UrlStrings
Source & flagged code
1 flagged · loading sourcebin/sts.jsView file
2L3: const { spawn } = require('child_process');
L4: const fs = require('fs');
L5: const path = require('path');
L6: const https = require('https');
L7: const readline = require('readline');
...
L48: try {
L49: const pkgPath = path.join(process.cwd(), 'package.json');
L50: if (fs.existsSync(pkgPath)) {
L51: const pkg = JSON.parse(fs.readFileSync(pkgPath, 'utf8'));
L52: if (pkg.scripts && firstArg in pkg.scripts) {
...
L98:
High
Sandbox Evasion Gated Capability
Source gates dangerous network, credential, or execution behavior behind CI, host, platform, time, or geo fingerprint checks.
bin/sts.jsView on unpkg · L2Findings
1 High1 Medium3 Low
HighSandbox Evasion Gated Capabilitybin/sts.js
MediumNetwork
LowScripts Present
LowFilesystem
LowUrl Strings