registry  /  @storm-software/terraform-tools  /  0.66.267

@storm-software/terraform-tools@0.66.267

Tools for managing Terraform infrastructure within a Nx workspace.

Static Scan Results

scanned 21h ago · by rust-scanner

Static analysis flagged 9 finding(s) at 72.0% confidence. This version is warn-only unless an AI or security-team review confirms malicious behavior.

Static reason
One or more suspicious static signals were detected.

Decision evidence

public snapshot
Behavioral surface
Source
ChildProcessDynamicRequireEnvironmentVarsFilesystemNativeBindingsNetworkShell
Supply chain
HighEntropyStringsUrlStrings
ManifestNo manifest risk signals triggered.
scanned 47 file(s), 406 KB of source, external domains: cdn.jsdelivr.net, discord.gg, docs.stormsoftware.com, github.com, join.slack.com, patsullivan.org, public.storm-cdn.com, stormsoftware.com

Source & flagged code

4 flagged · loading source
dist/chunk-PPWYTBXH.jsView file
5// ../config-tools/src/utilities/run.ts L6: var _child_process = require('child_process'); L7: var LARGE_BUFFER = 1024 * 1e6;
High
Child Process

Package source references child process execution.

dist/chunk-PPWYTBXH.jsView on unpkg · L5
25// src/base/terraform-executor.ts L26: var _shelljs = require('shelljs'); L27: var withTerraformExecutor = (command, executorOptions = {}) => async (_options, context) => {
High
Shell

Package source references shell execution.

dist/chunk-PPWYTBXH.jsView on unpkg · L25
dist/tsup.config.jsView file
1"use strict";Object.defineProperty(exports, "__esModule", {value: true});// tsup.config.ts L2: var _tsup = require('tsup'); L3: var tsup_config_default = _tsup.defineConfig.call(void 0, [
Medium
Dynamic Require

Package source references dynamic require/import behavior.

dist/tsup.config.jsView on unpkg · L1
dist/chunk-TJMO7T74.jsView file
44Cross-file remote execution chain: dist/chunk-TJMO7T74.js spawns dist/chunk-A6WNSDR7.js; helper contains network access plus dynamic code execution. L44: L45: var _child_process = require('child_process'); L46: var _fs = require('fs'); var _fs2 = _interopRequireDefault(_fs); ... L114: env: { L115: ...process.env, L116: ..._optionalChain([options, 'optionalAccess', _18 => _18.env]) ... L144: } L145: return JSON.parse(output2.output); L146: } ... L154: _child_process.execSync.call(void 0, `${processCmd} ${args.join(" ")}`, { L155: cwd: process.cwd(), L156: env: {
High
Cross File Remote Execution Context

Source spawns a local helper that also contains network and dynamic execution context; review data flow before blocking.

dist/chunk-TJMO7T74.jsView on unpkg · L44

Findings

3 High3 Medium3 Low
HighChild Processdist/chunk-PPWYTBXH.js
HighShelldist/chunk-PPWYTBXH.js
HighCross File Remote Execution Contextdist/chunk-TJMO7T74.js
MediumDynamic Requiredist/tsup.config.js
MediumNetwork
MediumEnvironment Vars
LowFilesystem
LowHigh Entropy Strings
LowUrl Strings