Static Scan Results
scanned 2h ago · by rust-scannerStatic analysis flagged 8 finding(s) at 72.0% confidence. This version is warn-only unless an AI or security-team review confirms malicious behavior.
Static reason
One or more suspicious static signals were detected.
Decision evidence
public snapshotBehavioral surface
ChildProcessCryptoEnvironmentVarsFilesystemNetworkShell
HighEntropyStringsUrlStrings
Source & flagged code
1 flagged · loading sourcedist/index.jsView file
27const raw = await readFile31(assetsPath, "utf8");
L28: return JSON.parse(raw);
L29: }
...
L34: "",
L35: "Maintained by Humaan by Superlite (https://dna.humaan.app)",
L36: `Sponsor DNA: ${ledger.sponsorUrl}`,
...
L167: ];
L168: var MARKETPLACE_BASE_URL = process.env.DNA_MARKETPLACE_URL ?? "https://dna.humaan.app/marketplace";
L169: var DNA_GDPR_SOURCE_DOCS_ENV = "DNA_GDPR_SOURCE_DOCS";
...
L382: title: z.string(),
L383: body: z.string(),
L384: labels: z.array(z.string())
High
Sandbox Evasion Gated Capability
Source gates dangerous network, credential, or execution behavior behind CI, host, platform, time, or geo fingerprint checks.
dist/index.jsView on unpkg · L27Findings
1 High3 Medium4 Low
HighSandbox Evasion Gated Capabilitydist/index.js
MediumNetwork
MediumEnvironment Vars
MediumStructural Risk Force Deep Review
LowScripts Present
LowFilesystem
LowHigh Entropy Strings
LowUrl Strings