registry  /  @sylphx/sdk  /  0.23.0

@sylphx/sdk@0.23.0

Sylphx SDK - State-of-the-art platform SDK with pure functions

Static Scan Results

scanned 3h ago · by rust-scanner

Static analysis flagged 10 finding(s) at 72.0% confidence. This version is warn-only unless an AI or security-team review confirms malicious behavior.

Static reason
One or more suspicious static signals were detected.

Decision evidence

public snapshot
Behavioral surface
Source
ChildProcessCryptoEnvironmentVarsFilesystemNetworkWebSocket
Supply chain
HighEntropyStringsTelemetryUrlStrings
Manifest
NoLicense
scanned 7 file(s), 1.72 MB of source, external domains: api.example.com, bff.local, cdn.amplitude.com, cdn.mxpnl.com, cdn.segment.com, connect.facebook.net, docs.sylphx.com, static.hotjar.com, sylphx.com, us-assets.i.posthog.com, us.i.posthog.com, widget.intercom.io, www.googletagmanager.com, www.linkedin.com, your-app.api.sylphx.com

Source & flagged code

2 flagged · loading source
dist/react/index.mjsView file
32413patternName = generic_password severity = medium line = 32413 matchedText = password...ut",
Medium
Secret Pattern

Package contains a possible secret pattern.

dist/react/index.mjsView on unpkg · L32413
dist/index.d.tsView file
3484patternName = generic_password severity = medium line = 3484 matchedText = * await ...' })
Medium
Secret Pattern

Hardcoded password in dist/index.d.ts

dist/index.d.tsView on unpkg · L3484

Findings

4 Medium6 Low
MediumSecret Patterndist/react/index.mjs
MediumNetwork
MediumEnvironment Vars
MediumSecret Patterndist/index.d.ts
LowScripts Present
LowFilesystem
LowHigh Entropy Strings
LowTelemetry
LowUrl Strings
LowNo License