Static analysis completed at 65.0% confidence. No malicious behavior was detected; 16 low-signal pattern(s) were surfaced and cleared.
Package source references child process execution.
ui/assets/index-dClYfUXk.jsView on unpkg · L2A single source file combines environment access, network access, and code or shell execution; review context before blocking.
dist/controlled-instance-cli.jsView on unpkg · L8Package source references dynamic require/import behavior.
dist/controlled-instance-cli.jsView on unpkg · L2Package source references a known benign dynamic code generation pattern.
dist/controlled-instance-cli.jsView on unpkg · L11345Package source references weak cryptographic algorithms.
dist/receiver-ink.mjsView on unpkg · L1Package ships high-entropy non-source blobs.
ui/assets/KaTeX_Script-Regular-D3wIWfF6.woff2View on unpkgPackage source references child process execution.
ui/assets/index-dClYfUXk.jsView on unpkg · L2A single source file combines environment access, network access, and code or shell execution; review context before blocking.
dist/controlled-instance-cli.jsView on unpkg · L8Package source references dynamic require/import behavior.
dist/controlled-instance-cli.jsView on unpkg · L2Package source references a known benign dynamic code generation pattern.
dist/controlled-instance-cli.jsView on unpkg · L11345Package source references weak cryptographic algorithms.
dist/receiver-ink.mjsView on unpkg · L1Package ships high-entropy non-source blobs.
ui/assets/KaTeX_Script-Regular-D3wIWfF6.woff2View on unpkg