Static Scan Results
scanned 9d ago · by rust-scannerStatic analysis flagged 9 finding(s) at 72.0% confidence. This version is warn-only unless an AI or security-team review confirms malicious behavior.
Static reason
One or more suspicious static signals were detected.
Decision evidence
public snapshotBehavioral surface
ChildProcessDynamicRequireFilesystemNetwork
HighEntropyStringsUrlStrings
Source & flagged code
4 flagged · loading sourcedist-client/google-map/google-map-loader.jsView file
9patternName = google_api_key
severity = high
line = 9
matchedText = var key ...gA';
High
High Secret
Package contains a high-severity secret pattern.
dist-client/google-map/google-map-loader.jsView on unpkg · L99patternName = google_api_key
severity = high
line = 9
matchedText = var key ...gA';
High
Secret Pattern
Google API key in dist-client/google-map/google-map-loader.js
dist-client/google-map/google-map-loader.jsView on unpkg · L9dist-server/migrations/1752192090129-seed-kpi-values.jsView file
3exports.SeedKpiValues1752192090129 = void 0;
L4: const tslib_1 = require("tslib");
L5: const shell_1 = require("@things-factory/shell");
Medium
Dynamic Require
Package source references dynamic require/import behavior.
dist-server/migrations/1752192090129-seed-kpi-values.jsView on unpkg · L3client/google-map/google-map-loader.tsView file
11patternName = google_api_key
severity = high
line = 11
matchedText = var key ...PgA'
High
Secret Pattern
Google API key in client/google-map/google-map-loader.ts
client/google-map/google-map-loader.tsView on unpkg · L11Findings
3 High2 Medium4 Low
HighHigh Secretdist-client/google-map/google-map-loader.js
HighSecret Patterndist-client/google-map/google-map-loader.js
HighSecret Patternclient/google-map/google-map-loader.ts
MediumDynamic Requiredist-server/migrations/1752192090129-seed-kpi-values.js
MediumNetwork
LowScripts Present
LowFilesystem
LowHigh Entropy Strings
LowUrl Strings