Static Scan Results
scanned 15d ago · by rust-scannerStatic analysis completed at 65.0% confidence. No malicious behavior was detected; 9 low-signal pattern(s) were surfaced and cleared.
Static reason
No blocking static signals were detected.
Decision evidence
public snapshotBehavioral surface
ChildProcessCryptoDynamicRequireEnvironmentVarsEvalFilesystemNativeBindingsNetworkShell
HighEntropyStringsUrlStrings
Source & flagged code
3 flagged · loading sourcedist/tools/neural/neural-review.tool.jsView file
115if (line.match(/eval\s*\(/)) {
L116: issues.push({ severity: "critical", category: "security", line: i + 1, message: "eval() usage — code injection risk", suggestion: "Avoid eval(); use safer alternatives" });
L117: }
Low
Eval
Package source references a known benign dynamic code generation pattern.
dist/tools/neural/neural-review.tool.jsView on unpkg · L115dist/tools/database/db-index-suggest.tool.jsView file
36exports.DbIndexSuggestTool = void 0;
L37: const zod_1 = require("zod");
L38: const fs = __importStar(require("node:fs"));
Medium
Dynamic Require
Package source references dynamic require/import behavior.
dist/tools/database/db-index-suggest.tool.jsView on unpkg · L36dist/tools/quality/quality-duplication.tool.jsView file
53async run(input, _ctx) {
L54: const rootPath = input.projectPath ?? process.cwd();
L55: const minLines = input.minLines ?? 6;
Low
Weak Crypto
Package source references weak cryptographic algorithms.
dist/tools/quality/quality-duplication.tool.jsView on unpkg · L53Findings
3 Medium6 Low
MediumDynamic Requiredist/tools/database/db-index-suggest.tool.js
MediumNetwork
MediumEnvironment Vars
LowScripts Present
LowEvaldist/tools/neural/neural-review.tool.js
LowWeak Cryptodist/tools/quality/quality-duplication.tool.js
LowFilesystem
LowHigh Entropy Strings
LowUrl Strings