registry  /  @tinycloud/node-sdk  /  2.5.0

@tinycloud/node-sdk@2.5.0

TinyCloud SDK for Node.js with configurable authorization strategies

Static Scan Results

scanned 8d ago · by rust-scanner

Static analysis flagged 9 finding(s) at 72.0% confidence. This version is warn-only unless an AI or security-team review confirms malicious behavior.

Static reason
One or more suspicious static signals were detected.

Decision evidence

public snapshot
Behavioral surface
Source
CryptoEnvironmentVarsFilesystemNetwork
Supply chain
HighEntropyStringsUrlStrings
Manifest
CopyleftLicense
scanned 4 file(s), 1.93 MB of source, external domains: links.ethers.org, node.tinycloud.xyz

Source & flagged code

2 flagged · loading source
dist/index.jsView file
16352patternName = generic_password severity = medium line = 16352 matchedText = logger28... });
Medium
Secret Pattern

Package contains a possible secret pattern.

dist/index.jsView on unpkg · L16352
dist/index.cjsView file
16347patternName = generic_password severity = medium line = 16347 matchedText = logger28... });
Medium
Secret Pattern

Hardcoded password in dist/index.cjs

dist/index.cjsView on unpkg · L16347

Findings

4 Medium5 Low
MediumSecret Patterndist/index.js
MediumNetwork
MediumEnvironment Vars
MediumSecret Patterndist/index.cjs
LowScripts Present
LowFilesystem
LowHigh Entropy Strings
LowUrl Strings
LowCopyleft License