Static Scan Results
scanned 5d ago · by rust-scannerStatic analysis completed at 65.0% confidence. No malicious behavior was detected; 9 low-signal pattern(s) were surfaced and cleared.
Static reason
No blocking static signals were detected.
Decision evidence
public snapshotBehavioral surface
ChildProcessCryptoDynamicRequireEnvironmentVarsFilesystemNetworkShell
HighEntropyStrings
Source & flagged code
2 flagged · loading sourcepackage.jsonView file
•scripts.postinstall = husky
High
Install Time Lifecycle Scripts
Package defines install-time lifecycle scripts.
package.jsonView on unpkgout/codegen/render-oauth-http-mcp-server.jsView file
164loadLocalEnvFiles(envDirs);
L165: const imported = await import(pathToFileURL(path.resolve(modulePath)).href);
L166: if (!imported || typeof imported !== 'object') {
Medium
Dynamic Require
Package source references dynamic require/import behavior.
out/codegen/render-oauth-http-mcp-server.jsView on unpkg · L164Findings
1 High4 Medium4 Low
HighInstall Time Lifecycle Scriptspackage.json
MediumDynamic Requireout/codegen/render-oauth-http-mcp-server.js
MediumNetwork
MediumEnvironment Vars
MediumStructural Risk Force Deep Review
LowNon Install Lifecycle Scripts
LowScripts Present
LowFilesystem
LowHigh Entropy Strings