registry  /  @toothfairyai/tfcode-darwin-x64  /  1.3.0

@toothfairyai/tfcode-darwin-x64@1.3.0

⚠ Under review

Static Scan Results

scanned 2h ago · by rust-scanner

Static analysis flagged 14 finding(s) at 86.0% confidence. This version is warn-only unless an AI or security-team review confirms malicious behavior.

Static reason
High-risk behavior combination matched malicious policy.

Decision evidence

public snapshot
Behavioral surface
Source
ChildProcessDynamicRequireFilesystemNativeBindingsNetworkWebSocket
Supply chain
HighEntropyStringsMinifiedObfuscatedTelemetryUrlStrings
Manifest
NoLicense
scanned 295 file(s), 10.7 MB of source, external domains: github.com, www.w3.org
Oversized source lightweight scan
bin/app/dist/assets/index-D5mkkdQy.js2.91 MB file, sampled 256 KB
NetworkChildProcessHighEntropyStringsMinifiedUrlStringswww.w3.org

Source & flagged code

6 flagged · loading source
bin/app/dist/assets/codeql-DsOJ9woJ.jsView file
1const e=Object.freeze(JSON.parse('{"displayName":"CodeQL","fileTypes":["ql","qll"],"name":"codeql","patterns":[{"include":"#module-member"}],"repository":{"abstract":{"match":"\\\\...
Medium
Dynamic Require

Package source references dynamic require/import behavior.

bin/app/dist/assets/codeql-DsOJ9woJ.jsView on unpkg · L1
bin/app/dist/assets/session-BrmH3ve3.jsView file
21contains invisible/control Unicode U+202A (left-to-right embedding) `}),$.preventDefault();return}if($.key==="Enter"&&xt($))return;const z=$.ctrlKey&&!$.metaKey&&!$.altKey&&!$.shiftKey;if(Y.popover){if($.key==="Tab"){on(),$.preventDefault();return}const re=$.key==="ArrowUp"||$.key==="ArrowDown"||$.key==="En
Critical
Trojan Source Unicode

Source contains bidi control or invisible Unicode characters associated with Trojan Source attacks.

bin/app/dist/assets/session-BrmH3ve3.jsView on unpkg · L21
bin/tfcodeView file
path = bin/tfcode kind = native_binary sizeBytes = 106138176 magicHex = [redacted]
Medium
Ships Native Binary

Package ships native binary artifacts.

bin/tfcodeView on unpkg
bin/app/dist/assets/KaTeX_Script-Regular-D3wIWfF6.woff2View file
path = bin/app/dist/assets/KaTeX_Script-Regular-D3wIWfF6.woff2 kind = high_entropy_blob sizeBytes = 9644 magicHex = [redacted]
High
Ships High Entropy Blob

Package ships high-entropy non-source blobs.

bin/app/dist/assets/KaTeX_Script-Regular-D3wIWfF6.woff2View on unpkg
bin/app/dist/assets/index-D5mkkdQy.jsView file
path = bin/app/dist/assets/index-D5mkkdQy.js kind = oversized_source_file sizeBytes = 3046533 magicHex = [redacted]
High
Oversized Source File

Package contains source files above the static scanner size ceiling.

bin/app/dist/assets/index-D5mkkdQy.jsView on unpkg
path = bin/app/dist/assets/index-D5mkkdQy.js kind = oversized_cli_entrypoint sizeBytes = 3046533 magicHex = [redacted]
Medium
Oversized Cli Entrypoint

Package contains an oversized executable-looking CLI entrypoint.

bin/app/dist/assets/index-D5mkkdQy.jsView on unpkg

Findings

1 Critical2 High5 Medium6 Low
CriticalTrojan Source Unicodebin/app/dist/assets/session-BrmH3ve3.js
HighShips High Entropy Blobbin/app/dist/assets/KaTeX_Script-Regular-D3wIWfF6.woff2
HighOversized Source Filebin/app/dist/assets/index-D5mkkdQy.js
MediumDynamic Requirebin/app/dist/assets/codeql-DsOJ9woJ.js
MediumNetwork
MediumShips Native Binarybin/tfcode
MediumOversized Cli Entrypointbin/app/dist/assets/index-D5mkkdQy.js
MediumStructural Risk Force Deep Review
LowFilesystem
LowObfuscated
LowHigh Entropy Strings
LowTelemetry
LowUrl Strings
LowNo License