registry  /  @trii/components  /  2.0.101

@trii/components@2.0.101

Trii components package

Static Scan Results

scanned 4h ago · by rust-scanner

Static analysis flagged 8 finding(s) at 72.0% confidence. This version is warn-only unless an AI or security-team review confirms malicious behavior.

Static reason
One or more suspicious static signals were detected.

Decision evidence

public snapshot
Behavioral surface
Source
EnvironmentVarsNetwork
Supply chain
HighEntropyStringsMinifiedUrlStrings
ManifestNo manifest risk signals triggered.
scanned 2 file(s), 474 KB of source, external domains: agent-api.trii.app, github.com, maps.googleapis.com, reactjs.org

Source & flagged code

3 flagged · loading source
dist/esm/index.jsView file
16patternName = google_api_key severity = high line = 16 matchedText = <%s key=...me};
High
High Secret

Package contains a high-severity secret pattern.

dist/esm/index.jsView on unpkg · L16
16patternName = google_api_key severity = high line = 16 matchedText = <%s key=...me};
High
Secret Pattern

Google API key in dist/esm/index.js

dist/esm/index.jsView on unpkg · L16
dist/cjs/index.jsView file
16patternName = google_api_key severity = high line = 16 matchedText = <%s key=...=wr;
High
Secret Pattern

Google API key in dist/cjs/index.js

dist/cjs/index.jsView on unpkg · L16

Findings

3 High2 Medium3 Low
HighHigh Secretdist/esm/index.js
HighSecret Patterndist/esm/index.js
HighSecret Patterndist/cjs/index.js
MediumNetwork
MediumEnvironment Vars
LowScripts Present
LowHigh Entropy Strings
LowUrl Strings