Static Scan Results
scanned 2h ago · by rust-scannerStatic analysis flagged 13 finding(s) at 72.0% confidence. This version is warn-only unless an AI or security-team review confirms malicious behavior.
Static reason
One or more suspicious static signals were detected.
Decision evidence
public snapshotBehavioral surface
ChildProcessCryptoEnvironmentVarsEvalNetwork
HighEntropyStringsMinifiedObfuscatedTelemetryUrlStrings
NoLicense
Source & flagged code
3 flagged · loading sourcedist/beneficiary-form-DWYNuxQk.jsView file
1import{o as e,t}from"./rolldown-runtime-DXzHzmmG.js";import{t as n}from"./react-CWkhIp2c.js";import{a as r,i as a,o,t as i}from"./request-CLLl5Hjd.js";import{a as s,c as l,i as c,n...
L2: return(0,Zn.jsxs)("div",{className:je(Jn.paymentMethodItem,{[Jn.selected]:r&&!o,[Jn.collapsed]:o,[Jn.disabled]:i}),onClick:()=>{i||n?.()},children:[/* @__PURE__ */ /* @__PURE__ */(...
High
Same File Env Network Execution
A single source file combines environment access, network access, and code or shell execution; review context before blocking.
dist/beneficiary-form-DWYNuxQk.jsView on unpkg · L11patternName = generic_password
severity = medium
line = 1
matchedText = import{o..._ */
Medium
Secret Pattern
Package contains a possible secret pattern.
dist/beneficiary-form-DWYNuxQk.jsView on unpkg · L1dist/Avatar-BcduLEa3.jsView file
1import{o as t}from"./rolldown-runtime-DXzHzmmG.js";import{t as e}from"./react-CWkhIp2c.js";import{i as n,o as s,r}from"./tslib.es6-TRdqp4ac.js";import{Ii as a,Nn as o,Zr as i,it as...
Low
Eval
Package source references a known benign dynamic code generation pattern.
dist/Avatar-BcduLEa3.jsView on unpkg · L1Findings
2 High4 Medium7 Low
HighChild Process
HighSame File Env Network Executiondist/beneficiary-form-DWYNuxQk.js
MediumSecret Patterndist/beneficiary-form-DWYNuxQk.js
MediumNetwork
MediumEnvironment Vars
MediumStructural Risk Force Deep Review
LowScripts Present
LowEvaldist/Avatar-BcduLEa3.js
LowObfuscated
LowHigh Entropy Strings
LowTelemetry
LowUrl Strings
LowNo License