Static Scan Results
scanned 7d ago · by rust-scannerStatic analysis flagged 8 finding(s) at 72.0% confidence. This version is warn-only unless an AI or security-team review confirms malicious behavior.
Static reason
One or more suspicious static signals were detected.
Decision evidence
public snapshotBehavioral surface
ChildProcessCryptoEnvironmentVarsFilesystem
HighEntropyStringsUrlStrings
Source & flagged code
2 flagged · loading sourcedist/utils/vicinae.jsView file
3exports.VicinaeClient = void 0;
L4: const node_child_process_1 = require("node:child_process");
L5: class VicinaeClient {
High
Child Process
Package source references child process execution.
dist/utils/vicinae.jsView on unpkg · L3dist/commands/develop/index.jsView file
81const typeCheck = async () => {
L82: const spawned = (0, node_child_process_1.spawn)("npx", ["tsc", "--noEmit"]);
L83: let stderr = Buffer.from("");
High
Runtime Package Install
Package source invokes a package manager install command at runtime.
dist/commands/develop/index.jsView on unpkg · L81Findings
2 High2 Medium4 Low
HighChild Processdist/utils/vicinae.js
HighRuntime Package Installdist/commands/develop/index.js
MediumEnvironment Vars
MediumStructural Risk Force Deep Review
LowScripts Present
LowFilesystem
LowHigh Entropy Strings
LowUrl Strings