Static Scan Results
scanned 4d ago · by rust-scannerStatic analysis flagged 17 finding(s) at 72.0% confidence. This version is warn-only unless an AI or security-team review confirms malicious behavior.
Decision evidence
public snapshotSource & flagged code
8 flagged · loading sourcePackage contains a critical-looking secret pattern.
dist/@vtj/materials/deps/@vtj/utils/index.umd.jsView on unpkg · L14RSA private key in dist/@vtj/materials/deps/@vtj/utils/index.umd.js
dist/@vtj/materials/deps/@vtj/utils/index.umd.jsView on unpkg · L14Package source references a known benign dynamic code generation pattern.
dist/@vtj/materials/deps/mockjs/mock-min.jsView on unpkg · L5Package source references dynamic require/import behavior.
dist/@vtj/materials/deps/uni-ui/index.umd.jsView on unpkg · L1Package ships high-entropy non-source blobs.
dist/assets/iconfont.1732169275522-D4HyIDhF.woffView on unpkgPackage contains source files above the static scanner size ceiling.
dist/__devtools__/assets/index-E3YKiktg.jsView on unpkgRSA private key in dist/uni/assets/index-fsLz1ReN.js
dist/uni/assets/index-fsLz1ReN.jsView on unpkg · L35RSA private key in dist/assets/Editor-DvBsMvsB-B_iymbRK.js
dist/assets/Editor-DvBsMvsB-B_iymbRK.jsView on unpkg · L34