registry  /  @vyriy/scripts  /  0.9.2

@vyriy/scripts@0.9.2

Shared scripts package for Vyriy projects

Static Scan Results

scanned 2h ago · by rust-scanner

Static analysis flagged 3 finding(s) at 72.0% confidence. This version is warn-only unless an AI or security-team review confirms malicious behavior.

Static reason
One or more suspicious static signals were detected.

Decision evidence

public snapshot
Behavioral surface
Source
ChildProcessShell
Supply chainNo supply-chain packaging signals triggered.
ManifestNo manifest risk signals triggered.
scanned 10 file(s), 8.92 KB of source

Source & flagged code

2 flagged · loading source
kaniko.jsView file
9logger.info('Repository:', repository); L10: await exec(`/kaniko/executor \ L11: --context "${path}" \
High
Child Process

Package source references child process execution.

kaniko.jsView on unpkg · L9
deploy.jsView file
7await exec('mkdir cdk.out'); L8: await exec('npx cdk synth > cdk.out/cloudformation.yml'); L9: await exec('npx aws-cdk diff');
High
Runtime Package Install

Package source invokes a package manager install command at runtime.

deploy.jsView on unpkg · L7

Findings

3 High
HighChild Processkaniko.js
HighShell
HighRuntime Package Installdeploy.js