Static Scan Results
scanned 3h ago · by rust-scannerStatic analysis flagged 18 finding(s) at 72.0% confidence. This version is warn-only unless an AI or security-team review confirms malicious behavior.
Decision evidence
public snapshotSource & flagged code
11 flagged · loading sourcePackage contains a critical-looking secret pattern.
runtime/apps/api/dist/webdist/assets/index-BgVQ9ph_.jsView on unpkg · L53AWS access key ID in runtime/apps/api/dist/webdist/assets/index-BgVQ9ph_.js
runtime/apps/api/dist/webdist/assets/index-BgVQ9ph_.jsView on unpkg · L53Package ships high-entropy non-source blobs.
runtime/apps/api/dist/webdist/assets/geist-latin-ext-wght-normal-DMtmJ5ZE.woff2View on unpkgHardcoded password in runtime/apps/api/dist/model/mcp-operation.registry.test.js
runtime/apps/api/dist/model/mcp-operation.registry.test.jsView on unpkg · L82Hardcoded password in runtime/apps/api/dist/service/wasabi-auth.service.test.js
runtime/apps/api/dist/service/wasabi-auth.service.test.jsView on unpkg · L83Hardcoded password in runtime/apps/api/dist/service/wasabi-auth.service.test.js
runtime/apps/api/dist/service/wasabi-auth.service.test.jsView on unpkg · L91Hardcoded password in runtime/apps/api/dist/client/wasabi-console.client.test.js
runtime/apps/api/dist/client/wasabi-console.client.test.jsView on unpkg · L32Hardcoded password in runtime/apps/api/dist/client/wasabi-console.client.test.js
runtime/apps/api/dist/client/wasabi-console.client.test.jsView on unpkg · L62Hardcoded password in runtime/apps/api/dist/client/wasabi-wacm.client.test.js
runtime/apps/api/dist/client/wasabi-wacm.client.test.jsView on unpkg · L69Hardcoded password in runtime/apps/api/dist/client/wasabi-wacm.client.test.js
runtime/apps/api/dist/client/wasabi-wacm.client.test.jsView on unpkg · L81