Static Scan Results
scanned 5d ago · by rust-scannerStatic analysis flagged 10 finding(s) at 72.0% confidence. This version is warn-only unless an AI or security-team review confirms malicious behavior.
Static reason
One or more suspicious static signals were detected.
Decision evidence
public snapshotBehavioral surface
ChildProcessFilesystemShell
HighEntropyStringsMinifiedUrlStrings
NoLicenseWildcardDependency
Source & flagged code
2 flagged · loading sourcescripts/build-css.tsView file
1/* eslint-disable @typescript-eslint/no-unsafe-assignment, @typescript-eslint/no-unsafe-call -- Node.js build script; imports are safe */
L2: import { execSync } from "node:child_process";
L3: import { readFileSync, writeFileSync, mkdirSync } from "node:fs";
High
Child Process
Package source references child process execution.
scripts/build-css.tsView on unpkg · L118// Compile globals.css → dist/styles.css using @tailwindcss/cli
L19: execSync(
L20: `npx @tailwindcss/cli -i src/styles/globals.css -o dist/styles.css --minify`,
L21: { cwd: root, stdio: "inherit" }
High
Runtime Package Install
Package source invokes a package manager install command at runtime.
scripts/build-css.tsView on unpkg · L18Findings
3 High2 Medium5 Low
HighChild Processscripts/build-css.ts
HighShell
HighRuntime Package Installscripts/build-css.ts
MediumStructural Risk Force Deep Review
MediumWildcard Dependency
LowScripts Present
LowFilesystem
LowHigh Entropy Strings
LowUrl Strings
LowNo License