Static Scan Results
scanned 8d ago · by rust-scannerStatic analysis completed at 65.0% confidence. No malicious behavior was detected; 12 low-signal pattern(s) were surfaced and cleared.
Static reason
No blocking static signals were detected.
Decision evidence
public snapshotBehavioral surface
ChildProcessCryptoDynamicRequireEnvironmentVarsFilesystemNativeBindingsNetworkShell
HighEntropyStringsProtestwareUrlStrings
Source & flagged code
3 flagged · loading sourcedist/esm/config/oxlint/tier-boundaries.jsView file
14try {
L15: const packageBoundaryModule = await import(packageBoundaryModuleUrl.href);
L16: return packageBoundaryModule.PACKAGE_TIERS ?? FALLBACK_PACKAGE_TIERS;
Medium
Dynamic Require
Package source references dynamic require/import behavior.
dist/esm/config/oxlint/tier-boundaries.jsView on unpkg · L14dist/esm/audit/weakness-mining/index.jsView file
6import { readPretoolEvidence, } from "./read-pretool-log.js";
L7: export async function auditWeaknessMining(rootDirectory = process.cwd(), options = {}) {
L8: const report = mineWeaknesses(rootDirectory, options);
Low
Weak Crypto
Package source references weak cryptographic algorithms.
dist/esm/audit/weakness-mining/index.jsView on unpkg · L6catalog/agent/skills/systematic-debugging/find-polluter.shView file
•path = catalog/agent/skills/systematic-debugging/find-polluter.sh
kind = build_helper
sizeBytes = 1528
magicHex = [redacted]
Medium
Ships Build Helper
Package ships non-JavaScript build or shell helper files.
catalog/agent/skills/systematic-debugging/find-polluter.shView on unpkgFindings
6 Medium6 Low
MediumDynamic Requiredist/esm/config/oxlint/tier-boundaries.js
MediumNetwork
MediumEnvironment Vars
MediumProtestware
MediumShips Build Helpercatalog/agent/skills/systematic-debugging/find-polluter.sh
MediumStructural Risk Force Deep Review
LowNon Install Lifecycle Scripts
LowScripts Present
LowWeak Cryptodist/esm/audit/weakness-mining/index.js
LowFilesystem
LowHigh Entropy Strings
LowUrl Strings