Static Scan Results
scanned 2h ago · by rust-scannerStatic analysis flagged 9 finding(s) at 72.0% confidence. This version is warn-only unless an AI or security-team review confirms malicious behavior.
Static reason
One or more suspicious static signals were detected.
Decision evidence
public snapshotBehavioral surface
ChildProcessEnvironmentVarsFilesystemNetworkShell
HighEntropyStringsUrlStrings
Source & flagged code
1 flagged · loading sourcedist/chunk-4E5MVMGY.jsView file
101import { mkdir, readFile, writeFile } from "fs/promises";
L102: var API_BASE = process.env.OLLIE_API_BASE || "https://sh00t.host/v1";
L103: var SITE_BASE = (process.env.OLLIE_SITE || "https://olliechat-lac.vercel.app").replace(/\/+$/, "");
...
L130: }
L131: var CONFIG_DIR = join(homedir(), ".olliechat");
L132: var CONFIG_PATH = join(CONFIG_DIR, "config.json");
...
L135: const raw = await readFile(CONFIG_PATH, "utf8");
L136: return { ...DEFAULTS, ...JSON.parse(raw) };
L137: } catch {
...
L150: import { mkdir as mkdir2, readFile as readFile2, writeFile as writeFile2 } from "fs/promises";
L151: import { spawn } from "child_process";
L152: var DIR = join2(homedir2(), ".olliechat");
High
Sandbox Evasion Gated Capability
Source gates dangerous network, credential, or execution behavior behind CI, host, platform, time, or geo fingerprint checks.
dist/chunk-4E5MVMGY.jsView on unpkg · L101Findings
1 High3 Medium5 Low
HighSandbox Evasion Gated Capabilitydist/chunk-4E5MVMGY.js
MediumNetwork
MediumEnvironment Vars
MediumStructural Risk Force Deep Review
LowNon Install Lifecycle Scripts
LowScripts Present
LowFilesystem
LowHigh Entropy Strings
LowUrl Strings