registry  /  @wujie-shell/business  /  1.0.5

@wujie-shell/business@1.0.5

轻量无界云端基础业务客户端。它封装账号认证、当前用户信息、API Key 获取、模型、Skill 市场、计费、模板、通用 HTTP 配置和 `WUJIE_AI_ROUTES` 路由常量。

Static Scan Results

scanned 4d ago · by rust-scanner

Static analysis flagged 6 finding(s) at 72.0% confidence. This version is warn-only unless an AI or security-team review confirms malicious behavior.

Static reason
One or more suspicious static signals were detected.

Decision evidence

public snapshot
Behavioral surface
SourceNo risky source behavior triggered.
Supply chain
MinifiedObfuscated
Manifest
NoLicense
scanned 20 file(s), 42.7 KB of source

Source & flagged code

2 flagged · loading source
dist/src/api-key/apiKeyService.jsView file
1const _0x2b1280=_0x2502;function _0x2502(_0x5382ac,_0x481b3b){_0x5382ac=_0x5382ac-0x6d;const _0x4c2b9f=_0x4c2b();let _0x2502d3=_0x4c2b9f[_0x5382ac];return _0x2502d3;}function _0x4c...
High
Obfuscated Payload Loader

Source contains an obfuscator-style string-array loader that reconstructs and executes hidden code.

dist/src/api-key/apiKeyService.jsView on unpkg · L1
README.mdView file
76patternName = generic_password severity = medium line = 76 matchedText = password...rd',
Medium
Secret Pattern

Hardcoded password in README.md

README.mdView on unpkg · L76

Findings

2 High2 Medium2 Low
HighObfuscated Payload Loaderdist/src/api-key/apiKeyService.js
HighObfuscated
MediumStructural Risk Force Deep Review
MediumSecret PatternREADME.md
LowScripts Present
LowNo License