Static Scan Results
scanned 2h ago · by rust-scannerStatic analysis flagged 8 finding(s) at 72.0% confidence. This version is warn-only unless an AI or security-team review confirms malicious behavior.
Static reason
One or more suspicious static signals were detected.
Decision evidence
public snapshotBehavioral surface
ChildProcessEvalFilesystemShell
HighEntropyStrings
Source & flagged code
3 flagged · loading sourcedist/templates/validate-form.mjsView file
15L16: import { execSync } from 'node:child_process';
L17: import { readdirSync, readFileSync } from 'node:fs';
High
Child Process
Package source references child process execution.
dist/templates/validate-form.mjsView on unpkg · L1541try {
L42: execSync('npx tsc --noEmit', { stdio: 'pipe', encoding: 'utf-8' });
L43: console.log(`${GREEN}OK${NC} tsc --noEmit`);
High
Runtime Package Install
Package source invokes a package manager install command at runtime.
dist/templates/validate-form.mjsView on unpkg · L41213L214: // 3j. eval() usage
L215: checkPattern(
Low
Eval
Package source references a known benign dynamic code generation pattern.
dist/templates/validate-form.mjsView on unpkg · L213Findings
3 High1 Medium4 Low
HighChild Processdist/templates/validate-form.mjs
HighShell
HighRuntime Package Installdist/templates/validate-form.mjs
MediumStructural Risk Force Deep Review
LowScripts Present
LowEvaldist/templates/validate-form.mjs
LowFilesystem
LowHigh Entropy Strings