Static Scan Results
scanned 14d ago · by rust-scannerStatic analysis flagged 11 finding(s) at 86.0% confidence. This version is warn-only unless an AI or security-team review confirms malicious behavior.
Static reason
High-risk behavior combination matched malicious policy.
Decision evidence
public snapshotBehavioral surface
ChildProcessDynamicRequireEnvironmentVarsFilesystemNetwork
HighEntropyStringsMinifiedObfuscatedUrlStrings
NoLicense
Oversized source lightweight scan
customer.cli.minified.js4.80 MB file, sampled 256 KB
FilesystemNetworkChildProcessEnvironmentVarsObfuscatedHighEntropyStringsMinifiedUrlStringsdeveloper.mozilla.orghandlebarsjs.comwww.w3.org
index.minified.js4.81 MB file, sampled 256 KB
FilesystemChildProcessEnvironmentVarsHighEntropyStringsMinifiedUrlStringsdeveloper.mozilla.orgdotenvx.comgithub.comhandlebarsjs.comwww.w3.org
Source & flagged code
3 flagged · loading sourcezeno.jsView file
24L25: var Ue=Object.defineProperty;var n=(t,e)=>Ue(t,"name",{value:e,configurable:!0});import{scheduler as Ge}from"node:timers/promises";Object.defineProperty(globalThis,"scheduler",{val...
L26: `),nt=$.encode("*"),ot=$.encode("$");function oe(t){let e=[nt,$.encode(t.length.toString()),J];for(let r of t){let o=r instanceof Uint8Array?r:$.encode(r.toString());e.push(ot,$.en...
L27: `);#n=new Set([..."[]{}:,/",...this.#t]);#e;#r;#s;constructor(e){this.#e=`${e}`,this.#r=this.#e.length,this.#s=this.#l()}parse(){let e=this.#o(),r=this.#i(e),{done:o,value:s}=this....
Critical
Credential Exfiltration
Source appears to send environment or credential material to an external endpoint.
zeno.jsView on unpkg · L2425var Ue=Object.defineProperty;var n=(t,e)=>Ue(t,"name",{value:e,configurable:!0});import{scheduler as Ge}from"node:timers/promises";Object.defineProperty(globalThis,"scheduler",{val...
L26: `),nt=$.encode("*"),ot=$.encode("$");function oe(t){let e=[nt,$.encode(t.length.toString()),J];for(let r of t){let o=r instanceof Uint8Array?r:$.encode(r.toString());e.push(ot,$.en...
L27: `);#n=new Set([..."[]{}:,/",...this.#t]);#e;#r;#s;constructor(e){this.#e=`${e}`,this.#r=this.#e.length,this.#s=this.#l()}parse(){let e=this.#o(),r=this.#i(e),{done:o,value:s}=this....
Medium
index.minified.jsView file
•path = index.minified.js
kind = oversized_source_file
sizeBytes = 5040605
magicHex = [redacted]
High
Oversized Source File
Package contains source files above the static scanner size ceiling.
index.minified.jsView on unpkgFindings
1 Critical1 High4 Medium5 Low
CriticalCredential Exfiltrationzeno.js
HighOversized Source Fileindex.minified.js
MediumDynamic Requirezeno.js
MediumNetwork
MediumEnvironment Vars
MediumStructural Risk Force Deep Review
LowFilesystem
LowObfuscated
LowHigh Entropy Strings
LowUrl Strings
LowNo License