registry  /  adtec-core-package  /  3.1.6

adtec-core-package@3.1.6

This template should help get you started developing with Vue 3 in Vite.

Static Scan Results

scanned 2d ago · by rust-scanner

Static analysis flagged 12 finding(s) at 72.0% confidence. This version is warn-only unless an AI or security-team review confirms malicious behavior.

Static reason
One or more suspicious static signals were detected.

Decision evidence

public snapshot
Behavioral surface
Source
ChildProcessDynamicRequireFilesystemNetworkShellWebSocket
Supply chain
HighEntropyStringsUrlStrings
ManifestNo manifest risk signals triggered.
scanned 203 file(s), 747 KB of source, external domains: embed.diagrams.net, fonts.gstatic.com, modao.cc, player.bilibili.com, player.youku.com, prosemirror.net, unpkg.com, v.qq.com, view.officeapps.live.com, www.drawio.com, www.figma.com, www.w3.org
Oversized source lightweight scan
prebuilt/umo-editor/umo-editor.js2.72 MB file, sampled 256 KB
ChildProcessHighEntropyStringsUrlStringsembed.diagrams.netfonts.gstatic.commodao.ccplayer.bilibili.complayer.youku.comprosemirror.netunpkg.comv.qq.comview.officeapps.live.comwww.drawio.comwww.figma.comwww.w3.org

Source & flagged code

5 flagged · loading source
scripts/build-umo.mjsView file
5*/ L6: import { spawnSync } from 'node:child_process' L7: import fs from 'node:fs'
High
Child Process

Package source references child process execution.

scripts/build-umo.mjsView on unpkg · L5
5*/ L6: import { spawnSync } from 'node:child_process' L7: import fs from 'node:fs' ... L20: if (!fs.existsSync(viteBin)) { L21: console.error('[build:umo] missing vite in core package; run pnpm install in 前端核心包') L22: process.exit(1)
High
Runtime Package Install

Package source invokes a package manager install command at runtime.

scripts/build-umo.mjsView on unpkg · L5
vite/umoCjsVirtual.tsView file
27function requireFromProjectRoot() { L28: return createRequire(path.join(getProjectRoot(), 'package.json')) L29: }
Medium
Dynamic Require

Package source references dynamic require/import behavior.

vite/umoCjsVirtual.tsView on unpkg · L27
src/css/vxeTableUI/icon/iconfont.woffView file
path = [redacted].woff kind = high_entropy_blob sizeBytes = 28768 magicHex = [redacted]
High
Ships High Entropy Blob

Package ships high-entropy non-source blobs.

src/css/vxeTableUI/icon/iconfont.woffView on unpkg
prebuilt/umo-editor/umo-editor.jsView file
path = prebuilt/umo-editor/umo-editor.js kind = oversized_source_file sizeBytes = 2850007 magicHex = [redacted]
High
Oversized Source File

Package contains source files above the static scanner size ceiling.

prebuilt/umo-editor/umo-editor.jsView on unpkg

Findings

5 High3 Medium4 Low
HighChild Processscripts/build-umo.mjs
HighShell
HighRuntime Package Installscripts/build-umo.mjs
HighShips High Entropy Blobsrc/css/vxeTableUI/icon/iconfont.woff
HighOversized Source Fileprebuilt/umo-editor/umo-editor.js
MediumDynamic Requirevite/umoCjsVirtual.ts
MediumNetwork
MediumStructural Risk Force Deep Review
LowScripts Present
LowFilesystem
LowHigh Entropy Strings
LowUrl Strings