registry  /  adtec-core-package  /  3.1.7

adtec-core-package@3.1.7

This template should help get you started developing with Vue 3 in Vite.

Static Scan Results

scanned 1d ago · by rust-scanner

Static analysis flagged 13 finding(s) at 72.0% confidence. This version is warn-only unless an AI or security-team review confirms malicious behavior.

Static reason
One or more suspicious static signals were detected.

Decision evidence

public snapshot
Behavioral surface
Source
ChildProcessDynamicRequireEnvironmentVarsFilesystemNetworkShellWebSocket
Supply chain
HighEntropyStringsMinifiedUrlStrings
ManifestNo manifest risk signals triggered.
scanned 209 file(s), 2.87 MB of source, external domains: element-plus.org, emailregex.com, embed.diagrams.net, fonts.gstatic.com, github.com, modao.cc, pinia.vuejs.org, player.bilibili.com, player.youku.com, prosemirror.net, unpkg.com, v.qq.com, view.officeapps.live.com, www.drawio.com, www.figma.com, www.w3.org
Oversized source lightweight scan
prebuilt/umo-editor/umo-editor.js2.72 MB file, sampled 256 KB
ChildProcessHighEntropyStringsUrlStringsembed.diagrams.netfonts.gstatic.commodao.ccplayer.bilibili.complayer.youku.comprosemirror.netunpkg.comv.qq.comview.officeapps.live.comwww.drawio.comwww.figma.comwww.w3.org

Source & flagged code

5 flagged · loading source
scripts/build-umo.mjsView file
5*/ L6: import { spawnSync } from 'node:child_process' L7: import fs from 'node:fs'
High
Child Process

Package source references child process execution.

scripts/build-umo.mjsView on unpkg · L5
5*/ L6: import { spawnSync } from 'node:child_process' L7: import fs from 'node:fs' ... L20: if (!fs.existsSync(viteBin)) { L21: console.error('[build:umo] missing vite in core package; run pnpm install in 前端核心包') L22: process.exit(1)
High
Runtime Package Install

Package source invokes a package manager install command at runtime.

scripts/build-umo.mjsView on unpkg · L5
adtec-core-package/adtec-core-package.umd.cjsView file
1(function(e,vr){typeof exports=="object"&&typeof module<"u"?module.exports=vr(require("vue")):typeof define=="function"&&define.amd?define(["vue"],vr):(e=typeof globalThis<"u"?glob... L2: * @vue/shared v3.5.13
Medium
Dynamic Require

Package source references dynamic require/import behavior.

adtec-core-package/adtec-core-package.umd.cjsView on unpkg · L1
src/css/vxeTableUI/icon/iconfont.woffView file
path = [redacted].woff kind = high_entropy_blob sizeBytes = 28768 magicHex = [redacted]
High
Ships High Entropy Blob

Package ships high-entropy non-source blobs.

src/css/vxeTableUI/icon/iconfont.woffView on unpkg
prebuilt/umo-editor/umo-editor.jsView file
path = prebuilt/umo-editor/umo-editor.js kind = oversized_source_file sizeBytes = 2850007 magicHex = [redacted]
High
Oversized Source File

Package contains source files above the static scanner size ceiling.

prebuilt/umo-editor/umo-editor.jsView on unpkg

Findings

5 High4 Medium4 Low
HighChild Processscripts/build-umo.mjs
HighShell
HighRuntime Package Installscripts/build-umo.mjs
HighShips High Entropy Blobsrc/css/vxeTableUI/icon/iconfont.woff
HighOversized Source Fileprebuilt/umo-editor/umo-editor.js
MediumDynamic Requireadtec-core-package/adtec-core-package.umd.cjs
MediumNetwork
MediumEnvironment Vars
MediumStructural Risk Force Deep Review
LowScripts Present
LowFilesystem
LowHigh Entropy Strings
LowUrl Strings