Static Scan Results
scanned 2h ago · by rust-scannerStatic analysis flagged 13 finding(s) at 72.0% confidence. This version is warn-only unless an AI or security-team review confirms malicious behavior.
Static reason
One or more suspicious static signals were detected.
Decision evidence
public snapshotBehavioral surface
ChildProcessEnvironmentVarsEvalFilesystemNetworkWebSocket
HighEntropyStringsUrlStrings
NoLicense
Source & flagged code
4 flagged · loading source.env.productionView file
•patternName = blocked_file
severity = critical
matchedText = .env.production
redactedSecretContext =
secretLikeLines = 0
notes = no secret-like key/value lines found in sampled text
Critical
src/utils/runEvalFunction.tsView file
3// eslint-disable-next-line no-eval
L4: return eval(`(${funcString})`)(...args)
L5: }
Low
Eval
Package source references a known benign dynamic code generation pattern.
src/utils/runEvalFunction.tsView on unpkg · L3src/font-style/Inter-Medium.woff2View file
•path = src/font-style/Inter-Medium.woff2
kind = high_entropy_blob
sizeBytes = 114348
magicHex = [redacted]
High
Ships High Entropy Blob
Package ships high-entropy non-source blobs.
src/font-style/Inter-Medium.woff2View on unpkgcerts/127.0.0.1+2-key.pemView file
1patternName = private_key_rsa
severity = critical
line = 1
matchedText = -----BEG...----
Critical
Secret Pattern
RSA private key in certs/127.0.0.1+2-key.pem
certs/127.0.0.1+2-key.pemView on unpkg · L1Findings
2 Critical1 High3 Medium7 Low
CriticalCritical Secret.env.production
CriticalSecret Patterncerts/127.0.0.1+2-key.pem
HighShips High Entropy Blobsrc/font-style/Inter-Medium.woff2
MediumNetwork
MediumEnvironment Vars
MediumStructural Risk Force Deep Review
LowNon Install Lifecycle Scripts
LowScripts Present
LowEvalsrc/utils/runEvalFunction.ts
LowFilesystem
LowHigh Entropy Strings
LowUrl Strings
LowNo License