Static Scan Results
scanned 7d ago · by rust-scannerStatic analysis flagged 12 finding(s) at 72.0% confidence. This version is warn-only unless an AI or security-team review confirms malicious behavior.
Static reason
One or more suspicious static signals were detected.
Decision evidence
public snapshotBehavioral surface
ChildProcessEnvironmentVarsEvalFilesystemNetworkWebSocket
HighEntropyStringsUrlStrings
NoLicense
Source & flagged code
3 flagged · loading source.env.productionView file
•patternName = blocked_file
severity = critical
matchedText = .env.production
redactedSecretContext =
secretLikeLines = 0
notes = no secret-like key/value lines found in sampled text
Critical
src/utils/runEvalFunction.tsView file
3// eslint-disable-next-line no-eval
L4: return eval(`(${funcString})`)(...args)
L5: }
Low
Eval
Package source references a known benign dynamic code generation pattern.
src/utils/runEvalFunction.tsView on unpkg · L3src/font-style/Inter-Medium.woff2View file
•path = src/font-style/Inter-Medium.woff2
kind = high_entropy_blob
sizeBytes = 114348
magicHex = [redacted]
High
Ships High Entropy Blob
Package ships high-entropy non-source blobs.
src/font-style/Inter-Medium.woff2View on unpkgFindings
1 Critical1 High3 Medium7 Low
CriticalCritical Secret.env.production
HighShips High Entropy Blobsrc/font-style/Inter-Medium.woff2
MediumNetwork
MediumEnvironment Vars
MediumStructural Risk Force Deep Review
LowNon Install Lifecycle Scripts
LowScripts Present
LowEvalsrc/utils/runEvalFunction.ts
LowFilesystem
LowHigh Entropy Strings
LowUrl Strings
LowNo License