Static Scan Results
scanned 3d ago · by rust-scannerStatic analysis flagged 13 finding(s) at 72.0% confidence. This version is warn-only unless an AI or security-team review confirms malicious behavior.
Static reason
One or more suspicious static signals were detected.
Decision evidence
public snapshotBehavioral surface
ChildProcessDynamicRequireEnvironmentVarsFilesystemNetworkShell
HighEntropyStringsUrlStrings
Source & flagged code
4 flagged · loading sourcebin/akdd.jsView file
13const fs = require('fs');
L14: const { execSync } = require('child_process');
L15:
High
3L4: const { init } = require('../src/init');
L5: const { update } = require('../src/update');
Medium
Dynamic Require
Package source references dynamic require/import behavior.
bin/akdd.jsView on unpkg · L3src/init.jsView file
216try {
L217: require('child_process').execSync('npm install better-sqlite3 --save', {
L218: stdio: 'pipe', cwd: projectPath
High
Runtime Package Install
Package source invokes a package manager install command at runtime.
src/init.jsView on unpkg · L216install.shView file
•path = install.sh
kind = build_helper
sizeBytes = 2899
magicHex = [redacted]
Medium
Findings
3 High5 Medium5 Low
HighChild Processbin/akdd.js
HighShell
HighRuntime Package Installsrc/init.js
MediumDynamic Requirebin/akdd.js
MediumNetwork
MediumEnvironment Vars
MediumShips Build Helperinstall.sh
MediumStructural Risk Force Deep Review
LowNon Install Lifecycle Scripts
LowScripts Present
LowFilesystem
LowHigh Entropy Strings
LowUrl Strings