Static Scan Results
scanned 3h ago · by rust-scannerStatic analysis flagged 8 finding(s) at 72.0% confidence. This version is warn-only unless an AI or security-team review confirms malicious behavior.
Static reason
One or more suspicious static signals were detected.
Decision evidence
public snapshotBehavioral surface
ChildProcessCryptoEnvironmentVarsFilesystemNativeBindingsShell
HighEntropyStringsUrlStrings
Source & flagged code
2 flagged · loading sourcesrc/automation/executors.mjsView file
1import { execFile, spawn } from 'node:child_process';
L2: import { copyFile, mkdir, mkdtemp, readFile, rm } from 'node:fs/promises';
...
L19: const which = options.which ?? findExecutable;
L20: const env = options.env ?? process.env;
L21: const paths = {
...
L120: env.GIT_CONFIG_NOSYSTEM = '1';
L121: env.GIT_CONFIG_SYSTEM = process.platform === 'win32' ? 'NUL' : '/dev/null';
L122: env.GIT_CONFIG_GLOBAL = process.platform === 'win32' ? 'NUL' : '/dev/null';
...
L126: env.GIT_CONFIG_KEY_1 = `remote.${safeGitRemote(options.remote)}.pushurl`;
L127: env.GIT_CONFIG_VALUE_1 = 'https://127.0.0.1.invalid/aapb-worker-push-disabled';
L128: return env;
...
L149: try {
High
Sandbox Evasion Gated Capability
Source gates dangerous network, credential, or execution behavior behind CI, host, platform, time, or geo fingerprint checks.
src/automation/executors.mjsView on unpkg · L1engines/python/ai_agent_playbook_engine/__init__.pyView file
•path = engines/python/ai_agent_playbook_engine/__init__.py
kind = build_helper
sizeBytes = 90
magicHex = [redacted]
Medium
Ships Build Helper
Package ships non-JavaScript build or shell helper files.
engines/python/ai_agent_playbook_engine/__init__.pyView on unpkgFindings
1 High3 Medium4 Low
HighSandbox Evasion Gated Capabilitysrc/automation/executors.mjs
MediumEnvironment Vars
MediumShips Build Helperengines/python/ai_agent_playbook_engine/__init__.py
MediumStructural Risk Force Deep Review
LowScripts Present
LowFilesystem
LowHigh Entropy Strings
LowUrl Strings