Static Scan Results
scanned 13d ago · by rust-scannerStatic analysis flagged 10 finding(s) at 72.0% confidence. This version is warn-only unless an AI or security-team review confirms malicious behavior.
Static reason
One or more suspicious static signals were detected.
Decision evidence
public snapshotBehavioral surface
ChildProcessDynamicRequireFilesystemNetworkShell
HighEntropyStringsMinifiedObfuscatedUrlStrings
NoLicense
Source & flagged code
2 flagged · loading sourcebin/aicall.jsView file
18if (existsSync(distBundle)) {
L19: const require = createRequire(import.meta.url);
L20: require(distBundle);
Medium
Dynamic Require
Package source references dynamic require/import behavior.
bin/aicall.jsView on unpkg · L18dist/bundle.cjsView file
1#!/usr/bin/env node
L2: const a0_0x3928ce=a0_0x44ca;(function(_0x38c0c9,_0x592fdd){const _0x46aa9f=a0_0x44ca;const _0x160bac=_0x38c0c9();while(!![]){try{const _0x11f4b3=-parseInt(_0x46aa9f(0x5d8))/(-0x422...
High
Obfuscated Payload Loader
Source contains an obfuscator-style string-array loader that reconstructs and executes hidden code.
dist/bundle.cjsView on unpkg · L1Findings
2 High3 Medium5 Low
HighObfuscated Payload Loaderdist/bundle.cjs
HighObfuscated
MediumDynamic Requirebin/aicall.js
MediumNetwork
MediumStructural Risk Force Deep Review
LowScripts Present
LowFilesystem
LowHigh Entropy Strings
LowUrl Strings
LowNo License