registry  /  aicall-cli-x  /  0.0.1

aicall-cli-x@0.0.1

AI 外呼 CLI

Static Scan Results

scanned 13d ago · by rust-scanner

Static analysis flagged 10 finding(s) at 72.0% confidence. This version is warn-only unless an AI or security-team review confirms malicious behavior.

Static reason
One or more suspicious static signals were detected.

Decision evidence

public snapshot
Behavioral surface
Source
ChildProcessDynamicRequireFilesystemNetworkShell
Supply chain
HighEntropyStringsMinifiedObfuscatedUrlStrings
Manifest
NoLicense
scanned 6 file(s), 218 KB of source, external domains: cfs-ms.pa18.com

Source & flagged code

2 flagged · loading source
bin/aicall.jsView file
18if (existsSync(distBundle)) { L19: const require = createRequire(import.meta.url); L20: require(distBundle);
Medium
Dynamic Require

Package source references dynamic require/import behavior.

bin/aicall.jsView on unpkg · L18
dist/bundle.cjsView file
1#!/usr/bin/env node L2: const a0_0x3928ce=a0_0x44ca;(function(_0x38c0c9,_0x592fdd){const _0x46aa9f=a0_0x44ca;const _0x160bac=_0x38c0c9();while(!![]){try{const _0x11f4b3=-parseInt(_0x46aa9f(0x5d8))/(-0x422...
High
Obfuscated Payload Loader

Source contains an obfuscator-style string-array loader that reconstructs and executes hidden code.

dist/bundle.cjsView on unpkg · L1

Findings

2 High3 Medium5 Low
HighObfuscated Payload Loaderdist/bundle.cjs
HighObfuscated
MediumDynamic Requirebin/aicall.js
MediumNetwork
MediumStructural Risk Force Deep Review
LowScripts Present
LowFilesystem
LowHigh Entropy Strings
LowUrl Strings
LowNo License