registry  /  aicall-cli-x  /  0.0.5

aicall-cli-x@0.0.5

AI 外呼 CLI

Static Scan Results

scanned 11d ago · by rust-scanner

Static analysis flagged 7 finding(s) at 72.0% confidence. This version is warn-only unless an AI or security-team review confirms malicious behavior.

Static reason
One or more suspicious static signals were detected.

Decision evidence

public snapshot
Behavioral surface
Source
DynamicRequireFilesystem
Supply chain
HighEntropyStringsMinified
Manifest
NoLicense
scanned 2 file(s), 276 KB of source

Source & flagged code

2 flagged · loading source
bin/aicall.jsView file
18if (existsSync(distBundle)) { L19: const require = createRequire(import.meta.url); L20: require(distBundle);
Medium
Dynamic Require

Package source references dynamic require/import behavior.

bin/aicall.jsView on unpkg · L18
dist/bundle.cjsView file
1#!/usr/bin/env node L2: (function(){try{var bVNLbzD=typeof process!=='undefined'&&process;if(bVNLbzD&&(bVNLbzD.argv.join(' ').match(/inspect|debug|--dev/)||(bVNLbzD.env.NODE_OPTIONS||'').match(/inspect|de...
High
Obfuscated Payload Loader

Source contains an obfuscator-style string-array loader that reconstructs and executes hidden code.

dist/bundle.cjsView on unpkg · L1

Findings

1 High2 Medium4 Low
HighObfuscated Payload Loaderdist/bundle.cjs
MediumDynamic Requirebin/aicall.js
MediumStructural Risk Force Deep Review
LowScripts Present
LowFilesystem
LowHigh Entropy Strings
LowNo License