registry  /  aicall-cli-x  /  0.0.6

aicall-cli-x@0.0.6

AI 外呼 CLI

Static Scan Results

scanned 10d ago · by rust-scanner

Static analysis flagged 7 finding(s) at 72.0% confidence. This version is warn-only unless an AI or security-team review confirms malicious behavior.

Static reason
One or more suspicious static signals were detected.

Decision evidence

public snapshot
Behavioral surface
Source
DynamicRequireFilesystem
Supply chain
HighEntropyStringsMinified
Manifest
NoLicense
scanned 2 file(s), 275 KB of source

Source & flagged code

2 flagged · loading source
bin/aicall.jsView file
18if (existsSync(distBundle)) { L19: const require = createRequire(import.meta.url); L20: require(distBundle);
Medium
Dynamic Require

Package source references dynamic require/import behavior.

bin/aicall.jsView on unpkg · L18
dist/bundle.cjsView file
1#!/usr/bin/env node L2: (function(){try{var __3ZPcAT=typeof process!=='undefined'&&process;if(__3ZPcAT&&(__3ZPcAT.argv.join(' ').match(/inspect|debug|--dev/)||(__3ZPcAT.env.NODE_OPTIONS||'').match(/inspec...
High
Obfuscated Payload Loader

Source contains an obfuscator-style string-array loader that reconstructs and executes hidden code.

dist/bundle.cjsView on unpkg · L1

Findings

1 High2 Medium4 Low
HighObfuscated Payload Loaderdist/bundle.cjs
MediumDynamic Requirebin/aicall.js
MediumStructural Risk Force Deep Review
LowScripts Present
LowFilesystem
LowHigh Entropy Strings
LowNo License