Static Scan Results
scanned 8h ago · by rust-scannerStatic analysis flagged 8 finding(s) at 72.0% confidence. This version is warn-only unless an AI or security-team review confirms malicious behavior.
Static reason
One or more suspicious static signals were detected.
Decision evidence
public snapshotBehavioral surface
ChildProcessCryptoEnvironmentVarsFilesystemShell
HighEntropyStringsUrlStrings
Source & flagged code
1 flagged · loading sourcedist/orchestration/url-sources.jsView file
1import { createHash } from 'node:crypto';
L2: import { lookup } from 'node:dns/promises';
L3: import { isIP } from 'node:net';
...
L23: }
L24: function isPrivateAddress(address) {
L25: if (address === '::' || address === '::1')
...
L95: const reader = response.body.getReader();
L96: const decoder = new TextDecoder();
L97: let bytes = 0;
High
Cloud Metadata Access
Source reaches cloud instance metadata or link-local credential endpoints.
dist/orchestration/url-sources.jsView on unpkg · L1Findings
1 High2 Medium5 Low
HighCloud Metadata Accessdist/orchestration/url-sources.js
MediumEnvironment Vars
MediumStructural Risk Force Deep Review
LowNon Install Lifecycle Scripts
LowScripts Present
LowFilesystem
LowHigh Entropy Strings
LowUrl Strings