Static Scan Results
scanned 1h ago · by rust-scannerStatic analysis flagged 9 finding(s) at 72.0% confidence. This version is warn-only unless an AI or security-team review confirms malicious behavior.
Static reason
One or more suspicious static signals were detected.
Decision evidence
public snapshotBehavioral surface
ChildProcessCryptoDynamicRequireEnvironmentVarsFilesystemShell
HighEntropyStrings
Source & flagged code
3 flagged · loading sourcedist/relationship-Bds4OCOY.cjsView file
40let node_async_hooks = require("node:async_hooks");
L41: let node_child_process = require("node:child_process");
L42: let _h3ravel_support = require("@h3ravel/support");
High
Child Process
Package source references child process execution.
dist/relationship-Bds4OCOY.cjsView on unpkg · L403085const runPrismaCommand = (args, cwd) => {
L3086: const command = (0, node_child_process.spawnSync)("npx", ["prisma", ...args], {
L3087: cwd,
High
Runtime Package Install
Package source invokes a package manager install command at runtime.
dist/relationship-Bds4OCOY.cjsView on unpkg · L308527//#endregion
L28: let _h3ravel_collect_js = require("@h3ravel/collect.js");
L29: let async_hooks = require("async_hooks");
Medium
Dynamic Require
Package source references dynamic require/import behavior.
dist/relationship-Bds4OCOY.cjsView on unpkg · L27Findings
3 High3 Medium3 Low
HighChild Processdist/relationship-Bds4OCOY.cjs
HighShell
HighRuntime Package Installdist/relationship-Bds4OCOY.cjs
MediumDynamic Requiredist/relationship-Bds4OCOY.cjs
MediumEnvironment Vars
MediumStructural Risk Force Deep Review
LowScripts Present
LowFilesystem
LowHigh Entropy Strings