registry  /  auditx  /  0.1.22

auditx@0.1.22

One command. Every vulnerability, dead code, and AI-generated code anti-pattern. JSON output built for AI coding agents to parse and self-fix.

Static Scan Results

scanned 7d ago · by rust-scanner

Static analysis flagged 11 finding(s) at 72.0% confidence. This version is warn-only unless an AI or security-team review confirms malicious behavior.

Static reason
One or more suspicious static signals were detected.

Decision evidence

public snapshot
Behavioral surface
Source
ChildProcessCryptoEnvironmentVarsFilesystemNetworkShell
Supply chain
HighEntropyStringsUrlStrings
ManifestNo manifest risk signals triggered.
scanned 5 file(s), 108 KB of source, external domains: github.com, osv.dev, semgrep.dev, trivy.dev

Source & flagged code

4 flagged · loading source
dist/auditx.jsView file
19import { resolve } from "path"; L20: import { execSync } from "child_process"; L21:
High
Child Process

Package source references child process execution.

dist/auditx.jsView on unpkg · L19
826try { L827: execSync("npx eslint --fix .", { cwd: targetDir, stdio: "inherit" }); L828: console.log(chalk3.green(" \u2713 eslint --fix applied"));
High
Runtime Package Install

Package source invokes a package manager install command at runtime.

dist/auditx.jsView on unpkg · L826
19import { resolve } from "path"; L20: import { execSync } from "child_process"; L21: ... L128: { L129: exitCode: urgentCount > 0 ? 1 : 0, L130: urgentCount, ... L143: lines.push(""); L144: lines.push(`*Generated by [auditx](https://github.com/parth308/auditx) \xB7 MIT License*`); L145: return lines.join("\n"); ... L356: import chalk2 from "chalk"; L357: var CONFIG_DIR = join(homedir(), ".auditx"); L358: var CONFIG_FILE = join(CONFIG_DIR, "config.json");
Low
Weak Crypto

Package source references weak cryptographic algorithms.

dist/auditx.jsView on unpkg · L19
dist/chunk-XGUZLLPZ.jsView file
973import { promisify as promisify9 } from "util"; L974: var execAsync = promisify9(exec); L975: async function runCspell(targetDir, stagedFiles) {
High
Shell

Package source references shell execution.

dist/chunk-XGUZLLPZ.jsView on unpkg · L973

Findings

3 High3 Medium5 Low
HighChild Processdist/auditx.js
HighShelldist/chunk-XGUZLLPZ.js
HighRuntime Package Installdist/auditx.js
MediumNetwork
MediumEnvironment Vars
MediumStructural Risk Force Deep Review
LowScripts Present
LowWeak Cryptodist/auditx.js
LowFilesystem
LowHigh Entropy Strings
LowUrl Strings