Static Scan Results
scanned 1d ago · by rust-scannerStatic analysis flagged 19 finding(s) at 86.0% confidence. This version is warn-only unless an AI or security-team review confirms malicious behavior.
Decision evidence
public snapshotSource & flagged code
10 flagged · loading sourcePackage source references a known benign dynamic code generation pattern.
vona/packages-utils/utils/src/celjs/utils.tsView on unpkg · L20Package source references dynamic require/import behavior.
vona/packages-cli/cabloy-cli/src/utils.tsView on unpkg · L22Package source references weak cryptographic algorithms.
vona/src/suite-vendor/a-image/modules/image-native/src/service/imageNative.tsView on unpkg · L28Source contains bidi control or invisible Unicode characters associated with Trojan Source attacks.
vona/src/suite-vendor/a-vona/modules/a-orm/src/main.tsView on unpkg · L4Package ships non-JavaScript build or shell helper files.
vona/scripts/app-init.shView on unpkgHardcoded password in vona/src/suite-vendor/a-vona/modules/a-swagger/assets/static/swagger-ui-5.18.2/swagger-ui.js
vona/src/suite-vendor/a-vona/modules/a-swagger/assets/static/swagger-ui-5.18.2/swagger-ui.jsView on unpkg · L1Hardcoded password in vona/src/suite-vendor/a-vona/modules/a-swagger/assets/static/swagger-ui-5.18.2/swagger-ui-es-bundle-core.js
vona/src/suite-vendor/a-vona/modules/a-swagger/assets/static/swagger-ui-5.18.2/swagger-ui-es-bundle-core.jsView on unpkg · L2Hardcoded password in vona/src/suite-vendor/a-vona/modules/a-swagger/assets/static/swagger-ui-5.18.2/swagger-ui-bundle.js
vona/src/suite-vendor/a-vona/modules/a-swagger/assets/static/swagger-ui-5.18.2/swagger-ui-bundle.jsView on unpkg · L2Hardcoded password in vona/src/suite-vendor/a-vona/modules/a-swagger/assets/static/swagger-ui-5.18.2/swagger-ui-es-bundle.js
vona/src/suite-vendor/a-vona/modules/a-swagger/assets/static/swagger-ui-5.18.2/swagger-ui-es-bundle.jsView on unpkg · L2