Static Scan Results
scanned 2h ago · by rust-scannerStatic analysis flagged 15 finding(s) at 72.0% confidence. This version is warn-only unless an AI or security-team review confirms malicious behavior.
Decision evidence
public snapshotSource & flagged code
8 flagged · loading sourcePackage contains a critical-looking secret pattern.
out/rules/secretsRules.jsView on unpkg · L42OpenSSH private key in out/rules/secretsRules.js
out/rules/secretsRules.jsView on unpkg · L42Package source references a known benign dynamic code generation pattern.
out/rules/frontendRules.jsView on unpkg · L7Source reaches cloud instance metadata or link-local credential endpoints.
out/rules/ssrfRules.jsView on unpkg · L13Hardcoded password in out/fixPatternMemory.js
out/fixPatternMemory.jsView on unpkg · L163Hardcoded password in out/__tests__/rules.test.js
out/__tests__/rules.test.jsView on unpkg · L115