registry  /  catalyst-cli  /  0.3.5

catalyst-cli@0.3.5

Version obsolète présentant une faille de fonctionnement jugée critique par l'équipe Catalyst. Merci de mettre à jour immédiatement vers la version 0.3.6 ou supérieure.

Build your project on Catalyst from the command line and pull the artifact (web/APK/IPA) back.

Static Scan Results

scanned 3h ago · by rust-scanner

Static analysis flagged 10 finding(s) at 72.0% confidence. This version is warn-only unless an AI or security-team review confirms malicious behavior.

Static reason
One or more suspicious static signals were detected.

Decision evidence

public snapshot
Behavioral surface
Source
DynamicRequireFilesystemNetwork
Supply chain
HighEntropyStringsMinifiedObfuscatedUrlStrings
ManifestNo manifest risk signals triggered.
scanned 2 file(s), 212 KB of source, external domains: 127.0.0.1, www.bcat.website

Source & flagged code

2 flagged · loading source
bin/catalyst.jsView file
5try { L6: main = require("../dist/cli.js").main; L7: } catch (err) {
Medium
Dynamic Require

Package source references dynamic require/import behavior.

bin/catalyst.jsView on unpkg · L5
dist/cli.jsView file
1const _0x6b8d4=_0x20b9;(function(_0x512764,_0x3fe509){const _0x14dea4=_0x20b9,_0x59646f=_0x512764();while(!![]){try{const _0x5a1cf3=-parseInt(_0x14dea4(0x241))/0x1+parseInt(_0x14de...
High
Obfuscated Payload Loader

Source contains an obfuscator-style string-array loader that reconstructs and executes hidden code.

dist/cli.jsView on unpkg · L1

Findings

2 High3 Medium5 Low
HighObfuscated Payload Loaderdist/cli.js
HighObfuscated
MediumDynamic Requirebin/catalyst.js
MediumNetwork
MediumStructural Risk Force Deep Review
LowNon Install Lifecycle Scripts
LowScripts Present
LowFilesystem
LowHigh Entropy Strings
LowUrl Strings