Static Scan Results
scanned 6d ago · by rust-scannerStatic analysis completed at 65.0% confidence. No malicious behavior was detected; 10 low-signal pattern(s) were surfaced and cleared.
Static reason
No blocking static signals were detected.
Decision evidence
public snapshotBehavioral surface
ChildProcessCryptoDynamicRequireEnvironmentVarsEvalFilesystem
HighEntropyStringsUrlStrings
Source & flagged code
3 flagged · loading sourcedist/plugins/webpack.jsView file
463function __import__(name) {
L464: return new Function("name", "return import(name)")(name);
L465: }
Medium
Dynamic Require
Package source references dynamic require/import behavior.
dist/plugins/webpack.jsView on unpkg · L463463function __import__(name) {
L464: return new Function("name", "return import(name)")(name);
L465: }
Low
Eval
Package source references a known benign dynamic code generation pattern.
dist/plugins/webpack.jsView on unpkg · L463132threshold: 2,
L133: naming: process.env.NODE_ENV === "production" ? "hash" : "readable",
L134: cache: true,
...
L463: function __import__(name) {
L464: return new Function("name", "return import(name)")(name);
L465: }
...
L2513: if (!macro2) return null;
L2514: const merged = JSON.parse(JSON.stringify(macro2));
L2515: if (!overrides) return merged;
...
L4917: type: "responsive-issues",
L4918: data: { issues, count: issues.length },
L4919: confidence: issues.some((i) => i.severity === "error") ? 1 : 0.7
Low
Weak Crypto
Package source references weak cryptographic algorithms.
dist/plugins/webpack.jsView on unpkg · L132Findings
3 Medium7 Low
MediumDynamic Requiredist/plugins/webpack.js
MediumEnvironment Vars
MediumStructural Risk Force Deep Review
LowNon Install Lifecycle Scripts
LowScripts Present
LowEvaldist/plugins/webpack.js
LowWeak Cryptodist/plugins/webpack.js
LowFilesystem
LowHigh Entropy Strings
LowUrl Strings