Static Scan Results
scanned 4h ago · by rust-scannerStatic analysis flagged 10 finding(s) at 72.0% confidence. This version is warn-only unless an AI or security-team review confirms malicious behavior.
Static reason
One or more suspicious static signals were detected.
Decision evidence
public snapshotBehavioral surface
ChildProcessCryptoEnvironmentVarsFilesystemShell
HighEntropyStringsUrlStrings
Source & flagged code
4 flagged · loading sourcebin/index.jsView file
10import * as asar from '@electron/asar';
L11: import { execSync } from 'child_process';
L12: import figlet from 'figlet';
High
151if (os.platform() === 'win32') {
L152: console.error(yellow('\nPlease run your terminal (PowerShell/CMD) as Administrator and try again.\n'));
L153: } else if (os.platform() === 'darwin') {
High
48console.error(yellow(' 1. Grant your terminal "App Management" permission to run without sudo.'));
L49: console.error(yellow(' 2. Or, run this command with sudo (e.g. sudo npx claude-rtl)'));
L50: console.log(blue('\nOpening System Settings directly to App Management for you...'));
L51: try {
L52: execSync('open "x-apple.systempreferences:com.apple.settings.PrivacySecurity.extension?Privacy_AppBundles"');
L53: console.log(green('✔ Settings opened! Please enable the toggle for your terminal, then try again.\n'));
High
Runtime Package Install
Package source invokes a package manager install command at runtime.
bin/index.jsView on unpkg · L48bin/Vazirmatn-Variable.woff2View file
•path = bin/Vazirmatn-Variable.woff2
kind = high_entropy_blob
sizeBytes = 111152
magicHex = [redacted]
High
Ships High Entropy Blob
Package ships high-entropy non-source blobs.
bin/Vazirmatn-Variable.woff2View on unpkgFindings
4 High2 Medium4 Low
HighChild Processbin/index.js
HighShellbin/index.js
HighRuntime Package Installbin/index.js
HighShips High Entropy Blobbin/Vazirmatn-Variable.woff2
MediumEnvironment Vars
MediumStructural Risk Force Deep Review
LowScripts Present
LowFilesystem
LowHigh Entropy Strings
LowUrl Strings