Static Scan Results
scanned 1h ago · by rust-scannerStatic analysis flagged 9 finding(s) at 72.0% confidence. This version is warn-only unless an AI or security-team review confirms malicious behavior.
Static reason
One or more suspicious static signals were detected.
Decision evidence
public snapshotBehavioral surface
ChildProcessCryptoEnvironmentVarsFilesystemNetworkShell
HighEntropyStringsUrlStrings
Source & flagged code
1 flagged · loading sourcedist/index.jsView file
5import { readFileSync as readFileSync6 } from "fs";
L6: import { execFile } from "child_process";
L7: import { fileURLToPath } from "url";
...
L50: codeOnly: true,
L51: fix: "Replace dynamic evaluation with a safer alternative like JSON.parse() or a sandboxed environment."
L52: },
...
L163: name: "SSH_KEY_ACCESS",
L164: pattern: /~\/\.ssh\/id_|\.pem\b|BEGIN\s+(RSA\s+)?PRIVATE\s+KEY/gi,
L165: severity: "high",
...
L289: codeOnly: true,
L290: fix: "Use standard HTTP libraries (fetch, axios) instead of raw sockets for network communication."
L291: },
High
Sandbox Evasion Gated Capability
Source gates dangerous network, credential, or execution behavior behind CI, host, platform, time, or geo fingerprint checks.
dist/index.jsView on unpkg · L5Findings
1 High3 Medium5 Low
HighSandbox Evasion Gated Capabilitydist/index.js
MediumNetwork
MediumEnvironment Vars
MediumStructural Risk Force Deep Review
LowNon Install Lifecycle Scripts
LowScripts Present
LowFilesystem
LowHigh Entropy Strings
LowUrl Strings