Static Scan Results
scanned 1h ago · by rust-scannerStatic analysis flagged 9 finding(s) at 93.0% confidence. This version is warn-only unless an AI or security-team review confirms malicious behavior.
Static reason
One or more suspicious static signals were detected.; previous stored version diff introduced dangerous source
Decision evidence
public snapshotBehavioral surface
ChildProcessEnvironmentVarsFilesystemNetworkShell
HighEntropyStrings
Source & flagged code
3 flagged · loading sourcejnrs-vue/.env.productionView file
•patternName = blocked_file
severity = critical
matchedText = jnrs-vue/.env.production
redactedSecretContext =
secretLikeLines = 0
notes = no secret-like key/value lines found in sampled text
Critical
Critical Secret
Package contains a critical-looking secret pattern.
jnrs-vue/.env.productionView on unpkgjnrs-vue/viteMockServe/file/mock-pdf.pdfView file
•path = jnrs-vue/viteMockServe/file/mock-pdf.pdf
kind = high_entropy_blob
sizeBytes = 63610
magicHex = [redacted]
High
Ships High Entropy Blob
Package ships high-entropy non-source blobs.
jnrs-vue/viteMockServe/file/mock-pdf.pdfView on unpkgbin/create.mjsView file
•matchType = previous_version_dangerous_delta
matchedPackage = create-jnrs-vue@1.2.37
matchedIdentity = npm:Y3JlYXRlLWpucnMtdnVl:1.2.37
similarity = 0.974
summary = stored previous version shares package body but lacks this dangerous source file
High
Previous Version Dangerous Delta
This package version adds a dangerous source file absent from the previous stored version; route for source-aware review.
bin/create.mjsView on unpkgFindings
1 Critical2 High3 Medium3 Low
CriticalCritical Secretjnrs-vue/.env.production
HighShips High Entropy Blobjnrs-vue/viteMockServe/file/mock-pdf.pdf
HighPrevious Version Dangerous Deltabin/create.mjs
MediumNetwork
MediumEnvironment Vars
MediumStructural Risk Force Deep Review
LowScripts Present
LowFilesystem
LowHigh Entropy Strings