Static Scan Results
scanned 3h ago · by rust-scannerStatic analysis flagged 8 finding(s) at 72.0% confidence. This version is warn-only unless an AI or security-team review confirms malicious behavior.
Static reason
One or more suspicious static signals were detected.
Decision evidence
public snapshotBehavioral surface
ChildProcessCryptoEnvironmentVarsFilesystemNetworkShell
HighEntropyStringsUrlStrings
Source & flagged code
1 flagged · loading sourcedist/index.jsView file
21var env = p.env || {};
L22: var isColorSupported = !(!!env.NO_COLOR || argv.includes("--no-color")) && (!!env.FORCE_COLOR || argv.includes("--color") || p.platform === "win32" || (p.stdout || {}).isTTY && env...
L23: var formatter = (open, close, replace = open) => (input) => {
...
L198: }
L199: if (process.env.CLI_WIDTH) {
L200: const width = parseInt(process.env.CLI_WIDTH, 10);
...
L1159: graph[models[i]] = {
L1160: // http://jsperf.com/1-vs-infinity
L1161: // micro-opt, but this is simple.
...
L1555: module.exports = (string, columns, options) => {
L1556: return String(string).normalize().replace(/\r\n/g, "\n").split("\n").map((line) => exec(line, columns, options)).join("\n");
L1557: };
High
Sandbox Evasion Gated Capability
Source gates dangerous network, credential, or execution behavior behind CI, host, platform, time, or geo fingerprint checks.
dist/index.jsView on unpkg · L21Findings
1 High3 Medium4 Low
HighSandbox Evasion Gated Capabilitydist/index.js
MediumNetwork
MediumEnvironment Vars
MediumStructural Risk Force Deep Review
LowScripts Present
LowFilesystem
LowHigh Entropy Strings
LowUrl Strings