registry  /  create-mobrowser-app  /  2.11.0

create-mobrowser-app@2.11.0

MōBrowser project scaffolding tool

Static Scan Results

scanned 3h ago · by rust-scanner

Static analysis flagged 8 finding(s) at 72.0% confidence. This version is warn-only unless an AI or security-team review confirms malicious behavior.

Static reason
One or more suspicious static signals were detected.

Decision evidence

public snapshot
Behavioral surface
Source
ChildProcessEnvironmentVarsFilesystemNetwork
Supply chain
HighEntropyStringsUrlStrings
ManifestNo manifest risk signals triggered.
scanned 140 file(s), 226 KB of source, external domains: google.com, mobrowser-scaffold-telemetry-6dptvnhrka-ew.a.run.app, nodejs.org, www.w3.org

Source & flagged code

2 flagged · loading source
index.jsView file
821patternName = generic_password severity = medium line = 821 matchedText = mac.pass...D}';
Medium
Secret Pattern

Package contains a possible secret pattern.

index.jsView on unpkg · L821
templates/vue/vue-native/assets/app.icnsView file
path = templates/vue/vue-native/assets/app.icns kind = high_entropy_blob sizeBytes = 744100 magicHex = [redacted]
High
Ships High Entropy Blob

Package ships high-entropy non-source blobs.

templates/vue/vue-native/assets/app.icnsView on unpkg

Findings

1 High4 Medium3 Low
HighShips High Entropy Blobtemplates/vue/vue-native/assets/app.icns
MediumSecret Patternindex.js
MediumNetwork
MediumEnvironment Vars
MediumStructural Risk Force Deep Review
LowFilesystem
LowHigh Entropy Strings
LowUrl Strings