registry  /  cryptflex  /  1.0.0

cryptflex@1.0.0

A flexible, modern password hashing library with pluggable backends

Static Scan Results

scanned 2h ago · by rust-scanner

Static analysis flagged 3 finding(s) at 72.0% confidence. This version is warn-only unless an AI or security-team review confirms malicious behavior.

Static reason
One or more suspicious static signals were detected.

Decision evidence

public snapshot
Behavioral surface
Source
Crypto
Supply chainNo supply-chain packaging signals triggered.
ManifestNo manifest risk signals triggered.
scanned 4 file(s), 23.5 KB of source

Source & flagged code

2 flagged · loading source
src/core/passwordHasher.jsView file
428patternName = generic_password severity = medium line = 428 matchedText = console....rd);
Medium
Secret Pattern

Package contains a possible secret pattern.

src/core/passwordHasher.jsView on unpkg · L428
README.mdView file
146patternName = generic_password severity = medium line = 146 matchedText = console....true
Medium
Secret Pattern

Hardcoded password in README.md

README.mdView on unpkg · L146

Findings

2 Medium1 Low
MediumSecret Patternsrc/core/passwordHasher.js
MediumSecret PatternREADME.md
LowScripts Present