Static Scan Results
scanned 7d ago · by rust-scannerStatic analysis completed at 65.0% confidence. No malicious behavior was detected; 11 low-signal pattern(s) were surfaced and cleared.
Static reason
No blocking static signals were detected.
Decision evidence
public snapshotBehavioral surface
ChildProcessEnvironmentVarsFilesystemNetworkShell
HighEntropyStringsObfuscatedUrlStrings
Source & flagged code
2 flagged · loading sourcedist/tui/file-index.jsView file
4*/
L5: import { execFileSync } from 'child_process';
L6: import glob from 'fast-glob';
High
Child Process
Package source references child process execution.
dist/tui/file-index.jsView on unpkg · L4dist/index.jsView file
3import { Command } from 'commander';
L4: import { execSync } from 'child_process';
L5: import { readFileSync } from 'fs';
L6: import { dirname, resolve } from 'path';
L7: import { createServer } from 'net';
L8: import { createRequire } from 'module';
...
L17: function resolveUserProjectRoot() {
L18: return resolve(process.env.CUSTOMIZE_PROJECT_ROOT ?? process.env.INIT_CWD ?? process.env.PWD ?? process.cwd());
L19: }
High
Same File Env Network Execution
A single source file combines environment access, network access, and code or shell execution; review context before blocking.
dist/index.jsView on unpkg · L3Findings
3 High3 Medium5 Low
HighChild Processdist/tui/file-index.js
HighShell
HighSame File Env Network Executiondist/index.js
MediumNetwork
MediumEnvironment Vars
MediumStructural Risk Force Deep Review
LowScripts Present
LowFilesystem
LowObfuscated
LowHigh Entropy Strings
LowUrl Strings