Static Scan Results
scanned 1d ago · by rust-scannerStatic analysis completed at 65.0% confidence. No malicious behavior was detected; 11 low-signal pattern(s) were surfaced and cleared.
Static reason
No blocking static signals were detected.
Decision evidence
public snapshotBehavioral surface
ChildProcessEnvironmentVarsFilesystemNetworkShell
HighEntropyStringsObfuscatedUrlStrings
Source & flagged code
2 flagged · loading sourcedist/tui/file-index.jsView file
4*/
L5: import { execFileSync } from 'child_process';
L6: import glob from 'fast-glob';
High
Child Process
Package source references child process execution.
dist/tui/file-index.jsView on unpkg · L4dist/index.jsView file
134closeSync(logFile.fd);
L135: return { ready: true, port, url: `http://localhost:${port}/overview`, logPath: logFile.logPath };
L136: }
L137: try {
L138: const { spawn } = await import('child_process');
L139: const { closeSync } = await import('fs');
...
L149: env: {
L150: ...process.env,
L151: NODE_ENV: 'production',
High
Same File Env Network Execution
A single source file combines environment access, network access, and code or shell execution; review context before blocking.
dist/index.jsView on unpkg · L134Findings
3 High3 Medium5 Low
HighChild Processdist/tui/file-index.js
HighShell
HighSame File Env Network Executiondist/index.js
MediumNetwork
MediumEnvironment Vars
MediumStructural Risk Force Deep Review
LowScripts Present
LowFilesystem
LowObfuscated
LowHigh Entropy Strings
LowUrl Strings