Static Scan Results
scanned 3h ago · by rust-scannerStatic analysis flagged 8 finding(s) at 72.0% confidence. This version is warn-only unless an AI or security-team review confirms malicious behavior.
Static reason
One or more suspicious static signals were detected.
Decision evidence
public snapshotBehavioral surface
FilesystemNetwork
HighEntropyStringsMinifiedUrlStrings
Source & flagged code
1 flagged · loading sourcedist/cli.jsView file
1#!/usr/bin/env node
L2: import{randomBytes as I}from"crypto";import Q from"fs";import w from"path";import{fileURLToPath as B}from"url";import{serve as F}from"@hono/node-server";import U,{portNumbers as z}...
L3: nodes {
...
L12: repository(owner: $owner, name: $name) { ${R("after")} }
L13: }`,{after:u.pageInfo.endCursor,name:C,owner:f})).data?.repository?.refs,u!=null&&b(c,u)}}}return e}async function x(e,s){let o=["api","graphql","-f",`query=${e}`];for(let[r,n]of Ob...
L14:
High
Command Output Exfiltration
Source combines command execution, command-output handling, and outbound requests; review data flow before blocking.
dist/cli.jsView on unpkg · L1Findings
1 High2 Medium5 Low
HighCommand Output Exfiltrationdist/cli.js
MediumNetwork
MediumStructural Risk Force Deep Review
LowNon Install Lifecycle Scripts
LowScripts Present
LowFilesystem
LowHigh Entropy Strings
LowUrl Strings