DurinDoor AI Gateway
Static analysis flagged 20 finding(s) at 72.0% confidence. This version is warn-only unless an AI or security-team review confirms malicious behavior.
Package contains a critical-looking secret pattern.
.next/standalone/.next/server/chunks/4306.jsView on unpkg · L1RSA private key in .next/standalone/.next/server/chunks/4306.js
.next/standalone/.next/server/chunks/4306.jsView on unpkg · L1Package source references child process execution.
open-sse/handlers/ttsProviders/localDevice.jsView on unpkg · L1Package source references shell execution.
open-sse/handlers/ttsProviders/localDevice.jsView on unpkg · L35Package source references weak cryptographic algorithms.
open-sse/shared/qoder/cosy.jsView on unpkg · L43A single source file combines environment access, network access, and code or shell execution; review context before blocking.
cli/cli.jsView on unpkg · L756Package ships high-entropy non-source blobs.
.next/static/media/material-symbols-outlined.ec1fa111.woff2View on unpkgPackage declares a runtime dependency whose name matches a Node built-in module.
package.jsonView on unpkgRSA private key in .next/standalone/.next/server/chunks/8971.js
.next/standalone/.next/server/chunks/8971.jsView on unpkg · L1RSA private key in .next/server/chunks/4306.js
.next/server/chunks/4306.jsView on unpkg · L1RSA private key in .next/server/chunks/8971.js
.next/server/chunks/8971.jsView on unpkg · L1Package contains a critical-looking secret pattern.
.next/standalone/.next/server/chunks/4306.jsView on unpkg · L1RSA private key in .next/standalone/.next/server/chunks/4306.js
.next/standalone/.next/server/chunks/4306.jsView on unpkg · L1Package source references child process execution.
open-sse/handlers/ttsProviders/localDevice.jsView on unpkg · L1Package ships high-entropy non-source blobs.
.next/static/media/material-symbols-outlined.ec1fa111.woff2View on unpkgRSA private key in .next/server/chunks/4306.js
.next/server/chunks/4306.jsView on unpkg · L1RSA private key in .next/server/chunks/8971.js
.next/server/chunks/8971.jsView on unpkg · L1Package source references shell execution.
open-sse/handlers/ttsProviders/localDevice.jsView on unpkg · L35Package source references weak cryptographic algorithms.
open-sse/shared/qoder/cosy.jsView on unpkg · L43A single source file combines environment access, network access, and code or shell execution; review context before blocking.
cli/cli.jsView on unpkg · L756Package declares a runtime dependency whose name matches a Node built-in module.
package.jsonView on unpkg · L6RSA private key in .next/standalone/.next/server/chunks/8971.js
.next/standalone/.next/server/chunks/8971.jsView on unpkg · L1