Static Scan Results
scanned 1h ago · by rust-scannerStatic analysis flagged 9 finding(s) at 72.0% confidence. This version is warn-only unless an AI or security-team review confirms malicious behavior.
Static reason
One or more suspicious static signals were detected.
Decision evidence
public snapshotBehavioral surface
ChildProcessCryptoEvalFilesystemShell
HighEntropyStringsMinified
Source & flagged code
3 flagged · loading sourceupdate-all-dependencies.jsView file
2import path from 'node:path';
L3: import { execSync } from 'node:child_process';
L4:
High
Child Process
Package source references child process execution.
update-all-dependencies.jsView on unpkg · L216L17: execSync(`yarn add ${parsedDependencies}`, { stdio: 'inherit' });
L18: execSync(`yarn add -D ${parsedDevDependencies}`, { stdio: 'inherit' });
High
Runtime Package Install
Package source invokes a package manager install command at runtime.
update-all-dependencies.jsView on unpkg · L16dist/index.jsView file
1/*! For license information please see index.js.LICENSE.txt */
L2: !function(t,e){"object"==typeof exports&&"object"==typeof module?module.exports=e():"function"==typeof define&&define.amd?define("encrypt-storage",[],e):"object"==typeof exports?ex...
L3: //# sourceMappingURL=index.js.map
Low
Eval
Package source references a known benign dynamic code generation pattern.
dist/index.jsView on unpkg · L1Findings
3 High1 Medium5 Low
HighChild Processupdate-all-dependencies.js
HighShell
HighRuntime Package Installupdate-all-dependencies.js
MediumStructural Risk Force Deep Review
LowNon Install Lifecycle Scripts
LowScripts Present
LowEvaldist/index.js
LowFilesystem
LowHigh Entropy Strings