Static Scan Results
scanned 3h ago · by rust-scannerStatic analysis flagged 13 finding(s) at 72.0% confidence. This version is warn-only unless an AI or security-team review confirms malicious behavior.
Decision evidence
public snapshotSource & flagged code
6 flagged · loading sourceSource gates dangerous network, credential, or execution behavior behind CI, host, platform, time, or geo fingerprint checks.
bin/x.jsView on unpkg · L6Package metadata claims a different repository identity while copied source loads a runtime dependency bridge.
bin/x.jsView on unpkg · L209Package source references dynamic require/import behavior.
bin/qt.cjsView on unpkg · L32Package source invokes a package manager install command at runtime.
bin/xpi.jsView on unpkg · L45