registry  /  firefox-lldb  /  0.1.5

firefox-lldb@0.1.5

LLDB platform server and GDB remote stub for debugging WebAssembly running inside Firefox

Static Scan Results

scanned 2h ago · by rust-scanner

Static analysis flagged 11 finding(s) at 72.0% confidence. This version is warn-only unless an AI or security-team review confirms malicious behavior.

Static reason
One or more suspicious static signals were detected.

Decision evidence

public snapshot
Behavioral surface
Source
ChildProcessCryptoEnvironmentVarsFilesystemNetworkShell
Supply chain
HighEntropyStrings
Manifest
CopyleftLicense
scanned 24 file(s), 1.05 MB of source

Source & flagged code

3 flagged · loading source
package.jsonView file
scripts.postinstall = chmod +x node_modules/node-pty/prebuilds/*/spawn-helper 2>/dev/null || true
High
Install Time Lifecycle Scripts

Package defines install-time lifecycle scripts.

package.jsonView on unpkg
scripts.postinstall = chmod +x node_modules/node-pty/prebuilds/*/spawn-helper 2>/dev/null || true
Medium
Ambiguous Install Lifecycle Script

Install-time lifecycle script is not statically allowlisted and needs review.

package.jsonView on unpkg
dist/sourcemap/generated/sourcemap.core4.wasmView file
path = [redacted].core4.wasm kind = wasm_module sizeBytes = 346 magicHex = [redacted]
Medium
Ships Wasm Module

Package ships WebAssembly modules.

dist/sourcemap/generated/sourcemap.core4.wasmView on unpkg

Findings

1 High5 Medium5 Low
HighInstall Time Lifecycle Scriptspackage.json
MediumAmbiguous Install Lifecycle Scriptpackage.json
MediumNetwork
MediumEnvironment Vars
MediumShips Wasm Moduledist/sourcemap/generated/sourcemap.core4.wasm
MediumStructural Risk Force Deep Review
LowNon Install Lifecycle Scripts
LowScripts Present
LowFilesystem
LowHigh Entropy Strings
LowCopyleft License