Static Scan Results
scanned 3d ago · by rust-scannerStatic analysis flagged 10 finding(s) at 72.0% confidence. This version is warn-only unless an AI or security-team review confirms malicious behavior.
Static reason
One or more suspicious static signals were detected.
Decision evidence
public snapshotBehavioral surface
ChildProcessDynamicRequireEnvironmentVarsFilesystemNativeBindingsShell
HighEntropyStrings
NoLicense
Source & flagged code
3 flagged · loading source.next/server/chunks/8739.jsView file
2patternName = generic_password
severity = medium
line = 2
matchedText = ${b}`}ca...}}};
Medium
Secret Pattern
Package contains a possible secret pattern.
.next/server/chunks/8739.jsView on unpkg · L2bin/flujo.mjsView file
26L27: const require = createRequire(import.meta.url);
L28: const __dirname = path.dirname(fileURLToPath(import.meta.url));
Medium
Dynamic Require
Package source references dynamic require/import behavior.
bin/flujo.mjsView on unpkg · L26.next/static/media/013b72fa676f92e0-s.woff2View file
•path = .[redacted]-s.woff2
kind = high_entropy_blob
sizeBytes = 6204
magicHex = [redacted]
High
Ships High Entropy Blob
Package ships high-entropy non-source blobs.
.next/static/media/013b72fa676f92e0-s.woff2View on unpkgFindings
1 High4 Medium5 Low
HighShips High Entropy Blob.next/static/media/013b72fa676f92e0-s.woff2
MediumSecret Pattern.next/server/chunks/8739.js
MediumDynamic Requirebin/flujo.mjs
MediumEnvironment Vars
MediumStructural Risk Force Deep Review
LowNon Install Lifecycle Scripts
LowScripts Present
LowFilesystem
LowHigh Entropy Strings
LowNo License