registry  /  flujo-ai  /  3.11.0

flujo-ai@3.11.0

<img width="720" height="405" alt="output" src="https://github.com/user-attachments/assets/87ff1b2c-fec2-4652-a049-98e5ee699e00" />

Static Scan Results

scanned 3d ago · by rust-scanner

Static analysis flagged 10 finding(s) at 72.0% confidence. This version is warn-only unless an AI or security-team review confirms malicious behavior.

Static reason
One or more suspicious static signals were detected.

Decision evidence

public snapshot
Behavioral surface
Source
ChildProcessDynamicRequireEnvironmentVarsFilesystemNativeBindingsShell
Supply chain
HighEntropyStrings
Manifest
NoLicense
scanned 3 file(s), 11.6 KB of source

Source & flagged code

3 flagged · loading source
.next/server/chunks/8739.jsView file
2patternName = generic_password severity = medium line = 2 matchedText = ${b}`}ca...}}};
Medium
Secret Pattern

Package contains a possible secret pattern.

.next/server/chunks/8739.jsView on unpkg · L2
bin/flujo.mjsView file
26L27: const require = createRequire(import.meta.url); L28: const __dirname = path.dirname(fileURLToPath(import.meta.url));
Medium
Dynamic Require

Package source references dynamic require/import behavior.

bin/flujo.mjsView on unpkg · L26
.next/static/media/013b72fa676f92e0-s.woff2View file
path = .[redacted]-s.woff2 kind = high_entropy_blob sizeBytes = 6204 magicHex = [redacted]
High
Ships High Entropy Blob

Package ships high-entropy non-source blobs.

.next/static/media/013b72fa676f92e0-s.woff2View on unpkg

Findings

1 High4 Medium5 Low
HighShips High Entropy Blob.next/static/media/013b72fa676f92e0-s.woff2
MediumSecret Pattern.next/server/chunks/8739.js
MediumDynamic Requirebin/flujo.mjs
MediumEnvironment Vars
MediumStructural Risk Force Deep Review
LowNon Install Lifecycle Scripts
LowScripts Present
LowFilesystem
LowHigh Entropy Strings
LowNo License