Static Scan Results
scanned 6h ago · by rust-scannerStatic analysis completed at 65.0% confidence. No malicious behavior was detected; 8 low-signal pattern(s) were surfaced and cleared.
Static reason
No blocking static signals were detected.
Decision evidence
public snapshotBehavioral surface
ChildProcessEnvironmentVarsFilesystemShell
UrlStrings
Source & flagged code
2 flagged · loading sourcedist/ui/pipe.jsView file
1import { execFileSync } from 'node:child_process';
L2: import fs, { constants } from 'node:fs';
High
1import { execFileSync } from 'node:child_process';
L2: import fs, { constants } from 'node:fs';
L3: import net from 'node:net';
L4: import readline from 'node:readline';
...
L6: export function getPipePath() {
L7: return process.env['FORGEAI_PIPE'] ?? DEFAULT_PIPE;
L8: }
High
Same File Env Network Execution
A single source file combines environment access, network access, and code or shell execution; review context before blocking.
dist/ui/pipe.jsView on unpkg · L1Findings
3 High1 Medium4 Low
HighChild Processdist/ui/pipe.js
HighShell
HighSame File Env Network Executiondist/ui/pipe.js
MediumEnvironment Vars
LowNon Install Lifecycle Scripts
LowScripts Present
LowFilesystem
LowUrl Strings