Static Scan Results
scanned 2h ago · by rust-scannerStatic analysis flagged 14 finding(s) at 72.0% confidence. This version is warn-only unless an AI or security-team review confirms malicious behavior.
Static reason
One or more suspicious static signals were detected.
Decision evidence
public snapshotBehavioral surface
ChildProcessCryptoEnvironmentVarsEvalFilesystemNetworkShell
HighEntropyStringsTelemetryUrlStrings
WildcardDependency
Source & flagged code
6 flagged · loading sourcedist/index.jsView file
193patternName = generic_password
severity = medium
line = 193
matchedText = const bo..." };
Medium
1639patternName = generic_password
severity = medium
line = 1639
matchedText = body: { ..." },
Medium
3804patternName = generic_password
severity = medium
line = 3804
matchedText = password...99",
Medium
250title: "CSP com 'unsafe-eval' em script-src",
L251: detail: "'unsafe-eval' reabre eval()/new Function()/setTimeout(string) \u2014 amplia a superf\xEDcie de XSS.",
L252: recommendation: "Remova 'unsafe-eval' e refatore o c\xF3digo que depende de eval/Function din\xE2micos."
Low
Eval
Package source references a known benign dynamic code generation pattern.
dist/index.jsView on unpkg · L250dist/init-EUSLT3FC.jsView file
24patternName = generic_password
severity = medium
line = 24
matchedText = password...aqui
Medium
32patternName = generic_password
severity = medium
line = 32
matchedText = # pa...SS}"
Medium
Findings
8 Medium6 Low
MediumSecret Patterndist/index.js
MediumNetwork
MediumEnvironment Vars
MediumWildcard Dependency
MediumSecret Patterndist/index.js
MediumSecret Patterndist/index.js
MediumSecret Patterndist/init-EUSLT3FC.js
MediumSecret Patterndist/init-EUSLT3FC.js
LowScripts Present
LowEvaldist/index.js
LowFilesystem
LowHigh Entropy Strings
LowTelemetry
LowUrl Strings