Static Scan Results
scanned 1d ago · by rust-scannerStatic analysis completed at 65.0% confidence. No malicious behavior was detected; 7 low-signal pattern(s) were surfaced and cleared.
Static reason
No blocking static signals were detected.
Decision evidence
public snapshotBehavioral surface
ChildProcessCryptoEnvironmentVarsFilesystemNetwork
HighEntropyStringsUrlStrings
Source & flagged code
1 flagged · loading sourcedist/index.jsView file
28L29: // package.json
L30: var require_package = __commonJS({
...
L47: type: "git",
L48: url: "git+https://github.com/VicKayro/leash.git"
L49: },
...
L110: function configDir() {
L111: return process.env.CLAUDE_CONFIG_DIR || path.join(os.homedir(), ".claude");
L112: }
...
L119: let h = 5381;
L120: for (let i = 0; i < s.length; i++) h = (h << 5) + h + s.charCodeAt(i) | 0;
L121: return h.toString(36);
Medium
Install Persistence
Source writes installer persistence such as shell profile or service configuration.
dist/index.jsView on unpkg · L28Findings
3 Medium4 Low
MediumNetwork
MediumEnvironment Vars
MediumInstall Persistencedist/index.js
LowScripts Present
LowFilesystem
LowHigh Entropy Strings
LowUrl Strings