Static Scan Results
scanned 1h ago · by rust-scannerStatic analysis flagged 9 finding(s) at 72.0% confidence. This version is warn-only unless an AI or security-team review confirms malicious behavior.
Static reason
One or more suspicious static signals were detected.
Decision evidence
public snapshotBehavioral surface
ChildProcessDynamicRequireFilesystemNetworkShell
HighEntropyStringsUrlStrings
Source & flagged code
3 flagged · loading sourcelib/utils/devices.jsView file
1import { execSync } from "child_process";
L2:
High
Child Process
Package source references child process execution.
lib/utils/devices.jsView on unpkg · L1lib/actions/handlers/create-template.jsView file
36L37: const zzCommonFunc = require(localPath + '/zzCommonUtil.js')
L38: const { timeout, tempImag } = require(localPath + '/constant.js')
Medium
Dynamic Require
Package source references dynamic require/import behavior.
lib/actions/handlers/create-template.jsView on unpkg · L36lib/check/index.jsView file
31// 执行全局安装(根据你的包管理器可选择 npm/yarn/pnpm)
L32: execSync('npm install -g gf-cli-package@latest', {
L33: encoding: 'utf8',
High
Runtime Package Install
Package source invokes a package manager install command at runtime.
lib/check/index.jsView on unpkg · L31Findings
3 High3 Medium3 Low
HighChild Processlib/utils/devices.js
HighShell
HighRuntime Package Installlib/check/index.js
MediumDynamic Requirelib/actions/handlers/create-template.js
MediumNetwork
MediumStructural Risk Force Deep Review
LowFilesystem
LowHigh Entropy Strings
LowUrl Strings