Static Scan Results
scanned 4h ago · by rust-scannerStatic analysis flagged 12 finding(s) at 72.0% confidence. This version is warn-only unless an AI or security-team review confirms malicious behavior.
Static reason
One or more suspicious static signals were detected.
Decision evidence
public snapshotBehavioral surface
ChildProcessEnvironmentVarsFilesystemNetworkShell
HighEntropyStringsUrlStrings
NoLicense
Source & flagged code
3 flagged · loading sourcedist/cli.jsView file
2// scripts/cli.ts
L3: import { execFile as execFile2, spawn } from "child_process";
L4: import { existsSync as existsSync2 } from "fs";
High
821const child = process3.platform === "win32" ? spawn(
L822: "powershell",
L823: [
High
784log(row("bins", c.dim("gitgen \xB7 git-gen \xB7 gg (npm global PATH)")));
L785: log(` ${c.dim("update")} ${c.cyan(`npm install -g ${getPackageName()}`)} ${c.dim("or")} ${c.cyan("gitgen update")}`);
L786: }
...
L788: if (process3.platform === "win32") {
L789: spawn("cmd", ["/c", "start", "", url], { detached: true, stdio: "ignore", windowsHide: true }).unref();
L790: return;
High
Runtime Package Install
Package source invokes a package manager install command at runtime.
dist/cli.jsView on unpkg · L784Findings
3 High3 Medium6 Low
HighChild Processdist/cli.js
HighShelldist/cli.js
HighRuntime Package Installdist/cli.js
MediumNetwork
MediumEnvironment Vars
MediumStructural Risk Force Deep Review
LowNon Install Lifecycle Scripts
LowScripts Present
LowFilesystem
LowHigh Entropy Strings
LowUrl Strings
LowNo License