Static Scan Results
scanned 2h ago · by rust-scannerStatic analysis flagged 12 finding(s) at 72.0% confidence. This version is warn-only unless an AI or security-team review confirms malicious behavior.
Static reason
One or more suspicious static signals were detected.
Decision evidence
public snapshotBehavioral surface
ChildProcessEnvironmentVarsFilesystemNetworkShell
HighEntropyStringsUrlStrings
NoLicense
Source & flagged code
3 flagged · loading sourcedist/cli.jsView file
2// scripts/cli.ts
L3: import { execFile as execFile3, spawn } from "child_process";
L4: import { existsSync as existsSync2 } from "fs";
High
1248const child = process3.platform === "win32" ? spawn(
L1249: "powershell",
L1250: [
High
1211log(row("bins", c.dim("gitgen \xB7 git-gen \xB7 gg (npm global PATH)")));
L1212: log(` ${c.dim("update")} ${c.cyan(`npm install -g ${getPackageName()}`)} ${c.dim("or")} ${c.cyan("gitgen update")}`);
L1213: }
...
L1215: if (process3.platform === "win32") {
L1216: spawn("cmd", ["/c", "start", "", url], { detached: true, stdio: "ignore", windowsHide: true }).unref();
L1217: return;
High
Runtime Package Install
Package source invokes a package manager install command at runtime.
dist/cli.jsView on unpkg · L1211Findings
3 High3 Medium6 Low
HighChild Processdist/cli.js
HighShelldist/cli.js
HighRuntime Package Installdist/cli.js
MediumNetwork
MediumEnvironment Vars
MediumStructural Risk Force Deep Review
LowNon Install Lifecycle Scripts
LowScripts Present
LowFilesystem
LowHigh Entropy Strings
LowUrl Strings
LowNo License