Static Scan Results
scanned 2h ago · by rust-scannerStatic analysis flagged 10 finding(s) at 72.0% confidence. This version is warn-only unless an AI or security-team review confirms malicious behavior.
Static reason
One or more suspicious static signals were detected.
Decision evidence
public snapshotBehavioral surface
ChildProcessCryptoDynamicRequireEnvironmentVarsFilesystemNetwork
HighEntropyStringsMinifiedUrlStrings
Source & flagged code
4 flagged · loading sourcedist/core/documentsWasm.cjsView file
310patternName = aws_access_key
severity = critical
line = 310
matchedText = var DOCU...h0";
Critical
Critical Secret
Package contains a critical-looking secret pattern.
dist/core/documentsWasm.cjsView on unpkg · L310310patternName = aws_access_key
severity = critical
line = 310
matchedText = var DOCU...h0";
Critical
Secret Pattern
AWS access key ID in dist/core/documentsWasm.cjs
dist/core/documentsWasm.cjsView on unpkg · L310dist/core/index.jsView file
1201if (isNode) {
L1202: const fs = await import('fs/promises');
L1203: const buf = await fs.readFile(url);
Medium
Dynamic Require
Package source references dynamic require/import behavior.
dist/core/index.jsView on unpkg · L1201dist/core/documentsWasm.jsView file
308patternName = aws_access_key
severity = critical
line = 308
matchedText = var DOCU...h0";
Critical
Secret Pattern
AWS access key ID in dist/core/documentsWasm.js
dist/core/documentsWasm.jsView on unpkg · L308Findings
3 Critical3 Medium4 Low
CriticalCritical Secretdist/core/documentsWasm.cjs
CriticalSecret Patterndist/core/documentsWasm.cjs
CriticalSecret Patterndist/core/documentsWasm.js
MediumDynamic Requiredist/core/index.js
MediumNetwork
MediumEnvironment Vars
LowScripts Present
LowFilesystem
LowHigh Entropy Strings
LowUrl Strings