Static Scan Results
scanned 3h ago · by rust-scannerStatic analysis flagged 13 finding(s) at 86.0% confidence. This version is warn-only unless an AI or security-team review confirms malicious behavior.
Static reason
High-risk behavior combination matched malicious policy.
Decision evidence
public snapshotBehavioral surface
ChildProcessEnvironmentVarsEvalFilesystemNetworkShell
HighEntropyStringsMinifiedObfuscatedUrlStrings
Source & flagged code
3 flagged · loading sourcegulpfile.jsView file
10const path = require('path')
L11: const execSync = require('child_process').execSync
L12: const fs = require('fs')
L13: const resolve = (name) => path.resolve(__dirname, name)
L14: const cssPath = './templates/assets/css'
...
L17: const distPath = './dist'
L18: const devModel = process.env.npm[redacted]
L19: let version = process.env.npm_config_tag
...
L59: const themePath = 'theme.yaml'
L60: const packagePath = 'package.json'
L61: const themeData = fs.readFileSync(themePath, 'utf8')
...
L152: process.env.npm_config_tag = 'latest'
Critical
Npm Publish Worm
Source mutates package metadata and republishes itself to npm.
gulpfile.jsView on unpkg · L1010const path = require('path')
L11: const execSync = require('child_process').execSync
L12: const fs = require('fs')
High
templates/assets/lib/remixicon@4.9.1/remixicon.woff2View file
•path = templates/assets/lib/remixicon@4.9.1/remixicon.woff2
kind = high_entropy_blob
sizeBytes = 189216
magicHex = [redacted]
High
Ships High Entropy Blob
Package ships high-entropy non-source blobs.
templates/assets/lib/remixicon@4.9.1/remixicon.woff2View on unpkgFindings
1 Critical3 High3 Medium6 Low
CriticalNpm Publish Wormgulpfile.js
HighChild Processgulpfile.js
HighShell
HighShips High Entropy Blobtemplates/assets/lib/remixicon@4.9.1/remixicon.woff2
MediumNetwork
MediumEnvironment Vars
MediumStructural Risk Force Deep Review
LowScripts Present
LowEval
LowFilesystem
LowObfuscated
LowHigh Entropy Strings
LowUrl Strings