Static Scan Results
scanned 8d ago · by rust-scannerStatic analysis flagged 13 finding(s) at 72.0% confidence. This version is warn-only unless an AI or security-team review confirms malicious behavior.
Static reason
One or more suspicious static signals were detected.
Decision evidence
public snapshotBehavioral surface
ChildProcessEnvironmentVarsNetworkWebSocket
HighEntropyStringsMinifiedObfuscatedProtestwareUrlStrings
Source & flagged code
4 flagged · loading sourcedist/index.min.jsView file
50patternName = private_key_rsa
severity = critical
line = 50
matchedText = `)}async...(`\r
Critical
Critical Secret
Package contains a critical-looking secret pattern.
dist/index.min.jsView on unpkg · L5050patternName = private_key_rsa
severity = critical
line = 50
matchedText = `)}async...(`\r
Critical
1(function (root, factory) {(typeof module === 'object' && module.exports) ? module.exports = factory() : root.Helia = factory()}(typeof self !== 'undefined' ? self : this, function...
L2: "use strict";var Helia=(()=>{var nD=Object.create;var ch=Object.defineProperty;var oD=Object.getOwnPropertyDescriptor;var sD=Object.getOwnPropertyNames;var iD=Object.getPrototypeOf...
L3: `).join(`
High
1(function (root, factory) {(typeof module === 'object' && module.exports) ? module.exports = factory() : root.Helia = factory()}(typeof self !== 'undefined' ? self : this, function...
L2: "use strict";var Helia=(()=>{var nD=Object.create;var ch=Object.defineProperty;var oD=Object.getOwnPropertyDescriptor;var sD=Object.getOwnPropertyNames;var iD=Object.getPrototypeOf...
L3: `).join(`
High
Same File Env Network Execution
A single source file combines environment access, network access, and code or shell execution; review context before blocking.
dist/index.min.jsView on unpkg · L1Findings
2 Critical2 High4 Medium5 Low
CriticalCritical Secretdist/index.min.js
CriticalSecret Patterndist/index.min.js
HighChild Processdist/index.min.js
HighSame File Env Network Executiondist/index.min.js
MediumNetwork
MediumEnvironment Vars
MediumProtestware
MediumStructural Risk Force Deep Review
LowNon Install Lifecycle Scripts
LowScripts Present
LowObfuscated
LowHigh Entropy Strings
LowUrl Strings