Static Scan Results
scanned 11d ago · by rust-scannerStatic analysis completed at 93.0% confidence. No malicious behavior was detected; 7 low-signal pattern(s) were surfaced and cleared.
Static reason
No blocking static signals were detected.; previous stored version diff introduced dangerous source
Decision evidence
public snapshotBehavioral surface
ChildProcessCryptoDynamicRequireEnvironmentVarsFilesystemNetwork
HighEntropyStringsUrlStrings
Source & flagged code
2 flagged · loading sourcesettings/settings-cli.jsView file
6L7: const cliHelper = require('../utils/cli-helper');
L8: const fs = require('fs');
Medium
Dynamic Require
Package source references dynamic require/import behavior.
settings/settings-cli.jsView on unpkg · L6main/i18ntk-translate.jsView file
•matchType = previous_version_dangerous_delta
matchedPackage = i18ntk@4.6.0
matchedIdentity = npm:aTE4bnRr:4.6.0
similarity = 0.959
summary = stored previous version shares package body but lacks this dangerous source file
High
Previous Version Dangerous Delta
This package version adds a dangerous source file absent from the previous stored version; route for source-aware review.
main/i18ntk-translate.jsView on unpkgFindings
1 High3 Medium3 Low
HighPrevious Version Dangerous Deltamain/i18ntk-translate.js
MediumDynamic Requiresettings/settings-cli.js
MediumNetwork
MediumEnvironment Vars
LowFilesystem
LowHigh Entropy Strings
LowUrl Strings