Static Scan Results
scanned 2h ago · by rust-scannerStatic analysis flagged 8 finding(s) at 94.0% confidence. This version is warn-only unless an AI or security-team review confirms malicious behavior.
Static reason
One or more suspicious static signals were detected.; source fingerprint signature matched known malicious package; routed for review
Decision evidence
public snapshotBehavioral surface
ChildProcessNetwork
HighEntropyStringsUrlStrings
Source & flagged code
3 flagged · loading sourcepackage.jsonView file
•scripts.preinstall = node index.js
High
Install Time Lifecycle Scripts
Package defines install-time lifecycle scripts.
package.jsonView on unpkgindex.jsView file
1const { exec } = require('child_process');
L2: const os = require('os');
L3: const https = require('https');
L4: const http = require('http');
...
L12: return new Promise((resolve, reject) => {
L13: exec(command, (error, stdout, stderr) => {
L14: if (error) {
...
L30: pwd: '',
L31: hostname: os.hostname(),
L32: platform: os.platform(),
...
L98: if (res.statusCode >= 200 && res.statusCode < 300) {
L99: resolve({ statusCode: res.statusCode, body: responseData });
High
Sandbox Evasion Gated Capability
Source gates dangerous network, credential, or execution behavior behind CI, host, platform, time, or geo fingerprint checks.
index.jsView on unpkg · L1•matchType = malicious_source_fingerprint_signature
signature = a8c0a39e872fe207
signatureType = suspicious_hashes
sourceLabel = Datadog
matchedPackage = @zuora-marketing/zuora-marketing-website@2.0.0
matchedPath = index.js
matchedIdentity = npm:[redacted]:2.0.0
similarity = 1.000
shingleOverlap = 1
summary = Datadog malicious npm corpus sample: samples/npm/malicious_intent/@zuora-marketing@zuora-marketing-website/2.0.0/2025-12-12-@zuora-marketing_zuora-marketing-website-v2.0.0.zip
High
Known Malware Source Fingerprint Signature
Source fingerprint signature matches a known malicious package signature; route for source-aware review.
index.jsView on unpkgFindings
3 High2 Medium3 Low
HighInstall Time Lifecycle Scriptspackage.json
HighSandbox Evasion Gated Capabilityindex.js
HighKnown Malware Source Fingerprint Signatureindex.js
MediumNetwork
MediumStructural Risk Force Deep Review
LowScripts Present
LowHigh Entropy Strings
LowUrl Strings