Static Scan Results
scanned 2h ago · by rust-scannerStatic analysis flagged 13 finding(s) at 72.0% confidence. This version is warn-only unless an AI or security-team review confirms malicious behavior.
Decision evidence
public snapshotSource & flagged code
5 flagged · loading sourcePackage contains a critical-looking secret pattern.
index-HGvoESav.jsView on unpkg · L8Supabase service role key (JWT) in index-HGvoESav.js
index-HGvoESav.jsView on unpkg · L8Package source references a known benign dynamic code generation pattern.
plugins/cesium-vue/dist/index-McKGafjp.jsView on unpkg · L23773Source contains an obfuscator-style string-array loader that reconstructs and executes hidden code.
leiting-bim.es.jsView on unpkg · L1Supabase service role key (JWT) in leiting-bim.umd.js
leiting-bim.umd.jsView on unpkg · L1