Static Scan Results
scanned 8d ago · by rust-scannerStatic analysis flagged 20 finding(s) at 72.0% confidence. This version is warn-only unless an AI or security-team review confirms malicious behavior.
Decision evidence
public snapshotSource & flagged code
11 flagged · loading sourcePackage contains a critical-looking secret pattern.
references/invariant-checks.mdView on unpkg · L56AWS access key ID in references/invariant-checks.md
references/invariant-checks.mdView on unpkg · L56Package source references child process execution.
loki-ts/dist/loki.jsView on unpkg · L334A single source file combines environment access, network access, and code or shell execution; review context before blocking.
loki-ts/dist/loki.jsView on unpkg · L334Source combines command execution, command-output handling, and outbound requests; review data flow before blocking.
loki-ts/dist/loki.jsView on unpkg · L331Package source references dynamic require/import behavior.
bin/loki-mode.jsView on unpkg · L12Package ships non-JavaScript build or shell helper files.
web-app/auth.pyView on unpkgPackage hides binary, compressed, or executable-looking payloads in test/fixture/hidden paths.
memory/tests/test_namespace.pyView on unpkgPackage contains source files above the static scanner size ceiling.
dashboard/static/assets/mermaid.min.jsView on unpkgHardcoded password in docs/siem-integration.md
docs/siem-integration.mdView on unpkg · L262AWS access key ID in autonomy/lib/secure-scan.py
autonomy/lib/secure-scan.pyView on unpkg · L138