Static Scan Results
scanned 3h ago · by rust-scannerStatic analysis flagged 8 finding(s) at 72.0% confidence. This version is warn-only unless an AI or security-team review confirms malicious behavior.
Static reason
One or more suspicious static signals were detected.
Decision evidence
public snapshotBehavioral surface
ChildProcessEnvironmentVarsFilesystemNetworkShell
HighEntropyStringsUrlStrings
Source & flagged code
1 flagged · loading sourcedist/chunk-BXN3EMF6.jsView file
42try {
L43: return JSON.parse(fs.readFileSync(path.join(credDir(home), name), "utf-8"));
L44: } catch {
...
L74: ko: [
L75: "https://mimi-seed.pryzm.gg \uC5D0\uC11C \uAC00\uC785/\uB85C\uADF8\uC778\uD558\uBA74 \uB05D \u2014 \uBE0C\uB77C\uC6B0\uC800\uAC00 \uC54C\uC544\uC11C \uD1A0\uD070\uC744 \uB118\uACA8...
L76: "CI \uC5D0\uC11C\uB294 MIMI_SEED_TOKEN \uD658\uACBD\uBCC0\uC218\uB85C \uB300\uCCB4\uD560 \uC218 \uC788\uB2E4."
...
L84: detect: (home) => {
L85: if (process.env.MIMI_SEED_TOKEN) return { present: true, detail: "MIMI_SEED_TOKEN (env)" };
L86: const cfg = readJson(home, "config.json");
...
L436: }
L437: function detectAll(home = os.homedir()) {
L438: return new Map(CREDENTIALS.map((c) => [c.id, c.detect(home)]));
High
Sandbox Evasion Gated Capability
Source gates dangerous network, credential, or execution behavior behind CI, host, platform, time, or geo fingerprint checks.
dist/chunk-BXN3EMF6.jsView on unpkg · L42Findings
1 High3 Medium4 Low
HighSandbox Evasion Gated Capabilitydist/chunk-BXN3EMF6.js
MediumNetwork
MediumEnvironment Vars
MediumStructural Risk Force Deep Review
LowScripts Present
LowFilesystem
LowHigh Entropy Strings
LowUrl Strings