Static Scan Results
scanned 7h ago · by rust-scannerStatic analysis flagged 9 finding(s) at 93.0% confidence. This version is warn-only unless an AI or security-team review confirms malicious behavior.
Static reason
One or more suspicious static signals were detected.; previous stored version diff introduced dangerous source
Decision evidence
public snapshotBehavioral surface
ChildProcessEnvironmentVarsFilesystemNetworkShell
HighEntropyStringsUrlStrings
Source & flagged code
2 flagged · loading sourcedist/chunk-T757WVSG.jsView file
26try {
L27: return JSON.parse(fs.readFileSync(path.join(credDir(home), name), "utf-8"));
L28: } catch {
...
L54: obtain: [
L55: "https://mimi-seed.pryzm.gg \uC5D0\uC11C \uAC00\uC785/\uB85C\uADF8\uC778\uD558\uBA74 \uB05D \u2014 \uBE0C\uB77C\uC6B0\uC800\uAC00 \uC54C\uC544\uC11C \uD1A0\uD070\uC744 \uB118\uACA8...
L56: "CI \uC5D0\uC11C\uB294 MIMI_SEED_TOKEN \uD658\uACBD\uBCC0\uC218\uB85C \uB300\uCCB4\uD560 \uC218 \uC788\uB2E4."
...
L59: detect: (home) => {
L60: if (process.env.MIMI_SEED_TOKEN) return { present: true, detail: "MIMI_SEED_TOKEN (env)" };
L61: const cfg = readJson(home, "config.json");
...
L278: }
L279: function detectAll(home = os.homedir()) {
L280: return new Map(CREDENTIALS.map((c) => [c.id, c.detect(home)]));
High
Sandbox Evasion Gated Capability
Source gates dangerous network, credential, or execution behavior behind CI, host, platform, time, or geo fingerprint checks.
dist/chunk-T757WVSG.jsView on unpkg · L26•matchType = previous_version_dangerous_delta
matchedPackage = mimi-seed@0.4.3
matchedIdentity = npm:bWltaS1zZWVk:0.4.3
similarity = 0.667
summary = stored previous version shares package body but lacks this dangerous source file
High
Previous Version Dangerous Delta
This package version adds a dangerous source file absent from the previous stored version; route for source-aware review.
dist/chunk-T757WVSG.jsView on unpkgFindings
2 High3 Medium4 Low
HighSandbox Evasion Gated Capabilitydist/chunk-T757WVSG.js
HighPrevious Version Dangerous Deltadist/chunk-T757WVSG.js
MediumNetwork
MediumEnvironment Vars
MediumStructural Risk Force Deep Review
LowScripts Present
LowFilesystem
LowHigh Entropy Strings
LowUrl Strings