Static Scan Results
scanned 3h ago · by rust-scannerStatic analysis flagged 10 finding(s) at 72.0% confidence. This version is warn-only unless an AI or security-team review confirms malicious behavior.
Static reason
One or more suspicious static signals were detected.
Decision evidence
public snapshotBehavioral surface
ChildProcessCryptoEnvironmentVarsFilesystemNetworkShell
HighEntropyStringsUrlStrings
Source & flagged code
2 flagged · loading sourcedist/config.jsView file
8sourcePath: 'mne/',
L9: docsUrl: 'https://mne.tools/stable/',
L10: },
...
L113: archiveCacheMaxVersions: z.coerce.number().default(5),
L114: pythonPath: z.string().default(process.platform === 'win32' ? 'python' : 'python3'),
L115: parserTimeout: z.coerce.number().default(10000),
...
L120: const config = {
L121: port: process.env.MNE_PORT,
L122: host: process.env.MNE_HOST,
High
Sandbox Evasion Gated Capability
Source gates dangerous network, credential, or execution behavior behind CI, host, platform, time, or geo fingerprint checks.
dist/config.jsView on unpkg · L8python/parser.pyView file
•path = python/parser.py
kind = build_helper
sizeBytes = 2190
magicHex = [redacted]
Medium
Ships Build Helper
Package ships non-JavaScript build or shell helper files.
python/parser.pyView on unpkgFindings
1 High4 Medium5 Low
HighSandbox Evasion Gated Capabilitydist/config.js
MediumNetwork
MediumEnvironment Vars
MediumShips Build Helperpython/parser.py
MediumStructural Risk Force Deep Review
LowNon Install Lifecycle Scripts
LowScripts Present
LowFilesystem
LowHigh Entropy Strings
LowUrl Strings