Static Scan Results
scanned 10d ago · by rust-scannerStatic analysis flagged 13 finding(s) at 72.0% confidence. This version is warn-only unless an AI or security-team review confirms malicious behavior.
Static reason
One or more suspicious static signals were detected.
Decision evidence
public snapshotBehavioral surface
ChildProcessCryptoDynamicRequireEnvironmentVarsFilesystemNetworkWebSocket
HighEntropyStringsMinifiedObfuscatedProtestwareUrlStrings
Source & flagged code
4 flagged · loading sourceout/assets/index.lazy-CT5TGyGl.jsView file
1patternName = private_key_rsa
severity = critical
line = 1
matchedText = import{n...in(`
Critical
Critical Secret
Package contains a critical-looking secret pattern.
out/assets/index.lazy-CT5TGyGl.jsView on unpkg · L11patternName = private_key_rsa
severity = critical
line = 1
matchedText = import{n...in(`
Critical
Secret Pattern
RSA private key in out/assets/index.lazy-CT5TGyGl.js
out/assets/index.lazy-CT5TGyGl.jsView on unpkg · L1out/assets/livescript-BXxG0Yva.jsView file
1var e=function(e,t){var n=t.next||`start`;if(n){t.next=t.next;var r=a[n];if(r.splice){for(var i=0;i<r.length;++i){var o=r[i];if(o.regex&&e.match(o.regex))return t.next=o.next||t.ne...
Medium
Dynamic Require
Package source references dynamic require/import behavior.
out/assets/livescript-BXxG0Yva.jsView on unpkg · L1out/logo.icoView file
•path = out/logo.ico
kind = high_entropy_blob
sizeBytes = 8039
magicHex = [redacted]
High
Findings
2 Critical1 High5 Medium5 Low
CriticalCritical Secretout/assets/index.lazy-CT5TGyGl.js
CriticalSecret Patternout/assets/index.lazy-CT5TGyGl.js
HighShips High Entropy Blobout/logo.ico
MediumDynamic Requireout/assets/livescript-BXxG0Yva.js
MediumNetwork
MediumEnvironment Vars
MediumProtestware
MediumStructural Risk Force Deep Review
LowScripts Present
LowFilesystem
LowObfuscated
LowHigh Entropy Strings
LowUrl Strings