Static Scan Results
scanned 11d ago · by rust-scannerStatic analysis flagged 17 finding(s) at 72.0% confidence. This version is warn-only unless an AI or security-team review confirms malicious behavior.
Decision evidence
public snapshotSource & flagged code
8 flagged · loading sourceA single source file combines environment access, network access, and code or shell execution; review context before blocking.
bin/cli.jsView on unpkg · L3Package source references a known benign dynamic code generation pattern.
src/app/api/sessions/stats/route.tsView on unpkg · L14Package source invokes a package manager install command at runtime.
src/lib/agents/ClaudeRunner.tsView on unpkg · L69Package ships non-JavaScript build or shell helper files.
bin/fix-pwa-ubuntu.shView on unpkgPackage ships high-entropy non-source blobs.
.next/static/media/5ce348bf30bf5439-s.0zgw-jeven.3w.woff2View on unpkgPackage hides binary, compressed, or executable-looking payloads in test/fixture/hidden paths.
.next/dev/cache/turbopack/ee6e79b1/00000033.metaView on unpkg