Static Scan Results
scanned 2h ago · by rust-scannerStatic analysis flagged 17 finding(s) at 72.0% confidence. This version is warn-only unless an AI or security-team review confirms malicious behavior.
Decision evidence
public snapshotSource & flagged code
10 flagged · loading sourcePackage source references child process execution.
dist/_presets.mjsView on unpkg · L721Source spawns a local helper that also contains network and dynamic execution context; review data flow before blocking.
dist/_presets.mjsView on unpkg · L162Package source references a known benign dynamic code generation pattern.
dist/_libs/pluginutils.mjsView on unpkg · L112Package source references dynamic require/import behavior.
dist/_dev.mjsView on unpkg · L141Package source references weak cryptographic algorithms.
dist/_build/common.mjsView on unpkg · L75Package ships high-entropy non-source blobs.
dist/THIRD-PARTY-LICENSES.md.gzView on unpkgPackage ships compressed or archive-like blobs.
dist/THIRD-PARTY-LICENSES.md.gzView on unpkgHardcoded password in dist/docs/0.docs/3.routing.md
dist/docs/0.docs/3.routing.mdView on unpkg · L469Hardcoded password in dist/docs/0.docs/3.routing.md
dist/docs/0.docs/3.routing.mdView on unpkg · L614