Static Scan Results
scanned 5d ago · by rust-scannerStatic analysis flagged 10 finding(s) at 72.0% confidence. This version is warn-only unless an AI or security-team review confirms malicious behavior.
Static reason
One or more suspicious static signals were detected.
Decision evidence
public snapshotBehavioral surface
ChildProcessEnvironmentVarsFilesystemNetworkShell
HighEntropyStringsUrlStrings
Source & flagged code
2 flagged · loading sourcedist/pi-extension.cjsView file
231REGEX_REGEXP_RANGE,
L232: (match, from, to) => from.charCodeAt(0) <= to.charCodeAt(0) ? match : EMPTY
L233: );
...
L373: // WTF!
L374: // https://git-scm.com/docs/gitignore
L375: // changes in [2.22.1](https://git-scm.com/docs/gitignore/2.22.1)
...
L646: // Detect `process` so that it can run in browsers.
L647: typeof process !== "undefined" && process.platform === "win32"
L648: ) {
...
L850: const variableName = match[1];
L851: const envValue = process.env[variableName];
L852: if (envValue === void 0) {
High
Cloud Metadata Access
Source reaches cloud instance metadata or link-local credential endpoints.
dist/pi-extension.cjsView on unpkg · L231native/codebase-index-native.linux-arm64-gnu.nodeView file
•path = native/codebase-index-native.linux-arm64-gnu.node
kind = native_binary
sizeBytes = 73078064
magicHex = [redacted]
Medium
Ships Native Binary
Package ships native binary artifacts.
native/codebase-index-native.linux-arm64-gnu.nodeView on unpkgFindings
1 High4 Medium5 Low
HighCloud Metadata Accessdist/pi-extension.cjs
MediumNetwork
MediumEnvironment Vars
MediumShips Native Binarynative/codebase-index-native.linux-arm64-gnu.node
MediumStructural Risk Force Deep Review
LowNon Install Lifecycle Scripts
LowScripts Present
LowFilesystem
LowHigh Entropy Strings
LowUrl Strings