Static Scan Results
scanned 5d ago · by rust-scannerStatic analysis flagged 7 finding(s) at 72.0% confidence. This version is warn-only unless an AI or security-team review confirms malicious behavior.
Static reason
One or more suspicious static signals were detected.
Decision evidence
public snapshotBehavioral surface
ChildProcessEnvironmentVarsFilesystem
HighEntropyStrings
Source & flagged code
3 flagged · loading sourceindex.jsView file
6L7: const { execSync, execFileSync } = require("child_process");
L8: const fs = require("fs");
High
110fs.mkdirSync(versionDir, { recursive: true });
L111: execSync(`npm install --prefix "${versionDir}" @ouro.bot/cli@${version}`, { stdio: "pipe" });
L112: }
High
Runtime Package Install
Package source invokes a package manager install command at runtime.
index.jsView on unpkg · L1106L7: const { execSync, execFileSync } = require("child_process");
L8: const fs = require("fs");
...
L11:
L12: const OURO_HOME = path.join(os.homedir(), ".ouro-cli");
L13: const VERSIONS_DIR = path.join(OURO_HOME, "versions");
...
L18:
L19: const WRAPPER_SCRIPT = `#!/bin/sh
L20: ENTRY="$HOME/.ouro-cli/CurrentVersion/${ENTRY_RELPATH}"
...
L29: try {
L30: const packageJson = JSON.parse(fs.readFileSync(path.join(__dirname, "package.json"), "utf8"));
L31: if (typeof packageJson.version === "string" && packageJson.version.trim()) {
Medium
Install Persistence
Source writes installer persistence such as shell profile or service configuration.
index.jsView on unpkg · L6Findings
2 High3 Medium2 Low
HighChild Processindex.js
HighRuntime Package Installindex.js
MediumEnvironment Vars
MediumInstall Persistenceindex.js
MediumStructural Risk Force Deep Review
LowFilesystem
LowHigh Entropy Strings