Static Scan Results
scanned 3h ago · by rust-scannerStatic analysis flagged 9 finding(s) at 72.0% confidence. This version is warn-only unless an AI or security-team review confirms malicious behavior.
Static reason
One or more suspicious static signals were detected.
Decision evidence
public snapshotBehavioral surface
ChildProcessEnvironmentVarsFilesystemShell
HighEntropyStringsUrlStrings
Source & flagged code
2 flagged · loading sourcesrc/index.jsView file
13} from 'fs';
L14: import { execSync, spawn } from 'child_process';
L15: import { homedir } from 'os';
High
1202try {
L1203: execSync(`${pm} add @piezas/sdk`, { cwd: projectDir, stdio: 'pipe' });
L1204: log(' Installed @piezas/sdk\n');
L1205: } catch {
L1206: log(' Failed to install - run manually: npm install @piezas/sdk\n');
L1207: }
High
Runtime Package Install
Package source invokes a package manager install command at runtime.
src/index.jsView on unpkg · L1202Findings
3 High2 Medium4 Low
HighChild Processsrc/index.js
HighShell
HighRuntime Package Installsrc/index.js
MediumEnvironment Vars
MediumStructural Risk Force Deep Review
LowScripts Present
LowFilesystem
LowHigh Entropy Strings
LowUrl Strings