registry  /  polaris-vpn  /  0.7.0

polaris-vpn@0.7.0

Your True North in Digital Privacy. A self-hosted VPN CLI.

Static Scan Results

scanned 3h ago · by rust-scanner

Static analysis flagged 9 finding(s) at 72.0% confidence. This version is warn-only unless an AI or security-team review confirms malicious behavior.

Static reason
One or more suspicious static signals were detected.

Decision evidence

public snapshot
Behavioral surface
Source
ChildProcessCryptoEnvironmentVarsFilesystemNetworkShell
Supply chain
HighEntropyStringsUrlStrings
ManifestNo manifest risk signals triggered.
scanned 30 file(s), 88.9 KB of source, external domains: 127.0.0.1, api64.ipify.org, cloudflare-dns.com, dns.google, ip-api.com, ipv6.icanhazip.com

Source & flagged code

2 flagged · loading source
src/core/deploy-service.jsView file
7L8: const getDefaultPrivateKey = () => { L9: const keys = ['id_rsa', 'id_ed25519', 'id_ecdsa', 'id_dsa']; L10: for (const k of keys) { L11: const p = path.join(os.homedir(), '.ssh', k); L12: if (fs.existsSync(p)) { ... L22: if (err) return reject(err); L23: let stdout = ''; L24: let stderr = ''; ... L27: }).on('data', (data) => { L28: stdout += data.toString('utf8'); L29: }).stderr.on('data', (data) => {
Medium
Install Persistence

Source writes installer persistence such as shell profile or service configuration.

src/core/deploy-service.jsView on unpkg · L7
src/commands/status.jsView file
5import fetch from 'node-fetch'; L6: import { spawnSync } from 'child_process'; L7: import os from 'os'; ... L14: if (isWin) { L15: const match = res.stdout.match(/Average = (\d+)ms/); L16: if (match) return `${match[1]} ms`; ... L24: L25: const getGeoIp = async (ip) => { L26: try { L27: const res = await fetch(`http://ip-api.com/json/${ip}`); L28: const data = await res.json(); L29: if (data.status === 'success') {
High
Sandbox Evasion Gated Capability

Source gates dangerous network, credential, or execution behavior behind CI, host, platform, time, or geo fingerprint checks.

src/commands/status.jsView on unpkg · L5

Findings

1 High4 Medium4 Low
HighSandbox Evasion Gated Capabilitysrc/commands/status.js
MediumNetwork
MediumEnvironment Vars
MediumInstall Persistencesrc/core/deploy-service.js
MediumStructural Risk Force Deep Review
LowScripts Present
LowFilesystem
LowHigh Entropy Strings
LowUrl Strings