Static Scan Results
scanned 11d ago · by rust-scannerStatic analysis flagged 11 finding(s) at 86.0% confidence. This version is warn-only unless an AI or security-team review confirms malicious behavior.
Static reason
High-risk behavior combination matched malicious policy.
Decision evidence
public snapshotBehavioral surface
ChildProcessCryptoDynamicRequireFilesystemNetworkShell
HighEntropyStringsMinifiedObfuscatedUrlStrings
NoLicense
Source & flagged code
2 flagged · loading sourcelib/font-cache.jsView file
27}
L28: const data = JSON.parse(fs.readFileSync(file, "utf8"));
L29: return {
L30: contentType: data.contentType,
L31: body: Buffer.from(data.body, "base64"),
L32: };
Low
Weak Crypto
Package source references weak cryptographic algorithms.
lib/font-cache.jsView on unpkg · L27dist/assets/jspdf.es.min-CAO1hjjP.jsView file
3contains invisible/control Unicode U+FEFF (zero width no-break space)
In order to be iterable, non-array objects must have a [Symbol.iterator]() method.`)}function ne(e,t){return ee(e)||H(e,t)||W(e,t)||te()}function re(e,t=`utf8`){return new TextDecoder(t).decode(e)}var ie=new TextEncoder;function ae(e){retur
Critical
Trojan Source Unicode
Source contains bidi control or invisible Unicode characters associated with Trojan Source attacks.
dist/assets/jspdf.es.min-CAO1hjjP.jsView on unpkg · L3Findings
1 Critical3 Medium7 Low
CriticalTrojan Source Unicodedist/assets/jspdf.es.min-CAO1hjjP.js
MediumDynamic Require
MediumNetwork
MediumStructural Risk Force Deep Review
LowScripts Present
LowWeak Cryptolib/font-cache.js
LowFilesystem
LowObfuscated
LowHigh Entropy Strings
LowUrl Strings
LowNo License