Static Scan Results
scanned 2h ago · by rust-scannerStatic analysis flagged 20 finding(s) at 72.0% confidence. This version is warn-only unless an AI or security-team review confirms malicious behavior.
Decision evidence
public snapshotSource & flagged code
8 flagged · loading sourcePackage contains a critical-looking secret pattern.
dist/index.jsView on unpkg · L2997Package source references child process execution.
dist/pipeline/coding-aggregate.jsView on unpkg · L14Package source references dynamic require/import behavior.
dist/pipeline/coding-build.jsView on unpkg · L436Source exposes local file and command tools to a remote model endpoint.
dist/pipeline/coding-gap.jsView on unpkg · L145Source spawns a local helper that also contains network and dynamic execution context; review data flow before blocking.
dist/cli.jsView on unpkg · L40