Static Scan Results
scanned 4h ago · by rust-scannerStatic analysis completed at 93.0% confidence. No malicious behavior was detected; 9 low-signal pattern(s) were surfaced and cleared.
Static reason
No blocking static signals were detected.; previous stored version diff introduced dangerous source
Decision evidence
public snapshotBehavioral surface
ChildProcessEnvironmentVarsEvalFilesystemNetworkShell
HighEntropyStringsUrlStrings
Source & flagged code
2 flagged · loading sourcedist/agents/security.jsView file
46const antiPatterns = [
L47: { pattern: /eval\s*\(/g, type: 'eval() usage', risk: 'Code injection vulnerability' },
L48: { pattern: /innerHTML\s*=/g, type: 'innerHTML assignment', risk: 'XSS vulnerability' },
Low
Eval
Package source references a known benign dynamic code generation pattern.
dist/agents/security.jsView on unpkg · L46dist/db/index.jsView file
•matchType = previous_version_dangerous_delta
matchedPackage = psycgod-sage-js@1.0.0
matchedIdentity = npm:cHN5Y2dvZC1zYWdlLWpz:1.0.0
similarity = 0.963
summary = stored previous version shares package body but lacks this dangerous source file
High
Previous Version Dangerous Delta
This package version adds a dangerous source file absent from the previous stored version; route for source-aware review.
dist/db/index.jsView on unpkgFindings
1 High2 Medium6 Low
HighPrevious Version Dangerous Deltadist/db/index.js
MediumNetwork
MediumEnvironment Vars
LowNon Install Lifecycle Scripts
LowScripts Present
LowEvaldist/agents/security.js
LowFilesystem
LowHigh Entropy Strings
LowUrl Strings