Static Scan Results
scanned 2d ago · by rust-scannerStatic analysis completed at 93.0% confidence. No malicious behavior was detected; 9 low-signal pattern(s) were surfaced and cleared.
Static reason
No blocking static signals were detected.; previous stored version diff introduced dangerous source
Decision evidence
public snapshotBehavioral surface
ChildProcessDynamicRequireEnvironmentVarsEvalFilesystemNetworkShell
HighEntropyStringsUrlStrings
Source & flagged code
3 flagged · loading sourceprovider/wasm.tsView file
12// eslint-disable-next-line no-new-func
L13: new Function("s", "return import(s)") as any;
L14:
Low
Eval
Package source references a known benign dynamic code generation pattern.
provider/wasm.tsView on unpkg · L12dist/rastack-compile.jsView file
12Object.defineProperty(exports, "__esModule", { value: true });
L13: const compile_1 = require("./compile");
L14: const DEFAULT_RESOURCES = "resources";
Medium
Dynamic Require
Package source references dynamic require/import behavior.
dist/rastack-compile.jsView on unpkg · L12dist/rastack-design.jsView file
•matchType = previous_version_dangerous_delta
matchedPackage = rastack@0.0.24
matchedIdentity = npm:cmFzdGFjaw:0.0.24
similarity = 0.769
summary = stored previous version shares package body but lacks this dangerous source file
High
Previous Version Dangerous Delta
This package version adds a dangerous source file absent from the previous stored version; route for source-aware review.
dist/rastack-design.jsView on unpkgFindings
1 High3 Medium5 Low
HighPrevious Version Dangerous Deltadist/rastack-design.js
MediumDynamic Requiredist/rastack-compile.js
MediumNetwork
MediumEnvironment Vars
LowScripts Present
LowEvalprovider/wasm.ts
LowFilesystem
LowHigh Entropy Strings
LowUrl Strings