Static Scan Results
scanned 5d ago · by rust-scannerStatic analysis flagged 21 finding(s) at 72.0% confidence. This version is warn-only unless an AI or security-team review confirms malicious behavior.
Decision evidence
public snapshotSource & flagged code
12 flagged · loading sourcePackage contains a critical-looking secret pattern.
dist-lib/latest-B6A-F1H9.mjsView on unpkg · L10RSA private key in dist-lib/latest-B6A-F1H9.mjs
dist-lib/latest-B6A-F1H9.mjsView on unpkg · L10Package source references a known benign dynamic code generation pattern.
dist-lib/common-config-CSfT_Gyw.mjsView on unpkg · L11Package source references dynamic require/import behavior.
dist-lib/registry-DqlmPPqP.mjsView on unpkg · L493Package source executes code through a VM context API.
dist-lib/feed-BXYU9XJ3.mjsView on unpkg · L22Package source references weak cryptographic algorithms.
dist-lib/channel-BsCeeSwN.mjsView on unpkg · L67Package contains source files above the static scanner size ceiling.
dist-lib/routes-BzjWk6FX.mjsView on unpkgGoogle API key in dist-lib/charts-4LfISV0E.mjs
dist-lib/charts-4LfISV0E.mjsView on unpkg · L92Hardcoded password in dist-lib/utils-CW8BK0_S.mjs
dist-lib/utils-CW8BK0_S.mjsView on unpkg · L39Supabase service role key (JWT) in dist-lib/pickup-D4YBJFM5.mjs
dist-lib/pickup-D4YBJFM5.mjsView on unpkg · L13Hardcoded password in dist-lib/utils-BiyO2GgI2.mjs
dist-lib/utils-BiyO2GgI2.mjsView on unpkg · L3Supabase service role key (JWT) in dist-lib/prime-community-Be0z2bo9.mjs
dist-lib/prime-community-Be0z2bo9.mjsView on unpkg · L26