Static Scan Results
scanned 3h ago · by rust-scannerStatic analysis flagged 21 finding(s) at 72.0% confidence. This version is warn-only unless an AI or security-team review confirms malicious behavior.
Decision evidence
public snapshotSource & flagged code
12 flagged · loading sourcePackage contains a critical-looking secret pattern.
dist-lib/latest-CTkD6VYz.mjsView on unpkg · L10RSA private key in dist-lib/latest-CTkD6VYz.mjs
dist-lib/latest-CTkD6VYz.mjsView on unpkg · L10Package source references a known benign dynamic code generation pattern.
dist-lib/common-config-CBU99BL7.mjsView on unpkg · L11Package source references dynamic require/import behavior.
dist-lib/registry-dev-BpPDWdA6.mjsView on unpkg · L37Package source executes code through a VM context API.
dist-lib/feed-CixTT0nM.mjsView on unpkg · L22Package source references weak cryptographic algorithms.
dist-lib/explore-BVSethCW.mjsView on unpkg · L10Package contains source files above the static scanner size ceiling.
dist-lib/routes-CJerc_Oo.mjsView on unpkgGoogle API key in dist-lib/charts-CSTCYN42.mjs
dist-lib/charts-CSTCYN42.mjsView on unpkg · L92Hardcoded password in dist-lib/utils-DanZbhOi.mjs
dist-lib/utils-DanZbhOi.mjsView on unpkg · L39Supabase service role key (JWT) in dist-lib/prime-community-DcOyGkPd.mjs
dist-lib/prime-community-DcOyGkPd.mjsView on unpkg · L26Hardcoded password in dist-lib/utils-BiyO2GgI2.mjs
dist-lib/utils-BiyO2GgI2.mjsView on unpkg · L3Supabase service role key (JWT) in dist-lib/pickup-CXxOqT65.mjs
dist-lib/pickup-CXxOqT65.mjsView on unpkg · L13