Static Scan Results
scanned 16h ago · by rust-scannerStatic analysis flagged 21 finding(s) at 72.0% confidence. This version is warn-only unless an AI or security-team review confirms malicious behavior.
Decision evidence
public snapshotSource & flagged code
12 flagged · loading sourcePackage contains a critical-looking secret pattern.
dist-lib/latest-DqQsMpfh.mjsView on unpkg · L10RSA private key in dist-lib/latest-DqQsMpfh.mjs
dist-lib/latest-DqQsMpfh.mjsView on unpkg · L10Package source references a known benign dynamic code generation pattern.
dist-lib/common-config-DLVB06mr.mjsView on unpkg · L11Package source references dynamic require/import behavior.
dist-lib/registry-BUO1P6J8.mjsView on unpkg · L493Package source executes code through a VM context API.
dist-lib/feed-DfctHvRI.mjsView on unpkg · L22Package source references weak cryptographic algorithms.
dist-lib/podcast-tVaXpKvP.mjsView on unpkg · L18Package contains source files above the static scanner size ceiling.
dist-lib/routes-CE6LuW28.mjsView on unpkgSupabase service role key (JWT) in dist-lib/pickup-CGB7mVvx.mjs
dist-lib/pickup-CGB7mVvx.mjsView on unpkg · L13Supabase service role key (JWT) in dist-lib/prime-community-BpKNJy-4.mjs
dist-lib/prime-community-BpKNJy-4.mjsView on unpkg · L26Hardcoded password in dist-lib/utils-D2I5_fvA.mjs
dist-lib/utils-D2I5_fvA.mjsView on unpkg · L39Hardcoded password in dist-lib/utils-BiyO2GgI2.mjs
dist-lib/utils-BiyO2GgI2.mjsView on unpkg · L3Google API key in dist-lib/charts-CQZv9KlV.mjs
dist-lib/charts-CQZv9KlV.mjsView on unpkg · L92