Static Scan Results
scanned 5h ago · by rust-scannerStatic analysis flagged 8 finding(s) at 72.0% confidence. This version is warn-only unless an AI or security-team review confirms malicious behavior.
Static reason
One or more suspicious static signals were detected.
Decision evidence
public snapshotBehavioral surface
CryptoEnvironmentVarsFilesystemShell
HighEntropyStringsUrlStrings
Source & flagged code
1 flagged · loading sourcedist/src/doctor.jsView file
1import { execa } from "execa";
L2: import { detectStack } from "./detect.js";
...
L11: darwin: "brew install trivy",
L12: linux: "curl -sfL https://raw.githubusercontent.[redacted].sh | sudo sh -s -- -b /usr/local/bin",
L13: },
...
L28: return undefined;
L29: const key = process.platform === "win32" ? "win32" : process.platform === "darwin" ? "darwin" : "linux";
L30: return h[key];
...
L38: const res = await execa(name, args, { reject: false });
L39: if (res.exitCode === 0) {
L40: const firstLine = (res.stdout || res.stderr || "").split("\n")[0].trim();
...
L66: export async function runStatus(version) {
High
Sandbox Evasion Gated Capability
Source gates dangerous network, credential, or execution behavior behind CI, host, platform, time, or geo fingerprint checks.
dist/src/doctor.jsView on unpkg · L1Findings
1 High2 Medium5 Low
HighSandbox Evasion Gated Capabilitydist/src/doctor.js
MediumEnvironment Vars
MediumStructural Risk Force Deep Review
LowNon Install Lifecycle Scripts
LowScripts Present
LowFilesystem
LowHigh Entropy Strings
LowUrl Strings