Static Scan Results
scanned 2h ago · by rust-scannerStatic analysis flagged 13 finding(s) at 72.0% confidence. This version is warn-only unless an AI or security-team review confirms malicious behavior.
Decision evidence
public snapshotSource & flagged code
6 flagged · loading sourcePackage contains a critical-looking secret pattern.
tools/_work-context.test.jsView on unpkg · L83GitHub personal access token in tools/_work-context.test.js
tools/_work-context.test.jsView on unpkg · L83Source combines credential-like environment material and outbound requests; review data flow before blocking.
tools/subscriptions.jsView on unpkg · L39Package ships non-JavaScript build or shell helper files.
hooks/check-guest-messages.shView on unpkgGitHub personal access token in tools/_work-context.manual-test.js
tools/_work-context.manual-test.jsView on unpkg · L77