Static Scan Results
scanned 10d ago · by rust-scannerStatic analysis flagged 11 finding(s) at 72.0% confidence. This version is warn-only unless an AI or security-team review confirms malicious behavior.
Static reason
One or more suspicious static signals were detected.
Decision evidence
public snapshotBehavioral surface
ChildProcessCryptoDynamicRequireFilesystemNetworkShell
HighEntropyStringsUrlStrings
Source & flagged code
3 flagged · loading sourcedist/src/bin/cli.jsView file
413// creates a unique index on `name` in the migrations collection.
L414: await exec(`CREATE TABLE "${MIGRATIONS_TABLE}"`);
L415: return;
High
Child Process
Package source references child process execution.
dist/src/bin/cli.jsView on unpkg · L413895warn(`No schema snapshot found for batch ${targetBatch}; cannot rebuild previous tables automatically.`);
L896: warn("Update your source files to match that point in history, then re-run `npx slintorm migrate`.");
L897: }
...
L907: await migrator.ensureTable(unit.tableName, modelDef.fields, modelDef.relations ?? []);
L908: await exec(`INSERT INTO "${MIGRATIONS_TABLE}" (name, batch) VALUES (${isPg ? "$1,$2" : "?,?"})`, [unit.name, targetBatch]);
L909: writeMigrationRecord(cfg.dir ?? "src", unit, targetBatch, modelDef);
High
Runtime Package Install
Package source invokes a package manager install command at runtime.
dist/src/bin/cli.jsView on unpkg · L895107try {
L108: const mod = await import(pathToFileURL(cfgPath).href);
L109: const cfg = mod.default ?? mod;
Medium
Dynamic Require
Package source references dynamic require/import behavior.
dist/src/bin/cli.jsView on unpkg · L107Findings
3 High3 Medium5 Low
HighChild Processdist/src/bin/cli.js
HighShell
HighRuntime Package Installdist/src/bin/cli.js
MediumDynamic Requiredist/src/bin/cli.js
MediumNetwork
MediumStructural Risk Force Deep Review
LowNon Install Lifecycle Scripts
LowScripts Present
LowFilesystem
LowHigh Entropy Strings
LowUrl Strings