Static Scan Results
scanned 3h ago · by rust-scannerStatic analysis flagged 12 finding(s) at 72.0% confidence. This version is warn-only unless an AI or security-team review confirms malicious behavior.
Static reason
One or more suspicious static signals were detected.
Decision evidence
public snapshotBehavioral surface
ChildProcessCryptoDynamicRequireEnvironmentVarsFilesystemNetworkShell
HighEntropyStringsUrlStrings
Source & flagged code
3 flagged · loading sourcedist/src/bin/cli.jsView file
459// creates a unique index on `name` in the migrations collection.
L460: await exec(`CREATE TABLE "${MIGRATIONS_TABLE}"`);
L461: return;
High
Child Process
Package source references child process execution.
dist/src/bin/cli.jsView on unpkg · L459941warn(`No schema snapshot found for batch ${targetBatch}; cannot rebuild previous tables automatically.`);
L942: warn("Update your source files to match that point in history, then re-run `npx slintorm migrate`.");
L943: }
...
L953: await migrator.ensureTable(unit.tableName, modelDef.fields, modelDef.relations ?? []);
L954: await exec(`INSERT INTO "${MIGRATIONS_TABLE}" (name, batch) VALUES (${isPg ? "$1,$2" : "?,?"})`, [unit.name, targetBatch]);
L955: writeMigrationRecord(cfg.dir ?? "src", unit, targetBatch, modelDef);
High
Runtime Package Install
Package source invokes a package manager install command at runtime.
dist/src/bin/cli.jsView on unpkg · L941153try {
L154: const mod = await import(pathToFileURL(cfgPath).href);
L155: const cfg = mod.default ?? mod;
Medium
Dynamic Require
Package source references dynamic require/import behavior.
dist/src/bin/cli.jsView on unpkg · L153Findings
3 High4 Medium5 Low
HighChild Processdist/src/bin/cli.js
HighShell
HighRuntime Package Installdist/src/bin/cli.js
MediumDynamic Requiredist/src/bin/cli.js
MediumNetwork
MediumEnvironment Vars
MediumStructural Risk Force Deep Review
LowNon Install Lifecycle Scripts
LowScripts Present
LowFilesystem
LowHigh Entropy Strings
LowUrl Strings