Static Scan Results
scanned 7h ago · by rust-scannerStatic analysis flagged 12 finding(s) at 72.0% confidence. This version is warn-only unless an AI or security-team review confirms malicious behavior.
Decision evidence
public snapshotSource & flagged code
6 flagged · loading sourcePackage contains a possible secret pattern.
dist/services/one_time_code/OneTimeCodeService.jsView on unpkg · L22Package source references child process execution.
dist/scripts/migrate_core.jsView on unpkg · L5Package source invokes a package manager install command at runtime.
dist/scripts/migrate_core.jsView on unpkg · L24Package declares a runtime dependency whose name matches a Node built-in module.
package.jsonView on unpkgHardcoded password in dist/models/user/UserModel.d.ts
dist/models/user/UserModel.d.tsView on unpkg · L16Hardcoded password in dist/services/one_time_code/OneTimeCodeService.d.ts
dist/services/one_time_code/OneTimeCodeService.d.tsView on unpkg · L18