Static Scan Results
scanned 3h ago · by rust-scannerStatic analysis flagged 5 finding(s) at 86.0% confidence. This version is warn-only unless an AI or security-team review confirms malicious behavior.
Static reason
High-risk behavior combination matched malicious policy.
Decision evidence
public snapshotBehavioral surface
HighEntropyStringsMinified
Source & flagged code
2 flagged · loading sourcedist/assets/allCountry.jsView file
3contains invisible/control Unicode U+202B (right-to-left embedding)
['Afghanistan (<U+202B>افغانستان<U+202C><U+200E>)', 'af', '93'],
Critical
Trojan Source Unicode
Source contains bidi control or invisible Unicode characters associated with Trojan Source attacks.
dist/assets/allCountry.jsView on unpkg · L3•Trigger-reachable chain: manifest.exports -> dist/assets/index.js -> dist/assets/allCountry.js
Reachable file contains a blocking source-risk pattern.
Critical
Trigger Reachable Dangerous Capability
A package entrypoint or install-time lifecycle script reaches a source file with blocking dangerous behavior.
dist/assets/allCountry.jsView on unpkgFindings
2 Critical1 Medium2 Low
CriticalTrojan Source Unicodedist/assets/allCountry.js
CriticalTrigger Reachable Dangerous Capabilitydist/assets/allCountry.js
MediumStructural Risk Force Deep Review
LowScripts Present
LowHigh Entropy Strings