Static Scan Results
scanned 14h ago · by rust-scannerStatic analysis flagged 10 finding(s) at 72.0% confidence. This version is warn-only unless an AI or security-team review confirms malicious behavior.
Static reason
One or more suspicious static signals were detected.
Decision evidence
public snapshotBehavioral surface
ChildProcessEnvironmentVarsFilesystemNetworkShell
HighEntropyStringsUrlStrings
Source & flagged code
2 flagged · loading sourcesrc/installers/electron.jsView file
2import path from 'path';
L3: import { execSync } from 'child_process';
L4: import chalk from 'chalk';
High
Child Process
Package source references child process execution.
src/installers/electron.jsView on unpkg · L235try {
L36: execSync('npm install trackfox-electron', { cwd: projectDir, stdio: 'ignore' });
L37: } catch (err) {
High
Runtime Package Install
Package source invokes a package manager install command at runtime.
src/installers/electron.jsView on unpkg · L35Findings
3 High3 Medium4 Low
HighChild Processsrc/installers/electron.js
HighShell
HighRuntime Package Installsrc/installers/electron.js
MediumNetwork
MediumEnvironment Vars
MediumStructural Risk Force Deep Review
LowScripts Present
LowFilesystem
LowHigh Entropy Strings
LowUrl Strings