registry  /  vome-core  /  0.0.13

vome-core@0.0.13

Vome framework — shared + Bun/Elysia server + Vue admin

Static Scan Results

scanned 2h ago · by rust-scanner

Static analysis flagged 10 finding(s) at 72.0% confidence. This version is warn-only unless an AI or security-team review confirms malicious behavior.

Static reason
One or more suspicious static signals were detected.

Decision evidence

public snapshot
Behavioral surface
Source
DynamicRequireNetwork
Supply chain
HighEntropyStringsMinifiedObfuscated
Manifest
WildcardDependency
scanned 53 file(s), 348 KB of source

Source & flagged code

3 flagged · loading source
dist/server/index.jsView file
1const _0x4caa47=_0x46b5;(function(_0x13e3b0,_0xa556f){const _0x5d3e09=_0x46b5,_0x31effd=_0x13e3b0();while(!![]){try{const _0x10123c=parseInt(_0x5d3e09(0x226))/0x1+parseInt(_0x5d3e0...
Medium
Dynamic Require

Package source references dynamic require/import behavior.

dist/server/index.jsView on unpkg · L1
dist/admin/directives/perm.jsView file
1(function(_0x148591,_0x10968c){const _0x49f8da=_0x2194,_0x3dea4e=_0x148591();while(!![]){try{const _0x2f2ac0=parseInt(_0x49f8da(0x10d))/0x1+parseInt(_0x49f8da(0x118))/0x2+-parseInt...
High
Obfuscated Payload Loader

Source contains an obfuscator-style string-array loader that reconstructs and executes hidden code.

dist/admin/directives/perm.jsView on unpkg · L1
dist/admin/static/fileicon/iconfont.woffView file
path = [redacted].woff kind = high_entropy_blob sizeBytes = 4228 magicHex = [redacted]
High
Ships High Entropy Blob

Package ships high-entropy non-source blobs.

dist/admin/static/fileicon/iconfont.woffView on unpkg

Findings

3 High4 Medium3 Low
HighObfuscated Payload Loaderdist/admin/directives/perm.js
HighObfuscated
HighShips High Entropy Blobdist/admin/static/fileicon/iconfont.woff
MediumDynamic Requiredist/server/index.js
MediumNetwork
MediumStructural Risk Force Deep Review
MediumWildcard Dependency
LowNon Install Lifecycle Scripts
LowScripts Present
LowHigh Entropy Strings