Static Scan Results
scanned 7h ago · by rust-scannerStatic analysis completed at 93.0% confidence. No malicious behavior was detected; 11 low-signal pattern(s) were surfaced and cleared.
Decision evidence
public snapshotSource & flagged code
4 flagged · loading sourcePackage source references weak cryptographic algorithms.
src/core/vault.jsView on unpkg · L6Source writes installer persistence such as shell profile or service configuration.
src/scheduler/status.jsView on unpkg · L3Package ships non-JavaScript build or shell helper files.
templates/hooks/codex-session-end.shView on unpkgThis package version adds a dangerous source file absent from the previous stored version; route for source-aware review.
src/cli/run-job.jsView on unpkg