registry  /  zaileys  /  4.7.1

zaileys@4.7.1

Zaileys - Simplified WhatsApp Node.js TypeScript/JavaScript API

Static Scan Results

scanned 2h ago · by rust-scanner

Static analysis flagged 13 finding(s) at 72.0% confidence. This version is warn-only unless an AI or security-team review confirms malicious behavior.

Static reason
One or more suspicious static signals were detected.

Decision evidence

public snapshot
Behavioral surface
Source
ChildProcessCryptoDynamicRequireEnvironmentVarsFilesystemNetwork
Supply chain
HighEntropyStringsMinifiedObfuscatedUrlStrings
ManifestNo manifest risk signals triggered.
scanned 2 file(s), 359 KB of source, external domains: github.com, itunes.apple.com, play.google.com

Source & flagged code

4 flagged · loading source
dist/index.cjsView file
1'use strict';var aa=require('baileys'),we=require('node:fs/promises'),url=require('node:url'),os$1=require('node:os'),We=require('node:path'),child_process=require('node:child_proc... L2: `;)i++;s(n.slice(a,i),5);continue}if(o==='"'||o==="'"||o==="`"){let a=i,c=o;for(i++;i<n.length;)if(n[i]==="\\"&&i+1<n.length)i+=2;else if(n[i]===c){i++;break}else i++;s(n.slice(a,i...
High
Child Process

Package source references child process execution.

dist/index.cjsView on unpkg · L1
1'use strict';var aa=require('baileys'),we=require('node:fs/promises'),url=require('node:url'),os$1=require('node:os'),We=require('node:path'),child_process=require('node:child_proc... L2: `;)i++;s(n.slice(a,i),5);continue}if(o==='"'||o==="'"||o==="`"){let a=i,c=o;for(i++;i<n.length;)if(n[i]==="\\"&&i+1<n.length)i+=2;else if(n[i]===c){i++;break}else i++;s(n.slice(a,i...
High
Same File Env Network Execution

A single source file combines environment access, network access, and code or shell execution; review context before blocking.

dist/index.cjsView on unpkg · L1
1'use strict';var aa=require('baileys'),we=require('node:fs/promises'),url=require('node:url'),os$1=require('node:os'),We=require('node:path'),child_process=require('node:child_proc... L2: `;)i++;s(n.slice(a,i),5);continue}if(o==='"'||o==="'"||o==="`"){let a=i,c=o;for(i++;i<n.length;)if(n[i]==="\\"&&i+1<n.length)i+=2;else if(n[i]===c){i++;break}else i++;s(n.slice(a,i...
High
Command Output Exfiltration

Source combines command execution, command-output handling, and outbound requests; review data flow before blocking.

dist/index.cjsView on unpkg · L1
1'use strict';var aa=require('baileys'),we=require('node:fs/promises'),url=require('node:url'),os$1=require('node:os'),We=require('node:path'),child_process=require('node:child_proc... L2: `;)i++;s(n.slice(a,i),5);continue}if(o==='"'||o==="'"||o==="`"){let a=i,c=o;for(i++;i<n.length;)if(n[i]==="\\"&&i+1<n.length)i+=2;else if(n[i]===c){i++;break}else i++;s(n.slice(a,i...
Medium
Dynamic Require

Package source references dynamic require/import behavior.

dist/index.cjsView on unpkg · L1

Findings

3 High4 Medium6 Low
HighChild Processdist/index.cjs
HighSame File Env Network Executiondist/index.cjs
HighCommand Output Exfiltrationdist/index.cjs
MediumDynamic Requiredist/index.cjs
MediumNetwork
MediumEnvironment Vars
MediumStructural Risk Force Deep Review
LowNon Install Lifecycle Scripts
LowScripts Present
LowFilesystem
LowObfuscated
LowHigh Entropy Strings
LowUrl Strings