obfuscation

Flags source files that appear intentionally packed/obfuscated (high entropy, suspicious encodings, heavy minification, etc.).

Implemented in: src/lib/detection/plugins/obfuscation.ts
Enabled by default: yes

What it means

At least one file in the package contains content consistent with obfuscation techniques.

Why it matters

Obfuscation can be legitimate (bundled/minified distribution), but it’s also frequently used to hide malicious behavior and evade review.

What to do

• Identify the file(s) and check whether they’re expected build artifacts.
• Deobfuscate/unminify the content and re-run static analysis.
• Prefer packages with auditable source and reproducible builds.

Common fields

• filePath, lineStart/lineEnd, codeSnippet
• metadata may include entropy scores or the triggering heuristic