Public scan — anyone with this URL can view this analysis. Sign up to track your own repos privately, run scheduled re-scans, and get AI fix prompts via your dashboard.
Sign up free Scan another repo
178 of your 278 findings came from Repobility's proprietary detections. ✓ Repobility tags below mark them.

Scan timing: clone 1.92s · analysis 26.34s · 9.0 MB · GitHub API rate-limit (preflight)

ultralytics/ultralytics

https://github.com/ultralytics/ultralytics · scanned 2026-06-05 09:54 UTC (5 days, 16 hours ago) · 10 languages

813 raw signals (255 security + 558 graph) 38th percentile · Python · medium (20-100K LoC) System graph score 57 (lower by 10)

File as issue Image
UNIFIED Repobility · multi-layer engine · AI coders

Complete repo analysis

Last scanned 5 days, 16 hours ago · v2 · 334 actionable findings from 2 signal sources. 200 repeated signals grouped for readability. Security checks, system graph analysis, and verified AI-agent feedback are merged into one review queue.

JSON
Combined
46.7
/100
Security checks
36
107 findings
System graph
57
100.0% cov · 227 findings
Critical
2
click to filter
Agents
6
0 votes
Crowd
0
reported
Score breakdown â 2026-05-18-v5
Component Sub-score Weight Contribution
structure_score 60.0 0.15 9.00
security_score 0.0 0.25 0.00
testing_score 37.0 0.20 7.40
documentation_score 99.6 0.15 14.94
practices_score 82.0 0.15 12.30
code_quality 41.0 0.10 4.10
Overall 1.00 47.7
Severity distribution — click a segment to filter
Active filters: excluding tests × Reset all
Severity: Critical 2 High 29 Medium 161 Low 70 9-Layer: Software Security Quality Integrity Frontend Hardware Data Network Cicd Source: Security checks 107 System graph 227 Crowd 0 Layer: Quality 110 Security 31 Cicd 11 Software 43 Api 1 Network 133 Hardware 4 Frontend 1
Scan summary Quality grade D+ (48/100). Dimensions: maintainability 60. 255 findings (66 security). 86,051 lines analyzed.

Showing 262 of 334 actionable findings. 534 raw detector signals were grouped into reader-sized issues. Click TP / FP to vote on a finding's accuracy — votes adjust the confidence weighting and improve detection across the platform.

critical Security checks quality Quality conf 1.00 ✓ Repobility [MINED102] Shell Injection Via F-string: Shell command built via f-string or .format with non-constant input — command injection. An attacker controlling any interpolated value can execute arbitrary shell commands.
Use the list form of subprocess (e.g. subprocess.run(["cmd", arg1, arg2])) with shell=False. Never combine shell=True with string interpolation.
ultralytics/nn/modules/__init__.py:17
critical Security checks security secrets conf 0.95 20 occurrences Discovered a potential authorization token provided in a curl command header, which could compromise the curl accessed resource.
Gitleaks detected a committed secret or credential pattern.
9 files, 20 locations
docs/en/platform/api/index.md:17, 82, 208, 643, 826, 914, 1184, 1756, +2 more (10 hits)
docs/en/platform/account/activity.md:150, 174 (2 hits)
docs/en/platform/account/trash.md:154, 161 (2 hits)
docs/en/platform/account/api-keys.md:105
docs/en/platform/deploy/endpoints.md:336
docs/en/platform/deploy/inference.md:177
docs/en/platform/deploy/monitoring.md:213
docs/en/platform/index.md:195
high Security checks quality Quality conf 1.00 ✓ Repobility Missing import: `string` used but not imported
The file uses `string.something(...)` but never imports `string`. This raises NameError at runtime the first time the line executes.
ultralytics/utils/__init__.py:497
low Security checks cicd CI/CD security conf 0.35 ✓ Repobility 10 occurrences Workflow references repository secrets in a pull_request workflow
Fork pull_request runs do not receive normal repository secrets on GitHub Actions. Review this as a reliability/intent signal, not as direct fork-secret exfiltration. Raise severity only for pull_request_target or another trusted-context path that runs untrusted PR code with secrets.
3 files, 10 locations
.github/workflows/ci.yml:115, 196, 448, 642 (4 hits)
.github/workflows/docs.yml:44, 117, 126 (3 hits)
.github/workflows/format.yml:28, 36, 37 (3 hits)
CI/CD securityworkflow secretsGitHub Actions
high Security checks quality Quality conf 1.00 ✓ Repobility [MINED020] Logging Credential Via Fstring: logger.error(f"failed for {api_key}") — secrets end up in log aggregators / sentry.
Review and fix per the pattern semantics. See CWE-532 / A09:2021 for context.
ultralytics/hub/auth.py:82
high Security checks quality Quality conf 1.00 ✓ Repobility [MINED020] Logging Credential Via Fstring: logger.error(f"failed for {api_key}") — secrets end up in log aggregators / sentry.
Review and fix per the pattern semantics. See CWE-532 / A09:2021 for context.
ultralytics/hub/__init__.py:64
high Security checks quality Quality conf 1.00 ✓ Repobility [MINED034] Python Subprocess Shell True: subprocess(..., shell=True) enables command injection.
Review and fix per the pattern semantics. See CWE-78 / for context.
ultralytics/nn/modules/__init__.py:17
high Security checks quality Quality conf 1.00 ✓ Repobility 3 occurrences [MINED040] Python Yaml Load Unsafe: yaml.load(stream) without SafeLoader can deserialize arbitrary classes.
Review and fix per the pattern semantics. See CWE-502 / for context.
3 files, 3 locations
examples/YOLOv8-ONNXRuntime/main.py:63
examples/YOLOv8-OpenCV-ONNX-Python/main.py:13
examples/YOLOv8-Segmentation-ONNXRuntime-Python/main.py:58
high Security checks quality Quality conf 1.00 ✓ Repobility 25 occurrences `self.task` used but never assigned in __init__
Method `forward` of class `AutoBackend` reads `self.task`, but no assignment to it exists in __init__ (and no class-level fallback). This raises AttributeError the first time the method runs against an instance.
3 files, 25 locations
ultralytics/nn/autobackend.py:282, 284, 285, 287, 298, 309, 311, 313, +1 more (11 hits)
ultralytics/nn/tasks.py:143, 144, 160, 161, 178, 182, 184, 199, +3 more (11 hits)
ultralytics/nn/text_model.py:129, 159, 160 (3 hits)
high Security checks software dependencies conf 0.90 ✓ Repobility 2 occurrences Dockerfile `ADD https://github.com/ultralytics/assets/releases/download/v0.0.0/Arial.ttf`
Dockerfile `ADD <url>` downloads a remote artifact into the image with no integrity check. If the host or DNS is compromised between layers — or if the URL serves a different file later — malicious content gets baked into the image.
lines 23, 43
docker/Dockerfile:23, 43 (2 hits)
high Security checks software dependencies conf 0.90 ✓ Repobility Dockerfile FROM `pytorch/pytorch:2.11.0-cuda12.8-cudnn9-runtime` not pinned by digest
`FROM pytorch/pytorch:2.11.0-cuda12.8-cudnn9-runtime` resolves the tag at build time. The registry CAN re-push a different image for the same tag, so every build is potentially different. Production images should pin to `image@sha256:...` for reproducibility + supply-chain integrity.
docker/Dockerfile:7
medium Security checks cicd CI/CD security conf 0.90 ✓ Repobility 20 occurrences GitHub Action is tag-pinned rather than SHA-pinned
Action `astral-sh/setup-uv` pinned to mutable ref `@v7` uses a mutable tag or branch. Pin external actions to a reviewed full commit SHA when the workflow is security-sensitive.
4 files, 20 locations
.github/workflows/ci.yml:66, 111, 146, 192, 299, 444, 457, 516, +3 more (13 hits)
.github/workflows/docker.yml:118, 310 (3 hits)
.github/workflows/cla.yml:30 (2 hits)
.github/workflows/publish.yml:162, 170 (2 hits)
CI/CD securitySupply chainGitHub Actions
low Security checks cicd CI/CD security conf 0.90 ✓ Repobility 18 occurrences GitHub Action is tag-pinned rather than SHA-pinned
Action `actions/checkout` pinned to mutable ref `@v6` uses a mutable tag or branch. Pin external actions to a reviewed full commit SHA when the workflow is security-sensitive.
6 files, 18 locations
.github/workflows/ci.yml:61, 62, 141, 142, 170, 294, 295, 329, +3 more (12 hits)
.github/workflows/docker.yml:113 (2 hits)
.github/workflows/docs.yml:40
.github/workflows/links.yml:27
.github/workflows/merge-main-into-prs.yml:23
.github/workflows/mirror.yml:24
CI/CD securitySupply chainGitHub Actions
high Security checks cicd CI/CD security conf 0.90 ✓ Repobility 9 occurrences GitHub Action is tag-pinned rather than SHA-pinned
Action `ultralytics/actions/cleanup-disk` pinned to mutable ref `@main` uses a mutable tag or branch. Pin external actions to a reviewed full commit SHA when the workflow is security-sensitive.
2 files, 9 locations
.github/workflows/docker.yml:110, 121, 134, 147, 188, 208, 256 (7 hits)
.github/workflows/links.yml:35, 71 (2 hits)
CI/CD securitySupply chainGitHub Actions
high System graph cicd CI/CD security conf 1.00 11 occurrences GitHub Action tracks a moving branch
ultralytics/actions/retry@main can move without a code change in this repo. Pin third-party actions to a reviewed 40-character commit SHA.
4 files, 11 locations
.github/workflows/docker.yml:110, 121, 134, 147, 188, 208, 256 (7 hits)
.github/workflows/links.yml:35, 71 (2 hits)
.github/workflows/ci.yml:339
.github/workflows/format.yml:26
CI/CD securitySupply chainGithub actions
high System graph security security conf 1.00 Insecure pattern 'eval_used' in ultralytics/engine/exporter.py:650
Found a known-risky pattern (eval_used). Review and replace if possible.
ultralytics/engine/exporter.py:650 Eval used
high System graph security security conf 1.00 Insecure pattern 'eval_used' in ultralytics/engine/predictor.py:416
Found a known-risky pattern (eval_used). Review and replace if possible.
ultralytics/engine/predictor.py:416 Eval used
high System graph security security conf 1.00 Insecure pattern 'eval_used' in ultralytics/engine/trainer.py:645
Found a known-risky pattern (eval_used). Review and replace if possible.
ultralytics/engine/trainer.py:645 Eval used
high System graph security security conf 1.00 Insecure pattern 'eval_used' in ultralytics/engine/validator.py:166
Found a known-risky pattern (eval_used). Review and replace if possible.
ultralytics/engine/validator.py:166 Eval used
high System graph security security conf 1.00 Insecure pattern 'eval_used' in ultralytics/models/nas/model.py:81
Found a known-risky pattern (eval_used). Review and replace if possible.
ultralytics/models/nas/model.py:81 Eval used
high System graph security security conf 1.00 Insecure pattern 'eval_used' in ultralytics/models/sam/build.py:224
Found a known-risky pattern (eval_used). Review and replace if possible.
ultralytics/models/sam/build.py:224 Eval used
high System graph security security conf 1.00 Insecure pattern 'eval_used' in ultralytics/models/sam/build_sam3.py:254
Found a known-risky pattern (eval_used). Review and replace if possible.
ultralytics/models/sam/build_sam3.py:254 Eval used
high System graph security security conf 1.00 Insecure pattern 'eval_used' in ultralytics/models/sam/predict.py:460
Found a known-risky pattern (eval_used). Review and replace if possible.
ultralytics/models/sam/predict.py:460 Eval used
high System graph security security conf 1.00 Insecure pattern 'eval_used' in ultralytics/models/yolo/yoloe/train.py:140
Found a known-risky pattern (eval_used). Review and replace if possible.
ultralytics/models/yolo/yoloe/train.py:140 Eval used
high System graph security security conf 1.00 Insecure pattern 'eval_used' in ultralytics/models/yolo/yoloe/train_seg.py:97
Found a known-risky pattern (eval_used). Review and replace if possible.
ultralytics/models/yolo/yoloe/train_seg.py:97 Eval used
high System graph security security conf 1.00 Insecure pattern 'eval_used' in ultralytics/models/yolo/yoloe/val.py:180
Found a known-risky pattern (eval_used). Review and replace if possible.
ultralytics/models/yolo/yoloe/val.py:180 Eval used
high System graph security security conf 1.00 Insecure pattern 'eval_used' in ultralytics/nn/tasks.py:416
Found a known-risky pattern (eval_used). Review and replace if possible.
ultralytics/nn/tasks.py:416 Eval used
high System graph security security conf 1.00 Insecure pattern 'eval_used' in ultralytics/nn/text_model.py:86
Found a known-risky pattern (eval_used). Review and replace if possible.
ultralytics/nn/text_model.py:86 Eval used
high System graph security security conf 1.00 Insecure pattern 'eval_used' in ultralytics/utils/callbacks/tensorboard.py:67
Found a known-risky pattern (eval_used). Review and replace if possible.
ultralytics/utils/callbacks/tensorboard.py:67 Eval used
high System graph security security conf 1.00 Insecure pattern 'eval_used' in ultralytics/utils/export/coreml.py:199
Found a known-risky pattern (eval_used). Review and replace if possible.
ultralytics/utils/export/coreml.py:199 Eval used
high System graph security security conf 1.00 Insecure pattern 'eval_used' in ultralytics/utils/torch_utils.py:675
Found a known-risky pattern (eval_used). Review and replace if possible.
ultralytics/utils/torch_utils.py:675 Eval used
medium Security checks security auth conf 0.92 [AUC001] No Repobility access matrix policy found: The repository uses web/API frameworks but does not define .repobility/access.yml or equivalent authorization documentation.
The repository uses web/API frameworks but does not define .repobility/access.yml or equivalent authorization documentation.
low Security checks quality Error handling conf 1.00 [ERR001] Silent Exception Swallowing: Silently swallowing all exceptions hides bugs. Even in cleanup code, log at DEBUG level.
Log the error: `except Exception: logger.debug('cleanup failed', exc_info=True)`. Or handle specific exception types.
ultralytics/utils/events.py:22
low Security checks quality Error handling conf 1.00 [ERR001] Silent Exception Swallowing: Silently swallowing all exceptions hides bugs. Even in cleanup code, log at DEBUG level.
Log the error: `except Exception: logger.debug('cleanup failed', exc_info=True)`. Or handle specific exception types.
ultralytics/utils/autodevice.py:71
low Security checks security Injection conf 0.50 [SEC005] Command Injection Risk: Unsafe shell execution or eval of user input.
Use subprocess with shell=False and a list of args. Never eval user input.
ultralytics/nn/modules/__init__.py:17
low Security checks security Deserialization conf 1.00 3 occurrences [SEC007] Unsafe Deserialization: Unsafe deserialization can execute arbitrary code.
Use yaml.safe_load() instead of yaml.load(). Avoid pickle for untrusted data.
3 files, 3 locations
examples/YOLOv8-ONNXRuntime/main.py:63
examples/YOLOv8-OpenCV-ONNX-Python/main.py:13
examples/YOLOv8-Segmentation-ONNXRuntime-Python/main.py:58
medium Security checks quality Quality conf 1.00 [SEC123] Production stack trace / debug output exposed: Debug mode left on in production exposes stack traces, environment variables, framework internals — sometimes triggers RCE (Django debug page with arbitrary template eval).
Set DEBUG=False / APP_DEBUG=false in production. Provide a generic 500 handler that logs to backend but returns a sanitized page to clients.
ultralytics/solutions/similarity_search.py:185
medium Security checks quality Quality conf 1.00 [SEC125] AI placeholder credential left in source (your-api-key-here style): AI coding assistants frequently emit placeholder credentials shaped like `API_KEY = "your-api-key-here"` instead of pulling from env. These get committed verbatim — production code with a literal placeholder string is a near-certain bug, and the value also leaks what credential type the system expects to authentication crawlers. CWE-1188. Distinctive AI footprint: the exact phrase shape `your-X-here` is uncommon in hand
Replace with env lookup: `API_KEY = os.environ['SERVICE_API_KEY']`. Move actual key to a secret manager. Add a startup check that the env var is non-empty so missing config fails loudly instead of shipping the placeholder.
ultralytics/hub/auth.py:32
low Security checks quality Quality conf 1.00 [SEC136] AI-typical over-broad exception handler swallowing all errors: Catch-all exception block that silently returns success or no-ops. AI agents reach for this pattern when a flaky test or an unfamiliar API throws — wrap, swallow, return success. Real bugs are masked, observability is destroyed, and callers think the operation worked. CWE-396 (improperly-generalized exception). Distinct from intentional fallback because there's no log line and the success value is fabricated.
Catch the specific exception type, log at error level with full exception info, and return a failure-shaped result. If the operation is genuinely best-effort, log at warning and document why in a comment so the next reader (or scanner) knows.
ultralytics/utils/patches.py:102
low Security checks quality Error handling conf 0.55 ✓ Repobility 24 occurrences Broad exception handler needs review
This handler catches Exception/BaseException. It is actionable when it swallows errors without logging, re-raising, or returning a structured error. Handlers that intentionally convert exceptions into typed error results should not be treated as high risk.
12 files, 23 locations
ultralytics/utils/checks.py:295, 385, 939, 1038 (4 hits)
ultralytics/data/utils.py:209, 239, 301 (3 hits)
ultralytics/utils/__init__.py:211, 632, 770 (3 hits)
ultralytics/utils/patches.py:78, 107, 132 (3 hits)
docs/build_docs.py:204, 213 (2 hits)
docs/build_reference.py:179, 632 (2 hits)
ultralytics/cfg/__init__.py:868
ultralytics/engine/trainer.py:636
Error handlingquality
high Security checks cicd CI/CD security conf 0.82 Docker final stage has no non-root USER
Docker images run as root unless the image or Dockerfile switches to a non-root user.
docker/Dockerfile:7 CI/CD securitycontainers
medium Security checks cicd CI/CD security conf 0.84 2 occurrences Dockerfile ADD downloads remote content
ADD can fetch remote URLs without checksum verification. This makes builds dependent on mutable network content.
lines 23, 43
docker/Dockerfile:23, 43 (2 hits)
CI/CD securitycontainers
medium Security checks cicd CI/CD security conf 0.76 Dockerfile copies broad context with incomplete .dockerignore
COPY . or ADD . is safer when .dockerignore excludes secrets, git history, keys, and generated artifacts.
docker/Dockerfile:40 CI/CD securitycontainers
medium Security checks quality Quality conf 1.00 ✓ Repobility 6 occurrences Mutable default argument in `__init__` (list)
`def __init__(... = []/{}/set())` — Python's default value is constructed ONCE at function definition time and shared across all calls. Mutating it in one call mutates it for every future call too.
6 files, 6 locations
ultralytics/data/augment.py:2594
ultralytics/models/sam/modules/tiny_encoder.py:965
ultralytics/models/sam/sam3/necks.py:129
ultralytics/models/sam/sam3/vitdet.py:543
ultralytics/models/sam/sam3/vl_combiner.py:158
ultralytics/utils/tal.py:31
medium Security checks quality Quality conf 1.00 ✓ Repobility 9 occurrences Mutable default argument in `predict` (dict)
`def predict(... = []/{}/set())` — Python's default value is constructed ONCE at function definition time and shared across all calls. Mutating it in one call mutates it for every future call too.
2 files, 9 locations
ultralytics/utils/metrics.py:343, 666, 711, 788, 1117, 1286, 1437, 1661 (8 hits)
ultralytics/models/yolo/model.py:359
medium Security checks quality Quality conf 0.78 Public web service has no security.txt
security.txt gives researchers and customers a safe disclosure channel. Public web apps and APIs should publish it under /.well-known/security.txt.
.well-known/security.txt
medium Security checks software dependencies conf 0.90 Python package `certifi` is 1 major version(s) behind (2025.4.26 -> 2026.5.20)
`certifi==2025.4.26` is 1 major version(s) behind the latest stable release on PyPI (2026.5.20). Pinned-but-stale Python dependencies drift away from upstream security and bugfix releases. This is the version-currency signal Dependabot raises.
examples/RTDETR-ONNXRuntime-Python/requirements.txt:1
medium Security checks software dependencies conf 0.90 Python package `packaging` is 1 major version(s) behind (25.0 -> 26.2)
`packaging==25.0` is 1 major version(s) behind the latest stable release on PyPI (26.2). Pinned-but-stale Python dependencies drift away from upstream security and bugfix releases. This is the version-currency signal Dependabot raises.
examples/RTDETR-ONNXRuntime-Python/requirements.txt:11
high Security checks software dependencies conf 0.70 Remote install command pipes network code directly to a shell
Agent helper projects often publish one-line installers. `curl | sh` style commands are convenient, but they bypass review unless the script is pinned, signed, or checksum-verified.
ultralytics/data/scripts/get_imagenet.sh:45
medium Security checks software dependencies conf 0.90 ✓ Repobility 9 occurrences requirements.txt: `ultralytics` has no version pin
Unpinned pip requirement means every fresh install may resolve a different version. Newer releases can introduce malicious code (typosquats, account compromises). Reproducible installs need exact pins.
3 files, 9 locations
examples/YOLOv8-ONNXRuntime/requirements.txt:1, 2, 3, 4 (4 hits)
examples/YOLOv8-OpenCV-ONNX-Python/requirements.txt:1, 2, 3 (3 hits)
examples/YOLOv8-Action-Recognition/requirements.txt:3, 4 (2 hits)
medium System graph hardware Supply chain conf 1.00 2 occurrences Dockerfile ADD downloads remote content without checksum
Remote build inputs can change or be replaced upstream. Use Dockerfile ADD --checksum or download with an explicit digest/signature verification step.
lines 23, 43
docker/Dockerfile:23, 43 (2 hits)
containersChecksum
medium System graph hardware Security conf 1.00 Dockerfile runs as root: docker/Dockerfile
No non-root USER set. Containers running as root expand the blast radius of any vulnerability inside the image.
Container
medium System graph cicd CI/CD security conf 1.00 5 occurrences GitHub Actions workflow grants broad write permissions
CI tokens with write permissions increase blast radius when an action, dependency, or PR workflow is compromised. Prefer job-level least-privilege permissions.
5 files, 5 locations
.github/workflows/cla.yml
.github/workflows/docs.yml
.github/workflows/format.yml
.github/workflows/merge-main-into-prs.yml
.github/workflows/publish.yml
CI/CD securitySupply chainGithub actions
medium System graph security security conf 1.00 Insecure pattern 'subprocess_shell_true' in ultralytics/utils/checks.py:480
Found a known-risky pattern (subprocess_shell_true). Review and replace if possible.
ultralytics/utils/checks.py:480 Subprocess shell true
medium System graph security security conf 1.00 Insecure pattern 'subprocess_shell_true' in ultralytics/utils/export/tensorflow.py:245
Found a known-risky pattern (subprocess_shell_true). Review and replace if possible.
ultralytics/utils/export/tensorflow.py:245 Subprocess shell true
medium System graph quality Integrity conf 1.00 Network/subprocess call without timeout or try/except — .github/scripts/create-export-env.py:32
`subprocess.run(...)` here lacks both a `timeout=` arg and an enclosing try/except. This is exactly the class of bug that took down our git-clone earlier (HTTP/2 stream cancel surfaced as a fatal). Add a `timeout=` and wrap in try/except, or use a wrapper that retries.
runtime safetyRobustness
medium System graph quality Integrity conf 1.00 Network/subprocess call without timeout or try/except — docs/build_docs.py:73
`subprocess.run(...)` here lacks both a `timeout=` arg and an enclosing try/except. This is exactly the class of bug that took down our git-clone earlier (HTTP/2 stream cancel surfaced as a fatal). Add a `timeout=` and wrap in try/except, or use a wrapper that retries.
runtime safetyRobustness
medium System graph quality Integrity conf 1.00 Network/subprocess call without timeout or try/except — docs/build_reference.py:1034
`subprocess.run(...)` here lacks both a `timeout=` arg and an enclosing try/except. This is exactly the class of bug that took down our git-clone earlier (HTTP/2 stream cancel surfaced as a fatal). Add a `timeout=` and wrap in try/except, or use a wrapper that retries.
runtime safetyRobustness
medium System graph quality Integrity conf 1.00 Network/subprocess call without timeout or try/except — ultralytics/cfg/__init__.py:751
`subprocess.run(...)` here lacks both a `timeout=` arg and an enclosing try/except. This is exactly the class of bug that took down our git-clone earlier (HTTP/2 stream cancel surfaced as a fatal). Add a `timeout=` and wrap in try/except, or use a wrapper that retries.
runtime safetyRobustness
medium System graph quality Integrity conf 1.00 Network/subprocess call without timeout or try/except — ultralytics/engine/tuner.py:513
`subprocess.run(...)` here lacks both a `timeout=` arg and an enclosing try/except. This is exactly the class of bug that took down our git-clone earlier (HTTP/2 stream cancel surfaced as a fatal). Add a `timeout=` and wrap in try/except, or use a wrapper that retries.
runtime safetyRobustness
medium System graph quality Integrity conf 1.00 Network/subprocess call without timeout or try/except — ultralytics/hub/__init__.py:78
`requests.post(...)` here lacks both a `timeout=` arg and an enclosing try/except. This is exactly the class of bug that took down our git-clone earlier (HTTP/2 stream cancel surfaced as a fatal). Add a `timeout=` and wrap in try/except, or use a wrapper that retries.
runtime safetyRobustness
medium System graph quality Integrity conf 1.00 Network/subprocess call without timeout or try/except — ultralytics/nn/modules/__init__.py:17
`subprocess.run(...)` here lacks both a `timeout=` arg and an enclosing try/except. This is exactly the class of bug that took down our git-clone earlier (HTTP/2 stream cancel surfaced as a fatal). Add a `timeout=` and wrap in try/except, or use a wrapper that retries.
runtime safetyRobustness
medium System graph quality Integrity conf 1.00 Network/subprocess call without timeout or try/except — ultralytics/utils/checks.py:396
`subprocess.run(...)` here lacks both a `timeout=` arg and an enclosing try/except. This is exactly the class of bug that took down our git-clone earlier (HTTP/2 stream cancel surfaced as a fatal). Add a `timeout=` and wrap in try/except, or use a wrapper that retries.
runtime safetyRobustness
medium System graph quality Integrity conf 1.00 Network/subprocess call without timeout or try/except — ultralytics/utils/export/imx.py:363
`subprocess.run(...)` here lacks both a `timeout=` arg and an enclosing try/except. This is exactly the class of bug that took down our git-clone earlier (HTTP/2 stream cancel surfaced as a fatal). Add a `timeout=` and wrap in try/except, or use a wrapper that retries.
runtime safetyRobustness
medium System graph quality Integrity conf 1.00 Network/subprocess call without timeout or try/except — ultralytics/utils/export/tensorflow.py:245
`subprocess.run(...)` here lacks both a `timeout=` arg and an enclosing try/except. This is exactly the class of bug that took down our git-clone earlier (HTTP/2 stream cancel surfaced as a fatal). Add a `timeout=` and wrap in try/except, or use a wrapper that retries.
runtime safetyRobustness
medium System graph network Security conf 1.00 Privileged port 10 in use
Port 10 is privileged (<1024). Make sure the service runs with the right caps or front it with a non-privileged port via a load balancer.
ultralytics/cfg/datasets/cityscapes.yaml Ports
medium System graph network Security conf 1.00 Privileged port 104 in use
Port 104 is privileged (<1024). Make sure the service runs with the right caps or front it with a non-privileged port via a load balancer.
ultralytics/cfg/datasets/ade20k.yaml Ports
medium System graph network Security conf 1.00 Privileged port 105 in use
Port 105 is privileged (<1024). Make sure the service runs with the right caps or front it with a non-privileged port via a load balancer.
ultralytics/cfg/datasets/ade20k.yaml Ports
medium System graph network Security conf 1.00 Privileged port 106 in use
Port 106 is privileged (<1024). Make sure the service runs with the right caps or front it with a non-privileged port via a load balancer.
ultralytics/cfg/datasets/ade20k.yaml Ports
medium System graph network Security conf 1.00 Privileged port 107 in use
Port 107 is privileged (<1024). Make sure the service runs with the right caps or front it with a non-privileged port via a load balancer.
ultralytics/cfg/datasets/ade20k.yaml Ports
medium System graph network Security conf 1.00 Privileged port 108 in use
Port 108 is privileged (<1024). Make sure the service runs with the right caps or front it with a non-privileged port via a load balancer.
ultralytics/cfg/datasets/ade20k.yaml Ports
medium System graph network Security conf 1.00 Privileged port 109 in use
Port 109 is privileged (<1024). Make sure the service runs with the right caps or front it with a non-privileged port via a load balancer.
ultralytics/cfg/datasets/ade20k.yaml Ports
medium System graph network Security conf 1.00 Privileged port 11 in use
Port 11 is privileged (<1024). Make sure the service runs with the right caps or front it with a non-privileged port via a load balancer.
ultralytics/cfg/datasets/cityscapes.yaml Ports
medium System graph network Security conf 1.00 Privileged port 110 in use
Port 110 is privileged (<1024). Make sure the service runs with the right caps or front it with a non-privileged port via a load balancer.
ultralytics/cfg/datasets/ade20k.yaml Ports
medium System graph network Security conf 1.00 Privileged port 111 in use
Port 111 is privileged (<1024). Make sure the service runs with the right caps or front it with a non-privileged port via a load balancer.
ultralytics/cfg/datasets/ade20k.yaml Ports
medium System graph network Security conf 1.00 Privileged port 112 in use
Port 112 is privileged (<1024). Make sure the service runs with the right caps or front it with a non-privileged port via a load balancer.
ultralytics/cfg/datasets/ade20k.yaml Ports
medium System graph network Security conf 1.00 Privileged port 113 in use
Port 113 is privileged (<1024). Make sure the service runs with the right caps or front it with a non-privileged port via a load balancer.
ultralytics/cfg/datasets/ade20k.yaml Ports
medium System graph network Security conf 1.00 Privileged port 114 in use
Port 114 is privileged (<1024). Make sure the service runs with the right caps or front it with a non-privileged port via a load balancer.
ultralytics/cfg/datasets/ade20k.yaml Ports
medium System graph network Security conf 1.00 Privileged port 115 in use
Port 115 is privileged (<1024). Make sure the service runs with the right caps or front it with a non-privileged port via a load balancer.
ultralytics/cfg/datasets/ade20k.yaml Ports
medium System graph network Security conf 1.00 Privileged port 116 in use
Port 116 is privileged (<1024). Make sure the service runs with the right caps or front it with a non-privileged port via a load balancer.
ultralytics/cfg/datasets/ade20k.yaml Ports
medium System graph network Security conf 1.00 Privileged port 117 in use
Port 117 is privileged (<1024). Make sure the service runs with the right caps or front it with a non-privileged port via a load balancer.
ultralytics/cfg/datasets/ade20k.yaml Ports
medium System graph network Security conf 1.00 Privileged port 118 in use
Port 118 is privileged (<1024). Make sure the service runs with the right caps or front it with a non-privileged port via a load balancer.
ultralytics/cfg/datasets/ade20k.yaml Ports
medium System graph network Security conf 1.00 Privileged port 119 in use
Port 119 is privileged (<1024). Make sure the service runs with the right caps or front it with a non-privileged port via a load balancer.
ultralytics/cfg/datasets/ade20k.yaml Ports
medium System graph network Security conf 1.00 Privileged port 12 in use
Port 12 is privileged (<1024). Make sure the service runs with the right caps or front it with a non-privileged port via a load balancer.
ultralytics/cfg/datasets/cityscapes.yaml Ports
medium System graph network Security conf 1.00 Privileged port 120 in use
Port 120 is privileged (<1024). Make sure the service runs with the right caps or front it with a non-privileged port via a load balancer.
ultralytics/cfg/datasets/ade20k.yaml Ports
medium System graph network Security conf 1.00 Privileged port 121 in use
Port 121 is privileged (<1024). Make sure the service runs with the right caps or front it with a non-privileged port via a load balancer.
ultralytics/cfg/datasets/ade20k.yaml Ports
medium System graph network Security conf 1.00 Privileged port 122 in use
Port 122 is privileged (<1024). Make sure the service runs with the right caps or front it with a non-privileged port via a load balancer.
ultralytics/cfg/datasets/ade20k.yaml Ports
medium System graph network Security conf 1.00 Privileged port 123 in use
Port 123 is privileged (<1024). Make sure the service runs with the right caps or front it with a non-privileged port via a load balancer.
ultralytics/cfg/datasets/ade20k.yaml Ports
medium System graph network Security conf 1.00 Privileged port 124 in use
Port 124 is privileged (<1024). Make sure the service runs with the right caps or front it with a non-privileged port via a load balancer.
ultralytics/cfg/datasets/ade20k.yaml Ports
medium System graph network Security conf 1.00 Privileged port 125 in use
Port 125 is privileged (<1024). Make sure the service runs with the right caps or front it with a non-privileged port via a load balancer.
ultralytics/cfg/datasets/ade20k.yaml Ports
medium System graph network Security conf 1.00 Privileged port 126 in use
Port 126 is privileged (<1024). Make sure the service runs with the right caps or front it with a non-privileged port via a load balancer.
ultralytics/cfg/datasets/ade20k.yaml Ports
medium System graph network Security conf 1.00 Privileged port 127 in use
Port 127 is privileged (<1024). Make sure the service runs with the right caps or front it with a non-privileged port via a load balancer.
ultralytics/cfg/datasets/ade20k.yaml Ports
medium System graph network Security conf 1.00 Privileged port 128 in use
Port 128 is privileged (<1024). Make sure the service runs with the right caps or front it with a non-privileged port via a load balancer.
ultralytics/cfg/datasets/ade20k.yaml Ports
medium System graph network Security conf 1.00 Privileged port 129 in use
Port 129 is privileged (<1024). Make sure the service runs with the right caps or front it with a non-privileged port via a load balancer.
ultralytics/cfg/datasets/ade20k.yaml Ports
medium System graph network Security conf 1.00 Privileged port 13 in use
Port 13 is privileged (<1024). Make sure the service runs with the right caps or front it with a non-privileged port via a load balancer.
ultralytics/cfg/datasets/cityscapes.yaml Ports
medium System graph network Security conf 1.00 Privileged port 130 in use
Port 130 is privileged (<1024). Make sure the service runs with the right caps or front it with a non-privileged port via a load balancer.
ultralytics/cfg/datasets/ade20k.yaml Ports
medium System graph network Security conf 1.00 Privileged port 131 in use
Port 131 is privileged (<1024). Make sure the service runs with the right caps or front it with a non-privileged port via a load balancer.
ultralytics/cfg/datasets/ade20k.yaml Ports
medium System graph network Security conf 1.00 Privileged port 132 in use
Port 132 is privileged (<1024). Make sure the service runs with the right caps or front it with a non-privileged port via a load balancer.
ultralytics/cfg/datasets/ade20k.yaml Ports
medium System graph network Security conf 1.00 Privileged port 133 in use
Port 133 is privileged (<1024). Make sure the service runs with the right caps or front it with a non-privileged port via a load balancer.
ultralytics/cfg/datasets/ade20k.yaml Ports
medium System graph network Security conf 1.00 Privileged port 134 in use
Port 134 is privileged (<1024). Make sure the service runs with the right caps or front it with a non-privileged port via a load balancer.
ultralytics/cfg/datasets/ade20k.yaml Ports
medium System graph network Security conf 1.00 Privileged port 135 in use
Port 135 is privileged (<1024). Make sure the service runs with the right caps or front it with a non-privileged port via a load balancer.
ultralytics/cfg/datasets/ade20k.yaml Ports
medium System graph network Security conf 1.00 Privileged port 136 in use
Port 136 is privileged (<1024). Make sure the service runs with the right caps or front it with a non-privileged port via a load balancer.
ultralytics/cfg/datasets/ade20k.yaml Ports
medium System graph network Security conf 1.00 Privileged port 137 in use
Port 137 is privileged (<1024). Make sure the service runs with the right caps or front it with a non-privileged port via a load balancer.
ultralytics/cfg/datasets/ade20k.yaml Ports
medium System graph network Security conf 1.00 Privileged port 138 in use
Port 138 is privileged (<1024). Make sure the service runs with the right caps or front it with a non-privileged port via a load balancer.
ultralytics/cfg/datasets/ade20k.yaml Ports
medium System graph network Security conf 1.00 Privileged port 139 in use
Port 139 is privileged (<1024). Make sure the service runs with the right caps or front it with a non-privileged port via a load balancer.
ultralytics/cfg/datasets/ade20k.yaml Ports
medium System graph network Security conf 1.00 Privileged port 14 in use
Port 14 is privileged (<1024). Make sure the service runs with the right caps or front it with a non-privileged port via a load balancer.
ultralytics/cfg/datasets/cityscapes.yaml Ports
medium System graph network Security conf 1.00 Privileged port 140 in use
Port 140 is privileged (<1024). Make sure the service runs with the right caps or front it with a non-privileged port via a load balancer.
ultralytics/cfg/datasets/ade20k.yaml Ports
medium System graph network Security conf 1.00 Privileged port 141 in use
Port 141 is privileged (<1024). Make sure the service runs with the right caps or front it with a non-privileged port via a load balancer.
ultralytics/cfg/datasets/ade20k.yaml Ports
medium System graph network Security conf 1.00 Privileged port 142 in use
Port 142 is privileged (<1024). Make sure the service runs with the right caps or front it with a non-privileged port via a load balancer.
ultralytics/cfg/datasets/ade20k.yaml Ports
medium System graph network Security conf 1.00 Privileged port 143 in use
Port 143 is privileged (<1024). Make sure the service runs with the right caps or front it with a non-privileged port via a load balancer.
ultralytics/cfg/datasets/ade20k.yaml Ports
medium System graph network Security conf 1.00 Privileged port 144 in use
Port 144 is privileged (<1024). Make sure the service runs with the right caps or front it with a non-privileged port via a load balancer.
ultralytics/cfg/datasets/ade20k.yaml Ports
medium System graph network Security conf 1.00 Privileged port 145 in use
Port 145 is privileged (<1024). Make sure the service runs with the right caps or front it with a non-privileged port via a load balancer.
ultralytics/cfg/datasets/ade20k.yaml Ports
medium System graph network Security conf 1.00 Privileged port 146 in use
Port 146 is privileged (<1024). Make sure the service runs with the right caps or front it with a non-privileged port via a load balancer.
ultralytics/cfg/datasets/ade20k.yaml Ports
medium System graph network Security conf 1.00 Privileged port 147 in use
Port 147 is privileged (<1024). Make sure the service runs with the right caps or front it with a non-privileged port via a load balancer.
ultralytics/cfg/datasets/ade20k.yaml Ports
medium System graph network Security conf 1.00 Privileged port 148 in use
Port 148 is privileged (<1024). Make sure the service runs with the right caps or front it with a non-privileged port via a load balancer.
ultralytics/cfg/datasets/ade20k.yaml Ports
medium System graph network Security conf 1.00 Privileged port 149 in use
Port 149 is privileged (<1024). Make sure the service runs with the right caps or front it with a non-privileged port via a load balancer.
ultralytics/cfg/datasets/ade20k.yaml Ports
medium System graph network Security conf 1.00 Privileged port 15 in use
Port 15 is privileged (<1024). Make sure the service runs with the right caps or front it with a non-privileged port via a load balancer.
ultralytics/cfg/datasets/cityscapes.yaml Ports
medium System graph network Security conf 1.00 Privileged port 150 in use
Port 150 is privileged (<1024). Make sure the service runs with the right caps or front it with a non-privileged port via a load balancer.
ultralytics/cfg/datasets/ade20k.yaml Ports
medium System graph network Security conf 1.00 Privileged port 16 in use
Port 16 is privileged (<1024). Make sure the service runs with the right caps or front it with a non-privileged port via a load balancer.
ultralytics/cfg/datasets/cityscapes.yaml Ports
medium System graph network Security conf 1.00 Privileged port 17 in use
Port 17 is privileged (<1024). Make sure the service runs with the right caps or front it with a non-privileged port via a load balancer.
ultralytics/cfg/datasets/cityscapes.yaml Ports
medium System graph network Security conf 1.00 Privileged port 18 in use
Port 18 is privileged (<1024). Make sure the service runs with the right caps or front it with a non-privileged port via a load balancer.
ultralytics/cfg/datasets/cityscapes.yaml Ports
medium System graph network Security conf 1.00 Privileged port 19 in use
Port 19 is privileged (<1024). Make sure the service runs with the right caps or front it with a non-privileged port via a load balancer.
ultralytics/cfg/datasets/ade20k.yaml Ports
medium System graph network Security conf 1.00 Privileged port 20 in use
Port 20 is privileged (<1024). Make sure the service runs with the right caps or front it with a non-privileged port via a load balancer.
ultralytics/cfg/datasets/ade20k.yaml Ports
medium System graph network Security conf 1.00 Privileged port 21 in use
Port 21 is privileged (<1024). Make sure the service runs with the right caps or front it with a non-privileged port via a load balancer.
ultralytics/cfg/datasets/ade20k.yaml Ports
medium System graph network Security conf 1.00 Privileged port 23 in use
Port 23 is privileged (<1024). Make sure the service runs with the right caps or front it with a non-privileged port via a load balancer.
ultralytics/cfg/datasets/cityscapes.yaml Ports
medium System graph network Security conf 1.00 Privileged port 24 in use
Port 24 is privileged (<1024). Make sure the service runs with the right caps or front it with a non-privileged port via a load balancer.
ultralytics/cfg/datasets/cityscapes.yaml Ports
medium System graph network Security conf 1.00 Privileged port 26 in use
Port 26 is privileged (<1024). Make sure the service runs with the right caps or front it with a non-privileged port via a load balancer.
ultralytics/cfg/datasets/cityscapes.yaml Ports
medium System graph network Security conf 1.00 Privileged port 27 in use
Port 27 is privileged (<1024). Make sure the service runs with the right caps or front it with a non-privileged port via a load balancer.
ultralytics/cfg/datasets/cityscapes.yaml Ports
medium System graph network Security conf 1.00 Privileged port 28 in use
Port 28 is privileged (<1024). Make sure the service runs with the right caps or front it with a non-privileged port via a load balancer.
ultralytics/cfg/datasets/cityscapes.yaml Ports
medium System graph network Security conf 1.00 Privileged port 29 in use
Port 29 is privileged (<1024). Make sure the service runs with the right caps or front it with a non-privileged port via a load balancer.
ultralytics/cfg/datasets/ade20k.yaml Ports
medium System graph network Security conf 1.00 Privileged port 30 in use
Port 30 is privileged (<1024). Make sure the service runs with the right caps or front it with a non-privileged port via a load balancer.
ultralytics/cfg/datasets/ade20k.yaml Ports
medium System graph network Security conf 1.00 Privileged port 31 in use
Port 31 is privileged (<1024). Make sure the service runs with the right caps or front it with a non-privileged port via a load balancer.
ultralytics/cfg/datasets/cityscapes.yaml Ports
medium System graph network Security conf 1.00 Privileged port 32 in use
Port 32 is privileged (<1024). Make sure the service runs with the right caps or front it with a non-privileged port via a load balancer.
ultralytics/cfg/datasets/cityscapes.yaml Ports
medium System graph network Security conf 1.00 Privileged port 33 in use
Port 33 is privileged (<1024). Make sure the service runs with the right caps or front it with a non-privileged port via a load balancer.
ultralytics/cfg/datasets/cityscapes.yaml Ports
medium System graph network Security conf 1.00 Privileged port 34 in use
Port 34 is privileged (<1024). Make sure the service runs with the right caps or front it with a non-privileged port via a load balancer.
ultralytics/cfg/datasets/ade20k.yaml Ports
medium System graph network Security conf 1.00 Privileged port 35 in use
Port 35 is privileged (<1024). Make sure the service runs with the right caps or front it with a non-privileged port via a load balancer.
ultralytics/cfg/datasets/ade20k.yaml Ports
medium System graph network Security conf 1.00 Privileged port 36 in use
Port 36 is privileged (<1024). Make sure the service runs with the right caps or front it with a non-privileged port via a load balancer.
ultralytics/cfg/datasets/ade20k.yaml Ports
medium System graph network Security conf 1.00 Privileged port 37 in use
Port 37 is privileged (<1024). Make sure the service runs with the right caps or front it with a non-privileged port via a load balancer.
ultralytics/cfg/datasets/ade20k.yaml Ports
medium System graph network Security conf 1.00 Privileged port 38 in use
Port 38 is privileged (<1024). Make sure the service runs with the right caps or front it with a non-privileged port via a load balancer.
ultralytics/cfg/datasets/ade20k.yaml Ports
medium System graph network Security conf 1.00 Privileged port 39 in use
Port 39 is privileged (<1024). Make sure the service runs with the right caps or front it with a non-privileged port via a load balancer.
ultralytics/cfg/datasets/ade20k.yaml Ports
medium System graph network Security conf 1.00 Privileged port 40 in use
Port 40 is privileged (<1024). Make sure the service runs with the right caps or front it with a non-privileged port via a load balancer.
ultralytics/cfg/datasets/ade20k.yaml Ports
medium System graph network Security conf 1.00 Privileged port 41 in use
Port 41 is privileged (<1024). Make sure the service runs with the right caps or front it with a non-privileged port via a load balancer.
ultralytics/cfg/datasets/ade20k.yaml Ports
medium System graph network Security conf 1.00 Privileged port 42 in use
Port 42 is privileged (<1024). Make sure the service runs with the right caps or front it with a non-privileged port via a load balancer.
ultralytics/cfg/datasets/ade20k.yaml Ports
medium System graph network Security conf 1.00 Privileged port 43 in use
Port 43 is privileged (<1024). Make sure the service runs with the right caps or front it with a non-privileged port via a load balancer.
ultralytics/cfg/datasets/ade20k.yaml Ports
medium System graph network Security conf 1.00 Privileged port 44 in use
Port 44 is privileged (<1024). Make sure the service runs with the right caps or front it with a non-privileged port via a load balancer.
ultralytics/cfg/datasets/ade20k.yaml Ports
medium System graph network Security conf 1.00 Privileged port 45 in use
Port 45 is privileged (<1024). Make sure the service runs with the right caps or front it with a non-privileged port via a load balancer.
ultralytics/cfg/datasets/ade20k.yaml Ports
medium System graph network Security conf 1.00 Privileged port 46 in use
Port 46 is privileged (<1024). Make sure the service runs with the right caps or front it with a non-privileged port via a load balancer.
ultralytics/cfg/datasets/ade20k.yaml Ports
medium System graph network Security conf 1.00 Privileged port 47 in use
Port 47 is privileged (<1024). Make sure the service runs with the right caps or front it with a non-privileged port via a load balancer.
ultralytics/cfg/datasets/ade20k.yaml Ports
medium System graph network Security conf 1.00 Privileged port 48 in use
Port 48 is privileged (<1024). Make sure the service runs with the right caps or front it with a non-privileged port via a load balancer.
ultralytics/cfg/datasets/ade20k.yaml Ports
medium System graph network Security conf 1.00 Privileged port 49 in use
Port 49 is privileged (<1024). Make sure the service runs with the right caps or front it with a non-privileged port via a load balancer.
ultralytics/cfg/datasets/ade20k.yaml Ports
medium System graph network Security conf 1.00 Privileged port 50 in use
Port 50 is privileged (<1024). Make sure the service runs with the right caps or front it with a non-privileged port via a load balancer.
ultralytics/cfg/datasets/ade20k.yaml Ports
medium System graph network Security conf 1.00 Privileged port 51 in use
Port 51 is privileged (<1024). Make sure the service runs with the right caps or front it with a non-privileged port via a load balancer.
ultralytics/cfg/datasets/ade20k.yaml Ports
medium System graph network Security conf 1.00 Privileged port 52 in use
Port 52 is privileged (<1024). Make sure the service runs with the right caps or front it with a non-privileged port via a load balancer.
ultralytics/cfg/datasets/ade20k.yaml Ports
medium System graph network Security conf 1.00 Privileged port 54 in use
Port 54 is privileged (<1024). Make sure the service runs with the right caps or front it with a non-privileged port via a load balancer.
ultralytics/cfg/datasets/ade20k.yaml Ports
medium System graph network Security conf 1.00 Privileged port 55 in use
Port 55 is privileged (<1024). Make sure the service runs with the right caps or front it with a non-privileged port via a load balancer.
ultralytics/cfg/datasets/ade20k.yaml Ports
medium System graph network Security conf 1.00 Privileged port 56 in use
Port 56 is privileged (<1024). Make sure the service runs with the right caps or front it with a non-privileged port via a load balancer.
ultralytics/cfg/datasets/ade20k.yaml Ports
medium System graph network Security conf 1.00 Privileged port 57 in use
Port 57 is privileged (<1024). Make sure the service runs with the right caps or front it with a non-privileged port via a load balancer.
ultralytics/cfg/datasets/ade20k.yaml Ports
medium System graph network Security conf 1.00 Privileged port 58 in use
Port 58 is privileged (<1024). Make sure the service runs with the right caps or front it with a non-privileged port via a load balancer.
ultralytics/cfg/datasets/ade20k.yaml Ports
medium System graph network Security conf 1.00 Privileged port 59 in use
Port 59 is privileged (<1024). Make sure the service runs with the right caps or front it with a non-privileged port via a load balancer.
ultralytics/cfg/datasets/ade20k.yaml Ports
medium System graph network Security conf 1.00 Privileged port 60 in use
Port 60 is privileged (<1024). Make sure the service runs with the right caps or front it with a non-privileged port via a load balancer.
ultralytics/cfg/datasets/ade20k.yaml Ports
medium System graph network Security conf 1.00 Privileged port 61 in use
Port 61 is privileged (<1024). Make sure the service runs with the right caps or front it with a non-privileged port via a load balancer.
ultralytics/cfg/datasets/ade20k.yaml Ports
medium System graph network Security conf 1.00 Privileged port 62 in use
Port 62 is privileged (<1024). Make sure the service runs with the right caps or front it with a non-privileged port via a load balancer.
ultralytics/cfg/datasets/ade20k.yaml Ports
medium System graph network Security conf 1.00 Privileged port 63 in use
Port 63 is privileged (<1024). Make sure the service runs with the right caps or front it with a non-privileged port via a load balancer.
ultralytics/cfg/datasets/ade20k.yaml Ports
medium System graph network Security conf 1.00 Privileged port 64 in use
Port 64 is privileged (<1024). Make sure the service runs with the right caps or front it with a non-privileged port via a load balancer.
ultralytics/cfg/datasets/ade20k.yaml Ports
medium System graph network Security conf 1.00 Privileged port 65 in use
Port 65 is privileged (<1024). Make sure the service runs with the right caps or front it with a non-privileged port via a load balancer.
ultralytics/cfg/datasets/ade20k.yaml Ports
medium System graph network Security conf 1.00 Privileged port 66 in use
Port 66 is privileged (<1024). Make sure the service runs with the right caps or front it with a non-privileged port via a load balancer.
ultralytics/cfg/datasets/ade20k.yaml Ports
medium System graph network Security conf 1.00 Privileged port 67 in use
Port 67 is privileged (<1024). Make sure the service runs with the right caps or front it with a non-privileged port via a load balancer.
ultralytics/cfg/datasets/ade20k.yaml Ports
medium System graph network Security conf 1.00 Privileged port 68 in use
Port 68 is privileged (<1024). Make sure the service runs with the right caps or front it with a non-privileged port via a load balancer.
ultralytics/cfg/datasets/ade20k.yaml Ports
medium System graph network Security conf 1.00 Privileged port 69 in use
Port 69 is privileged (<1024). Make sure the service runs with the right caps or front it with a non-privileged port via a load balancer.
ultralytics/cfg/datasets/ade20k.yaml Ports
medium System graph network Security conf 1.00 Privileged port 70 in use
Port 70 is privileged (<1024). Make sure the service runs with the right caps or front it with a non-privileged port via a load balancer.
ultralytics/cfg/datasets/ade20k.yaml Ports
medium System graph network Security conf 1.00 Privileged port 71 in use
Port 71 is privileged (<1024). Make sure the service runs with the right caps or front it with a non-privileged port via a load balancer.
ultralytics/cfg/datasets/ade20k.yaml Ports
medium System graph network Security conf 1.00 Privileged port 72 in use
Port 72 is privileged (<1024). Make sure the service runs with the right caps or front it with a non-privileged port via a load balancer.
ultralytics/cfg/datasets/ade20k.yaml Ports
medium System graph network Security conf 1.00 Privileged port 73 in use
Port 73 is privileged (<1024). Make sure the service runs with the right caps or front it with a non-privileged port via a load balancer.
ultralytics/cfg/datasets/ade20k.yaml Ports
medium System graph network Security conf 1.00 Privileged port 74 in use
Port 74 is privileged (<1024). Make sure the service runs with the right caps or front it with a non-privileged port via a load balancer.
ultralytics/cfg/datasets/ade20k.yaml Ports
medium System graph network Security conf 1.00 Privileged port 75 in use
Port 75 is privileged (<1024). Make sure the service runs with the right caps or front it with a non-privileged port via a load balancer.
ultralytics/cfg/datasets/ade20k.yaml Ports
medium System graph network Security conf 1.00 Privileged port 76 in use
Port 76 is privileged (<1024). Make sure the service runs with the right caps or front it with a non-privileged port via a load balancer.
ultralytics/cfg/datasets/ade20k.yaml Ports
medium System graph network Security conf 1.00 Privileged port 77 in use
Port 77 is privileged (<1024). Make sure the service runs with the right caps or front it with a non-privileged port via a load balancer.
ultralytics/cfg/datasets/ade20k.yaml Ports
medium System graph network Security conf 1.00 Privileged port 78 in use
Port 78 is privileged (<1024). Make sure the service runs with the right caps or front it with a non-privileged port via a load balancer.
ultralytics/cfg/datasets/ade20k.yaml Ports
medium System graph network Security conf 1.00 Privileged port 79 in use
Port 79 is privileged (<1024). Make sure the service runs with the right caps or front it with a non-privileged port via a load balancer.
ultralytics/cfg/datasets/ade20k.yaml Ports
medium System graph network Security conf 1.00 Privileged port 81 in use
Port 81 is privileged (<1024). Make sure the service runs with the right caps or front it with a non-privileged port via a load balancer.
ultralytics/cfg/datasets/ade20k.yaml Ports
medium System graph network Security conf 1.00 Privileged port 82 in use
Port 82 is privileged (<1024). Make sure the service runs with the right caps or front it with a non-privileged port via a load balancer.
ultralytics/cfg/datasets/ade20k.yaml Ports
medium System graph network Security conf 1.00 Privileged port 83 in use
Port 83 is privileged (<1024). Make sure the service runs with the right caps or front it with a non-privileged port via a load balancer.
ultralytics/cfg/datasets/ade20k.yaml Ports
medium System graph network Security conf 1.00 Privileged port 84 in use
Port 84 is privileged (<1024). Make sure the service runs with the right caps or front it with a non-privileged port via a load balancer.
ultralytics/cfg/datasets/ade20k.yaml Ports
medium System graph network Security conf 1.00 Privileged port 85 in use
Port 85 is privileged (<1024). Make sure the service runs with the right caps or front it with a non-privileged port via a load balancer.
ultralytics/cfg/datasets/ade20k.yaml Ports
medium System graph network Security conf 1.00 Privileged port 86 in use
Port 86 is privileged (<1024). Make sure the service runs with the right caps or front it with a non-privileged port via a load balancer.
ultralytics/cfg/datasets/ade20k.yaml Ports
medium System graph network Security conf 1.00 Privileged port 87 in use
Port 87 is privileged (<1024). Make sure the service runs with the right caps or front it with a non-privileged port via a load balancer.
ultralytics/cfg/datasets/ade20k.yaml Ports
medium System graph network Security conf 1.00 Privileged port 88 in use
Port 88 is privileged (<1024). Make sure the service runs with the right caps or front it with a non-privileged port via a load balancer.
ultralytics/cfg/datasets/ade20k.yaml Ports
medium System graph network Security conf 1.00 Privileged port 89 in use
Port 89 is privileged (<1024). Make sure the service runs with the right caps or front it with a non-privileged port via a load balancer.
ultralytics/cfg/datasets/ade20k.yaml Ports
medium System graph network Security conf 1.00 Privileged port 90 in use
Port 90 is privileged (<1024). Make sure the service runs with the right caps or front it with a non-privileged port via a load balancer.
ultralytics/cfg/datasets/ade20k.yaml Ports
medium System graph network Security conf 1.00 Privileged port 91 in use
Port 91 is privileged (<1024). Make sure the service runs with the right caps or front it with a non-privileged port via a load balancer.
ultralytics/cfg/datasets/ade20k.yaml Ports
medium System graph network Security conf 1.00 Privileged port 92 in use
Port 92 is privileged (<1024). Make sure the service runs with the right caps or front it with a non-privileged port via a load balancer.
ultralytics/cfg/datasets/ade20k.yaml Ports
medium System graph network Security conf 1.00 Privileged port 93 in use
Port 93 is privileged (<1024). Make sure the service runs with the right caps or front it with a non-privileged port via a load balancer.
ultralytics/cfg/datasets/ade20k.yaml Ports
medium System graph network Security conf 1.00 Privileged port 94 in use
Port 94 is privileged (<1024). Make sure the service runs with the right caps or front it with a non-privileged port via a load balancer.
ultralytics/cfg/datasets/ade20k.yaml Ports
medium System graph network Security conf 1.00 Privileged port 95 in use
Port 95 is privileged (<1024). Make sure the service runs with the right caps or front it with a non-privileged port via a load balancer.
ultralytics/cfg/datasets/ade20k.yaml Ports
medium System graph network Security conf 1.00 Privileged port 96 in use
Port 96 is privileged (<1024). Make sure the service runs with the right caps or front it with a non-privileged port via a load balancer.
ultralytics/cfg/datasets/ade20k.yaml Ports
medium System graph network Security conf 1.00 Privileged port 97 in use
Port 97 is privileged (<1024). Make sure the service runs with the right caps or front it with a non-privileged port via a load balancer.
ultralytics/cfg/datasets/ade20k.yaml Ports
medium System graph network Security conf 1.00 Privileged port 98 in use
Port 98 is privileged (<1024). Make sure the service runs with the right caps or front it with a non-privileged port via a load balancer.
ultralytics/cfg/datasets/ade20k.yaml Ports
medium System graph network Security conf 1.00 Privileged port 99 in use
Port 99 is privileged (<1024). Make sure the service runs with the right caps or front it with a non-privileged port via a load balancer.
ultralytics/cfg/datasets/ade20k.yaml Ports
medium System graph quality Tests conf 1.00 Very low test-to-source ratio
10 test file(s) for 233 source file(s) (ratio 0.04). Consider adding integration or unit tests for critical paths.
Coverage
low Security checks cicd CI/CD security conf 0.72 .dockerignore misses sensitive defaults
.dockerignore exists but does not cover common secret or VCS patterns.
.dockerignore CI/CD securitycontainers
high Security checks cicd CI/CD security conf 0.72 Dockerfile keeps pip download cache
Pip's package cache increases image size and can preserve unnecessary artifacts.
docker/Dockerfile:46 CI/CD securitycontainers
low Security checks quality Quality conf 0.60 3 occurrences Duplicated implementation block across source files
Duplicate implementation blocks are maintenance debt. Keep them visible, but they are not a high-severity defect unless the duplicated logic is security-sensitive or drifting.
3 files, 3 locations
ultralytics/engine/validator.py:7
ultralytics/models/sam/build_sam3.py:272
ultralytics/models/yolo/yoloe/train_seg.py:60
duplicationquality
low Security checks software dependencies conf 0.90 Python package `flatbuffers` is minor version(s) behind (25.2.10 -> 25.12.19)
`flatbuffers==25.2.10` is minor version(s) behind the latest stable release on PyPI (25.12.19). Pinned-but-stale Python dependencies drift away from upstream security and bugfix releases. This is the version-currency signal Dependabot raises.
examples/RTDETR-ONNXRuntime-Python/requirements.txt:4
low Security checks software dependencies conf 0.90 Python package `idna` is minor version(s) behind (3.15 -> 3.18)
`idna==3.15` is minor version(s) behind the latest stable release on PyPI (3.18). Pinned-but-stale Python dependencies drift away from upstream security and bugfix releases. This is the version-currency signal Dependabot raises.
examples/RTDETR-ONNXRuntime-Python/requirements.txt:6
low Security checks software dependencies conf 0.90 Python package `mpmath` is minor version(s) behind (1.3.0 -> 1.4.1)
`mpmath==1.3.0` is minor version(s) behind the latest stable release on PyPI (1.4.1). Pinned-but-stale Python dependencies drift away from upstream security and bugfix releases. This is the version-currency signal Dependabot raises.
examples/RTDETR-ONNXRuntime-Python/requirements.txt:7
low Security checks software dependencies conf 0.90 Python package `onnxruntime` is minor version(s) behind (1.19.2 -> 1.26.0)
`onnxruntime==1.19.2` is minor version(s) behind the latest stable release on PyPI (1.26.0). Pinned-but-stale Python dependencies drift away from upstream security and bugfix releases. This is the version-currency signal Dependabot raises.
examples/RTDETR-ONNXRuntime-Python/requirements.txt:10
low Security checks software dependencies conf 0.90 Python package `opencv-python` is minor version(s) behind (4.11.0.86 -> 4.13.0.92)
`opencv-python==4.11.0.86` is minor version(s) behind the latest stable release on PyPI (4.13.0.92). Pinned-but-stale Python dependencies drift away from upstream security and bugfix releases. This is the version-currency signal Dependabot raises.
examples/RTDETR-ONNXRuntime-Python/requirements.txt:17
low Security checks software dependencies conf 0.90 Python package `requests` is minor version(s) behind (2.33.0 -> 2.34.2)
`requests==2.33.0` is minor version(s) behind the latest stable release on PyPI (2.34.2). Pinned-but-stale Python dependencies drift away from upstream security and bugfix releases. This is the version-currency signal Dependabot raises.
examples/RTDETR-ONNXRuntime-Python/requirements.txt:13
low Security checks software dependencies conf 0.90 Python package `typing-extensions` is minor version(s) behind (4.14.0 -> 4.15.0)
`typing-extensions==4.14.0` is minor version(s) behind the latest stable release on PyPI (4.15.0). Pinned-but-stale Python dependencies drift away from upstream security and bugfix releases. This is the version-currency signal Dependabot raises.
examples/RTDETR-ONNXRuntime-Python/requirements.txt:15
low Security checks quality Quality conf 0.74 robots.txt does not advertise a sitemap
Sitemap directives in robots.txt help crawlers and AI agents find the canonical public URL inventory quickly.
.github/workflows/links.yml
low System graph hardware Coverage conf 1.00 Containers defined but no K8s/orchestration manifest found
Repo has Dockerfiles/compose but no Kubernetes/Nomad manifests. If the target deployment is K8s, the manifests may live in a separate ops repo.
Deployment
low System graph hardware Supply chain conf 1.00 Docker base image is tag-pinned but not digest-pinned: pytorch/pytorch:2.11.0-cuda12.8-cudnn9-runtime
Container tags can be retagged upstream. Pin production base images to a reviewed digest (`image@sha256:...`) when reproducibility and supply-chain integrity matter.
docker/Dockerfile:7 containersPinned dependencies
low System graph software Dead code candidate conf 1.00 File has no detected symbols: docs/model_data.py
Source file with no class/function declarations — possible config, dead code, or scratch file.
low System graph quality Integrity conf 1.00 Near-duplicate function bodies in 12 places
Functions with the same first-5-line body hash: ultralytics/models/sam/modules/blocks.py:forward, ultralytics/models/sam/modules/blocks.py:forward, ultralytics/models/sam/modules/blocks.py:forward, ultralytics/models/sam/modules/blocks.py:forward This is *the* AI-coder failure mode (4× more duplic…
duplicatesduplication
low System graph quality Integrity conf 1.00 8 occurrences Near-duplicate function bodies in 2 places
Functions with the same first-5-line body hash: ultralytics/models/rtdetr/val.py:pred_to_json, ultralytics/models/yolo/detect/val.py:pred_to_json This is *the* AI-coder failure mode (4× more duplication in vibe-coded repos — see https://jw.hn/ai-code-hygiene). Consolidate or document why they're s…
8 occurrences
repo-level (8 hits)
duplicatesduplication
low System graph quality Integrity conf 1.00 4 occurrences Near-duplicate function bodies in 3 places
Functions with the same first-5-line body hash: ultralytics/models/sam/predict.py:setup_model, ultralytics/models/sam/predict.py:setup_model, ultralytics/models/sam/predict.py:setup_model This is *the* AI-coder failure mode (4× more duplication in vibe-coded repos — see https://jw.hn/ai-code-hygie…
4 occurrences
repo-level (4 hits)
duplicatesduplication
low System graph quality Integrity conf 1.00 3 occurrences Near-duplicate function bodies in 4 places
Functions with the same first-5-line body hash: ultralytics/models/sam/predict.py:postprocess, ultralytics/models/sam/predict.py:postprocess, ultralytics/models/sam/predict.py:postprocess, ultralytics/models/sam/predict.py:postprocess This is *the* AI-coder failure mode (4× more duplication in vib…
3 occurrences
repo-level (3 hits)
duplicatesduplication
low System graph quality Integrity conf 1.00 4 occurrences Near-duplicate function bodies in 5 places
Functions with the same first-5-line body hash: ultralytics/models/sam/predict.py:inference, ultralytics/models/sam/predict.py:inference, ultralytics/models/sam/predict.py:inference, ultralytics/models/sam/predict.py:inference This is *the* AI-coder failure mode (4× more duplication in vibe-coded …
4 occurrences
repo-level (4 hits)
duplicatesduplication
low System graph quality Integrity conf 1.00 Old/deprecated-named symbol `callbacks_backup` in ultralytics/engine/trainer.py:334
Names with suffixes like `_old`, `_v1`, `_deprecated` usually indicate replaced-but-not-removed code (typical AI-coder leftover). Confirm and delete, or rename if it's the active version.
old markerDead code
low System graph quality Integrity conf 1.00 Old/deprecated-named symbol `convert_variables_to_constants_v2` in ultralytics/utils/export/tensorflow.py:210
Names with suffixes like `_old`, `_v1`, `_deprecated` usually indicate replaced-but-not-removed code (typical AI-coder leftover). Confirm and delete, or rename if it's the active version.
old markerDead code
low System graph quality Integrity conf 1.00 Old/deprecated-named symbol `default_copy` in ultralytics/cfg/__init__.py:1058
Names with suffixes like `_old`, `_v1`, `_deprecated` usually indicate replaced-but-not-removed code (typical AI-coder leftover). Confirm and delete, or rename if it's the active version.
old markerDead code
low System graph quality Integrity conf 1.00 Old/deprecated-named symbol `execute_v2` in ultralytics/nn/backends/tensorrt.py:142
Names with suffixes like `_old`, `_v1`, `_deprecated` usually indicate replaced-but-not-removed code (typical AI-coder leftover). Confirm and delete, or rename if it's the active version.
old markerDead code
low System graph quality Integrity conf 1.00 Old/deprecated-named symbol `hgnet_v2` in ultralytics/nn/modules/block.py:108
Names with suffixes like `_old`, `_v1`, `_deprecated` usually indicate replaced-but-not-removed code (typical AI-coder leftover). Confirm and delete, or rename if it's the active version.
old markerDead code
low System graph quality Integrity conf 1.00 Old/deprecated-named symbol `im_copy` in tests/test_solutions.py:37
Names with suffixes like `_old`, `_v1`, `_deprecated` usually indicate replaced-but-not-removed code (typical AI-coder leftover). Confirm and delete, or rename if it's the active version.
old markerDead code
low System graph quality Integrity conf 1.00 Old/deprecated-named symbol `o2m_copy` in ultralytics/utils/loss.py:1181
Names with suffixes like `_old`, `_v1`, `_deprecated` usually indicate replaced-but-not-removed code (typical AI-coder leftover). Confirm and delete, or rename if it's the active version.
old markerDead code
low System graph software Dead code conf 1.00 Possibly dead Python function: build_mobile_sam
No callers detected by AST scan in this repo. Could be exported for external callers or a framework handler.
ultralytics/models/sam/build.py:72
low System graph software Dead code conf 1.00 Possibly dead Python function: build_reference_for
No callers detected by AST scan in this repo. Could be exported for external callers or a framework handler.
docs/build_reference.py:1225
low System graph software Dead code conf 1.00 Possibly dead Python function: build_sam2_b
No callers detected by AST scan in this repo. Could be exported for external callers or a framework handler.
ultralytics/models/sam/build.py:110
low System graph software Dead code conf 1.00 Possibly dead Python function: build_sam2_l
No callers detected by AST scan in this repo. Could be exported for external callers or a framework handler.
ultralytics/models/sam/build.py:124
low System graph software Dead code conf 1.00 Possibly dead Python function: build_sam2_s
No callers detected by AST scan in this repo. Could be exported for external callers or a framework handler.
ultralytics/models/sam/build.py:97
low System graph software Dead code conf 1.00 Possibly dead Python function: build_sam2_t
No callers detected by AST scan in this repo. Could be exported for external callers or a framework handler.
ultralytics/models/sam/build.py:84
low System graph software Dead code conf 1.00 Possibly dead Python function: build_sam_vit_b
No callers detected by AST scan in this repo. Could be exported for external callers or a framework handler.
ultralytics/models/sam/build.py:61
low System graph software Dead code conf 1.00 Possibly dead Python function: build_sam_vit_h
No callers detected by AST scan in this repo. Could be exported for external callers or a framework handler.
ultralytics/models/sam/build.py:39
low System graph software Dead code conf 1.00 Possibly dead Python function: build_sam_vit_l
No callers detected by AST scan in this repo. Could be exported for external callers or a framework handler.
ultralytics/models/sam/build.py:50
low System graph software Dead code conf 1.00 Possibly dead Python function: build_transforms
No callers detected by AST scan in this repo. Could be exported for external callers or a framework handler.
ultralytics/models/rtdetr/val.py:73
low System graph software Dead code conf 1.00 Possibly dead Python function: compute_axial_cis
No callers detected by AST scan in this repo. Could be exported for external callers or a framework handler.
ultralytics/models/sam/modules/utils.py:119
low System graph software Dead code conf 1.00 Possibly dead Python function: extra_repr
No callers detected by AST scan in this repo. Could be exported for external callers or a framework handler.
ultralytics/models/sam/modules/tiny_encoder.py:748
low System graph software Dead code conf 1.00 Possibly dead Python function: image_open
No callers detected by AST scan in this repo. Could be exported for external callers or a framework handler.
ultralytics/utils/patches.py:58
low System graph software Dead code conf 1.00 Possibly dead Python function: indent_filter
No callers detected by AST scan in this repo. Could be exported for external callers or a framework handler.
docs/build_docs.py:497
low System graph software Dead code conf 1.00 Possibly dead Python function: new_forward
No callers detected by AST scan in this repo. Could be exported for external callers or a framework handler.
ultralytics/models/nas/model.py:65
low System graph software Dead code conf 1.00 Possibly dead Python function: preserve
No callers detected by AST scan in this repo. Could be exported for external callers or a framework handler.
docs/build_docs.py:368
low System graph software Dead code conf 1.00 Possibly dead Python function: remove_last_bounding_box
No callers detected by AST scan in this repo. Could be exported for external callers or a framework handler.
ultralytics/solutions/parking_management.py:150
low System graph software Dead code conf 1.00 Possibly dead Python function: reset_prompts
No callers detected by AST scan in this repo. Could be exported for external callers or a framework handler.
ultralytics/models/sam/predict.py:2404
low System graph software Dead code conf 1.00 Possibly dead Python function: save_to_json
No callers detected by AST scan in this repo. Could be exported for external callers or a framework handler.
ultralytics/solutions/parking_management.py:165
low System graph software Dead code conf 1.00 Possibly dead Python function: sweep_annotator
No callers detected by AST scan in this repo. Could be exported for external callers or a framework handler.
ultralytics/solutions/solutions.py:657
low System graph software Dead code conf 1.00 Possibly dead Python function: tier1
No callers detected by AST scan in this repo. Could be exported for external callers or a framework handler.
ultralytics/hub/google/__init__.py:74
low System graph software Dead code conf 1.00 Possibly dead Python function: tier2
No callers detected by AST scan in this repo. Could be exported for external callers or a framework handler.
ultralytics/hub/google/__init__.py:78
low System graph software Dead code conf 1.00 Possibly dead Python function: uncrop_points
No callers detected by AST scan in this repo. Could be exported for external callers or a framework handler.
ultralytics/models/sam/amg.py:175
low System graph software Dead code conf 1.00 Possibly dead Python function: upload_image
No callers detected by AST scan in this repo. Could be exported for external callers or a framework handler.
ultralytics/solutions/parking_management.py:110
low System graph quality Complexity conf 1.00 Very large file: ultralytics/engine/exporter.py (1475 lines)
Files with >800 lines often hide complexity hotspots and discourage tests.
low System graph quality Complexity conf 1.00 Very large file: ultralytics/engine/model.py (1143 lines)
Files with >800 lines often hide complexity hotspots and discourage tests.
low System graph quality Complexity conf 1.00 Very large file: ultralytics/engine/results.py (1591 lines)
Files with >800 lines often hide complexity hotspots and discourage tests.
low System graph quality Complexity conf 1.00 Very large file: ultralytics/engine/trainer.py (1078 lines)
Files with >800 lines often hide complexity hotspots and discourage tests.
low System graph quality Complexity conf 1.00 Very large file: ultralytics/models/sam/modules/sam.py (1159 lines)
Files with >800 lines often hide complexity hotspots and discourage tests.
low System graph quality Complexity conf 1.00 Very large file: ultralytics/models/sam/predict.py (3954 lines)
Files with >800 lines often hide complexity hotspots and discourage tests.
low System graph quality Complexity conf 1.00 Very large file: ultralytics/nn/modules/block.py (2073 lines)
Files with >800 lines often hide complexity hotspots and discourage tests.
low System graph quality Complexity conf 1.00 Very large file: ultralytics/nn/modules/head.py (1869 lines)
Files with >800 lines often hide complexity hotspots and discourage tests.
low System graph quality Complexity conf 1.00 Very large file: ultralytics/nn/tasks.py (1947 lines)
Files with >800 lines often hide complexity hotspots and discourage tests.
low System graph quality Complexity conf 1.00 Very large file: ultralytics/utils/__init__.py (1495 lines)
Files with >800 lines often hide complexity hotspots and discourage tests.
low System graph quality Complexity conf 1.00 Very large file: ultralytics/utils/loss.py (1385 lines)
Files with >800 lines often hide complexity hotspots and discourage tests.
low System graph quality Complexity conf 1.00 Very large file: ultralytics/utils/metrics.py (1890 lines)
Files with >800 lines often hide complexity hotspots and discourage tests.
low System graph quality Complexity conf 1.00 Very large file: ultralytics/utils/plotting.py (1100 lines)
Files with >800 lines often hide complexity hotspots and discourage tests.
For AI agents: Voting guide (TP/FP) MCP manifest Stdio wrapper SARIF Integrate Findings queue Vote TP/FP on findings to calibrate the engine.
For AI agents + API integrations
Email me when this repo regresses
Free. We re-scan periodically; new criticals → your inbox. No signup required for the scan itself.
API access

This page is publicly accessible at: https://repobility.com/scan/4e12f31c-8eac-4113-a5ca-5b4c72795ab0/

To check status programmatically (no auth required): 

curl -s https://repobility.com/api/v1/public/scan/4e12f31c-8eac-4113-a5ca-5b4c72795ab0/

Important — please don't re-submit the same URL repeatedly. The submission endpoint is idempotent: re-submitting the same git URL returns this same scan_token, not a new one. To re-scan this repo, sign up free and use the dashboard.