Public scan — anyone with this URL can view this analysis. Sign up to track your own repos privately, run scheduled re-scans, and get AI fix prompts via your dashboard.
Sign up free Scan another repo
16 of your 189 findings came from Repobility's proprietary detections. ✓ Repobility tags below mark them.

Scan timing: clone 2.91s · analysis 8.94s · 3.7 MB · GitHub preflight 420ms

numtide/llm-agents.nix

https://github.com/numtide/llm-agents.nix · scanned 2026-06-05 19:38 UTC (4 days, 14 hours ago) · 10 languages

250 raw signals (182 security + 68 graph) 19th percentile · Python · small (2-20K LoC) System graph score 82 (lower by 28)

File as issue Image
UNIFIED Repobility · multi-layer engine · AI coders

Complete repo analysis

Last scanned 4 days, 14 hours ago · v2 · 169 actionable findings from 2 signal sources. 47 repeated signals grouped for readability. Security checks, system graph analysis, and verified AI-agent feedback are merged into one review queue.

JSON
Combined
70.6
/100
Security checks
60
147 findings
System graph
82
88.9% cov · 22 findings
Critical
3
click to filter
Agents
6
0 votes
Crowd
0
reported
Score breakdown â 2026-05-18-v5
Component Sub-score Weight Contribution
structure_score 85.0 0.15 12.75
security_score 40.5 0.25 10.12
testing_score 0.0 0.20 0.00
documentation_score 90.0 0.15 13.50
practices_score 67.0 0.15 10.05
code_quality 69.7 0.10 6.97
Overall 1.00 53.4
Severity distribution — click a segment to filter
Active filters: excluding tests × Reset all
Severity: Critical 3 High 51 Medium 90 Low 15 9-Layer: Software Security Quality Integrity Frontend Hardware Data Network Cicd Source: Security checks 147 System graph 22 Crowd 0 Layer: Software 135 Security 6 Quality 20 Cicd 4 Api 1 Network 2 Frontend 1
Scan summary Quality grade C- (53/100). Dimensions: security 40, maintainability 85. 182 findings (142 security). 5,676 lines analyzed.

Showing 159 of 169 actionable findings. 216 raw detector signals were grouped into reader-sized issues. Click TP / FP to vote on a finding's accuracy — votes adjust the confidence weighting and improve detection across the platform.

critical Security checks software dependencies conf 0.88 form-data: GHSA-fjxv-7rqg-78g4
form-data uses unsafe random function in form-data for choosing boundary
packages/iflow-cli/package-lock.json
critical Security checks software dependencies conf 0.88 protobufjs: GHSA-xq3m-2v4x-88gg
Arbitrary code execution in protobufjs
packages/aionui/bun.lock
critical Security checks software dependencies conf 0.88 vitest: GHSA-5xrq-8626-4rwp
When Vitest UI server is listening, arbitrary file can be read and executed
packages/iflow-cli/package-lock.json
high Security checks software dependencies conf 0.88 @opentelemetry/exporter-prometheus: GHSA-q7rr-3cgh-j5r3
Prometheus exporter process crash via malformed HTTP request
packages/aionui/bun.lock
high Security checks software dependencies conf 0.88 @opentelemetry/sdk-node: GHSA-q7rr-3cgh-j5r3
Prometheus exporter process crash via malformed HTTP request
packages/aionui/bun.lock
high Security checks software dependencies conf 0.88 @xmldom/xmldom: GHSA-2v35-w6hq-6mfw
xmldom: Uncontrolled recursion in XML serialization leads to DoS
packages/aionui/bun.lock
high Security checks software dependencies conf 0.88 @xmldom/xmldom: GHSA-f6ww-3ggp-fr8h
xmldom has XML injection through unvalidated DocumentType serialization
packages/aionui/bun.lock
high Security checks software dependencies conf 0.88 @xmldom/xmldom: GHSA-j759-j44w-7fr8
xmldom has XML node injection through unvalidated comment serialization
packages/aionui/bun.lock
high Security checks software dependencies conf 0.88 @xmldom/xmldom: GHSA-wh4c-j3r5-mjhp
xmldom: XML injection via unsafe CDATA serialization allows attacker-controlled markup insertion
packages/aionui/bun.lock
high Security checks software dependencies conf 0.88 @xmldom/xmldom: GHSA-x6wf-f3px-wcqx
xmldom has XML node injection through unvalidated processing instruction serialization
packages/aionui/bun.lock
high Security checks security Injection conf 0.50 [SEC004] SQL Injection Risk: String interpolation in SQL execution. Allows SQL injection.
Use parameterized queries: cursor.execute('SELECT * FROM t WHERE id = %s', [id]). For dynamic table or column names, choose identifiers from a hard-coded allowlist and keep values in parameters.
.github/ci/create_pr.py:62
high Security checks quality Quality conf 1.00 [SEC080] Python: tarfile.extractall without filter: tarfile.extract*() without filter='data' allows path-traversal (CVE-2007-4559, fixed via PEP 706 in 3.12). Ported from bandit B202 (Apache-2.0).
Add `filter='data'` (Python ≥ 3.12) or manually validate member paths against `os.path.abspath`.
packages/codex-acp/update.py:57
low Security checks security Injection conf 1.00 [SEC103] LDAP injection — non-constant search filter: User input concatenated into an LDAP search filter. Attackers inject `*)(uid=*` style payloads to bypass auth or enumerate accounts.
Escape with javax.naming.ldap.Rdn.escapeValue or equivalent. For python-ldap, use ldap.filter.escape_filter_chars. Better: use parameterized search APIs (Spring LdapTemplate filter encoders).
packages/codex-acp/update.py:61
low Security checks security Injection conf 1.00 [SEC103] LDAP injection — non-constant search filter: User input concatenated into an LDAP search filter. Attackers inject `*)(uid=*` style payloads to bypass auth or enumerate accounts.
Escape with javax.naming.ldap.Rdn.escapeValue or equivalent. For python-ldap, use ldap.filter.escape_filter_chars. Better: use parameterized search APIs (Spring LdapTemplate filter encoders).
packages/claudebox/update.py:36
high Security checks software dependencies conf 0.88 axios: GHSA-35jp-ww65-95wh
axios Vulnerable to Full Man-in-the-Middle via Prototype Pollution Gadget in `config.proxy`
packages/aionui/bun.lock
high Security checks software dependencies conf 0.88 axios: GHSA-3g43-6gmg-66jw
axios Vulnerable to Credential Theft and Response Hijacking via Prototype Pollution Gadget in Config Merge
packages/aionui/bun.lock
high Security checks software dependencies conf 0.88 axios: GHSA-6chq-wfr3-2hj9
Axios: Header Injection via Prototype Pollution
packages/aionui/bun.lock
high Security checks software dependencies conf 0.88 axios: GHSA-777c-7fjr-54vf
Allocation of Resources Without Limits or Throttling in Axios
packages/aionui/bun.lock
high Security checks software dependencies conf 0.88 axios: GHSA-hfxv-24rg-xrqf
Axios: Regular Expression Denial of Service (ReDoS) via Cookie Name Injection
packages/aionui/bun.lock
high Security checks software dependencies conf 0.88 axios: GHSA-j5f8-grm9-p9fc
Axios: Proxy-Authorization header leaks to redirect target when proxy is re-evaluated to direct connection
packages/aionui/bun.lock
high Security checks software dependencies conf 0.88 axios: GHSA-p92q-9vqr-4j8v
Axios: Proxy-Authorization Credential Leak to Origin Server Across HTTP-to-HTTPS Redirect in Axios Node.js HTTP Adapter
packages/aionui/bun.lock
high Security checks software dependencies conf 0.88 axios: GHSA-pf86-5x62-jrwf
Axios: Prototype Pollution Gadgets - Response Tampering, Data Exfiltration, and Request Hijacking
packages/aionui/bun.lock
high Security checks software dependencies conf 0.88 axios: GHSA-pjwm-pj3p-43mv
axios's shouldBypassProxy does not recognize IPv4-mapped IPv6 addresses, allowing NO_PROXY bypass (incomplete fix for CVE-2025-62718)
packages/aionui/bun.lock
high Security checks software dependencies conf 0.88 axios: GHSA-q8qp-cvcw-x6jj
Axios has prototype pollution read-side gadgets in HTTP adapter that allow credential injection and request hijacking
packages/aionui/bun.lock
high Security checks software dependencies conf 0.88 defu: GHSA-737v-mqg7-c878
defu: Prototype pollution via `__proto__` key in defaults argument
packages/aionui/bun.lock
high Security checks software dependencies conf 0.88 electron: GHSA-532v-xpq5-8h95
Electron: Use-after-free in offscreen child window paint callback
packages/aionui/bun.lock
high Security checks software dependencies conf 0.88 electron: GHSA-8337-3p73-46f4
Electron: Use-after-free in WebContents fullscreen, pointer-lock, and keyboard-lock permission callbacks
packages/aionui/bun.lock
high Security checks software dependencies conf 0.88 electron: GHSA-9wfr-w7mm-pc7f
Electron: Renderer command-line switch injection via undocumented commandLineSwitches webPreference
packages/aionui/bun.lock
high Security checks software dependencies conf 0.88 electron: GHSA-jjp3-mq3x-295m
Electron: Use-after-free in PowerMonitor on Windows and macOS
packages/aionui/bun.lock
high Security checks software dependencies conf 0.88 fast-uri: GHSA-q3j6-qgpj-74h6
fast-uri vulnerable to path traversal via percent-encoded dot segments
packages/aionui/bun.lock
high Security checks software dependencies conf 0.88 fast-uri: GHSA-v39h-62p7-jpjc
fast-uri vulnerable to host confusion via percent-encoded authority delimiters
packages/aionui/bun.lock
high Security checks software dependencies conf 0.88 fast-xml-builder: GHSA-5wm8-gmm8-39j9
fast-xml-builder allows attribute values with unwanted quotes to bypass malicious or unwanted attributes
packages/aionui/bun.lock
high Security checks software dependencies conf 0.88 fast-xml-parser: GHSA-8gc5-j5rx-235r
fast-xml-parser affected by numeric entity expansion bypassing all entity expansion limits (incomplete fix for CVE-2026-26278)
packages/aionui/bun.lock
high Security checks cicd CI/CD security conf 0.90 ✓ Repobility GitHub Action is tag-pinned rather than SHA-pinned
Action `Mic92/auto-merge` pinned to mutable ref `@main` uses a mutable tag or branch. Pin external actions to a reviewed full commit SHA when the workflow is security-sensitive.
.github/workflows/auto-merge.yml:14 CI/CD securitySupply chainGitHub Actions
medium Security checks cicd CI/CD security conf 0.90 ✓ Repobility 10 occurrences GitHub Action is tag-pinned rather than SHA-pinned
Action `cachix/install-nix-action` pinned to mutable ref `@v31` uses a mutable tag or branch. Pin external actions to a reviewed full commit SHA when the workflow is security-sensitive.
3 files, 10 locations
.github/workflows/update-flake.yml:41, 76, 150 (6 hits)
.github/workflows/check-maintainers.yml:21 (2 hits)
.github/workflows/check-readme.yml:18 (2 hits)
CI/CD securitySupply chainGitHub Actions
low Security checks cicd CI/CD security conf 0.90 ✓ Repobility 12 occurrences GitHub Action is tag-pinned rather than SHA-pinned
Action `actions/checkout` pinned to mutable ref `@v6` uses a mutable tag or branch. Pin external actions to a reviewed full commit SHA when the workflow is security-sensitive.
3 files, 12 locations
.github/workflows/update-flake.yml:39, 65, 70, 140, 145 (9 hits)
.github/workflows/check-maintainers.yml:16 (2 hits)
.github/workflows/check-readme.yml:16
CI/CD securitySupply chainGitHub Actions
high Security checks software dependencies conf 0.88 lodash-es: GHSA-r5fr-rjxr-66jc
lodash vulnerable to Code Injection via `_.template` imports key names
packages/aionui/bun.lock
high Security checks software dependencies conf 0.88 lodash: GHSA-r5fr-rjxr-66jc
lodash vulnerable to Code Injection via `_.template` imports key names
packages/aionui/bun.lock
high Security checks software dependencies conf 0.88 minimatch: GHSA-23c5-xmqv-rm74
minimatch ReDoS: nested *() extglobs generate catastrophically backtracking regular expressions
packages/aionui/bun.lock
high Security checks software dependencies conf 0.88 minimatch: GHSA-3ppc-4f35-3m26
minimatch has a ReDoS via repeated wildcards with non-matching literal in pattern
packages/aionui/bun.lock
high Security checks software dependencies conf 0.88 minimatch: GHSA-7r86-cg39-jmmj
minimatch has ReDoS: matchOne() combinatorial backtracking via multiple non-adjacent GLOBSTAR segments
packages/aionui/bun.lock
high Security checks software dependencies conf 0.88 path-to-regexp: GHSA-j3q9-mxjg-w52f
path-to-regexp vulnerable to Denial of Service via sequential optional groups
packages/aionui/bun.lock
high Security checks software dependencies conf 0.88 picomatch: GHSA-c2c7-rcm5-vvqj
Picomatch has a ReDoS vulnerability via extglob quantifiers
packages/aionui/bun.lock
high Security checks software dependencies conf 0.88 protobufjs: GHSA-66ff-xgx4-vchm
protobuf.js: Code injection through bytes field defaults in generated toObject code
packages/aionui/bun.lock
high Security checks software dependencies conf 0.88 protobufjs: GHSA-685m-2w69-288q
protobuf.js: Denial of service through unbounded protobuf recursion
packages/aionui/bun.lock
high Security checks software dependencies conf 0.88 protobufjs: GHSA-75px-5xx7-5xc7
protobuf.js: Code generation gadget after prototype pollution
packages/aionui/bun.lock
high Security checks software dependencies conf 0.88 protobufjs: GHSA-jvwf-75h9-cwgg
protobuf.js: Process-wide denial of service through unsafe option paths
packages/aionui/bun.lock
high Security checks software dependencies conf 0.88 react-router: GHSA-49rj-9fvp-4h2h
React Router's vendored turbo-stream v2 allows arbitrary constructor invocation via TYPE_ERROR deserialization leading to Unauth RCE
packages/aionui/bun.lock
high Security checks software dependencies conf 0.88 react-router: GHSA-8646-j5j9-6r62
React Router vulnerable to XSS in unstable RSC redirect handling via javascript: redirect targets
packages/aionui/bun.lock
high Security checks software dependencies conf 0.88 react-router: GHSA-8x6r-g9mw-2r78
React Router vulnerable to DoS via unbounded path expansion in __manifest endpoint
packages/aionui/bun.lock
high Security checks software dependencies conf 0.88 react-router: GHSA-rxv8-25v2-qmq8
React Router vulnerable to Denial of Service via reflected user input in single-fetch
packages/aionui/bun.lock
high Security checks software dependencies conf 0.88 simple-git: GHSA-hffm-xvc3-vprc
simple-git is vulnerable to Remote Code Execution
packages/aionui/bun.lock
high Security checks software dependencies conf 0.88 systeminformation: GHSA-hvx9-hwr7-wjj9
Systeminformation vulnerable to Linux command injection in networkInterfaces() via unsanitized NetworkManager connection profile name
packages/aionui/bun.lock
high Security checks software dependencies conf 0.88 tmp: GHSA-ph9p-34f9-6g65
tmp has Path Traversal via unsanitized prefix/postfix that enables directory escape
packages/aionui/bun.lock
high Security checks software dependencies conf 0.88 vite: GHSA-p9ff-h696-f583
Vite Vulnerable to Arbitrary File Read via Vite Dev Server WebSocket
packages/aionui/bun.lock
medium Security checks software dependencies conf 0.88 @hono/node-server: GHSA-92pp-h63x-v22m
@hono/node-server: Middleware bypass via repeated slashes in serveStatic
packages/aionui/bun.lock
medium Security checks software dependencies conf 0.88 @protobufjs/utf8: GHSA-q6x5-8v7m-xcrf
protobufjs has overlong UTF-8 decoding
packages/aionui/bun.lock
medium Security checks security path traversal conf 1.00 [SEC012] ZipSlip — Archive Path Traversal: Archive extraction without path validation allows writing files outside the target directory.
Validate extracted paths with os.path.realpath() and ensure they stay within the target directory.
scripts/updater/npm.py:69
medium Security checks software dependencies conf 0.88 axios: GHSA-3w6x-2g7m-8v23
Axios: Invisible JSON Response Tampering via Prototype Pollution Gadget in `parseReviver`
packages/aionui/bun.lock
medium Security checks software dependencies conf 0.88 axios: GHSA-445q-vr5w-6q77
Axios: CRLF Injection in multipart/form-data body via unsanitized blob.type in formDataToStream
packages/aionui/bun.lock
medium Security checks software dependencies conf 0.88 axios: GHSA-5c9x-8gcm-mpgx
Axios' HTTP adapter-streamed uploads bypass maxBodyLength when maxRedirects: 0
packages/aionui/bun.lock
medium Security checks software dependencies conf 0.88 axios: GHSA-62hf-57xw-28j9
Axios: unbounded recursion in toFormData causes DoS via deeply nested request data
packages/aionui/bun.lock
medium Security checks software dependencies conf 0.88 axios: GHSA-898c-q2cr-xwhg
axios has DoS & Header Injection via Prototype Pollution Read-Side Gadgets in axios merge functions
packages/aionui/bun.lock
medium Security checks software dependencies conf 0.88 axios: GHSA-fvcv-3m26-pcqx
Axios has Unrestricted Cloud Metadata Exfiltration via Header Injection Chain
packages/aionui/bun.lock
medium Security checks software dependencies conf 0.88 axios: GHSA-m7pr-hjqh-92cm
Axios: no_proxy bypass via IP alias allows SSRF
packages/aionui/bun.lock
medium Security checks software dependencies conf 0.88 axios: GHSA-vf2m-468p-8v99
Axios: HTTP adapter streamed responses bypass maxContentLength
packages/aionui/bun.lock
medium Security checks software dependencies conf 0.88 axios: GHSA-w9j2-pvgh-6h63
Axios: Authentication Bypass via Prototype Pollution Gadget in `validateStatus` Merge Strategy
packages/aionui/bun.lock
medium Security checks software dependencies conf 0.88 axios: GHSA-xx6v-rp6x-q39c
Axios: XSRF Token Cross-Origin Leakage via Prototype Pollution Gadget in `withXSRFToken` Boolean Coercion
packages/aionui/bun.lock
medium Security checks software dependencies conf 0.88 brace-expansion: GHSA-f886-m6hf-6m8v
brace-expansion: Zero-step sequence causes process hang and memory exhaustion
packages/aionui/bun.lock
medium Security checks software dependencies conf 0.88 2 occurrences brace-expansion: GHSA-jxxr-4gwj-5jf2
brace-expansion: Large numeric range defeats documented `max` DoS protection
2 files, 2 locations
packages/aionui/bun.lock
packages/iflow-cli/package-lock.json
medium Security checks software dependencies conf 0.88 dompurify: GHSA-39q2-94rc-95cp
DOMPurify's ADD_TAGS function form bypasses FORBID_TAGS due to short-circuit evaluation
packages/aionui/bun.lock
medium Security checks software dependencies conf 0.88 dompurify: GHSA-cj63-jhhr-wcxv
DOMPurify USE_PROFILES prototype pollution allows event handlers
packages/aionui/bun.lock
medium Security checks software dependencies conf 0.88 dompurify: GHSA-cjmm-f4jc-qw8r
DOMPurify ADD_ATTR predicate skips URI validation
packages/aionui/bun.lock
medium Security checks software dependencies conf 0.88 dompurify: GHSA-crv5-9vww-q3g8
DOMPurify has a SAFE_FOR_TEMPLATES bypass in RETURN_DOM mode
packages/aionui/bun.lock
medium Security checks software dependencies conf 0.88 dompurify: GHSA-h7mw-gpvr-xq4m
DOMPurify: FORBID_TAGS bypassed by function-based ADD_TAGS predicate (asymmetry with FORBID_ATTR fix)
packages/aionui/bun.lock
medium Security checks software dependencies conf 0.88 dompurify: GHSA-h8r8-wccr-v5f2
DOMPurify is vulnerable to mutation-XSS via Re-Contextualization
packages/aionui/bun.lock
medium Security checks software dependencies conf 0.88 dompurify: GHSA-v2wj-7wpq-c8vv
DOMPurify contains a Cross-site Scripting vulnerability
packages/aionui/bun.lock
medium Security checks software dependencies conf 0.88 dompurify: GHSA-v9jr-rg53-9pgp
DOMPurify: Prototype Pollution to XSS Bypass via CUSTOM_ELEMENT_HANDLING Fallback
packages/aionui/bun.lock
medium Security checks software dependencies conf 0.88 electron: GHSA-3c8v-cfp5-9885
Electron: Out-of-bounds read in second-instance IPC on macOS and Linux
packages/aionui/bun.lock
medium Security checks software dependencies conf 0.88 electron: GHSA-4p4r-m79c-wq3v
Electron: HTTP Response Header Injection in custom protocol handlers and webRequest
packages/aionui/bun.lock
medium Security checks software dependencies conf 0.88 electron: GHSA-5rqw-r77c-jp79
Electron: AppleScript injection in app.moveToApplicationsFolder on macOS
packages/aionui/bun.lock
medium Security checks software dependencies conf 0.88 electron: GHSA-9w97-2464-8783
Electron: Use-after-free in download save dialog callback
packages/aionui/bun.lock
medium Security checks software dependencies conf 0.88 electron: GHSA-f3pv-wv63-48x8
Electron: Named window.open targets not scoped to the opener's browsing context
packages/aionui/bun.lock
medium Security checks software dependencies conf 0.88 electron: GHSA-mwmh-mq4g-g6gr
Electron: Registry key path injection in app.setAsDefaultProtocolClient on Windows
packages/aionui/bun.lock
medium Security checks software dependencies conf 0.88 electron: GHSA-r5p7-gp4j-qhrx
Electron: Incorrect origin passed to permission request handler for iframe requests
packages/aionui/bun.lock
medium Security checks software dependencies conf 0.88 electron: GHSA-xj5x-m3f3-5x3h
Electron: Service worker can spoof executeJavaScript IPC replies
packages/aionui/bun.lock
medium Security checks software dependencies conf 0.88 electron: GHSA-xwr5-m59h-vwqr
Electron: nodeIntegrationInWorker not correctly scoped in shared renderer processes
packages/aionui/bun.lock
medium Security checks software dependencies conf 0.88 fast-xml-parser: GHSA-gh4j-gqv2-49f6
fast-xml-parser XMLBuilder: XML Comment and CDATA Injection via Unescaped Delimiters
packages/aionui/bun.lock
medium Security checks software dependencies conf 0.88 fast-xml-parser: GHSA-jp2q-39xq-3w4g
Entity Expansion Limits Bypassed When Set to Zero Due to JavaScript Falsy Evaluation in fast-xml-parser
packages/aionui/bun.lock
medium Security checks software dependencies conf 0.88 2 occurrences file-type: GHSA-5v7r-6r5c-r473
file-type affected by infinite loop in ASF parser on malformed input with zero-size sub-header
2 files, 2 locations
packages/aionui/bun.lock
packages/iflow-cli/package-lock.json
medium Security checks software dependencies conf 0.88 follow-redirects: GHSA-r4q5-vmmm-2653
follow-redirects leaks Custom Authentication Headers to Cross-Domain Redirect Targets
packages/aionui/bun.lock
medium Security checks software dependencies conf 0.88 hono: GHSA-26pp-8wgv-hjvm
Hono missing validation of cookie name on write path in setCookie()
packages/aionui/bun.lock
medium Security checks software dependencies conf 0.88 hono: GHSA-2gcr-mfcq-wcc3
Hono: app.mount() strips mount prefix using undecoded path, causing incorrect routing for percent-encoded paths
packages/aionui/bun.lock
medium Security checks software dependencies conf 0.88 hono: GHSA-3hrh-pfw6-9m5x
Hono: Cookie helper does not sanitize sameSite and priority, allowing Set-Cookie injection
packages/aionui/bun.lock
medium Security checks software dependencies conf 0.88 hono: GHSA-458j-xx4x-4375
hono Improperly Handles JSX Attribute Names Allows HTML Injection in hono/jsx SSR
packages/aionui/bun.lock
medium Security checks software dependencies conf 0.88 hono: GHSA-69xw-7hcm-h432
hono/jsx has Unvalidated JSX Tag Names that May Allow HTML Injection
packages/aionui/bun.lock
medium Security checks software dependencies conf 0.88 hono: GHSA-9vqf-7f2p-gf9v
Hono: bodyLimit() can be bypassed for chunked / unknown-length requests
packages/aionui/bun.lock
medium Security checks software dependencies conf 0.88 hono: GHSA-f577-qrjj-4474
Hono: JWT middleware accepts any Authorization scheme, not only Bearer
packages/aionui/bun.lock
medium Security checks software dependencies conf 0.88 hono: GHSA-p77w-8qqv-26rm
Hono's Cache Middleware ignores Vary: Authorization / Vary: Cookie leading to cross-user cache leakage
packages/aionui/bun.lock
medium Security checks software dependencies conf 0.88 hono: GHSA-qp7p-654g-cw7p
Hono has CSS Declaration Injection via Style Object Values in JSX SSR
packages/aionui/bun.lock
medium Security checks software dependencies conf 0.88 hono: GHSA-r5rp-j6wh-rvv4
Hono: Non-breaking space prefix bypass in cookie name handling in getCookie()
packages/aionui/bun.lock
medium Security checks software dependencies conf 0.88 hono: GHSA-wmmm-f939-6g9c
Hono: Middleware bypass via repeated slashes in serveStatic
packages/aionui/bun.lock
medium Security checks software dependencies conf 0.88 hono: GHSA-xf4j-xp2r-rqqx
Hono: Path traversal in toSSG() allows writing files outside the output directory
packages/aionui/bun.lock
medium Security checks software dependencies conf 0.88 hono: GHSA-xpcf-pg52-r92g
Hono has incorrect IP matching in ipRestriction() for IPv4-mapped IPv6 addresses
packages/aionui/bun.lock
medium Security checks software dependencies conf 0.88 hono: GHSA-xrhx-7g5j-rcj5
Hono: IP Restriction bypasses static deny rules for non-canonical IPv6
packages/aionui/bun.lock
medium Security checks software dependencies conf 0.88 ip-address: GHSA-v2v4-37r5-5v8g
ip-address has XSS in Address6 HTML-emitting methods
packages/aionui/bun.lock
medium Security checks software dependencies conf 0.88 lodash-es: GHSA-f23m-r3pf-42rh
lodash vulnerable to Prototype Pollution via array path bypass in `_.unset` and `_.omit`
packages/aionui/bun.lock
medium Security checks software dependencies conf 0.88 lodash: GHSA-f23m-r3pf-42rh
lodash vulnerable to Prototype Pollution via array path bypass in `_.unset` and `_.omit`
packages/aionui/bun.lock
medium Security checks software dependencies conf 0.88 mermaid: GHSA-6m6c-36f7-fhxh
Mermaid Gantt Charts are vulnerable to an Infinite Loop DoS
packages/aionui/bun.lock
medium Security checks software dependencies conf 0.88 mermaid: GHSA-87f9-hvmw-gh4p
Mermaid: Improper sanitization of configuration leads to CSS injection
packages/aionui/bun.lock
medium Security checks software dependencies conf 0.88 mermaid: GHSA-ghcm-xqfw-q4vr
Mermaid: Improper sanitization of `classDef` in state diagrams leads to HTML injection
packages/aionui/bun.lock
medium Security checks software dependencies conf 0.88 mermaid: GHSA-xcj9-5m2h-648r
Mermaid: Improper sanitization of `classDefs` in diagrams leads to CSS injection
packages/aionui/bun.lock
medium Security checks software dependencies conf 0.88 path-to-regexp: GHSA-27v5-c462-wpq7
path-to-regexp vulnerable to Regular Expression Denial of Service via multiple wildcards
packages/aionui/bun.lock
medium Security checks software dependencies conf 0.88 picomatch: GHSA-3v7f-55p6-f55p
Picomatch: Method Injection in POSIX Character Classes causes incorrect Glob Matching
packages/aionui/bun.lock
medium Security checks software dependencies conf 0.88 postcss: GHSA-qx2v-qp2m-jg93
PostCSS has XSS via Unescaped </style> in its CSS Stringify Output
packages/aionui/bun.lock
medium Security checks software dependencies conf 0.88 protobufjs: GHSA-2pr8-phx7-x9h3
protobuf.js: Denial of service from crafted field names in generated code
packages/aionui/bun.lock
medium Security checks software dependencies conf 0.88 protobufjs: GHSA-fx83-v9x8-x52w
protobuf.js: Prototype injection in generated message constructors
packages/aionui/bun.lock
medium Security checks software dependencies conf 0.88 protobufjs: GHSA-jggg-4jg4-v7c6
protobufjs: Denial of Service via unbounded recursive JSON descriptor expansion
packages/aionui/bun.lock
medium Security checks software dependencies conf 0.88 protobufjs: GHSA-q6x5-8v7m-xcrf
protobufjs has overlong UTF-8 decoding
packages/aionui/bun.lock
medium Security checks software dependencies conf 0.88 qs: GHSA-6rw7-vpxm-498p
qs's arrayLimit bypass in its bracket notation allows DoS via memory exhaustion
packages/iflow-cli/package-lock.json
medium Security checks software dependencies conf 0.88 qs: GHSA-q8mj-m7cp-5q26
qs has a remotely triggerable DoS: qs.stringify crashes with TypeError on null/undefined entries in comma-format arrays when encodeValuesOnly is set
packages/aionui/bun.lock
medium Security checks software dependencies conf 0.88 react-router: GHSA-2j2x-hqr9-3h42
React Router's same-origin redirect with path starting // causes open redirect via protocol-relative URL reinterpretation
packages/aionui/bun.lock
medium Security checks software dependencies conf 0.88 react-router: GHSA-f22v-gfqf-p8f3
React Router has stored XSS via unescaped Location header in prerendered redirect HTML
packages/aionui/bun.lock
medium Security checks software dependencies conf 0.88 request: GHSA-p8p7-x288-28g6
Server-Side Request Forgery in Request
packages/iflow-cli/package-lock.json
medium Security checks software dependencies conf 0.88 tough-cookie: GHSA-72xf-g2v4-qvf3
tough-cookie Prototype Pollution vulnerability
packages/iflow-cli/package-lock.json
medium Security checks software dependencies conf 0.88 2 occurrences uuid: GHSA-w5hq-g745-h8pq
uuid: Missing buffer bounds check in v3/v5/v6 when buf is provided
2 files, 2 locations
packages/aionui/bun.lock
packages/iflow-cli/package-lock.json
medium Security checks software dependencies conf 0.88 vite: GHSA-4w7w-66w2-5vf9
Vite Vulnerable to Path Traversal in Optimized Deps `.map` Handling
packages/aionui/bun.lock
medium Security checks software dependencies conf 0.88 2 occurrences ws: GHSA-58qx-3vcg-4xpx
ws: Uninitialized memory disclosure
2 files, 2 locations
packages/aionui/bun.lock
packages/iflow-cli/package-lock.json
medium Security checks software dependencies conf 0.88 yaml: GHSA-48c2-rrv3-qjmp
yaml is vulnerable to Stack Overflow via deeply nested YAML collections
packages/aionui/bun.lock
medium System graph cicd CI/CD security conf 1.00 3 occurrences GitHub Actions workflow grants broad write permissions
CI tokens with write permissions increase blast radius when an action, dependency, or PR workflow is compromised. Prefer job-level least-privilege permissions.
3 files, 3 locations
.github/workflows/auto-merge.yml
.github/workflows/update-flake.yml
.github/workflows/update.yml
CI/CD securitySupply chainGithub actions
medium System graph security security conf 1.00 Insecure pattern 'subprocess_shell_true' in pyproject.toml:41
Found a known-risky pattern (subprocess_shell_true). Review and replace if possible.
pyproject.toml:41 Subprocess shell true
medium System graph quality Integrity conf 1.00 Network/subprocess call without timeout or try/except — .github/ci/check_maintainers.py:61
`subprocess.run(...)` here lacks both a `timeout=` arg and an enclosing try/except. This is exactly the class of bug that took down our git-clone earlier (HTTP/2 stream cancel surfaced as a fatal). Add a `timeout=` and wrap in try/except, or use a wrapper that retries.
runtime safetyRobustness
medium System graph quality Integrity conf 1.00 Network/subprocess call without timeout or try/except — .github/ci/discovery.py:64
`subprocess.run(...)` here lacks both a `timeout=` arg and an enclosing try/except. This is exactly the class of bug that took down our git-clone earlier (HTTP/2 stream cancel surfaced as a fatal). Add a `timeout=` and wrap in try/except, or use a wrapper that retries.
runtime safetyRobustness
medium System graph quality Integrity conf 1.00 Network/subprocess call without timeout or try/except — .github/ci/lib.py:26
`subprocess.run(...)` here lacks both a `timeout=` arg and an enclosing try/except. This is exactly the class of bug that took down our git-clone earlier (HTTP/2 stream cancel surfaced as a fatal). Add a `timeout=` and wrap in try/except, or use a wrapper that retries.
runtime safetyRobustness
medium System graph quality Integrity conf 1.00 Network/subprocess call without timeout or try/except — .github/ci/update.py:30
`subprocess.run(...)` here lacks both a `timeout=` arg and an enclosing try/except. This is exactly the class of bug that took down our git-clone earlier (HTTP/2 stream cancel surfaced as a fatal). Add a `timeout=` and wrap in try/except, or use a wrapper that retries.
runtime safetyRobustness
medium System graph quality Integrity conf 1.00 Network/subprocess call without timeout or try/except — packages/aionui/update.py:62
`subprocess.run(...)` here lacks both a `timeout=` arg and an enclosing try/except. This is exactly the class of bug that took down our git-clone earlier (HTTP/2 stream cancel surfaced as a fatal). Add a `timeout=` and wrap in try/except, or use a wrapper that retries.
runtime safetyRobustness
medium System graph quality Integrity conf 1.00 Network/subprocess call without timeout or try/except — packages/codex-acp/update.py:51
`urllib.request.urlretrieve(...)` here lacks both a `timeout=` arg and an enclosing try/except. This is exactly the class of bug that took down our git-clone earlier (HTTP/2 stream cancel surfaced as a fatal). Add a `timeout=` and wrap in try/except, or use a wrapper that retries.
runtime safetyRobustness
medium System graph quality Integrity conf 1.00 Network/subprocess call without timeout or try/except — packages/tuicr/check-tuicr.py:20
`subprocess.run(...)` here lacks both a `timeout=` arg and an enclosing try/except. This is exactly the class of bug that took down our git-clone earlier (HTTP/2 stream cancel surfaced as a fatal). Add a `timeout=` and wrap in try/except, or use a wrapper that retries.
runtime safetyRobustness
medium System graph quality Integrity conf 1.00 Network/subprocess call without timeout or try/except — scripts/updater/bun.py:104
`subprocess.run(...)` here lacks both a `timeout=` arg and an enclosing try/except. This is exactly the class of bug that took down our git-clone earlier (HTTP/2 stream cancel surfaced as a fatal). Add a `timeout=` and wrap in try/except, or use a wrapper that retries.
runtime safetyRobustness
medium System graph quality Integrity conf 1.00 Network/subprocess call without timeout or try/except — scripts/updater/npm.py:109
`subprocess.run(...)` here lacks both a `timeout=` arg and an enclosing try/except. This is exactly the class of bug that took down our git-clone earlier (HTTP/2 stream cancel surfaced as a fatal). Add a `timeout=` and wrap in try/except, or use a wrapper that retries.
runtime safetyRobustness
medium System graph security Coverage conf 1.00 No auth library detected
The scanner did not find any standard auth library (JWT, OAuth, NextAuth, Auth0, etc.). Either auth lives in custom code, in a separate service, or is missing.
auth
medium System graph network Security conf 1.00 Privileged port 18 in use
Port 18 is privileged (<1024). Make sure the service runs with the right caps or front it with a non-privileged port via a load balancer.
.github/workflows/update.yml Ports
medium System graph network Security conf 1.00 Privileged port 21 in use
Port 21 is privileged (<1024). Make sure the service runs with the right caps or front it with a non-privileged port via a load balancer.
.github/workflows/update.yml Ports
medium System graph quality Tests conf 1.00 Very low test-to-source ratio
0 test file(s) for 65 source file(s) (ratio 0.00). Consider adding integration or unit tests for critical paths.
Coverage
low Security checks software dependencies conf 0.88 @tootallnate/once: GHSA-vpq2-c234-7xj6
@tootallnate/once vulnerable to Incorrect Control Flow Scoping
packages/aionui/bun.lock
low Security checks software dependencies conf 0.88 axios: GHSA-xhjh-pmcv-23jw
Axios: Null Byte Injection via Reverse-Encoding in AxiosURLSearchParams
packages/aionui/bun.lock
low Security checks quality Quality conf 0.60 16 occurrences Duplicated implementation block across source files
Duplicate implementation blocks are maintenance debt. Keep them visible, but they are not a high-severity defect unless the duplicated logic is security-sensitive or drifting.
12 files, 12 locations
packages/cli-proxy-api/update.py:2
packages/crush/update.py:2
packages/droid/update.py:2
packages/forgecode/update.py:2
packages/gno/update.py:3
packages/go-bin/update.py:5
packages/iflow-cli/update.py:2
packages/letta-code/update.py:2
duplicationquality
low Security checks software dependencies conf 0.88 electron: GHSA-8x5q-pvf5-64mp
Electron: Use-after-free in offscreen shared texture release() callback
packages/aionui/bun.lock
low Security checks software dependencies conf 0.88 electron: GHSA-9899-m83m-qhpj
Electron: USB device selection not validated against filtered device list
packages/aionui/bun.lock
low Security checks software dependencies conf 0.88 electron: GHSA-f37v-82c4-4x64
Electron: Crash in clipboard.readImage() on malformed clipboard image data
packages/aionui/bun.lock
low Security checks software dependencies conf 0.88 electron: GHSA-jfqx-fxh3-c62j
Electron: Unquoted executable path in app.setLoginItemSettings on Windows
packages/aionui/bun.lock
high Security checks software dependencies conf 0.90 GitHub Action `actions/create-github-app-token@v3` is minor version(s) behind (latest v3.2.0)
`uses: actions/create-github-app-token@v3` is minor version(s) behind the latest published release v3.2.0. Old action majors run on deprecated runner images / Node versions and miss upstream fixes. This is the exact 'outdated GitHub Action' class Dependabot raises — and which Repobility had no cove…
.github/workflows/update-flake.yml:65
high Security checks software dependencies conf 0.90 3 occurrences GitHub Action `cachix/install-nix-action@v31` is minor version(s) behind (latest v31.10.6)
`uses: cachix/install-nix-action@v31` is minor version(s) behind the latest published release v31.10.6. Old action majors run on deprecated runner images / Node versions and miss upstream fixes. This is the exact 'outdated GitHub Action' class Dependabot raises — and which Repobility had no coverag…
3 files, 3 locations
.github/workflows/check-maintainers.yml:21
.github/workflows/check-readme.yml:18
.github/workflows/update-flake.yml:41
low Security checks software dependencies conf 0.88 hono: GHSA-hm8q-7f3q-5f36
Hono has improper validation of NumericDate claims (exp, nbf, iat) in JWT verify()
packages/aionui/bun.lock
low System graph software Dead code candidate conf 1.00 File has no detected symbols: packages/tuicr/check-tuicr.py
Source file with no class/function declarations — possible config, dead code, or scratch file.
low System graph quality Integrity conf 1.00 Near-duplicate function bodies in 2 places
Functions with the same first-5-line body hash: .github/ci/create_pr.py:parse_args, .github/ci/update.py:parse_args This is *the* AI-coder failure mode (4× more duplication in vibe-coded repos — see https://jw.hn/ai-code-hygiene). Consolidate or document why they're separate.
duplicatesduplication
low System graph software Dead code conf 1.00 Possibly dead Python function: fetch_hash
No callers detected by AST scan in this repo. Could be exported for external callers or a framework handler.
scripts/updater/platforms.py:40
low System graph software Dead code conf 1.00 Possibly dead Python function: version_key
No callers detected by AST scan in this repo. Could be exported for external callers or a framework handler.
packages/junie/update.py:29
high Security checks software dependencies conf 0.90 3 occurrences GitHub Action `actions/checkout@v6` is patch version(s) behind (latest v6.0.3)
`uses: actions/checkout@v6` is patch version(s) behind the latest published release v6.0.3. Old action majors run on deprecated runner images / Node versions and miss upstream fixes. This is the exact 'outdated GitHub Action' class Dependabot raises — and which Repobility had no coverage for.
3 files, 3 locations
.github/workflows/check-maintainers.yml:16
.github/workflows/check-readme.yml:16
.github/workflows/update-flake.yml:39
For AI agents: Voting guide (TP/FP) MCP manifest Stdio wrapper SARIF Integrate Findings queue Vote TP/FP on findings to calibrate the engine.
For AI agents + API integrations
Email me when this repo regresses
Free. We re-scan periodically; new criticals → your inbox. No signup required for the scan itself.
API access

This page is publicly accessible at: https://repobility.com/scan/8582a95d-e4bd-4239-bbd9-99545eaf9f4b/

To check status programmatically (no auth required): 

curl -s https://repobility.com/api/v1/public/scan/8582a95d-e4bd-4239-bbd9-99545eaf9f4b/

Important — please don't re-submit the same URL repeatedly. The submission endpoint is idempotent: re-submitting the same git URL returns this same scan_token, not a new one. To re-scan this repo, sign up free and use the dashboard.