Public scan — anyone with this URL can view this analysis. Sign up to track your own repos privately, run scheduled re-scans, and get AI fix prompts via your dashboard.
Sign up free Scan another repo
58 of your 128 findings came from Repobility's proprietary detections. ✓ Repobility tags below mark them.

Scan timing: clone 14.31s · analysis 17.12s · 81.9 MB · GitHub API rate-limit (preflight)

ethereum/go-ethereum

https://github.com/ethereum/go-ethereum · scanned 2026-06-05 11:41 UTC (5 days, 10 hours ago) · 10 languages

342 raw signals (118 security + 224 graph) 11/13 scanners ran 67th percentile · Go · large (100-500K LoC) System graph score 67 (higher by 18)

File as issue Image
UNIFIED Repobility · multi-layer engine · AI coders

Complete repo analysis

Last scanned 5 days, 10 hours ago · v2 · 124 actionable findings from 2 signal sources. 106 repeated signals grouped for readability. Security checks, system graph analysis, and verified AI-agent feedback are merged into one review queue.

JSON
Combined
78.7
/100
Security checks
90
42 findings
System graph
67
100.0% cov · 82 findings
Critical
2
click to filter
Agents
6
0 votes
Crowd
0
reported
Score breakdown â 2026-05-18-v5
Component Sub-score Weight Contribution
structure_score 85.0 0.15 12.75
security_score 100.0 0.25 25.00
testing_score 85.0 0.20 17.00
documentation_score 60.0 0.15 9.00
practices_score 99.0 0.15 14.85
code_quality 70.0 0.10 7.00
Overall 1.00 85.6
security_score may be inflated — optional security scanners were skipped on this fast scan
Severity distribution — click a segment to filter
Active filters: excluding tests × Reset all
Severity: Critical 2 High 7 Medium 12 Low 75 9-Layer: Software Security Quality Integrity Frontend Hardware Data Network Cicd Source: Security checks 42 System graph 82 Crowd 0 Layer: Security 9 Cicd 7 Quality 56 Software 40 Api 1 Frontend 7 Hardware 4
Scan summary Quality grade A- (86/100). Dimensions: security 100, maintainability 85. 118 findings (38 security). 453,920 lines analyzed.

Showing 94 of 124 actionable findings. 230 raw detector signals were grouped into reader-sized issues. Click TP / FP to vote on a finding's accuracy — votes adjust the confidence weighting and improve detection across the platform.

critical Security checks software dependencies conf 0.90 ✓ Repobility [MINED123] Trojan Source bidi character (LRM) in source: Line 2 contains a Unicode bidirectional override character (U+200E LRM). This is the 'Trojan Source' attack (CVE-2021-42574): the character makes the compiler / interpreter see different code than the human reviewer.
Audit the line manually. If the character is not intentional (it almost never is in code), remove it. Configure your editor / pre-commit hook to reject bidi controls in source.
graphql/internal/graphiql/graphiql.min.js:2
critical System graph security Secrets conf 1.00 2 occurrences Possible secret in cmd/utils/prompt.go
Detected pattern matching password_literal. Rotate the credential and move to a secret manager.
lines 33, 38
cmd/utils/prompt.go:33, 38 (2 hits)
high Security checks software dependencies conf 0.90 ✓ Repobility 5 occurrences [MINED118] Dockerfile FROM `debian:stable-slim` not pinned by digest: `FROM debian:stable-slim` resolves the tag at build time. The registry CAN re-push a different image for the same tag, so every build is potentially different. Production images should pin to `image@sha256:...` for reproducibility + supply-chain integrity.
Replace with: `FROM debian:stable-slim@sha256:<digest>`. Get the digest from `docker manifest inspect`. Re-pin via a scheduled bot (Renovate, Dependabot).
3 files, 5 locations
Dockerfile:7, 20 (2 hits)
Dockerfile.alltools:7, 27 (2 hits)
crypto/secp256k1/libsecp256k1/ci/linux-debian.Dockerfile:1
high Security checks software dependencies conf 0.90 ✓ Repobility [MINED126] Workflow container/services image `sagemath/sagemath:latest` unpinned: `container/services image: sagemath/sagemath:latest` without `@sha256:...` pulls a mutable tag at workflow-run time. Treat workflow container references with the same supply-chain discipline as Dockerfile FROM lines.
Replace with `sagemath/sagemath:latest@sha256:<digest>`. Re-pin via Dependabot Docker scope.
crypto/secp256k1/libsecp256k1/.github/workflows/ci.yml:856
high Security checks quality Quality conf 1.00 [SEC090] Go: math/rand used near crypto context: math/rand is not cryptographically secure. Use crypto/rand for tokens/keys. Ported from gosec G404 (Apache-2.0).
import `crypto/rand` and use `rand.Read(buf)`.
p2p/dnsdisc/sync.go:21
low Security checks quality Quality conf 1.00 [SEC093] Go: exec.Command with non-literal: exec.Command(<var>) — variable command name allows command injection. Ported from gosec G204 (Apache-2.0).
Use a constant command name and validate args via a whitelist.
crypto/signify/signify_fuzz.go:88
low Security checks cicd CI/CD security conf 0.90 ✓ Repobility 48 occurrences GitHub Action is tag-pinned rather than SHA-pinned
[MINED115] Action `actions/checkout` pinned to mutable ref `@v6`: `uses: actions/checkout@v6` resolves at workflow-run time. Tags and branches can be re-pushed by the action owner; that made the tj-actions/changed-files compromise (2025) instantly affect ~23K repos. Pin to a 40-char commit SHA + lo…
4 files, 48 locations
crypto/secp256k1/libsecp256k1/.github/workflows/ci.yml:101, 152, 198, 251, 308, 355, 410, 467, +10 more (35 hits)
.github/workflows/go.yml:20, 31, 52, 70, 98, 129 (6 hits)
.github/workflows/validate_pr.yml:12, 51, 54 (6 hits)
.github/workflows/freebsd.yml:13
CI/CD securitySupply chainGitHub Actions
medium Security checks cicd CI/CD security conf 0.90 ✓ Repobility 6 occurrences GitHub Action is tag-pinned rather than SHA-pinned
[MINED115] Action `vmactions/freebsd-vm` pinned to mutable ref `@v1`: `uses: vmactions/freebsd-vm@v1` resolves at workflow-run time. Tags and branches can be re-pushed by the action owner; that made the tj-actions/changed-files compromise (2025) instantly affect ~23K repos. Pin to a 40-char commit …
2 files, 6 locations
crypto/secp256k1/libsecp256k1/.github/workflows/ci.yml:52, 59, 783 (4 hits)
.github/workflows/freebsd.yml:19 (2 hits)
CI/CD securitySupply chainGitHub Actions
medium Security checks security auth conf 0.92 [AUC001] No Repobility access matrix policy found: The repository uses web/API frameworks but does not define .repobility/access.yml or equivalent authorization documentation.
Add .repobility/access.yml mapping routes to anonymous, authenticated, owner, admin, and super_admin. Keep business-specific rules in the repo so CI can enforce them.
medium Security checks quality Quality conf 1.00 3 occurrences [SEC094] Go: world-writable file permissions: File or directory created with world-writable mode (e.g. 0666, 0777). Ported from gosec G301 / G302 / G306 (Apache-2.0).
Use 0600 for files, 0700 for dirs that should be private.
3 files, 3 locations
cmd/workload/filtertest.go:161
cmd/workload/historytest.go:60
cmd/workload/prooftest.go:65
high Security checks cicd CI/CD security conf 0.82 Docker final stage has no non-root USER
Add a non-root USER in the final runtime stage after files and permissions are prepared.
Dockerfile.alltools:27 CI/CD securitycontainers
high Security checks cicd CI/CD security conf 0.82 Docker final stage has no non-root USER
Add a non-root USER in the final runtime stage after files and permissions are prepared.
Dockerfile:20 CI/CD securitycontainers
medium Security checks cicd CI/CD security conf 0.94 Dockerfile base image uses the latest tag
Pin to a maintained version tag or digest and update it deliberately through dependency automation.
Dockerfile.alltools:27 CI/CD securitycontainers
medium Security checks cicd CI/CD security conf 0.94 Dockerfile base image uses the latest tag
Pin to a maintained version tag or digest and update it deliberately through dependency automation.
Dockerfile:20 CI/CD securitycontainers
medium System graph frontend Frontend quality conf 1.00 `dangerouslySetInnerHTML` used in a React component — graphql/internal/graphiql/graphiql.min.js:2
Open XSS surface unless the input is provably trusted. Replace with explicit JSX or sanitize via a vetted library. Why: OWASP basics. Already partially flagged by the security analyzer. Rule id: fq.dangerous-html
Fq dangerous html
medium System graph frontend Frontend quality conf 1.00 `dangerouslySetInnerHTML` used in a React component — graphql/internal/graphiql/react-dom.production.min.js:26
Open XSS surface unless the input is provably trusted. Replace with explicit JSX or sanitize via a vetted library. Why: OWASP basics. Already partially flagged by the security analyzer. Rule id: fq.dangerous-html
Fq dangerous html
medium System graph hardware Supply chain conf 1.00 Docker base image uses a mutable or implicit tag: alpine:latest
Container tags can be retagged upstream. Pin production base images to a reviewed digest (`image@sha256:...`) when reproducibility and supply-chain integrity matter.
Dockerfile:20 containersPinned dependencies
medium System graph hardware Security conf 1.00 Dockerfile runs as root: Dockerfile
No non-root USER set. Containers running as root expand the blast radius of any vulnerability inside the image.
Container
medium System graph security security conf 1.00 Insecure pattern 'dangerous_innerhtml' in graphql/internal/graphiql/graphiql.min.js:2
Found a known-risky pattern (dangerous_innerhtml). Review and replace if possible.
graphql/internal/graphiql/graphiql.min.js:2 Dangerous innerhtml
medium System graph security security conf 1.00 Insecure pattern 'dangerous_innerhtml' in graphql/internal/graphiql/react-dom.production.min.js:26
Found a known-risky pattern (dangerous_innerhtml). Review and replace if possible.
graphql/internal/graphiql/react-dom.production.min.js:26 Dangerous innerhtml
medium System graph security security conf 1.00 Insecure pattern 'weak_hash' in internal/jsre/deps/web3.js:8607
Found a known-risky pattern (weak_hash). Review and replace if possible.
internal/jsre/deps/web3.js:8607 Weak hash
low Security checks cicd CI/CD security conf 0.72 .dockerignore misses sensitive defaults
Add missing patterns such as .env, .git, private keys, certificates, dependency folders, and local databases.
.dockerignore CI/CD securitycontainers
low Security checks quality Error handling conf 1.00 3 occurrences [ERR003] Ignored Error (Go): Ignoring error return values.
Handle the error or use errcheck linter.
3 files, 3 locations
cmd/devp2p/discv4cmd.go:305
cmd/devp2p/internal/ethtest/chain.go:197
cmd/devp2p/internal/ethtest/engine.go:58
low Security checks quality Quality conf 0.60 30 occurrences Duplicated implementation block across source files
Duplicate implementation blocks are maintenance debt. Keep them visible, but they are not a high-severity defect unless the duplicated logic is security-sensitive or drifting.
12 files, 16 locations
accounts/abi/bind/v2/internal/contracts/solc_errors/bindings.go:2, 8, 102 (3 hits)
common/fdlimit/fdlimit_unix.go:3, 19 (2 hits)
core/types/tx_setcode.go:117, 118 (2 hits)
accounts/abi/bind/v2/auth.go:20
accounts/abi/bind/v2/base.go:59
accounts/abi/bind/v2/internal/contracts/events/bindings.go:2
accounts/abi/bind/v2/internal/contracts/nested_libraries/bindings.go:2
accounts/abi/bind/v2/internal/contracts/uint256arrayreturn/bindings.go:2
duplicationquality
low Security checks quality Quality conf 0.70 Generated build artifact directory is present at repository root
Remove generated output from version control, add it to .gitignore and .dockerignore where relevant, and regenerate it in CI or release jobs.
build:1
low Security checks quality Documentation No LICENSE file
Add a LICENSE file to your repository. Use choosealicense.com to pick the right license (MIT for permissive, Apache 2.0 for patent protection, GPL for copyleft).
low System graph quality Maintenance conf 1.00 99 TODO/FIXME markers
High count of TODO/FIXME/HACK markers — track them as issues so they're not forgotten.
low System graph hardware Coverage conf 1.00 Containers defined but no K8s/orchestration manifest found
Repo has Dockerfiles/compose but no Kubernetes/Nomad manifests. If the target deployment is K8s, the manifests may live in a separate ops repo.
Deployment
low System graph hardware Supply chain conf 1.00 Docker base image is tag-pinned but not digest-pinned: golang:1.26-alpine
Container tags can be retagged upstream. Pin production base images to a reviewed digest (`image@sha256:...`) when reproducibility and supply-chain integrity matter.
Dockerfile:7 containersPinned dependencies
low System graph software Dead code candidate conf 1.00 File has no detected symbols: cmd/geth/testdata/empty.js
Source file with no class/function declarations — possible config, dead code, or scratch file.
low System graph software Dead code candidate conf 1.00 File has no detected symbols: console/testdata/preload.js
Source file with no class/function declarations — possible config, dead code, or scratch file.
low System graph software Dead code candidate conf 1.00 File has no detected symbols: eth/tracers/internal/tracetest/makeTest.js
Source file with no class/function declarations — possible config, dead code, or scratch file.
low System graph software Dead code candidate conf 1.00 File has no detected symbols: eth/tracers/js/internal/tracers/4byte_tracer_legacy.js
Source file with no class/function declarations — possible config, dead code, or scratch file.
low System graph software Dead code candidate conf 1.00 File has no detected symbols: eth/tracers/js/internal/tracers/bigram_tracer.js
Source file with no class/function declarations — possible config, dead code, or scratch file.
low System graph software Dead code candidate conf 1.00 File has no detected symbols: eth/tracers/js/internal/tracers/evmdis_tracer.js
Source file with no class/function declarations — possible config, dead code, or scratch file.
low System graph software Dead code candidate conf 1.00 File has no detected symbols: eth/tracers/js/internal/tracers/noop_tracer_legacy.js
Source file with no class/function declarations — possible config, dead code, or scratch file.
low System graph software Dead code candidate conf 1.00 File has no detected symbols: eth/tracers/js/internal/tracers/opcount_tracer.js
Source file with no class/function declarations — possible config, dead code, or scratch file.
low System graph software Dead code candidate conf 1.00 File has no detected symbols: eth/tracers/js/internal/tracers/prestate_tracer_legacy.js
Source file with no class/function declarations — possible config, dead code, or scratch file.
low System graph software Dead code candidate conf 1.00 File has no detected symbols: eth/tracers/js/internal/tracers/trigram_tracer.js
Source file with no class/function declarations — possible config, dead code, or scratch file.
low System graph software Dead code candidate conf 1.00 File has no detected symbols: eth/tracers/js/internal/tracers/unigram_tracer.js
Source file with no class/function declarations — possible config, dead code, or scratch file.
low System graph software Dead code candidate conf 1.00 File has no detected symbols: rpc/testdata/internal-error.js
Source file with no class/function declarations — possible config, dead code, or scratch file.
low System graph software Dead code candidate conf 1.00 File has no detected symbols: rpc/testdata/invalid-badid.js
Source file with no class/function declarations — possible config, dead code, or scratch file.
low System graph software Dead code candidate conf 1.00 File has no detected symbols: rpc/testdata/invalid-badversion.js
Source file with no class/function declarations — possible config, dead code, or scratch file.
low System graph software Dead code candidate conf 1.00 File has no detected symbols: rpc/testdata/invalid-batch-toolarge.js
Source file with no class/function declarations — possible config, dead code, or scratch file.
low System graph software Dead code candidate conf 1.00 File has no detected symbols: rpc/testdata/invalid-batch.js
Source file with no class/function declarations — possible config, dead code, or scratch file.
low System graph software Dead code candidate conf 1.00 File has no detected symbols: rpc/testdata/invalid-idonly.js
Source file with no class/function declarations — possible config, dead code, or scratch file.
low System graph software Dead code candidate conf 1.00 File has no detected symbols: rpc/testdata/invalid-nonobj.js
Source file with no class/function declarations — possible config, dead code, or scratch file.
low System graph software Dead code candidate conf 1.00 File has no detected symbols: rpc/testdata/reqresp-batch.js
Source file with no class/function declarations — possible config, dead code, or scratch file.
low System graph software Dead code candidate conf 1.00 File has no detected symbols: rpc/testdata/reqresp-echo.js
Source file with no class/function declarations — possible config, dead code, or scratch file.
low System graph software Dead code candidate conf 1.00 File has no detected symbols: rpc/testdata/reqresp-namedparam.js
Source file with no class/function declarations — possible config, dead code, or scratch file.
low System graph software Dead code candidate conf 1.00 File has no detected symbols: rpc/testdata/reqresp-noargsrets.js
Source file with no class/function declarations — possible config, dead code, or scratch file.
low System graph software Dead code candidate conf 1.00 File has no detected symbols: rpc/testdata/reqresp-nomethod.js
Source file with no class/function declarations — possible config, dead code, or scratch file.
low System graph software Dead code candidate conf 1.00 File has no detected symbols: rpc/testdata/reqresp-noparam.js
Source file with no class/function declarations — possible config, dead code, or scratch file.
low System graph software Dead code candidate conf 1.00 File has no detected symbols: rpc/testdata/reqresp-paramsnull.js
Source file with no class/function declarations — possible config, dead code, or scratch file.
low System graph software Dead code candidate conf 1.00 File has no detected symbols: rpc/testdata/revcall.js
Source file with no class/function declarations — possible config, dead code, or scratch file.
low System graph software Dead code candidate conf 1.00 File has no detected symbols: rpc/testdata/revcall2.js
Source file with no class/function declarations — possible config, dead code, or scratch file.
low System graph software Dead code candidate conf 1.00 File has no detected symbols: rpc/testdata/subscription.js
Source file with no class/function declarations — possible config, dead code, or scratch file.
low System graph software Dead code candidate conf 1.00 File has no detected symbols: tests/solidity/bytecode.js
Source file with no class/function declarations — possible config, dead code, or scratch file.
low System graph software Dead code candidate conf 1.00 File has no detected symbols: tests/solidity/migrations/1_initial_migration.js
Source file with no class/function declarations — possible config, dead code, or scratch file.
low System graph software Dead code candidate conf 1.00 File has no detected symbols: tests/solidity/migrations/2_opCodes_migration.js
Source file with no class/function declarations — possible config, dead code, or scratch file.
low System graph software Dead code candidate conf 1.00 File has no detected symbols: tests/solidity/test/opCodes.js
Source file with no class/function declarations — possible config, dead code, or scratch file.
low System graph software Dead code candidate conf 1.00 File has no detected symbols: tests/solidity/truffle-config.js
Source file with no class/function declarations — possible config, dead code, or scratch file.
low System graph quality Integrity conf 1.00 Old/deprecated-named symbol `isDeprecated` in graphql/internal/graphiql/graphiql.min.js:2
Names with suffixes like `_old`, `_v1`, `_deprecated` usually indicate replaced-but-not-removed code (typical AI-coder leftover). Confirm and delete, or rename if it's the active version.
old markerDead code
low System graph quality Integrity conf 1.00 Old/deprecated-named symbol `RabbitLegacy` in internal/jsre/deps/web3.js:10038
Names with suffixes like `_old`, `_v1`, `_deprecated` usually indicate replaced-but-not-removed code (typical AI-coder leftover). Confirm and delete, or rename if it's the active version.
old markerDead code
low System graph frontend Frontend quality conf 1.00 Stray `console.log` in TS/JS — eth/tracers/internal/tracetest/makeTest.js:76
Replace with the toast helper, an error boundary, or remove. `console.warn` / `console.error` are acceptable. Why: Hygiene — easy to leak debug output. Rule id: fq.console-leak
Fq console leak
low System graph frontend Frontend quality conf 1.00 Stray `console.log` in TS/JS — internal/jsre/deps/web3.js:2917
Replace with the toast helper, an error boundary, or remove. `console.warn` / `console.error` are acceptable. Why: Hygiene — easy to leak debug output. Rule id: fq.console-leak
Fq console leak
low System graph quality Complexity conf 1.00 Very large file: accounts/abi/abi_test.go (1259 lines)
Files with >800 lines often hide complexity hotspots and discourage tests.
low System graph quality Complexity conf 1.00 Very large file: accounts/abi/abigen/bind_test.go (2163 lines)
Files with >800 lines often hide complexity hotspots and discourage tests.
low System graph quality Complexity conf 1.00 Very large file: accounts/usbwallet/trezor/messages-management.pb.go (2276 lines)
Files with >800 lines often hide complexity hotspots and discourage tests.
low System graph quality Complexity conf 1.00 Very large file: accounts/usbwallet/trezor/messages.pb.go (1366 lines)
Files with >800 lines often hide complexity hotspots and discourage tests.
low System graph quality Complexity conf 1.00 Very large file: cmd/utils/flags.go (2520 lines)
Files with >800 lines often hide complexity hotspots and discourage tests.
low System graph quality Complexity conf 1.00 Very large file: core/blockchain.go (3004 lines)
Files with >800 lines often hide complexity hotspots and discourage tests.
low System graph quality Complexity conf 1.00 Very large file: core/blockchain_repair_test.go (2035 lines)
Files with >800 lines often hide complexity hotspots and discourage tests.
low System graph quality Complexity conf 1.00 Very large file: core/blockchain_sethead_test.go (2193 lines)
Files with >800 lines often hide complexity hotspots and discourage tests.
low System graph quality Complexity conf 1.00 Very large file: core/blockchain_test.go (4546 lines)
Files with >800 lines often hide complexity hotspots and discourage tests.
low System graph quality Complexity conf 1.00 Very large file: core/state/statedb.go (1546 lines)
Files with >800 lines often hide complexity hotspots and discourage tests.
low System graph quality Complexity conf 1.00 Very large file: core/state/statedb_test.go (1449 lines)
Files with >800 lines often hide complexity hotspots and discourage tests.
low System graph quality Complexity conf 1.00 Very large file: core/txpool/blobpool/blobpool.go (2350 lines)
Files with >800 lines often hide complexity hotspots and discourage tests.
low System graph quality Complexity conf 1.00 Very large file: core/txpool/blobpool/blobpool_test.go (2252 lines)
Files with >800 lines often hide complexity hotspots and discourage tests.
low System graph quality Complexity conf 1.00 Very large file: core/txpool/legacypool/legacypool.go (1861 lines)
Files with >800 lines often hide complexity hotspots and discourage tests.
low System graph quality Complexity conf 1.00 Very large file: core/txpool/legacypool/legacypool_test.go (2720 lines)
Files with >800 lines often hide complexity hotspots and discourage tests.
low System graph quality Complexity conf 1.00 Very large file: crypto/blake2b/blake2b_test.go (861 lines)
Files with >800 lines often hide complexity hotspots and discourage tests.
low System graph quality Complexity conf 1.00 Very large file: eth/catalyst/api.go (1288 lines)
Files with >800 lines often hide complexity hotspots and discourage tests.
low System graph quality Complexity conf 1.00 Very large file: eth/catalyst/api_test.go (2121 lines)
Files with >800 lines often hide complexity hotspots and discourage tests.
low System graph quality Complexity conf 1.00 Very large file: eth/downloader/skeleton.go (1334 lines)
Files with >800 lines often hide complexity hotspots and discourage tests.
low System graph quality Complexity conf 1.00 Very large file: eth/fetcher/tx_fetcher_test.go (2285 lines)
Files with >800 lines often hide complexity hotspots and discourage tests.
low System graph quality Complexity conf 1.00 Very large file: eth/protocols/snap/sync.go (3305 lines)
Files with >800 lines often hide complexity hotspots and discourage tests.
low System graph quality Complexity conf 1.00 Very large file: eth/protocols/snap/sync_test.go (1966 lines)
Files with >800 lines often hide complexity hotspots and discourage tests.
low System graph quality Complexity conf 1.00 Very large file: eth/protocols/snap/syncv2.go (1959 lines)
Files with >800 lines often hide complexity hotspots and discourage tests.
low System graph quality Complexity conf 1.00 Very large file: eth/tracers/api_test.go (1904 lines)
Files with >800 lines often hide complexity hotspots and discourage tests.
low System graph quality Complexity conf 1.00 Very large file: internal/ethapi/api.go (2192 lines)
Files with >800 lines often hide complexity hotspots and discourage tests.
low System graph quality Complexity conf 1.00 Very large file: internal/ethapi/api_test.go (4341 lines)
Files with >800 lines often hide complexity hotspots and discourage tests.
low System graph quality Complexity conf 1.00 Very large file: internal/jsre/deps/web3.js (13301 lines)
Files with >800 lines often hide complexity hotspots and discourage tests.
low System graph quality Complexity conf 1.00 Very large file: params/config.go (1412 lines)
Files with >800 lines often hide complexity hotspots and discourage tests.
For AI agents: Voting guide (TP/FP) MCP manifest Stdio wrapper SARIF Integrate Findings queue Vote TP/FP on findings to calibrate the engine.
For AI agents + API integrations
Email me when this repo regresses
Free. We re-scan periodically; new criticals → your inbox. No signup required for the scan itself.
API access

This page is publicly accessible at: https://repobility.com/scan/883bffd4-e24a-4bed-a8ca-09ff79b781d0/

To check status programmatically (no auth required): 

curl -s https://repobility.com/api/v1/public/scan/883bffd4-e24a-4bed-a8ca-09ff79b781d0/

Important — please don't re-submit the same URL repeatedly. The submission endpoint is idempotent: re-submitting the same git URL returns this same scan_token, not a new one. To re-scan this repo, sign up free and use the dashboard.