{"version": "2.1.0", "$schema": "https://json.schemastore.org/sarif-2.1.0.json", "runs": [{"tool": {"driver": {"name": "Repobility", "informationUri": "https://repobility.com", "rules": [{"id": "GHSA-65pc-fj4g-8rjx", "name": "idna: GHSA-65pc-fj4g-8rjx", "shortDescription": {"text": "idna: GHSA-65pc-fj4g-8rjx"}, "fullDescription": {"text": "Internationalized Domain Names in Applications (IDNA): Specially crafted inputs to idna.encode() can bypass CVE-2024-3651 fix"}, "properties": {"scanner": "osv-scanner", "category": "dependency", "severity": "medium", "confidence": 0.88, "cwe": "", "owasp": ""}}, {"id": "GHSA-r73j-pqj5-w3x7", "name": "pillow: GHSA-r73j-pqj5-w3x7", "shortDescription": {"text": "pillow: GHSA-r73j-pqj5-w3x7"}, "fullDescription": {"text": "Pillow has a PDF Parsing Trailer Infinite Loop (DoS)"}, "properties": {"scanner": "osv-scanner", "category": "dependency", "severity": "medium", "confidence": 0.88, "cwe": "", "owasp": ""}}, {"id": "GHSA-q2x7-8rv6-6q7h", "name": "jinja2: GHSA-q2x7-8rv6-6q7h", "shortDescription": {"text": "jinja2: GHSA-q2x7-8rv6-6q7h"}, "fullDescription": {"text": "Jinja has a sandbox breakout through indirect reference to format method"}, "properties": {"scanner": "osv-scanner", "category": "dependency", "severity": "medium", "confidence": 0.88, "cwe": "", "owasp": ""}}, {"id": "GHSA-gmj6-6f8f-6699", "name": "jinja2: GHSA-gmj6-6f8f-6699", "shortDescription": {"text": "jinja2: GHSA-gmj6-6f8f-6699"}, "fullDescription": {"text": "Jinja has a sandbox breakout through malicious filenames"}, "properties": {"scanner": "osv-scanner", "category": "dependency", "severity": "medium", "confidence": 0.88, "cwe": "", "owasp": ""}}, {"id": "GHSA-cpwx-vrp4-4pq7", "name": "jinja2: GHSA-cpwx-vrp4-4pq7", "shortDescription": {"text": "jinja2: GHSA-cpwx-vrp4-4pq7"}, "fullDescription": {"text": "Jinja2 vulnerable to sandbox breakout through attr filter selecting format method"}, "properties": {"scanner": "osv-scanner", "category": "dependency", "severity": "medium", "confidence": 0.88, "cwe": "", "owasp": ""}}, {"id": "GHSA-w853-jp5j-5j7f", "name": "filelock: GHSA-w853-jp5j-5j7f", "shortDescription": {"text": "filelock: GHSA-w853-jp5j-5j7f"}, "fullDescription": {"text": "filelock has a TOCTOU race condition which allows symlink attacks during lock file creation"}, "properties": {"scanner": "osv-scanner", "category": "dependency", "severity": "medium", "confidence": 0.88, "cwe": "", "owasp": ""}}, {"id": "GHSA-qmgc-5h2g-mvrw", "name": "filelock: GHSA-qmgc-5h2g-mvrw", "shortDescription": {"text": "filelock: GHSA-qmgc-5h2g-mvrw"}, "fullDescription": {"text": "filelock Time-of-Check-Time-of-Use (TOCTOU) Symlink Vulnerability in SoftFileLock"}, "properties": {"scanner": "osv-scanner", "category": "dependency", "severity": "medium", "confidence": 0.88, "cwe": "", "owasp": ""}}, {"id": "AGT013", "name": "Agent auto-approve or skip-permissions mode is easy to enable", "shortDescription": {"text": "Agent auto-approve or skip-permissions mode is easy to enable"}, "fullDescription": {"text": "Codex/agent auto-approve, YOLO, or skip-permissions modes can be useful in isolated automation, but they remove the human checkpoint before command execution, network access, and file edits."}, "properties": {"scanner": "repobility-agent-runtime", "category": "quality", "severity": "medium", "confidence": 0.68, "cwe": "", "owasp": ""}}, {"id": "SEC031", "name": "[SEC031] Catastrophic Backtracking Regex (ReDoS): Regex contains nested quantifiers like `(a+)+` or quantified alternati", "shortDescription": {"text": "[SEC031] Catastrophic Backtracking Regex (ReDoS): Regex contains nested quantifiers like `(a+)+` or quantified alternation with overlapping branches. On adversarial input these patterns exhibit exponential backtracking, freezing the process"}, "fullDescription": {"text": "Three options, pick one:\n  1. Rewrite the pattern to avoid nested quantifiers. E.g. `(a+)+` is      functionally equivalent to `a+` for matching purposes.\n  2. Use Google's re2 (`pip install google-re2`): linear-time, drop-in      replacement for `re` for most use cases.\n  3. Set a hard timeout: `signal.alarm(1)` before regex eval.\nTest patterns against `safe-regex` or `redos-detector` before shipping."}, "properties": {"scanner": "repobility-threat-engine", "category": "redos", "severity": "medium", "confidence": 1.0, "cwe": "", "owasp": ""}}, {"id": "COMP001", "name": "[COMP001] High cognitive complexity: Function `main` has cognitive complexity 19 (SonarSource scale). Cognitive complexi", "shortDescription": {"text": "[COMP001] High cognitive complexity: Function `main` has cognitive complexity 19 (SonarSource scale). Cognitive complexity measures how hard the function is for a human to understand \u2014 nested branches, boolean chains, and recursion all weig"}, "fullDescription": {"text": "Extract nested branches into named helper functions; flatten early-return / guard clauses; replace long if/elif chains with dispatch dicts or polymorphism. SonarQube's threshold for 'should refactor' is 15 \u2014 yours is 19."}, "properties": {"scanner": "repobility-threat-engine", "category": "quality", "severity": "medium", "confidence": 0.95, "cwe": "", "owasp": ""}}, {"id": "MINED111", "name": "Bare except continues silently", "shortDescription": {"text": "Bare except continues silently"}, "fullDescription": {"text": "Bare `except:` (or `except Exception:`) that runs code without re-raising or logging the exception. Hides real failures and makes bugs hard to diagnose."}, "properties": {"scanner": "repobility-ast-engine", "category": "quality", "severity": "medium", "confidence": 1.0, "cwe": "", "owasp": ""}}, {"id": "AGT012", "name": "Agent control bridge may listen on a network interface without visible auth", "shortDescription": {"text": "Agent control bridge may listen on a network interface without visible auth"}, "fullDescription": {"text": "Agent, MCP, sidecar, and command bridge servers often start as local helpers. Binding them to 0.0.0.0 or a default all-interface listener without an authorization guard can expose tool execution or session data to the LAN."}, "properties": {"scanner": "repobility-agent-runtime", "category": "quality", "severity": "medium", "confidence": 0.72, "cwe": "", "owasp": ""}}, {"id": "AGT015", "name": "Remote install command pipes network code directly to a shell", "shortDescription": {"text": "Remote install command pipes network code directly to a shell"}, "fullDescription": {"text": "Agent helper projects often publish one-line installers. `curl | sh` style commands are convenient, but they bypass review unless the script is pinned, signed, or checksum-verified."}, "properties": {"scanner": "repobility-agent-runtime", "category": "dependency", "severity": "medium", "confidence": 0.7, "cwe": "", "owasp": ""}}, {"id": "DEPCUR-PY", "name": "Python package `tenacity` is minor version(s) behind (9.0.0 -> 9.1.4)", "shortDescription": {"text": "Python package `tenacity` is minor version(s) behind (9.0.0 -> 9.1.4)"}, "fullDescription": {"text": "`tenacity==9.0.0` is minor version(s) behind the latest stable release on PyPI (9.1.4). Pinned-but-stale Python dependencies drift away from upstream security and bugfix releases. This is the version-currency signal Dependabot raises."}, "properties": {"scanner": "repobility-dependency-currency", "category": "dependency", "severity": "low", "confidence": 0.9, "cwe": "", "owasp": ""}}, {"id": "AIC003", "name": "Duplicated implementation block across source files", "shortDescription": {"text": "Duplicated implementation block across source files"}, "fullDescription": {"text": "Duplicated blocks are a common artifact when generated code is pasted or recreated instead of reused. They increase maintenance cost because every future bug fix must be found in multiple locations."}, "properties": {"scanner": "repobility-ai-code-hygiene", "category": "quality", "severity": "low", "confidence": 0.86, "cwe": "", "owasp": ""}}, {"id": "MINED043", "name": "[MINED043] Http Not Https (and 6 more): Same pattern found in 6 additional files. Review if needed.", "shortDescription": {"text": "[MINED043] Http Not Https (and 6 more): Same pattern found in 6 additional files. Review if needed."}, "fullDescription": {"text": "Review and fix per the pattern semantics. See CWE-319 / A02:2021 for context."}, "properties": {"scanner": "repobility-threat-engine", "category": "quality", "severity": "info", "confidence": 0.2, "cwe": "", "owasp": ""}}, {"id": "MINED044", "name": "[MINED044] Js Console Log Prod (and 6 more): Same pattern found in 6 additional files. Review if needed.", "shortDescription": {"text": "[MINED044] Js Console Log Prod (and 6 more): Same pattern found in 6 additional files. Review if needed."}, "fullDescription": {"text": "Review and fix per the pattern semantics. See CWE-532 /  for context."}, "properties": {"scanner": "repobility-threat-engine", "category": "quality", "severity": "info", "confidence": 0.2, "cwe": "", "owasp": ""}}, {"id": "MINED050", "name": "[MINED050] Stub Only Function (and 4 more): Same pattern found in 4 additional files. Review if needed.", "shortDescription": {"text": "[MINED050] Stub Only Function (and 4 more): Same pattern found in 4 additional files. Review if needed."}, "fullDescription": {"text": "Review and fix per the pattern semantics. See CWE-1188 /  for context."}, "properties": {"scanner": "repobility-threat-engine", "category": "quality", "severity": "info", "confidence": 0.2, "cwe": "", "owasp": ""}}, {"id": "MINED049", "name": "[MINED049] Print Pii (and 3 more): Same pattern found in 3 additional files. Review if needed.", "shortDescription": {"text": "[MINED049] Print Pii (and 3 more): Same pattern found in 3 additional files. Review if needed."}, "fullDescription": {"text": "Review and fix per the pattern semantics. See CWE-532 / A09:2021 for context."}, "properties": {"scanner": "repobility-threat-engine", "category": "quality", "severity": "info", "confidence": 0.2, "cwe": "", "owasp": ""}}, {"id": "MINED001", "name": "[MINED001] Bare Except Pass (and 3 more): Same pattern found in 3 additional files. Review if needed.", "shortDescription": {"text": "[MINED001] Bare Except Pass (and 3 more): Same pattern found in 3 additional files. Review if needed."}, "fullDescription": {"text": "Review and fix per the pattern semantics. See CWE-755 /  for context."}, "properties": {"scanner": "repobility-threat-engine", "category": "quality", "severity": "info", "confidence": 0.2, "cwe": "", "owasp": ""}}, {"id": "SEC020", "name": "[SEC020] Secret Printed to Logs (and 3 more): Same pattern found in 3 additional files. Review if needed.", "shortDescription": {"text": "[SEC020] Secret Printed to Logs (and 3 more): Same pattern found in 3 additional files. Review if needed."}, "fullDescription": {"text": "Log only redacted, hashed, or last-four-style metadata. Rotate any secret that may have reached logs."}, "properties": {"scanner": "repobility-threat-engine", "category": "credential_exposure", "severity": "info", "confidence": 0.2, "cwe": "", "owasp": ""}}, {"id": "GHSA-whj4-6x5x-4v2j", "name": "pillow: GHSA-whj4-6x5x-4v2j", "shortDescription": {"text": "pillow: GHSA-whj4-6x5x-4v2j"}, "fullDescription": {"text": "FITS GZIP decompression bomb in Pillow"}, "properties": {"scanner": "osv-scanner", "category": "dependency", "severity": "high", "confidence": 0.88, "cwe": "", "owasp": ""}}, {"id": "GHSA-pwv6-vv43-88gr", "name": "pillow: GHSA-pwv6-vv43-88gr", "shortDescription": {"text": "pillow: GHSA-pwv6-vv43-88gr"}, "fullDescription": {"text": "Pillow has an OOB Write with Invalid PSD Tile Extents (Integer Overflow)"}, "properties": {"scanner": "osv-scanner", "category": "dependency", "severity": "high", "confidence": 0.88, "cwe": "", "owasp": ""}}, {"id": "GHSA-cfh3-3jmp-rvhc", "name": "pillow: GHSA-cfh3-3jmp-rvhc", "shortDescription": {"text": "pillow: GHSA-cfh3-3jmp-rvhc"}, "fullDescription": {"text": "Pillow affected by out-of-bounds write when loading PSD images"}, "properties": {"scanner": "osv-scanner", "category": "dependency", "severity": "high", "confidence": 0.88, "cwe": "", "owasp": ""}}, {"id": "PYSEC-2026-165", "name": "pillow: PYSEC-2026-165", "shortDescription": {"text": "pillow: PYSEC-2026-165"}, "fullDescription": {"text": "Pillow is a Python imaging library. Prior to version 12.2.0, if a font advances for each glyph by an exceeding large amount, when Pillow keeps track of the current position, it may lead to an integer overflow. This issue has been patched in version 12.2.0."}, "properties": {"scanner": "osv-scanner", "category": "dependency", "severity": "high", "confidence": 0.88, "cwe": "", "owasp": ""}}, {"id": "PYSEC-2026-89", "name": "markdown: PYSEC-2026-89", "shortDescription": {"text": "markdown: PYSEC-2026-89"}, "fullDescription": {"text": "Python-Markdown version 3.8 contain a vulnerability where malformed HTML-like sequences can cause html.parser.HTMLParser to raise an unhandled AssertionError during Markdown parsing. Because Python-Markdown does not catch this exception, any application that processes attacker-controlled Markdown may crash. This enables remote, unauthenticated Denial of Service in web applications, documentation systems, CI/CD pipelines, and any service that renders untrusted Markdown. The issue was acknowledged by the vendor and fixed in version 3.8.1. This issue causes a remote Denial of Service in any application parsing untrusted Markdown, and can lead to Information Disclosure through uncaught exceptions."}, "properties": {"scanner": "osv-scanner", "category": "dependency", "severity": "high", "confidence": 0.88, "cwe": "", "owasp": ""}}, {"id": "MINED108", "name": "`self.calculate_cyclomatic_complexity` used but never assigned in __init__", "shortDescription": {"text": "`self.calculate_cyclomatic_complexity` used but never assigned in __init__"}, "fullDescription": {"text": "Method `get_complexity_report` of class `ComplexityAnalyzer` reads `self.calculate_cyclomatic_complexity`, but no assignment to it exists in __init__ (and no class-level fallback). This raises AttributeError the first time the method runs against an instance."}, "properties": {"scanner": "repobility-ast-engine", "category": "quality", "severity": "high", "confidence": 1.0, "cwe": "", "owasp": ""}}, {"id": "SEC029", "name": "[SEC029] Server-Side Request Forgery (SSRF) \u2014 outbound HTTP from user input: Outbound HTTP request to a user-controlled ", "shortDescription": {"text": "[SEC029] Server-Side Request Forgery (SSRF) \u2014 outbound HTTP from user input: Outbound HTTP request to a user-controlled URL without allowlist validation. Attackers can probe internal services (169.254.169.254 metadata, internal Kubernetes e"}, "fullDescription": {"text": "Validate the URL against an allowlist BEFORE fetching:\n  ALLOWED = {'images.example.com', 'cdn.example.com'}\n  host = urlparse(url).hostname\n  if host not in ALLOWED: abort(400)\nOr use a server-side proxy (Imgproxy / serve-files-only-from-S3) that isolates outbound network access from the request handler.\nBlock private CIDRs explicitly: 10/8, 172.16/12, 192.168/16, 169.254/16."}, "properties": {"scanner": "repobility-threat-engine", "category": "ssrf", "severity": "high", "confidence": 1.0, "cwe": "", "owasp": ""}}, {"id": "MINED104", "name": "[MINED104] Chmod 777: chmod 777 makes a file or directory world-readable, world-writable, AND world-executable. Local pr", "shortDescription": {"text": "[MINED104] Chmod 777: chmod 777 makes a file or directory world-readable, world-writable, AND world-executable. Local privilege escalation surface; audit-failing for most compliance frameworks."}, "fullDescription": {"text": "Use the least-privilege mode the file actually needs (e.g. 640 for configs, 750 for executables). For directories that genuinely need shared write access, use a group with chmod g+w and chown the right group."}, "properties": {"scanner": "repobility-threat-engine", "category": "quality", "severity": "high", "confidence": 1.0, "cwe": "", "owasp": ""}}, {"id": "MINED115", "name": "Action `actions/checkout` pinned to mutable ref `@v4`", "shortDescription": {"text": "Action `actions/checkout` pinned to mutable ref `@v4`"}, "fullDescription": {"text": "`uses: actions/checkout@v4` resolves at workflow-run time. Tags and branches can be re-pushed by the action owner; that made the tj-actions/changed-files compromise (2025) instantly affect ~23K repos. Pin to a 40-char commit SHA + lock with Dependabot or renovate."}, "properties": {"scanner": "repobility-supply-chain", "category": "dependency", "severity": "high", "confidence": 0.9, "cwe": "", "owasp": ""}}, {"id": "MINED131", "name": "pre-commit hook `https://github.com/pre-commit/mirrors-mypy` pinned to mutable rev `v1.13.0`", "shortDescription": {"text": "pre-commit hook `https://github.com/pre-commit/mirrors-mypy` pinned to mutable rev `v1.13.0`"}, "fullDescription": {"text": "`.pre-commit-config.yaml` references `https://github.com/pre-commit/mirrors-mypy` at `rev: v1.13.0`. If `{rev}` is a branch or version tag, the repo owner can push new code there and `pre-commit install --install-hooks` will fetch it on every developer's machine."}, "properties": {"scanner": "repobility-supply-chain", "category": "dependency", "severity": "high", "confidence": 0.9, "cwe": "", "owasp": ""}}, {"id": "MINED106", "name": "Phantom test coverage: test_download_rejects_non_http_scheme", "shortDescription": {"text": "Phantom test coverage: test_download_rejects_non_http_scheme"}, "fullDescription": {"text": "Test function `test_download_rejects_non_http_scheme` runs code but contains no assert / expect / should call \u2014 it passes regardless of behaviour. Adds line coverage without verifying anything."}, "properties": {"scanner": "repobility-ast-engine", "category": "quality", "severity": "high", "confidence": 1.0, "cwe": "", "owasp": ""}}, {"id": "curl-auth-header", "name": "Discovered a potential authorization token provided in a curl command header, which could compromise the curl accessed r", "shortDescription": {"text": "Discovered a potential authorization token provided in a curl command header, which could compromise the curl accessed resource."}, "fullDescription": {"text": "Gitleaks detected a committed secret or credential pattern."}, "properties": {"scanner": "gitleaks", "category": "credential_exposure", "severity": "critical", "confidence": 0.95, "cwe": "", "owasp": ""}}, {"id": "generic-api-key", "name": "Detected a Generic API Key, potentially exposing access to various services and sensitive operations.", "shortDescription": {"text": "Detected a Generic API Key, potentially exposing access to various services and sensitive operations."}, "fullDescription": {"text": "Gitleaks detected a committed secret or credential pattern."}, "properties": {"scanner": "gitleaks", "category": "credential_exposure", "severity": "critical", "confidence": 0.95, "cwe": "", "owasp": ""}}]}}, "automationDetails": {"id": "repobility/146"}, "properties": {"repository": "luongnv89/claude-howto", "repoUrl": "https://github.com/luongnv89/claude-howto.git", "branch": "main"}, "results": [{"ruleId": "GHSA-65pc-fj4g-8rjx", "level": "warning", "message": {"text": "idna: GHSA-65pc-fj4g-8rjx"}, "properties": {"repobilityId": 52226, "scanner": "osv-scanner", "fingerprint": "20a46fbfffb674f9ebeef576e8fc2afa5db07158bcb47fbe28e0cb6633aedf69", "category": "dependency", "severity": "medium", "confidence": 0.88, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"match": "", "aliases": ["CVE-2026-45409"], "package": "idna", "rule_id": "GHSA-65pc-fj4g-8rjx", "scanner": "osv-scanner", "correlation_key": "vuln|idna|CVE-2024-3651|scripts/requirements.txt"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "scripts/requirements.txt"}, "region": {"startLine": 1}}}]}, {"ruleId": "GHSA-r73j-pqj5-w3x7", "level": "warning", "message": {"text": "pillow: GHSA-r73j-pqj5-w3x7"}, "properties": {"repobilityId": 52224, "scanner": "osv-scanner", "fingerprint": "94fc546a1d321ba8ce432f38140a673e0f5e966bf4073c336fdef891fa66964d", "category": "dependency", "severity": "medium", "confidence": 0.88, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"match": "", "aliases": ["BIT-pillow-2026-42310", "CVE-2026-42310"], "package": "pillow", "rule_id": "GHSA-r73j-pqj5-w3x7", "scanner": "osv-scanner", "correlation_key": "vuln|pillow|CVE-2026-42310|scripts/requirements.txt"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "scripts/requirements.txt"}, "region": {"startLine": 1}}}]}, {"ruleId": "GHSA-q2x7-8rv6-6q7h", "level": "warning", "message": {"text": "jinja2: GHSA-q2x7-8rv6-6q7h"}, "properties": {"repobilityId": 52219, "scanner": "osv-scanner", "fingerprint": "9a1dafe8f90cd8ae1eb812e0e0c2671256482b30515b98d55966e28e1832ebbe", "category": "dependency", "severity": "medium", "confidence": 0.88, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"match": "", "aliases": ["CVE-2024-56326"], "package": "jinja2", "rule_id": "GHSA-q2x7-8rv6-6q7h", "scanner": "osv-scanner", "correlation_key": "vuln|jinja2|CVE-2024-56326|scripts/requirements.txt"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "scripts/requirements.txt"}, "region": {"startLine": 1}}}]}, {"ruleId": "GHSA-gmj6-6f8f-6699", "level": "warning", "message": {"text": "jinja2: GHSA-gmj6-6f8f-6699"}, "properties": {"repobilityId": 52218, "scanner": "osv-scanner", "fingerprint": "65db3f7721f216da80f326570162c369dd6eb459357d6ea65aea8df785b30405", "category": "dependency", "severity": "medium", "confidence": 0.88, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"match": "", "aliases": ["CVE-2024-56201"], "package": "jinja2", "rule_id": "GHSA-gmj6-6f8f-6699", "scanner": "osv-scanner", "correlation_key": "vuln|jinja2|CVE-2024-56201|scripts/requirements.txt"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "scripts/requirements.txt"}, "region": {"startLine": 1}}}]}, {"ruleId": "GHSA-cpwx-vrp4-4pq7", "level": "warning", "message": {"text": "jinja2: GHSA-cpwx-vrp4-4pq7"}, "properties": {"repobilityId": 52217, "scanner": "osv-scanner", "fingerprint": "91dd0c580edb3ed84b8f42ea4c9924f511eae87c21072ffd0e7e8612842f7e8e", "category": "dependency", "severity": "medium", "confidence": 0.88, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"match": "", "aliases": ["CVE-2025-27516"], "package": "jinja2", "rule_id": "GHSA-cpwx-vrp4-4pq7", "scanner": "osv-scanner", "correlation_key": "vuln|jinja2|CVE-2025-27516|scripts/requirements.txt"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "scripts/requirements.txt"}, "region": {"startLine": 1}}}]}, {"ruleId": "GHSA-65pc-fj4g-8rjx", "level": "warning", "message": {"text": "idna: GHSA-65pc-fj4g-8rjx"}, "properties": {"repobilityId": 52216, "scanner": "osv-scanner", "fingerprint": "a471494c234ffc2180938efb3dce0653977aeacb89b505cca1aa7350edba0e7e", "category": "dependency", "severity": "medium", "confidence": 0.88, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"match": "", "aliases": ["CVE-2026-45409"], "package": "idna", "rule_id": "GHSA-65pc-fj4g-8rjx", "scanner": "osv-scanner", "correlation_key": "vuln|idna|CVE-2024-3651|token"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "scripts/requirements-dev.txt"}, "region": {"startLine": 1}}}]}, {"ruleId": "GHSA-w853-jp5j-5j7f", "level": "warning", "message": {"text": "filelock: GHSA-w853-jp5j-5j7f"}, "properties": {"repobilityId": 52215, "scanner": "osv-scanner", "fingerprint": "7bd7df14eb2a6cf9770dad78aa7c6adc539ac5174a2fc0ed217a393642444451", "category": "dependency", "severity": "medium", "confidence": 0.88, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"match": "", "aliases": ["CVE-2025-68146"], "package": "filelock", "rule_id": "GHSA-w853-jp5j-5j7f", "scanner": "osv-scanner", "correlation_key": "vuln|filelock|CVE-2025-68146|token"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "scripts/requirements-dev.txt"}, "region": {"startLine": 1}}}]}, {"ruleId": "GHSA-qmgc-5h2g-mvrw", "level": "warning", "message": {"text": "filelock: GHSA-qmgc-5h2g-mvrw"}, "properties": {"repobilityId": 52214, "scanner": "osv-scanner", "fingerprint": "889a1a3b5625d6bbdb6296ca77e6d24bab0ad7a9baf81ba7b3dfa0687ec08f9d", "category": "dependency", "severity": "medium", "confidence": 0.88, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"match": "", "aliases": ["CVE-2026-22701"], "package": "filelock", "rule_id": "GHSA-qmgc-5h2g-mvrw", "scanner": "osv-scanner", "correlation_key": "vuln|filelock|CVE-2026-22701|token"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "scripts/requirements-dev.txt"}, "region": {"startLine": 1}}}]}, {"ruleId": "GHSA-r73j-pqj5-w3x7", "level": "warning", "message": {"text": "pillow: GHSA-r73j-pqj5-w3x7"}, "properties": {"repobilityId": 52212, "scanner": "osv-scanner", "fingerprint": "6622dec5db2655317c70f90f148a50aaa992b721e37cd73f0517743520aff4a0", "category": "dependency", "severity": "medium", "confidence": 0.88, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"match": "", "aliases": ["BIT-pillow-2026-42310", "CVE-2026-42310"], "package": "pillow", "rule_id": "GHSA-r73j-pqj5-w3x7", "scanner": "osv-scanner", "correlation_key": "vuln|pillow|CVE-2026-42310|token"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "scripts/requirements-dev.txt"}, "region": {"startLine": 1}}}]}, {"ruleId": "GHSA-q2x7-8rv6-6q7h", "level": "warning", "message": {"text": "jinja2: GHSA-q2x7-8rv6-6q7h"}, "properties": {"repobilityId": 52207, "scanner": "osv-scanner", "fingerprint": "95d8f88354e8b2253f06c66d720eed3b9f3f21915e681743eee0f11aaf0467d0", "category": "dependency", "severity": "medium", "confidence": 0.88, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"match": "", "aliases": ["CVE-2024-56326"], "package": "jinja2", "rule_id": "GHSA-q2x7-8rv6-6q7h", "scanner": "osv-scanner", "correlation_key": "vuln|jinja2|CVE-2024-56326|token"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "scripts/requirements-dev.txt"}, "region": {"startLine": 1}}}]}, {"ruleId": "GHSA-gmj6-6f8f-6699", "level": "warning", "message": {"text": "jinja2: GHSA-gmj6-6f8f-6699"}, "properties": {"repobilityId": 52206, "scanner": "osv-scanner", "fingerprint": "7822e90c2f481f660ca336749c3468b6996f7dc1bcfad5c1d8d3678eeadae7bf", "category": "dependency", "severity": "medium", "confidence": 0.88, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"match": "", "aliases": ["CVE-2024-56201"], "package": "jinja2", "rule_id": "GHSA-gmj6-6f8f-6699", "scanner": "osv-scanner", "correlation_key": "vuln|jinja2|CVE-2024-56201|token"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "scripts/requirements-dev.txt"}, "region": {"startLine": 1}}}]}, {"ruleId": "GHSA-cpwx-vrp4-4pq7", "level": "warning", "message": {"text": "jinja2: GHSA-cpwx-vrp4-4pq7"}, "properties": {"repobilityId": 52205, "scanner": "osv-scanner", "fingerprint": "07131adc121b9770859392d5de05f438c923b62d36337fe82a3426db7e2f6241", "category": "dependency", "severity": "medium", "confidence": 0.88, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"match": "", "aliases": ["CVE-2025-27516"], "package": "jinja2", "rule_id": "GHSA-cpwx-vrp4-4pq7", "scanner": "osv-scanner", "correlation_key": "vuln|jinja2|CVE-2025-27516|token"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "scripts/requirements-dev.txt"}, "region": {"startLine": 1}}}]}, {"ruleId": "AGT013", "level": "warning", "message": {"text": "Agent auto-approve or skip-permissions mode is easy to enable"}, "properties": {"repobilityId": 45635, "scanner": "repobility-agent-runtime", "fingerprint": "f8b3d108f0e9338184519a72689256520d2d38a0279dc997f8775598d7957119", "category": "quality", "severity": "medium", "confidence": 0.68, "triageState": "fixed", "verdict": "likely", "isResolved": true, "reason": "File exposes or configures a broad agent auto-approval mode without enough local guard wording.", "evidence": {"rule_id": "AGT013", "scanner": "repobility-agent-runtime", "references": [], "correlation_key": "fp|f8b3d108f0e9338184519a72689256520d2d38a0279dc997f8775598d7957119"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "09-advanced-features/README.md"}, "region": {"startLine": 452}}}]}, {"ruleId": "SEC031", "level": "warning", "message": {"text": "[SEC031] Catastrophic Backtracking Regex (ReDoS): Regex contains nested quantifiers like `(a+)+` or quantified alternation with overlapping branches. On adversarial input these patterns exhibit exponential backtracking, freezing the process. CWE-1333. Real CVEs: CVE-2017-16129 (minimatch), CVE-2021-3807 (ansi-regex), and dozens more."}, "properties": {"repobilityId": 34371, "scanner": "repobility-threat-engine", "fingerprint": "86ccfb038517ff88a5ea0dd9b6fbc88ed1a6743f063ca87eb79bb86f6d836d35", "category": "redos", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"match": "re.compile(r\"^ {0,3}(?:>\\s*)*", "reason": "Pattern matched with no mitigating context found", "rule_id": "SEC031", "scanner": "repobility-threat-engine", "confidence": 1.0, "correlation_key": "fp|86ccfb038517ff88a5ea0dd9b6fbc88ed1a6743f063ca87eb79bb86f6d836d35"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "scripts/check_markdown_rendering.py"}, "region": {"startLine": 46}}}]}, {"ruleId": "COMP001", "level": "warning", "message": {"text": "[COMP001] High cognitive complexity: Function `main` has cognitive complexity 19 (SonarSource scale). Cognitive complexity measures how hard the function is for a human to understand \u2014 nested branches, boolean chains, and recursion all weigh in. Breakdown: and=1, continue=1, for=4, if=5, nested_bonus=8."}, "properties": {"repobilityId": 34357, "scanner": "repobility-threat-engine", "fingerprint": "a0acfd557188acfa52b33dc949398bcf87985c87f05cb2aea423eaee82a38d47", "category": "quality", "severity": "medium", "confidence": 0.95, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "AST-derived cognitive complexity score = 19 (severity threshold for medium: 15+).", "evidence": {"scanner": "repobility-threat-engine", "function": "main", "breakdown": {"if": 5, "and": 1, "for": 4, "continue": 1, "nested_bonus": 8}, "complexity": 19, "correlation_key": "fp|a0acfd557188acfa52b33dc949398bcf87985c87f05cb2aea423eaee82a38d47"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "scripts/check_cross_references.py"}, "region": {"startLine": 62}}}]}, {"ruleId": "COMP001", "level": "warning", "message": {"text": "[COMP001] High cognitive complexity: Function `read_transcript` has cognitive complexity 22 (SonarSource scale). Cognitive complexity measures how hard the function is for a human to understand \u2014 nested branches, boolean chains, and recursion all weigh in. Breakdown: continue=1, elif=1, except=1, for=2, if=4, nested_bonus=13."}, "properties": {"repobilityId": 34356, "scanner": "repobility-threat-engine", "fingerprint": "20c469a91761b7e93f19a07994c1dcbad3ce308e20d5c3f906b33be23a5a95bd", "category": "quality", "severity": "medium", "confidence": 0.95, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "AST-derived cognitive complexity score = 22 (severity threshold for medium: 15+).", "evidence": {"scanner": "repobility-threat-engine", "function": "read_transcript", "breakdown": {"if": 4, "for": 2, "elif": 1, "except": 1, "continue": 1, "nested_bonus": 13}, "complexity": 22, "correlation_key": "fp|20c469a91761b7e93f19a07994c1dcbad3ce308e20d5c3f906b33be23a5a95bd"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "06-hooks/context-tracker.py"}, "region": {"startLine": 40}}}]}, {"ruleId": "COMP001", "level": "warning", "message": {"text": "[COMP001] High cognitive complexity: Function `read_transcript` has cognitive complexity 22 (SonarSource scale). Cognitive complexity measures how hard the function is for a human to understand \u2014 nested branches, boolean chains, and recursion all weigh in. Breakdown: continue=1, elif=1, except=1, for=2, if=4, nested_bonus=13."}, "properties": {"repobilityId": 34355, "scanner": "repobility-threat-engine", "fingerprint": "52f8c12db610416523b8ab58c69b1e417e2fa99d69b3a1f3bf1512d3e5c314ea", "category": "quality", "severity": "medium", "confidence": 0.95, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "AST-derived cognitive complexity score = 22 (severity threshold for medium: 15+).", "evidence": {"scanner": "repobility-threat-engine", "function": "read_transcript", "breakdown": {"if": 4, "for": 2, "elif": 1, "except": 1, "continue": 1, "nested_bonus": 13}, "complexity": 22, "correlation_key": "fp|52f8c12db610416523b8ab58c69b1e417e2fa99d69b3a1f3bf1512d3e5c314ea"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "06-hooks/context-tracker-tiktoken.py"}, "region": {"startLine": 62}}}]}, {"ruleId": "MINED111", "level": "warning", "message": {"text": "Bare except continues silently"}, "properties": {"repobilityId": 34313, "scanner": "repobility-ast-engine", "fingerprint": "be4f6e53a331af340442d6e9dbcfcb51e91b1c3f4ce3c552e62ae25ad444f55b", "category": "quality", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "bare-except-without-pass", "owasp": null, "cwe_ids": [], "languages": ["python"], "observations_count": 21610}, "scanner": "repobility-ast-engine", "correlation_key": "fp|be4f6e53a331af340442d6e9dbcfcb51e91b1c3f4ce3c552e62ae25ad444f55b"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "03-skills/refactor/scripts/detect-smells.py"}, "region": {"startLine": 646}}}]}, {"ruleId": "MINED111", "level": "warning", "message": {"text": "Bare except continues silently"}, "properties": {"repobilityId": 34312, "scanner": "repobility-ast-engine", "fingerprint": "f5f6f391ec11b9b7002fc6d8cdf31ed5132b1dab9a064daff40467b4b9e13693", "category": "quality", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "bare-except-without-pass", "owasp": null, "cwe_ids": [], "languages": ["python"], "observations_count": 21610}, "scanner": "repobility-ast-engine", "correlation_key": "fp|f5f6f391ec11b9b7002fc6d8cdf31ed5132b1dab9a064daff40467b4b9e13693"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "03-skills/refactor/scripts/analyze-complexity.py"}, "region": {"startLine": 479}}}]}, {"ruleId": "MINED111", "level": "warning", "message": {"text": "Bare except continues silently"}, "properties": {"repobilityId": 34311, "scanner": "repobility-ast-engine", "fingerprint": "acc86884c6ba62d706682c5dcb433f7dd9643b7a0a3dce76e953d15eccac0537", "category": "quality", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "bare-except-without-pass", "owasp": null, "cwe_ids": [], "languages": ["python"], "observations_count": 21610}, "scanner": "repobility-ast-engine", "correlation_key": "fp|acc86884c6ba62d706682c5dcb433f7dd9643b7a0a3dce76e953d15eccac0537"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "uk/03-skills/refactor/scripts/detect-smells.py"}, "region": {"startLine": 646}}}]}, {"ruleId": "MINED111", "level": "warning", "message": {"text": "Bare except continues silently"}, "properties": {"repobilityId": 34310, "scanner": "repobility-ast-engine", "fingerprint": "54665a8c8014fe8c5aac2856094fbf62bfdbb8edb607fbd64cefa8e59df96e03", "category": "quality", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "bare-except-without-pass", "owasp": null, "cwe_ids": [], "languages": ["python"], "observations_count": 21610}, "scanner": "repobility-ast-engine", "correlation_key": "fp|54665a8c8014fe8c5aac2856094fbf62bfdbb8edb607fbd64cefa8e59df96e03"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "uk/03-skills/refactor/scripts/analyze-complexity.py"}, "region": {"startLine": 479}}}]}, {"ruleId": "MINED111", "level": "warning", "message": {"text": "Bare except continues silently"}, "properties": {"repobilityId": 34275, "scanner": "repobility-ast-engine", "fingerprint": "594448f85c8c65911a57c45cb33e8507b930fe7bd0d8bde9b1545f79d066c992", "category": "quality", "severity": "medium", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "bare-except-without-pass", "owasp": null, "cwe_ids": [], "languages": ["python"], "observations_count": 21610}, "scanner": "repobility-ast-engine", "correlation_key": "fp|594448f85c8c65911a57c45cb33e8507b930fe7bd0d8bde9b1545f79d066c992"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "scripts/check_links.py"}, "region": {"startLine": 80}}}]}, {"ruleId": "AGT012", "level": "warning", "message": {"text": "Agent control bridge may listen on a network interface without visible auth"}, "properties": {"repobilityId": 12253, "scanner": "repobility-agent-runtime", "fingerprint": "805a045d400616e619d1cd69c4da4f64bc5a53276da6caad736184d6bfd239f5", "category": "quality", "severity": "medium", "confidence": 0.72, "triageState": "open", "verdict": "likely", "isResolved": false, "reason": "File combines agent-control wording with an HTTP/SSE/WebSocket listener on an all-interface host and no visible auth guard.", "evidence": {"rule_id": "AGT012", "scanner": "repobility-agent-runtime", "references": [], "correlation_key": "fp|805a045d400616e619d1cd69c4da4f64bc5a53276da6caad736184d6bfd239f5"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "scripts/vendor_assets.py"}, "region": {"startLine": 1}}}]}, {"ruleId": "AGT013", "level": "warning", "message": {"text": "Agent auto-approve or skip-permissions mode is easy to enable"}, "properties": {"repobilityId": 4660, "scanner": "repobility-agent-runtime", "fingerprint": "e4bbd5f4cd6efcbe68a7cec500bec32456d48c179779833b16f679d38eb52aff", "category": "quality", "severity": "medium", "confidence": 0.68, "triageState": "fixed", "verdict": "likely", "isResolved": true, "reason": "File exposes or configures a broad agent auto-approval mode without enough local guard wording.", "evidence": {"rule_id": "AGT013", "scanner": "repobility-agent-runtime", "references": [], "correlation_key": "fp|e4bbd5f4cd6efcbe68a7cec500bec32456d48c179779833b16f679d38eb52aff"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "CHANGELOG.md"}, "region": {"startLine": 191}}}]}, {"ruleId": "AGT015", "level": "warning", "message": {"text": "Remote install command pipes network code directly to a shell"}, "properties": {"repobilityId": 4659, "scanner": "repobility-agent-runtime", "fingerprint": "6d5ebcd46c39caff0aac4f5e28ccfb4e5de18f76a7d726bc40f6ba2175279cf5", "category": "dependency", "severity": "medium", "confidence": 0.7, "triageState": "fixed", "verdict": "likely", "isResolved": true, "reason": "File contains a remote download piped directly to a shell without visible checksum or signature verification.", "evidence": {"rule_id": "AGT015", "scanner": "repobility-agent-runtime", "references": [], "correlation_key": "fp|6d5ebcd46c39caff0aac4f5e28ccfb4e5de18f76a7d726bc40f6ba2175279cf5"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "09-advanced-features/README.md"}, "region": {"startLine": 459}}}]}, {"ruleId": "AGT013", "level": "warning", "message": {"text": "Agent auto-approve or skip-permissions mode is easy to enable"}, "properties": {"repobilityId": 4658, "scanner": "repobility-agent-runtime", "fingerprint": "0a978ae7c97bf6df378f83e9b749048b6c6916fbc734a19a118258e3e60f336d", "category": "quality", "severity": "medium", "confidence": 0.68, "triageState": "fixed", "verdict": "likely", "isResolved": true, "reason": "File exposes or configures a broad agent auto-approval mode without enough local guard wording.", "evidence": {"rule_id": "AGT013", "scanner": "repobility-agent-runtime", "references": [], "correlation_key": "fp|0a978ae7c97bf6df378f83e9b749048b6c6916fbc734a19a118258e3e60f336d"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "09-advanced-features/README.md"}, "region": {"startLine": 449}}}]}, {"ruleId": "AGT013", "level": "warning", "message": {"text": "Agent auto-approve or skip-permissions mode is easy to enable"}, "properties": {"repobilityId": 4542, "scanner": "repobility-agent-runtime", "fingerprint": "b4f4058053e1a97eb933133deb865e37b737434041a3c398f9e53f807818d2eb", "category": "quality", "severity": "medium", "confidence": 0.68, "triageState": "fixed", "verdict": "likely", "isResolved": true, "reason": "File exposes or configures a broad agent auto-approval mode without enough local guard wording.", "evidence": {"rule_id": "AGT013", "scanner": "repobility-agent-runtime", "references": [], "correlation_key": "fp|b4f4058053e1a97eb933133deb865e37b737434041a3c398f9e53f807818d2eb"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "CHANGELOG.md"}, "region": {"startLine": 104}}}]}, {"ruleId": "AGT013", "level": "warning", "message": {"text": "Agent auto-approve or skip-permissions mode is easy to enable"}, "properties": {"repobilityId": 4076, "scanner": "repobility-agent-runtime", "fingerprint": "6edcd1bbcf238d5a8654b4b5c0ded092d6dd35756d965fcde3b9b9725e22dbf2", "category": "quality", "severity": "medium", "confidence": 0.68, "triageState": "fixed", "verdict": "likely", "isResolved": true, "reason": "File exposes or configures a broad agent auto-approval mode without enough local guard wording.", "evidence": {"rule_id": "AGT013", "scanner": "repobility-agent-runtime", "references": [], "correlation_key": "fp|6edcd1bbcf238d5a8654b4b5c0ded092d6dd35756d965fcde3b9b9725e22dbf2"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "CHANGELOG.md"}, "region": {"startLine": 34}}}]}, {"ruleId": "AGT013", "level": "warning", "message": {"text": "Agent auto-approve or skip-permissions mode is easy to enable"}, "properties": {"repobilityId": 4075, "scanner": "repobility-agent-runtime", "fingerprint": "1057afca4ccf91167ec85fc5e20c8d4fef2f4dbaf39793b77a3df25183427a99", "category": "quality", "severity": "medium", "confidence": 0.68, "triageState": "fixed", "verdict": "likely", "isResolved": true, "reason": "File exposes or configures a broad agent auto-approval mode without enough local guard wording.", "evidence": {"rule_id": "AGT013", "scanner": "repobility-agent-runtime", "references": [], "correlation_key": "fp|1057afca4ccf91167ec85fc5e20c8d4fef2f4dbaf39793b77a3df25183427a99"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "09-advanced-features/README.md"}, "region": {"startLine": 447}}}]}, {"ruleId": "AGT013", "level": "warning", "message": {"text": "Agent auto-approve or skip-permissions mode is easy to enable"}, "properties": {"repobilityId": 3913, "scanner": "repobility-agent-runtime", "fingerprint": "4b498ff40b8b1e79db4cf080d99f832ef7091c08fd940b0a78cd9eb5eb619ca0", "category": "quality", "severity": "medium", "confidence": 0.68, "triageState": "open", "verdict": "likely", "isResolved": false, "reason": "File exposes or configures a broad agent auto-approval mode without enough local guard wording.", "evidence": {"rule_id": "AGT013", "scanner": "repobility-agent-runtime", "references": [], "correlation_key": "fp|4b498ff40b8b1e79db4cf080d99f832ef7091c08fd940b0a78cd9eb5eb619ca0"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "zh/QUICK_REFERENCE.md"}, "region": {"startLine": 100}}}]}, {"ruleId": "AGT013", "level": "warning", "message": {"text": "Agent auto-approve or skip-permissions mode is easy to enable"}, "properties": {"repobilityId": 3912, "scanner": "repobility-agent-runtime", "fingerprint": "e04e0ce0c1c1405629fcf6cef6af3894ca5408a86fec79fc63a49caceeb59eac", "category": "quality", "severity": "medium", "confidence": 0.68, "triageState": "open", "verdict": "likely", "isResolved": false, "reason": "File exposes or configures a broad agent auto-approval mode without enough local guard wording.", "evidence": {"rule_id": "AGT013", "scanner": "repobility-agent-runtime", "references": [], "correlation_key": "fp|e04e0ce0c1c1405629fcf6cef6af3894ca5408a86fec79fc63a49caceeb59eac"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "zh/INDEX.md"}, "region": {"startLine": 396}}}]}, {"ruleId": "AGT015", "level": "warning", "message": {"text": "Remote install command pipes network code directly to a shell"}, "properties": {"repobilityId": 3911, "scanner": "repobility-agent-runtime", "fingerprint": "c8df0a2587a54fff5adced6ba1491fbe97cd56522033b68ad3895428aa2eab6c", "category": "dependency", "severity": "medium", "confidence": 0.7, "triageState": "open", "verdict": "likely", "isResolved": false, "reason": "File contains a remote download piped directly to a shell without visible checksum or signature verification.", "evidence": {"rule_id": "AGT015", "scanner": "repobility-agent-runtime", "references": [], "correlation_key": "fp|c8df0a2587a54fff5adced6ba1491fbe97cd56522033b68ad3895428aa2eab6c"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "vi/09-advanced-features/README.md"}, "region": {"startLine": 393}}}]}, {"ruleId": "AGT015", "level": "warning", "message": {"text": "Remote install command pipes network code directly to a shell"}, "properties": {"repobilityId": 3910, "scanner": "repobility-agent-runtime", "fingerprint": "a7c6d884b39dd3215027760694f99530310b70bb7a9a8403066312cf2b69b0f6", "category": "dependency", "severity": "medium", "confidence": 0.7, "triageState": "open", "verdict": "likely", "isResolved": false, "reason": "File contains a remote download piped directly to a shell without visible checksum or signature verification.", "evidence": {"rule_id": "AGT015", "scanner": "repobility-agent-runtime", "references": [], "correlation_key": "fp|a7c6d884b39dd3215027760694f99530310b70bb7a9a8403066312cf2b69b0f6"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "uk/09-advanced-features/README.md"}, "region": {"startLine": 399}}}]}, {"ruleId": "AGT013", "level": "warning", "message": {"text": "Agent auto-approve or skip-permissions mode is easy to enable"}, "properties": {"repobilityId": 3909, "scanner": "repobility-agent-runtime", "fingerprint": "a9243f0fe24bb4baacb4241aba9e4a380e6380ce6ecec95de97192e2abaae0ea", "category": "quality", "severity": "medium", "confidence": 0.68, "triageState": "open", "verdict": "likely", "isResolved": false, "reason": "File exposes or configures a broad agent auto-approval mode without enough local guard wording.", "evidence": {"rule_id": "AGT013", "scanner": "repobility-agent-runtime", "references": [], "correlation_key": "fp|a9243f0fe24bb4baacb4241aba9e4a380e6380ce6ecec95de97192e2abaae0ea"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "ja/QUICK_REFERENCE.md"}, "region": {"startLine": 104}}}]}, {"ruleId": "AGT013", "level": "warning", "message": {"text": "Agent auto-approve or skip-permissions mode is easy to enable"}, "properties": {"repobilityId": 3908, "scanner": "repobility-agent-runtime", "fingerprint": "a148388e087eb74bc57d24e737bc743084deb1e3fdbaab432eb5b31151908091", "category": "quality", "severity": "medium", "confidence": 0.68, "triageState": "open", "verdict": "likely", "isResolved": false, "reason": "File exposes or configures a broad agent auto-approval mode without enough local guard wording.", "evidence": {"rule_id": "AGT013", "scanner": "repobility-agent-runtime", "references": [], "correlation_key": "fp|a148388e087eb74bc57d24e737bc743084deb1e3fdbaab432eb5b31151908091"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "ja/INDEX.md"}, "region": {"startLine": 404}}}]}, {"ruleId": "AGT015", "level": "warning", "message": {"text": "Remote install command pipes network code directly to a shell"}, "properties": {"repobilityId": 3907, "scanner": "repobility-agent-runtime", "fingerprint": "80af6d5d44509d86bf844c4a91196bbad14bdad1740799e0dd9232f8542c04dd", "category": "dependency", "severity": "medium", "confidence": 0.7, "triageState": "open", "verdict": "likely", "isResolved": false, "reason": "File contains a remote download piped directly to a shell without visible checksum or signature verification.", "evidence": {"rule_id": "AGT015", "scanner": "repobility-agent-runtime", "references": [], "correlation_key": "fp|80af6d5d44509d86bf844c4a91196bbad14bdad1740799e0dd9232f8542c04dd"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "ja/09-advanced-features/README.md"}, "region": {"startLine": 461}}}]}, {"ruleId": "AGT015", "level": "warning", "message": {"text": "Remote install command pipes network code directly to a shell"}, "properties": {"repobilityId": 3906, "scanner": "repobility-agent-runtime", "fingerprint": "8bcc4f70941414393b68b8a1ff55ecca9e3547444cf11ba400134c9e40f7983e", "category": "dependency", "severity": "medium", "confidence": 0.7, "triageState": "fixed", "verdict": "likely", "isResolved": true, "reason": "File contains a remote download piped directly to a shell without visible checksum or signature verification.", "evidence": {"rule_id": "AGT015", "scanner": "repobility-agent-runtime", "references": [], "correlation_key": "fp|8bcc4f70941414393b68b8a1ff55ecca9e3547444cf11ba400134c9e40f7983e"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "09-advanced-features/README.md"}, "region": {"startLine": 457}}}]}, {"ruleId": "DEPCUR-PY", "level": "note", "message": {"text": "Python package `tenacity` is minor version(s) behind (9.0.0 -> 9.1.4)"}, "properties": {"repobilityId": 52193, "scanner": "repobility-dependency-currency", "fingerprint": "e3940ae636c4eb804b9f0b37ea66a0bbc32a02dd73fc0c8ec8d36e12a530f6fa", "category": "dependency", "severity": "low", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"gap": "minor version(s) behind", "signal": "currency", "cwe_ids": [], "package": "tenacity", "scanner": "repobility-dependency-currency", "ecosystem": "pypi", "languages": ["python"], "latest_version": "9.1.4", "correlation_key": "fp|e3940ae636c4eb804b9f0b37ea66a0bbc32a02dd73fc0c8ec8d36e12a530f6fa", "current_version": "9.0.0"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "scripts/requirements.txt"}, "region": {"startLine": 7}}}]}, {"ruleId": "DEPCUR-PY", "level": "note", "message": {"text": "Python package `beautifulsoup4` is minor version(s) behind (4.12.3 -> 4.14.3)"}, "properties": {"repobilityId": 52192, "scanner": "repobility-dependency-currency", "fingerprint": "d4fb8b099eb147b5cb63fd1705d69b043a36465f62b545c749a76ba71675069b", "category": "dependency", "severity": "low", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"gap": "minor version(s) behind", "signal": "currency", "cwe_ids": [], "package": "beautifulsoup4", "scanner": "repobility-dependency-currency", "ecosystem": "pypi", "languages": ["python"], "latest_version": "4.14.3", "correlation_key": "fp|d4fb8b099eb147b5cb63fd1705d69b043a36465f62b545c749a76ba71675069b", "current_version": "4.12.3"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "scripts/requirements.txt"}, "region": {"startLine": 4}}}]}, {"ruleId": "DEPCUR-PY", "level": "note", "message": {"text": "Python package `markdown` is minor version(s) behind (3.7 -> 3.10.2)"}, "properties": {"repobilityId": 52191, "scanner": "repobility-dependency-currency", "fingerprint": "699abf9e827ee59a95b68c5bf214308454452ff751c1ddefd45dba93b0b67e99", "category": "dependency", "severity": "low", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"gap": "minor version(s) behind", "signal": "currency", "cwe_ids": [], "package": "markdown", "scanner": "repobility-dependency-currency", "ecosystem": "pypi", "languages": ["python"], "latest_version": "3.10.2", "correlation_key": "fp|699abf9e827ee59a95b68c5bf214308454452ff751c1ddefd45dba93b0b67e99", "current_version": "3.7"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "scripts/requirements.txt"}, "region": {"startLine": 3}}}]}, {"ruleId": "DEPCUR-PY", "level": "note", "message": {"text": "Python package `ebooklib` is minor version(s) behind (0.18 -> 0.20)"}, "properties": {"repobilityId": 52190, "scanner": "repobility-dependency-currency", "fingerprint": "c1fd0e09eff9b7db24cfeb724bddbfe9a64201ab3515e1b389b78e5814a072d8", "category": "dependency", "severity": "low", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"gap": "minor version(s) behind", "signal": "currency", "cwe_ids": [], "package": "ebooklib", "scanner": "repobility-dependency-currency", "ecosystem": "pypi", "languages": ["python"], "latest_version": "0.20", "correlation_key": "fp|c1fd0e09eff9b7db24cfeb724bddbfe9a64201ab3515e1b389b78e5814a072d8", "current_version": "0.18"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "scripts/requirements.txt"}, "region": {"startLine": 2}}}]}, {"ruleId": "AIC003", "level": "note", "message": {"text": "Duplicated implementation block across source files"}, "properties": {"repobilityId": 43872, "scanner": "repobility-ai-code-hygiene", "fingerprint": "4aed59ac3a6a37e8764d4d8f5fed186b50bbf8d01a56c7f9bbca1096df562b03", "category": "quality", "severity": "low", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "A normalized source-code window appears in two different non-test files.", "evidence": {"lines": 12, "rule_id": "AIC003", "scanner": "repobility-ai-code-hygiene", "references": ["https://jscpd.dev/"], "duplicate_file": "03-skills/code-review-specialist/scripts/compare-complexity.py", "duplicate_line": 1, "correlation_key": "fp|4aed59ac3a6a37e8764d4d8f5fed186b50bbf8d01a56c7f9bbca1096df562b03"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "uk/03-skills/code-review-specialist/scripts/compare-complexity.py"}, "region": {"startLine": 1}}}]}, {"ruleId": "AIC003", "level": "note", "message": {"text": "Duplicated implementation block across source files"}, "properties": {"repobilityId": 43871, "scanner": "repobility-ai-code-hygiene", "fingerprint": "88cc3a4965789c7cb994b62b6619fc3d5798a0206dd6de4a47ab68851ed42038", "category": "quality", "severity": "low", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "A normalized source-code window appears in two different non-test files.", "evidence": {"lines": 12, "rule_id": "AIC003", "scanner": "repobility-ai-code-hygiene", "references": ["https://jscpd.dev/"], "duplicate_file": "03-skills/code-review-specialist/scripts/analyze-metrics.py", "duplicate_line": 1, "correlation_key": "fp|88cc3a4965789c7cb994b62b6619fc3d5798a0206dd6de4a47ab68851ed42038"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "uk/03-skills/code-review-specialist/scripts/analyze-metrics.py"}, "region": {"startLine": 1}}}]}, {"ruleId": "AIC003", "level": "note", "message": {"text": "Duplicated implementation block across source files"}, "properties": {"repobilityId": 34274, "scanner": "repobility-ai-code-hygiene", "fingerprint": "f97b145bd9cc9604d9e3a19263087df3ab30b766fe17369ff594f8ccf8888ae0", "category": "quality", "severity": "low", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "A normalized source-code window appears in two different non-test files.", "evidence": {"lines": 12, "rule_id": "AIC003", "scanner": "repobility-ai-code-hygiene", "references": ["https://jscpd.dev/"], "duplicate_file": "09-advanced-features/setup-auto-mode-permissions.py", "duplicate_line": 1, "correlation_key": "fp|f97b145bd9cc9604d9e3a19263087df3ab30b766fe17369ff594f8ccf8888ae0"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "vi/09-advanced-features/setup-auto-mode-permissions.py"}, "region": {"startLine": 1}}}]}, {"ruleId": "AIC003", "level": "note", "message": {"text": "Duplicated implementation block across source files"}, "properties": {"repobilityId": 34273, "scanner": "repobility-ai-code-hygiene", "fingerprint": "254433ccacc7f9b66729136619c865290990b2078efa74a40a1b8899c24c2726", "category": "quality", "severity": "low", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "A normalized source-code window appears in two different non-test files.", "evidence": {"lines": 12, "rule_id": "AIC003", "scanner": "repobility-ai-code-hygiene", "references": ["https://jscpd.dev/"], "duplicate_file": "07-plugins/pr-review/hooks/pre-review.js", "duplicate_line": 1, "correlation_key": "fp|254433ccacc7f9b66729136619c865290990b2078efa74a40a1b8899c24c2726"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "vi/07-plugins/pr-review/hooks/pre-review.js"}, "region": {"startLine": 1}}}]}, {"ruleId": "AIC003", "level": "note", "message": {"text": "Duplicated implementation block across source files"}, "properties": {"repobilityId": 34272, "scanner": "repobility-ai-code-hygiene", "fingerprint": "70a1bce5a9c6f4ff4d903a2e396f1256f8b936bb516b818dde5067c431458f70", "category": "quality", "severity": "low", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "A normalized source-code window appears in two different non-test files.", "evidence": {"lines": 12, "rule_id": "AIC003", "scanner": "repobility-ai-code-hygiene", "references": ["https://jscpd.dev/"], "duplicate_file": "07-plugins/devops-automation/hooks/pre-deploy.js", "duplicate_line": 1, "correlation_key": "fp|70a1bce5a9c6f4ff4d903a2e396f1256f8b936bb516b818dde5067c431458f70"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "vi/07-plugins/devops-automation/hooks/pre-deploy.js"}, "region": {"startLine": 1}}}]}, {"ruleId": "AIC003", "level": "note", "message": {"text": "Duplicated implementation block across source files"}, "properties": {"repobilityId": 34271, "scanner": "repobility-ai-code-hygiene", "fingerprint": "f7e4eb1b724e166afdad27311805ba35972d1f3104f8c0f71cca8377940b022b", "category": "quality", "severity": "low", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "A normalized source-code window appears in two different non-test files.", "evidence": {"lines": 12, "rule_id": "AIC003", "scanner": "repobility-ai-code-hygiene", "references": ["https://jscpd.dev/"], "duplicate_file": "07-plugins/devops-automation/hooks/post-deploy.js", "duplicate_line": 1, "correlation_key": "fp|f7e4eb1b724e166afdad27311805ba35972d1f3104f8c0f71cca8377940b022b"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "vi/07-plugins/devops-automation/hooks/post-deploy.js"}, "region": {"startLine": 1}}}]}, {"ruleId": "AIC003", "level": "note", "message": {"text": "Duplicated implementation block across source files"}, "properties": {"repobilityId": 34270, "scanner": "repobility-ai-code-hygiene", "fingerprint": "e8bf2dbcb3613b6bdaf195105881ca3c90a16f94bf555a266da8c0e856871805", "category": "quality", "severity": "low", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "A normalized source-code window appears in two different non-test files.", "evidence": {"lines": 12, "rule_id": "AIC003", "scanner": "repobility-ai-code-hygiene", "references": ["https://jscpd.dev/"], "duplicate_file": "06-hooks/context-tracker-tiktoken.py", "duplicate_line": 43, "correlation_key": "fp|e8bf2dbcb3613b6bdaf195105881ca3c90a16f94bf555a266da8c0e856871805"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "vi/06-hooks/context-tracker.py"}, "region": {"startLine": 26}}}]}, {"ruleId": "AIC003", "level": "note", "message": {"text": "Duplicated implementation block across source files"}, "properties": {"repobilityId": 34269, "scanner": "repobility-ai-code-hygiene", "fingerprint": "9f8d0fd950274dfae9ff2a2401c6587ef25c6a9f123bf00e5fb623ba4436ce49", "category": "quality", "severity": "low", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "A normalized source-code window appears in two different non-test files.", "evidence": {"lines": 12, "rule_id": "AIC003", "scanner": "repobility-ai-code-hygiene", "references": ["https://jscpd.dev/"], "duplicate_file": "06-hooks/context-tracker.py", "duplicate_line": 1, "correlation_key": "fp|9f8d0fd950274dfae9ff2a2401c6587ef25c6a9f123bf00e5fb623ba4436ce49"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "vi/06-hooks/context-tracker.py"}, "region": {"startLine": 1}}}]}, {"ruleId": "AIC003", "level": "note", "message": {"text": "Duplicated implementation block across source files"}, "properties": {"repobilityId": 34268, "scanner": "repobility-ai-code-hygiene", "fingerprint": "1e69786923c0bf1cfa9e70eccb322e7fb9942e81943199e8493ea5a871f60e9f", "category": "quality", "severity": "low", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "A normalized source-code window appears in two different non-test files.", "evidence": {"lines": 12, "rule_id": "AIC003", "scanner": "repobility-ai-code-hygiene", "references": ["https://jscpd.dev/"], "duplicate_file": "06-hooks/context-tracker-tiktoken.py", "duplicate_line": 1, "correlation_key": "fp|1e69786923c0bf1cfa9e70eccb322e7fb9942e81943199e8493ea5a871f60e9f"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "vi/06-hooks/context-tracker-tiktoken.py"}, "region": {"startLine": 1}}}]}, {"ruleId": "AIC003", "level": "note", "message": {"text": "Duplicated implementation block across source files"}, "properties": {"repobilityId": 34267, "scanner": "repobility-ai-code-hygiene", "fingerprint": "8223d9a7a8521f98d3e8673d9b0a23d6f4ff4949e63e87e342a8aecbe44e5a6f", "category": "quality", "severity": "low", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "A normalized source-code window appears in two different non-test files.", "evidence": {"lines": 12, "rule_id": "AIC003", "scanner": "repobility-ai-code-hygiene", "references": ["https://jscpd.dev/"], "duplicate_file": "09-advanced-features/setup-auto-mode-permissions.py", "duplicate_line": 1, "correlation_key": "fp|8223d9a7a8521f98d3e8673d9b0a23d6f4ff4949e63e87e342a8aecbe44e5a6f"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "uk/09-advanced-features/setup-auto-mode-permissions.py"}, "region": {"startLine": 1}}}]}, {"ruleId": "AIC003", "level": "note", "message": {"text": "Duplicated implementation block across source files"}, "properties": {"repobilityId": 12252, "scanner": "repobility-ai-code-hygiene", "fingerprint": "84ba8644776ecfe19379f2ff536a8a7faad77c984ee46b64f93b569fa1ddc5b3", "category": "quality", "severity": "low", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "A normalized source-code window appears in two different non-test files.", "evidence": {"lines": 12, "rule_id": "AIC003", "scanner": "repobility-ai-code-hygiene", "references": ["https://jscpd.dev/"], "duplicate_file": "scripts/build_epub.py", "duplicate_line": 274, "correlation_key": "fp|84ba8644776ecfe19379f2ff536a8a7faad77c984ee46b64f93b569fa1ddc5b3"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "scripts/build_website.py"}, "region": {"startLine": 83}}}]}, {"ruleId": "AIC003", "level": "note", "message": {"text": "Duplicated implementation block across source files"}, "properties": {"repobilityId": 3672, "scanner": "repobility-ai-code-hygiene", "fingerprint": "331e74f4c3aa7564d4e712445d175b5f6ed4270dba9507ad75119235ee3aab91", "category": "quality", "severity": "low", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "A normalized source-code window appears in two different non-test files.", "evidence": {"lines": 12, "rule_id": "AIC003", "scanner": "repobility-ai-code-hygiene", "references": ["https://jscpd.dev/"], "duplicate_file": "07-plugins/pr-review/hooks/pre-review.js", "duplicate_line": 1, "correlation_key": "fp|331e74f4c3aa7564d4e712445d175b5f6ed4270dba9507ad75119235ee3aab91"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "uk/07-plugins/pr-review/hooks/pre-review.js"}, "region": {"startLine": 1}}}]}, {"ruleId": "AIC003", "level": "note", "message": {"text": "Duplicated implementation block across source files"}, "properties": {"repobilityId": 3671, "scanner": "repobility-ai-code-hygiene", "fingerprint": "616a5c661b80d6f54f53fddc10d24d02258f6fd55ffcfe1f16275f6605527066", "category": "quality", "severity": "low", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "A normalized source-code window appears in two different non-test files.", "evidence": {"lines": 12, "rule_id": "AIC003", "scanner": "repobility-ai-code-hygiene", "references": ["https://jscpd.dev/"], "duplicate_file": "07-plugins/devops-automation/hooks/pre-deploy.js", "duplicate_line": 1, "correlation_key": "fp|616a5c661b80d6f54f53fddc10d24d02258f6fd55ffcfe1f16275f6605527066"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "uk/07-plugins/devops-automation/hooks/pre-deploy.js"}, "region": {"startLine": 1}}}]}, {"ruleId": "AIC003", "level": "note", "message": {"text": "Duplicated implementation block across source files"}, "properties": {"repobilityId": 3670, "scanner": "repobility-ai-code-hygiene", "fingerprint": "de65697aef76e9de5d186e967f3da9370122a58adbbde0e9586aca6babe9c58a", "category": "quality", "severity": "low", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "A normalized source-code window appears in two different non-test files.", "evidence": {"lines": 12, "rule_id": "AIC003", "scanner": "repobility-ai-code-hygiene", "references": ["https://jscpd.dev/"], "duplicate_file": "07-plugins/devops-automation/hooks/post-deploy.js", "duplicate_line": 1, "correlation_key": "fp|de65697aef76e9de5d186e967f3da9370122a58adbbde0e9586aca6babe9c58a"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "uk/07-plugins/devops-automation/hooks/post-deploy.js"}, "region": {"startLine": 1}}}]}, {"ruleId": "AIC003", "level": "note", "message": {"text": "Duplicated implementation block across source files"}, "properties": {"repobilityId": 3669, "scanner": "repobility-ai-code-hygiene", "fingerprint": "69a00f02b1eafea41dbe53eea70fdd15473515f4c0f4636e74968c72d51e6916", "category": "quality", "severity": "low", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "A normalized source-code window appears in two different non-test files.", "evidence": {"lines": 12, "rule_id": "AIC003", "scanner": "repobility-ai-code-hygiene", "references": ["https://jscpd.dev/"], "duplicate_file": "06-hooks/context-tracker-tiktoken.py", "duplicate_line": 43, "correlation_key": "fp|69a00f02b1eafea41dbe53eea70fdd15473515f4c0f4636e74968c72d51e6916"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "uk/06-hooks/context-tracker.py"}, "region": {"startLine": 26}}}]}, {"ruleId": "AIC003", "level": "note", "message": {"text": "Duplicated implementation block across source files"}, "properties": {"repobilityId": 3668, "scanner": "repobility-ai-code-hygiene", "fingerprint": "9bffb2d01652f8bf907f0df8549eb9a039455701f6111eef817c4e9be80eea80", "category": "quality", "severity": "low", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "A normalized source-code window appears in two different non-test files.", "evidence": {"lines": 12, "rule_id": "AIC003", "scanner": "repobility-ai-code-hygiene", "references": ["https://jscpd.dev/"], "duplicate_file": "06-hooks/context-tracker.py", "duplicate_line": 1, "correlation_key": "fp|9bffb2d01652f8bf907f0df8549eb9a039455701f6111eef817c4e9be80eea80"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "uk/06-hooks/context-tracker.py"}, "region": {"startLine": 1}}}]}, {"ruleId": "AIC003", "level": "note", "message": {"text": "Duplicated implementation block across source files"}, "properties": {"repobilityId": 3667, "scanner": "repobility-ai-code-hygiene", "fingerprint": "bac8024832ec702350701a45fd68d6e7abfae03252747fcc01128db621a000d6", "category": "quality", "severity": "low", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "A normalized source-code window appears in two different non-test files.", "evidence": {"lines": 12, "rule_id": "AIC003", "scanner": "repobility-ai-code-hygiene", "references": ["https://jscpd.dev/"], "duplicate_file": "06-hooks/context-tracker-tiktoken.py", "duplicate_line": 1, "correlation_key": "fp|bac8024832ec702350701a45fd68d6e7abfae03252747fcc01128db621a000d6"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "uk/06-hooks/context-tracker-tiktoken.py"}, "region": {"startLine": 1}}}]}, {"ruleId": "AIC003", "level": "note", "message": {"text": "Duplicated implementation block across source files"}, "properties": {"repobilityId": 3666, "scanner": "repobility-ai-code-hygiene", "fingerprint": "18a0463cee44313771533cbcc3ae4a75f09e23ce3573842e28b6c5770585f271", "category": "quality", "severity": "low", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "A normalized source-code window appears in two different non-test files.", "evidence": {"lines": 12, "rule_id": "AIC003", "scanner": "repobility-ai-code-hygiene", "references": ["https://jscpd.dev/"], "duplicate_file": "03-skills/refactor/scripts/detect-smells.py", "duplicate_line": 1, "correlation_key": "fp|18a0463cee44313771533cbcc3ae4a75f09e23ce3573842e28b6c5770585f271"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "uk/03-skills/refactor/scripts/detect-smells.py"}, "region": {"startLine": 1}}}]}, {"ruleId": "AIC003", "level": "note", "message": {"text": "Duplicated implementation block across source files"}, "properties": {"repobilityId": 3665, "scanner": "repobility-ai-code-hygiene", "fingerprint": "ccd8a57a9ff90476ca5afdff6df0d5c8ec165f1aceb1170546eb7a470c5f70d9", "category": "quality", "severity": "low", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "A normalized source-code window appears in two different non-test files.", "evidence": {"lines": 12, "rule_id": "AIC003", "scanner": "repobility-ai-code-hygiene", "references": ["https://jscpd.dev/"], "duplicate_file": "03-skills/refactor/scripts/analyze-complexity.py", "duplicate_line": 1, "correlation_key": "fp|ccd8a57a9ff90476ca5afdff6df0d5c8ec165f1aceb1170546eb7a470c5f70d9"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "uk/03-skills/refactor/scripts/analyze-complexity.py"}, "region": {"startLine": 1}}}]}, {"ruleId": "AIC003", "level": "note", "message": {"text": "Duplicated implementation block across source files"}, "properties": {"repobilityId": 3664, "scanner": "repobility-ai-code-hygiene", "fingerprint": "a01a6e8ca7f760969fb50caa4e4be30d571ec8e4449df234dbc459c07833858a", "category": "quality", "severity": "low", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "A normalized source-code window appears in two different non-test files.", "evidence": {"lines": 12, "rule_id": "AIC003", "scanner": "repobility-ai-code-hygiene", "references": ["https://jscpd.dev/"], "duplicate_file": "03-skills/doc-generator/generate-docs.py", "duplicate_line": 1, "correlation_key": "fp|a01a6e8ca7f760969fb50caa4e4be30d571ec8e4449df234dbc459c07833858a"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "uk/03-skills/doc-generator/generate-docs.py"}, "region": {"startLine": 1}}}]}, {"ruleId": "AIC003", "level": "note", "message": {"text": "Duplicated implementation block across source files"}, "properties": {"repobilityId": 3663, "scanner": "repobility-ai-code-hygiene", "fingerprint": "1fd73e63645528a019942cd290c6517c1d4173f07e27334f926d8da0f45c74bd", "category": "quality", "severity": "low", "confidence": 0.86, "triageState": "fixed", "verdict": "confirmed", "isResolved": true, "reason": "A normalized source-code window appears in two different non-test files.", "evidence": {"lines": 12, "rule_id": "AIC003", "scanner": "repobility-ai-code-hygiene", "references": ["https://jscpd.dev/"], "duplicate_file": "03-skills/code-review/scripts/compare-complexity.py", "duplicate_line": 1, "correlation_key": "fp|1fd73e63645528a019942cd290c6517c1d4173f07e27334f926d8da0f45c74bd"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "uk/03-skills/code-review/scripts/compare-complexity.py"}, "region": {"startLine": 1}}}]}, {"ruleId": "AIC003", "level": "note", "message": {"text": "Duplicated implementation block across source files"}, "properties": {"repobilityId": 3662, "scanner": "repobility-ai-code-hygiene", "fingerprint": "8e965279bff7d46324c75f9c47ce76e045e5dd84ad0eea2ee721734e0f57e766", "category": "quality", "severity": "low", "confidence": 0.86, "triageState": "fixed", "verdict": "confirmed", "isResolved": true, "reason": "A normalized source-code window appears in two different non-test files.", "evidence": {"lines": 12, "rule_id": "AIC003", "scanner": "repobility-ai-code-hygiene", "references": ["https://jscpd.dev/"], "duplicate_file": "03-skills/code-review/scripts/analyze-metrics.py", "duplicate_line": 1, "correlation_key": "fp|8e965279bff7d46324c75f9c47ce76e045e5dd84ad0eea2ee721734e0f57e766"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "uk/03-skills/code-review/scripts/analyze-metrics.py"}, "region": {"startLine": 1}}}]}, {"ruleId": "AIC003", "level": "note", "message": {"text": "Duplicated implementation block across source files"}, "properties": {"repobilityId": 3661, "scanner": "repobility-ai-code-hygiene", "fingerprint": "1ba91daa7072ad52a69fa9e13745fbfc3931a048e5aff7edea7b7bcc46128b7a", "category": "quality", "severity": "low", "confidence": 0.86, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "A normalized source-code window appears in two different non-test files.", "evidence": {"lines": 12, "rule_id": "AIC003", "scanner": "repobility-ai-code-hygiene", "references": ["https://jscpd.dev/"], "duplicate_file": "06-hooks/context-tracker-tiktoken.py", "duplicate_line": 43, "correlation_key": "fp|1ba91daa7072ad52a69fa9e13745fbfc3931a048e5aff7edea7b7bcc46128b7a"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "06-hooks/context-tracker.py"}, "region": {"startLine": 26}}}]}, {"ruleId": "DEPCUR-PY", "level": "none", "message": {"text": "Python package `jinja2` is patch version(s) behind (3.1.4 -> 3.1.6)"}, "properties": {"repobilityId": 52194, "scanner": "repobility-dependency-currency", "fingerprint": "f207c7f91295f7e86f6371cfa7076b7df10d9b49a9bcabfc09114b8fe09dc8c7", "category": "dependency", "severity": "info", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"gap": "patch version(s) behind", "signal": "currency", "cwe_ids": [], "package": "jinja2", "scanner": "repobility-dependency-currency", "ecosystem": "pypi", "languages": ["python"], "latest_version": "3.1.6", "correlation_key": "fp|f207c7f91295f7e86f6371cfa7076b7df10d9b49a9bcabfc09114b8fe09dc8c7", "current_version": "3.1.4"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "scripts/requirements.txt"}, "region": {"startLine": 8}}}]}, {"ruleId": "MINED043", "level": "none", "message": {"text": "[MINED043] Http Not Https (and 6 more): Same pattern found in 6 additional files. Review if needed."}, "properties": {"repobilityId": 34369, "scanner": "repobility-threat-engine", "fingerprint": "e7cd40d7b324241c80937e7a6f550054df46cdde533de8ce7a56977f55a98866", "category": "quality", "severity": "info", "confidence": 0.2, "triageState": "false_positive", "verdict": "likely_fp", "isResolved": true, "reason": "Deduplicated summary only: 6 additional occurrences found. The top occurrences remain visible as actionable findings.", "evidence": {"mined": true, "mining": {"slug": "http-not-https", "owasp": "A02:2021", "cwe_ids": ["CWE-319"], "precision": 0.917, "promoted_at": "2026-05-18T14:01:32.347999+00:00", "triaged_in_corpus": 12, "observations_count": 4113831, "ai_coder_pattern_id": 15}, "scanner": "repobility-threat-engine", "aggregated": true, "correlation_key": "fp|e7cd40d7b324241c80937e7a6f550054df46cdde533de8ce7a56977f55a98866", "aggregated_count": 6}}}, {"ruleId": "MINED043", "level": "none", "message": {"text": "[MINED043] Http Not Https: Hardcoded http:// (not localhost) for endpoints that handle credentials or data."}, "properties": {"repobilityId": 34368, "scanner": "repobility-threat-engine", "fingerprint": "aa1d444dceeb5f0ca66e9497c846cd856eea9964b61466a680cf8ccda0d19e27", "category": "quality", "severity": "info", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "http-not-https", "owasp": "A02:2021", "cwe_ids": ["CWE-319"], "precision": 0.917, "promoted_at": "2026-05-18T14:01:32.347999+00:00", "triaged_in_corpus": 12, "observations_count": 4113831, "ai_coder_pattern_id": 15}, "scanner": "repobility-threat-engine", "correlation_key": "fp|aa1d444dceeb5f0ca66e9497c846cd856eea9964b61466a680cf8ccda0d19e27"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "07-plugins/devops-automation/scripts/rollback.sh"}, "region": {"startLine": 23}}}]}, {"ruleId": "MINED043", "level": "none", "message": {"text": "[MINED043] Http Not Https: Hardcoded http:// (not localhost) for endpoints that handle credentials or data."}, "properties": {"repobilityId": 34367, "scanner": "repobility-threat-engine", "fingerprint": "6beb236dafce7d8f1668dee98eebb6bf77484ca44c0dbe844d12ffd4399def76", "category": "quality", "severity": "info", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "http-not-https", "owasp": "A02:2021", "cwe_ids": ["CWE-319"], "precision": 0.917, "promoted_at": "2026-05-18T14:01:32.347999+00:00", "triaged_in_corpus": 12, "observations_count": 4113831, "ai_coder_pattern_id": 15}, "scanner": "repobility-threat-engine", "correlation_key": "fp|6beb236dafce7d8f1668dee98eebb6bf77484ca44c0dbe844d12ffd4399def76"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "07-plugins/devops-automation/scripts/health-check.sh"}, "region": {"startLine": 10}}}]}, {"ruleId": "MINED043", "level": "none", "message": {"text": "[MINED043] Http Not Https: Hardcoded http:// (not localhost) for endpoints that handle credentials or data."}, "properties": {"repobilityId": 34366, "scanner": "repobility-threat-engine", "fingerprint": "e814d5bfb6ab0173f0b899040f09579379848dfa6832a38a7bfddb24c621da4a", "category": "quality", "severity": "info", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "http-not-https", "owasp": "A02:2021", "cwe_ids": ["CWE-319"], "precision": 0.917, "promoted_at": "2026-05-18T14:01:32.347999+00:00", "triaged_in_corpus": 12, "observations_count": 4113831, "ai_coder_pattern_id": 15}, "scanner": "repobility-threat-engine", "correlation_key": "fp|e814d5bfb6ab0173f0b899040f09579379848dfa6832a38a7bfddb24c621da4a"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "07-plugins/devops-automation/scripts/deploy.sh"}, "region": {"startLine": 26}}}]}, {"ruleId": "MINED044", "level": "none", "message": {"text": "[MINED044] Js Console Log Prod (and 6 more): Same pattern found in 6 additional files. Review if needed."}, "properties": {"repobilityId": 34365, "scanner": "repobility-threat-engine", "fingerprint": "ea93f5492ff921e9618c4e30a2631c7b1a2bef829e99f8007e5face821b69969", "category": "quality", "severity": "info", "confidence": 0.2, "triageState": "false_positive", "verdict": "likely_fp", "isResolved": true, "reason": "Deduplicated summary only: 6 additional occurrences found. The top occurrences remain visible as actionable findings.", "evidence": {"mined": true, "mining": {"slug": "js-console-log-prod", "owasp": null, "cwe_ids": ["CWE-532"], "languages": ["javascript", "typescript", "tsx", "jsx"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.348003+00:00", "triaged_in_corpus": 10, "observations_count": 1940833, "ai_coder_pattern_id": 102}, "scanner": "repobility-threat-engine", "aggregated": true, "correlation_key": "fp|ea93f5492ff921e9618c4e30a2631c7b1a2bef829e99f8007e5face821b69969", "aggregated_count": 6}}}, {"ruleId": "MINED044", "level": "none", "message": {"text": "[MINED044] Js Console Log Prod: console.log left in code. Should be replaced with logger or removed."}, "properties": {"repobilityId": 34364, "scanner": "repobility-threat-engine", "fingerprint": "b8f57a09f78d91154eab72ce682c5e03c7c34f9367633e129d67b02c4430b6d5", "category": "quality", "severity": "info", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "js-console-log-prod", "owasp": null, "cwe_ids": ["CWE-532"], "languages": ["javascript", "typescript", "tsx", "jsx"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.348003+00:00", "triaged_in_corpus": 10, "observations_count": 1940833, "ai_coder_pattern_id": 102}, "scanner": "repobility-threat-engine", "correlation_key": "fp|b8f57a09f78d91154eab72ce682c5e03c7c34f9367633e129d67b02c4430b6d5"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "07-plugins/pr-review/hooks/pre-review.js"}, "region": {"startLine": 9}}}]}, {"ruleId": "MINED044", "level": "none", "message": {"text": "[MINED044] Js Console Log Prod: console.log left in code. Should be replaced with logger or removed."}, "properties": {"repobilityId": 34363, "scanner": "repobility-threat-engine", "fingerprint": "a5472fff40a1f0ae6943915efe8fffd45dda9c72a7b5939c850cdaa8d71e2d47", "category": "quality", "severity": "info", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "js-console-log-prod", "owasp": null, "cwe_ids": ["CWE-532"], "languages": ["javascript", "typescript", "tsx", "jsx"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.348003+00:00", "triaged_in_corpus": 10, "observations_count": 1940833, "ai_coder_pattern_id": 102}, "scanner": "repobility-threat-engine", "correlation_key": "fp|a5472fff40a1f0ae6943915efe8fffd45dda9c72a7b5939c850cdaa8d71e2d47"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "07-plugins/devops-automation/hooks/pre-deploy.js"}, "region": {"startLine": 9}}}]}, {"ruleId": "MINED044", "level": "none", "message": {"text": "[MINED044] Js Console Log Prod: console.log left in code. Should be replaced with logger or removed."}, "properties": {"repobilityId": 34362, "scanner": "repobility-threat-engine", "fingerprint": "2c22f28dc6cb6400eea0b4129da37d864334385a133df259b4a3fe88be76ef62", "category": "quality", "severity": "info", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "js-console-log-prod", "owasp": null, "cwe_ids": ["CWE-532"], "languages": ["javascript", "typescript", "tsx", "jsx"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.348003+00:00", "triaged_in_corpus": 10, "observations_count": 1940833, "ai_coder_pattern_id": 102}, "scanner": "repobility-threat-engine", "correlation_key": "fp|2c22f28dc6cb6400eea0b4129da37d864334385a133df259b4a3fe88be76ef62"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "07-plugins/devops-automation/hooks/post-deploy.js"}, "region": {"startLine": 9}}}]}, {"ruleId": "COMP001", "level": "none", "message": {"text": "[COMP001] High cognitive complexity (and 10 more): Same pattern found in 10 additional files. Review if needed."}, "properties": {"repobilityId": 34358, "scanner": "repobility-threat-engine", "fingerprint": "4e2a8dcf50bbbaf093228b5bf41899293dfc769a821ae5c27d6f9b96c553b15b", "category": "quality", "severity": "info", "confidence": 0.2, "triageState": "false_positive", "verdict": "likely_fp", "isResolved": true, "reason": "Deduplicated summary only: 10 additional occurrences found. The top occurrences remain visible as actionable findings.", "evidence": {"scanner": "repobility-threat-engine", "function": "read_transcript", "breakdown": {"if": 4, "for": 2, "elif": 1, "except": 1, "continue": 1, "nested_bonus": 13}, "aggregated": true, "complexity": 22, "correlation_key": "fp|4e2a8dcf50bbbaf093228b5bf41899293dfc769a821ae5c27d6f9b96c553b15b", "aggregated_count": 10}}}, {"ruleId": "MINED050", "level": "none", "message": {"text": "[MINED050] Stub Only Function (and 4 more): Same pattern found in 4 additional files. Review if needed."}, "properties": {"repobilityId": 34354, "scanner": "repobility-threat-engine", "fingerprint": "a28cbeac28128be054c3f8e1a83589ca9ebddaa29ed78b582b0c2183d021e21c", "category": "quality", "severity": "info", "confidence": 0.2, "triageState": "false_positive", "verdict": "likely_fp", "isResolved": true, "reason": "Deduplicated summary only: 4 additional occurrences found. The top occurrences remain visible as actionable findings.", "evidence": {"mined": true, "mining": {"slug": "stub-only-function", "owasp": null, "cwe_ids": ["CWE-1188"], "languages": ["python"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.348017+00:00", "triaged_in_corpus": 12, "observations_count": 633513, "ai_coder_pattern_id": 2}, "scanner": "repobility-threat-engine", "aggregated": true, "correlation_key": "fp|a28cbeac28128be054c3f8e1a83589ca9ebddaa29ed78b582b0c2183d021e21c", "aggregated_count": 4}}}, {"ruleId": "MINED050", "level": "none", "message": {"text": "[MINED050] Stub Only Function: Function declared but body is just pass, return None, raise NotImplementedError, or TODO comment."}, "properties": {"repobilityId": 34353, "scanner": "repobility-threat-engine", "fingerprint": "6248e10c5420a7a4b5b33b1311dc8ea64d464ba68c83cf8165aacc0e2a74119d", "category": "quality", "severity": "info", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "stub-only-function", "owasp": null, "cwe_ids": ["CWE-1188"], "languages": ["python"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.348017+00:00", "triaged_in_corpus": 12, "observations_count": 633513, "ai_coder_pattern_id": 2}, "scanner": "repobility-threat-engine", "correlation_key": "fp|6248e10c5420a7a4b5b33b1311dc8ea64d464ba68c83cf8165aacc0e2a74119d"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "scripts/sync_translations.py"}, "region": {"startLine": 163}}}]}, {"ruleId": "MINED050", "level": "none", "message": {"text": "[MINED050] Stub Only Function: Function declared but body is just pass, return None, raise NotImplementedError, or TODO comment."}, "properties": {"repobilityId": 34352, "scanner": "repobility-threat-engine", "fingerprint": "a1fae560ae57ded7c206eae8035812ffac05c971940c29f180253deff6843efb", "category": "quality", "severity": "info", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "stub-only-function", "owasp": null, "cwe_ids": ["CWE-1188"], "languages": ["python"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.348017+00:00", "triaged_in_corpus": 12, "observations_count": 633513, "ai_coder_pattern_id": 2}, "scanner": "repobility-threat-engine", "correlation_key": "fp|a1fae560ae57ded7c206eae8035812ffac05c971940c29f180253deff6843efb"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "06-hooks/context-tracker.py"}, "region": {"startLine": 96}}}]}, {"ruleId": "MINED050", "level": "none", "message": {"text": "[MINED050] Stub Only Function: Function declared but body is just pass, return None, raise NotImplementedError, or TODO comment."}, "properties": {"repobilityId": 34351, "scanner": "repobility-threat-engine", "fingerprint": "9c3e612c574519e7e4a40402c7dcddf9c1c6d0345ac454626a270ed507697720", "category": "quality", "severity": "info", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "stub-only-function", "owasp": null, "cwe_ids": ["CWE-1188"], "languages": ["python"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.348017+00:00", "triaged_in_corpus": 12, "observations_count": 633513, "ai_coder_pattern_id": 2}, "scanner": "repobility-threat-engine", "correlation_key": "fp|9c3e612c574519e7e4a40402c7dcddf9c1c6d0345ac454626a270ed507697720"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "06-hooks/context-tracker-tiktoken.py"}, "region": {"startLine": 118}}}]}, {"ruleId": "MINED049", "level": "none", "message": {"text": "[MINED049] Print Pii (and 3 more): Same pattern found in 3 additional files. Review if needed."}, "properties": {"repobilityId": 34350, "scanner": "repobility-threat-engine", "fingerprint": "71d23e8be37aca040a52b298288139d03b0a2ee5e2166ea3b7b0733498602571", "category": "quality", "severity": "info", "confidence": 0.2, "triageState": "false_positive", "verdict": "likely_fp", "isResolved": true, "reason": "Deduplicated summary only: 3 additional occurrences found. The top occurrences remain visible as actionable findings.", "evidence": {"mined": true, "mining": {"slug": "print-pii", "owasp": "A09:2021", "cwe_ids": ["CWE-532"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.348015+00:00", "triaged_in_corpus": 12, "observations_count": 676566, "ai_coder_pattern_id": 26}, "scanner": "repobility-threat-engine", "aggregated": true, "correlation_key": "fp|71d23e8be37aca040a52b298288139d03b0a2ee5e2166ea3b7b0733498602571", "aggregated_count": 3}}}, {"ruleId": "MINED049", "level": "none", "message": {"text": "[MINED049] Print Pii: Logging password/token/email/ssn directly to stdout."}, "properties": {"repobilityId": 34349, "scanner": "repobility-threat-engine", "fingerprint": "5dc3d96654be674aff80ebaa0a1cc8b76811d35d0f160ec26afabf4a1b8c8210", "category": "quality", "severity": "info", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "print-pii", "owasp": "A09:2021", "cwe_ids": ["CWE-532"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.348015+00:00", "triaged_in_corpus": 12, "observations_count": 676566, "ai_coder_pattern_id": 26}, "scanner": "repobility-threat-engine", "correlation_key": "fp|5dc3d96654be674aff80ebaa0a1cc8b76811d35d0f160ec26afabf4a1b8c8210"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "uk/06-hooks/context-tracker-tiktoken.py"}, "region": {"startLine": 29}}}]}, {"ruleId": "MINED049", "level": "none", "message": {"text": "[MINED049] Print Pii: Logging password/token/email/ssn directly to stdout."}, "properties": {"repobilityId": 34348, "scanner": "repobility-threat-engine", "fingerprint": "6a85ab45809fe7572f4b8213989f61c697d509f3b46cfbed436a757630e0f284", "category": "quality", "severity": "info", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "print-pii", "owasp": "A09:2021", "cwe_ids": ["CWE-532"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.348015+00:00", "triaged_in_corpus": 12, "observations_count": 676566, "ai_coder_pattern_id": 26}, "scanner": "repobility-threat-engine", "correlation_key": "fp|6a85ab45809fe7572f4b8213989f61c697d509f3b46cfbed436a757630e0f284"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "06-hooks/context-tracker.py"}, "region": {"startLine": 110}}}]}, {"ruleId": "MINED049", "level": "none", "message": {"text": "[MINED049] Print Pii: Logging password/token/email/ssn directly to stdout."}, "properties": {"repobilityId": 34347, "scanner": "repobility-threat-engine", "fingerprint": "4504fb75689c251862216d33f1c7efa10639161ef3bc7f0f38d2848e5ec4239f", "category": "quality", "severity": "info", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "print-pii", "owasp": "A09:2021", "cwe_ids": ["CWE-532"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.348015+00:00", "triaged_in_corpus": 12, "observations_count": 676566, "ai_coder_pattern_id": 26}, "scanner": "repobility-threat-engine", "correlation_key": "fp|4504fb75689c251862216d33f1c7efa10639161ef3bc7f0f38d2848e5ec4239f"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "06-hooks/context-tracker-tiktoken.py"}, "region": {"startLine": 29}}}]}, {"ruleId": "MINED001", "level": "none", "message": {"text": "[MINED001] Bare Except Pass (and 3 more): Same pattern found in 3 additional files. Review if needed."}, "properties": {"repobilityId": 34346, "scanner": "repobility-threat-engine", "fingerprint": "bd632c4ade7e75e1a901d5e2da5e3e85b36e57e91ccdfbe5098de1738a5edc96", "category": "quality", "severity": "info", "confidence": 0.2, "triageState": "false_positive", "verdict": "likely_fp", "isResolved": true, "reason": "Deduplicated summary only: 3 additional occurrences found. The top occurrences remain visible as actionable findings.", "evidence": {"mined": true, "mining": {"slug": "bare-except-pass", "owasp": null, "cwe_ids": ["CWE-755"], "languages": ["python"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.347744+00:00", "triaged_in_corpus": 15, "observations_count": 1550824, "ai_coder_pattern_id": 6}, "scanner": "repobility-threat-engine", "aggregated": true, "correlation_key": "fp|bd632c4ade7e75e1a901d5e2da5e3e85b36e57e91ccdfbe5098de1738a5edc96", "aggregated_count": 3}}}, {"ruleId": "SEC020", "level": "none", "message": {"text": "[SEC020] Secret Printed to Logs (and 3 more): Same pattern found in 3 additional files. Review if needed."}, "properties": {"repobilityId": 3676, "scanner": "repobility-threat-engine", "fingerprint": "501876d43fbaf15c6d4055194dcce53c187c4dbbef78a664b67e46162788cb51", "category": "credential_exposure", "severity": "info", "confidence": 0.2, "triageState": "false_positive", "verdict": "likely_fp", "isResolved": true, "reason": "Deduplicated summary only: 3 additional occurrences found. The top occurrences remain visible as actionable findings.", "evidence": {"reason": "Deduplicated summary only: 3 additional occurrences found. The top occurrences remain visible as actionable findings.", "rule_id": "SEC020", "scanner": "repobility-threat-engine", "confidence": 0.2, "correlation_key": "fp|501876d43fbaf15c6d4055194dcce53c187c4dbbef78a664b67e46162788cb51"}}}, {"ruleId": "SEC020", "level": "none", "message": {"text": "[SEC020] Secret Printed to Logs: Debug or diagnostic code appears to print a credential-bearing value. This is a frequent AI-assisted coding failure: the helper exposes the exact value needed for troubleshooting."}, "properties": {"repobilityId": 3675, "scanner": "repobility-threat-engine", "fingerprint": "fd35f0b29d92e0854ac03c48b30961d5c735880db703d7856526657c387cfb10", "category": "credential_exposure", "severity": "info", "confidence": 0.15, "triageState": "false_positive", "verdict": "likely_fp", "isResolved": true, "reason": "The token term appears to refer to NLP/model token counts, a tokenizer, or blockchain token metadata rather than credential material", "evidence": {"match": "print(f\"This request: ~{delta_tokens:,} tokens\", file=sys.stderr)", "reason": "The token term appears to refer to NLP/model token counts, a tokenizer, or blockchain token metadata rather than credential material", "rule_id": "SEC020", "scanner": "repobility-threat-engine", "confidence": 0.15, "correlation_key": "secret|token|10|print f this request: delta_tokens: tokens file sys.stderr"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "uk/06-hooks/context-tracker.py"}, "region": {"startLine": 110}}}]}, {"ruleId": "SEC020", "level": "none", "message": {"text": "[SEC020] Secret Printed to Logs: Debug or diagnostic code appears to print a credential-bearing value. This is a frequent AI-assisted coding failure: the helper exposes the exact value needed for troubleshooting."}, "properties": {"repobilityId": 3674, "scanner": "repobility-threat-engine", "fingerprint": "2588181ecbf25e47ba0c0f2752f22c814ccf7a1e8406078a4f3860cd80d5f3a2", "category": "credential_exposure", "severity": "info", "confidence": 0.15, "triageState": "false_positive", "verdict": "likely_fp", "isResolved": true, "reason": "The token term appears to refer to NLP/model token counts, a tokenizer, or blockchain token metadata rather than credential material Collapsed 1 duplicate scanner signal(s) for the same underlying issue.", "evidence": {"match": "print(f\"This request: ~{delta_tokens:,} tokens\", file=sys.stderr)", "reason": "The token term appears to refer to NLP/model token counts, a tokenizer, or blockchain token metadata rather than credential material", "rule_id": "SEC020", "scanner": "repobility-threat-engine", "confidence": 0.15, "correlation_key": "secret|token|13|print f this request: delta_tokens: tokens file sys.stderr", "duplicate_count": 1, "duplicate_rule_ids": ["SEC020"], "duplicate_scanners": ["repobility-threat-engine"], "duplicate_fingerprints": ["2588181ecbf25e47ba0c0f2752f22c814ccf7a1e8406078a4f3860cd80d5f3a2", "4cf076c9c079200469ef45d59cf4896769a85cee3e18fd319e768b609d22c443"]}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "06-hooks/context-tracker-tiktoken.py"}, "region": {"startLine": 133}}}]}, {"ruleId": "SEC020", "level": "none", "message": {"text": "[SEC020] Secret Printed to Logs: Debug or diagnostic code appears to print a credential-bearing value. This is a frequent AI-assisted coding failure: the helper exposes the exact value needed for troubleshooting."}, "properties": {"repobilityId": 3673, "scanner": "repobility-threat-engine", "fingerprint": "3fd4fc0d4a914b4b16c91b4f4dc6cd7ad44b0705601e7f8634d7a99e86d50b3d", "category": "credential_exposure", "severity": "info", "confidence": 0.15, "triageState": "false_positive", "verdict": "likely_fp", "isResolved": true, "reason": "The token term appears to refer to NLP/model token counts, a tokenizer, or blockchain token metadata rather than credential material", "evidence": {"match": "print(f\"This request: ~{delta_tokens:,} tokens\", file=sys.stderr)", "reason": "The token term appears to refer to NLP/model token counts, a tokenizer, or blockchain token metadata rather than credential material", "rule_id": "SEC020", "scanner": "repobility-threat-engine", "confidence": 0.15, "correlation_key": "secret|06-hooks/context-tracker.py|10|print f this request: delta_tokens: tokens file sys.stderr"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "06-hooks/context-tracker.py"}, "region": {"startLine": 110}}}]}, {"ruleId": "GHSA-whj4-6x5x-4v2j", "level": "error", "message": {"text": "pillow: GHSA-whj4-6x5x-4v2j"}, "properties": {"repobilityId": 52225, "scanner": "osv-scanner", "fingerprint": "aacf1881c958477514c720fe7a49caa7b648b39f81e59f51a662b346db27e6ee", "category": "dependency", "severity": "high", "confidence": 0.88, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"match": "", "aliases": ["BIT-pillow-2026-40192", "CVE-2026-40192"], "package": "pillow", "rule_id": "GHSA-whj4-6x5x-4v2j", "scanner": "osv-scanner", "correlation_key": "vuln|pillow|CVE-2026-40192|scripts/requirements.txt"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "scripts/requirements.txt"}, "region": {"startLine": 1}}}]}, {"ruleId": "GHSA-pwv6-vv43-88gr", "level": "error", "message": {"text": "pillow: GHSA-pwv6-vv43-88gr"}, "properties": {"repobilityId": 52223, "scanner": "osv-scanner", "fingerprint": "58cf3813a0b49ae234cf252492488820d32dcf0e14fe0b549629c90f1bef982a", "category": "dependency", "severity": "high", "confidence": 0.88, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"match": "", "aliases": ["BIT-pillow-2026-42311", "CVE-2026-42311"], "package": "pillow", "rule_id": "GHSA-pwv6-vv43-88gr", "scanner": "osv-scanner", "correlation_key": "vuln|pillow|CVE-2026-42311|scripts/requirements.txt"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "scripts/requirements.txt"}, "region": {"startLine": 1}}}]}, {"ruleId": "GHSA-cfh3-3jmp-rvhc", "level": "error", "message": {"text": "pillow: GHSA-cfh3-3jmp-rvhc"}, "properties": {"repobilityId": 52222, "scanner": "osv-scanner", "fingerprint": "37948d5b8d8a16dcb75b973c12e24e1df355a2a4591b0e55cb452bc5ae28159d", "category": "dependency", "severity": "high", "confidence": 0.88, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"match": "", "aliases": ["BIT-pillow-2026-25990", "CVE-2026-25990"], "package": "pillow", "rule_id": "GHSA-cfh3-3jmp-rvhc", "scanner": "osv-scanner", "correlation_key": "vuln|pillow|CVE-2026-25990|scripts/requirements.txt"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "scripts/requirements.txt"}, "region": {"startLine": 1}}}]}, {"ruleId": "PYSEC-2026-165", "level": "error", "message": {"text": "pillow: PYSEC-2026-165"}, "properties": {"repobilityId": 52221, "scanner": "osv-scanner", "fingerprint": "5c9e46fd3f2957f5c850ffe4039b013656dbb69e576023b56d18816e3c793bac", "category": "dependency", "severity": "high", "confidence": 0.88, "triageState": "open", "verdict": "", "isResolved": false, "reason": "Collapsed 1 duplicate scanner signal(s) for the same underlying issue.", "evidence": {"match": "", "aliases": ["BIT-pillow-2026-42308", "CVE-2026-42308", "GHSA-wjx4-4jcj-g98j"], "package": "pillow", "rule_id": "PYSEC-2026-165", "scanner": "osv-scanner", "correlation_key": "vuln|pillow|CVE-2026-42308|scripts/requirements.txt", "duplicate_count": 1, "duplicate_rule_ids": ["GHSA-wjx4-4jcj-g98j", "PYSEC-2026-165"], "duplicate_scanners": ["osv-scanner"], "duplicate_fingerprints": ["5c9e46fd3f2957f5c850ffe4039b013656dbb69e576023b56d18816e3c793bac", "95db45ba71b14d6f2376c3aca07502d33ac328ca12856125387c07ebf0bb9c47"]}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "scripts/requirements.txt"}, "region": {"startLine": 1}}}]}, {"ruleId": "PYSEC-2026-89", "level": "error", "message": {"text": "markdown: PYSEC-2026-89"}, "properties": {"repobilityId": 52220, "scanner": "osv-scanner", "fingerprint": "c4544abfee8ebe3702851e447abe14c0b64680f73accd9bcfce0e98e72f5688d", "category": "dependency", "severity": "high", "confidence": 0.88, "triageState": "open", "verdict": "", "isResolved": false, "reason": "Collapsed 1 duplicate scanner signal(s) for the same underlying issue.", "evidence": {"match": "", "aliases": ["CVE-2025-69534", "GHSA-5wmx-573v-2qwq"], "package": "markdown", "rule_id": "PYSEC-2026-89", "scanner": "osv-scanner", "correlation_key": "vuln|markdown|CVE-2025-69534|scripts/requirements.txt", "duplicate_count": 1, "duplicate_rule_ids": ["GHSA-5wmx-573v-2qwq", "PYSEC-2026-89"], "duplicate_scanners": ["osv-scanner"], "duplicate_fingerprints": ["5b99c80c318ef8076e1bc5d84dea45840ecb2af2fde34bb774aa1427d49e5c27", "c4544abfee8ebe3702851e447abe14c0b64680f73accd9bcfce0e98e72f5688d"]}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "scripts/requirements.txt"}, "region": {"startLine": 1}}}]}, {"ruleId": "GHSA-whj4-6x5x-4v2j", "level": "error", "message": {"text": "pillow: GHSA-whj4-6x5x-4v2j"}, "properties": {"repobilityId": 52213, "scanner": "osv-scanner", "fingerprint": "0fd981fabb7369ba60236ffbcf02ad9c5fa6e0a0b38c622e92619ddf7f827f26", "category": "dependency", "severity": "high", "confidence": 0.88, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"match": "", "aliases": ["BIT-pillow-2026-40192", "CVE-2026-40192"], "package": "pillow", "rule_id": "GHSA-whj4-6x5x-4v2j", "scanner": "osv-scanner", "correlation_key": "vuln|pillow|CVE-2026-40192|token"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "scripts/requirements-dev.txt"}, "region": {"startLine": 1}}}]}, {"ruleId": "GHSA-pwv6-vv43-88gr", "level": "error", "message": {"text": "pillow: GHSA-pwv6-vv43-88gr"}, "properties": {"repobilityId": 52211, "scanner": "osv-scanner", "fingerprint": "2db29b3e8e39455109fbb59f8674d6523a2915601c72c7c2fdabd83ce50e3803", "category": "dependency", "severity": "high", "confidence": 0.88, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"match": "", "aliases": ["BIT-pillow-2026-42311", "CVE-2026-42311"], "package": "pillow", "rule_id": "GHSA-pwv6-vv43-88gr", "scanner": "osv-scanner", "correlation_key": "vuln|pillow|CVE-2026-42311|token"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "scripts/requirements-dev.txt"}, "region": {"startLine": 1}}}]}, {"ruleId": "GHSA-cfh3-3jmp-rvhc", "level": "error", "message": {"text": "pillow: GHSA-cfh3-3jmp-rvhc"}, "properties": {"repobilityId": 52210, "scanner": "osv-scanner", "fingerprint": "395e7079a7f65b5bf7327adc9f4ae67872a415013e4f2473519be499899cbd44", "category": "dependency", "severity": "high", "confidence": 0.88, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"match": "", "aliases": ["BIT-pillow-2026-25990", "CVE-2026-25990"], "package": "pillow", "rule_id": "GHSA-cfh3-3jmp-rvhc", "scanner": "osv-scanner", "correlation_key": "vuln|pillow|CVE-2026-25990|token"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "scripts/requirements-dev.txt"}, "region": {"startLine": 1}}}]}, {"ruleId": "PYSEC-2026-165", "level": "error", "message": {"text": "pillow: PYSEC-2026-165"}, "properties": {"repobilityId": 52209, "scanner": "osv-scanner", "fingerprint": "a3ca96f6df278533d786c801a502bca27436644141651a7c28a379b1c2f4401d", "category": "dependency", "severity": "high", "confidence": 0.88, "triageState": "open", "verdict": "", "isResolved": false, "reason": "Collapsed 1 duplicate scanner signal(s) for the same underlying issue.", "evidence": {"match": "", "aliases": ["BIT-pillow-2026-42308", "CVE-2026-42308", "GHSA-wjx4-4jcj-g98j"], "package": "pillow", "rule_id": "PYSEC-2026-165", "scanner": "osv-scanner", "correlation_key": "vuln|pillow|CVE-2026-42308|token", "duplicate_count": 1, "duplicate_rule_ids": ["GHSA-wjx4-4jcj-g98j", "PYSEC-2026-165"], "duplicate_scanners": ["osv-scanner"], "duplicate_fingerprints": ["1a4dff67a539d48f3c1df959e90da875470eb38722f62b3baf244028ec699e57", "a3ca96f6df278533d786c801a502bca27436644141651a7c28a379b1c2f4401d"]}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "scripts/requirements-dev.txt"}, "region": {"startLine": 1}}}]}, {"ruleId": "PYSEC-2026-89", "level": "error", "message": {"text": "markdown: PYSEC-2026-89"}, "properties": {"repobilityId": 52208, "scanner": "osv-scanner", "fingerprint": "a9c5e4bccb69792e7cb21f33fb0241da1140194bfcdcff68b37c40df51f45b35", "category": "dependency", "severity": "high", "confidence": 0.88, "triageState": "open", "verdict": "", "isResolved": false, "reason": "Collapsed 1 duplicate scanner signal(s) for the same underlying issue.", "evidence": {"match": "", "aliases": ["CVE-2025-69534", "GHSA-5wmx-573v-2qwq"], "package": "markdown", "rule_id": "PYSEC-2026-89", "scanner": "osv-scanner", "correlation_key": "vuln|markdown|CVE-2025-69534|token", "duplicate_count": 1, "duplicate_rule_ids": ["GHSA-5wmx-573v-2qwq", "PYSEC-2026-89"], "duplicate_scanners": ["osv-scanner"], "duplicate_fingerprints": ["a9c5e4bccb69792e7cb21f33fb0241da1140194bfcdcff68b37c40df51f45b35", "f41fe827800d1ebec4157f06781582167623c90e0194e05d58e5c7ff19e2b144"]}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "scripts/requirements-dev.txt"}, "region": {"startLine": 1}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "`self.calculate_cyclomatic_complexity` used but never assigned in __init__"}, "properties": {"repobilityId": 43875, "scanner": "repobility-ast-engine", "fingerprint": "21c35457e8ce6a49258dc0a4cca94e31e47ebedba4470c77fb61b076136e62f9", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|21c35457e8ce6a49258dc0a4cca94e31e47ebedba4470c77fb61b076136e62f9"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "uk/03-skills/code-review-specialist/scripts/compare-complexity.py"}, "region": {"startLine": 89}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "`self.calculate_cognitive_complexity` used but never assigned in __init__"}, "properties": {"repobilityId": 43874, "scanner": "repobility-ast-engine", "fingerprint": "77adc007d14baea5b2461644cd52fc96d6b5e90e22d33b37846d4519cb98409b", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|77adc007d14baea5b2461644cd52fc96d6b5e90e22d33b37846d4519cb98409b"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "uk/03-skills/code-review-specialist/scripts/compare-complexity.py"}, "region": {"startLine": 74}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "`self.calculate_cyclomatic_complexity` used but never assigned in __init__"}, "properties": {"repobilityId": 43873, "scanner": "repobility-ast-engine", "fingerprint": "78873a2436652e276932eb03042ca99df73af8bea6bbe4743bd43ea3a693c22b", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|78873a2436652e276932eb03042ca99df73af8bea6bbe4743bd43ea3a693c22b"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "uk/03-skills/code-review-specialist/scripts/compare-complexity.py"}, "region": {"startLine": 73}}}]}, {"ruleId": "SEC029", "level": "error", "message": {"text": "[SEC029] Server-Side Request Forgery (SSRF) \u2014 outbound HTTP from user input: Outbound HTTP request to a user-controlled URL without allowlist validation. Attackers can probe internal services (169.254.169.254 metadata, internal Kubernetes endpoints, file:// URIs), exfiltrate data, or pivot through your network. SSRF is OWASP A10:2021 and a frequent foothold in cloud breaches."}, "properties": {"repobilityId": 34370, "scanner": "repobility-threat-engine", "fingerprint": "34c424880678746f610b1748a7259e612361c90ae257f0004311dcfd58391c63", "category": "ssrf", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"match": "urllib.request.urlopen(r", "reason": "Pattern matched with no mitigating context found", "rule_id": "SEC029", "scanner": "repobility-threat-engine", "confidence": 1.0, "correlation_key": "fp|34c424880678746f610b1748a7259e612361c90ae257f0004311dcfd58391c63"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "scripts/check_links.py"}, "region": {"startLine": 73}}}]}, {"ruleId": "MINED104", "level": "error", "message": {"text": "[MINED104] Chmod 777: chmod 777 makes a file or directory world-readable, world-writable, AND world-executable. Local privilege escalation surface; audit-failing for most compliance frameworks."}, "properties": {"repobilityId": 34361, "scanner": "repobility-threat-engine", "fingerprint": "e847ebcba6043326aa9b9360d24c0b91dc2a654537aae47a0977f7734916acd6", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "chmod-777", "owasp": "A05:2021", "cwe_ids": ["CWE-732", "CWE-276"], "languages": ["shell", "bash", "dockerfile"], "precision": 1.0, "promoted_at": "2026-05-19T13:00:00.000000+00:00", "triaged_in_corpus": 0, "observations_count": 0, "ai_coder_pattern_id": 47}, "scanner": "repobility-threat-engine", "correlation_key": "fp|e847ebcba6043326aa9b9360d24c0b91dc2a654537aae47a0977f7734916acd6"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "uk/06-hooks/pre-tool-check.sh"}, "region": {"startLine": 75}}}]}, {"ruleId": "MINED104", "level": "error", "message": {"text": "[MINED104] Chmod 777: chmod 777 makes a file or directory world-readable, world-writable, AND world-executable. Local privilege escalation surface; audit-failing for most compliance frameworks."}, "properties": {"repobilityId": 34360, "scanner": "repobility-threat-engine", "fingerprint": "134d68b5a0794e14b097f433719cff35194b45ec2578a4a1f234153f00a3ca9f", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "chmod-777", "owasp": "A05:2021", "cwe_ids": ["CWE-732", "CWE-276"], "languages": ["shell", "bash", "dockerfile"], "precision": 1.0, "promoted_at": "2026-05-19T13:00:00.000000+00:00", "triaged_in_corpus": 0, "observations_count": 0, "ai_coder_pattern_id": 47}, "scanner": "repobility-threat-engine", "correlation_key": "fp|134d68b5a0794e14b097f433719cff35194b45ec2578a4a1f234153f00a3ca9f"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "ja/06-hooks/pre-tool-check.sh"}, "region": {"startLine": 101}}}]}, {"ruleId": "MINED104", "level": "error", "message": {"text": "[MINED104] Chmod 777: chmod 777 makes a file or directory world-readable, world-writable, AND world-executable. Local privilege escalation surface; audit-failing for most compliance frameworks."}, "properties": {"repobilityId": 34359, "scanner": "repobility-threat-engine", "fingerprint": "5932894d01196cdd3ffae7efd84bbf44815fe9c0d0f07e6b935ff696fe765735", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "chmod-777", "owasp": "A05:2021", "cwe_ids": ["CWE-732", "CWE-276"], "languages": ["shell", "bash", "dockerfile"], "precision": 1.0, "promoted_at": "2026-05-19T13:00:00.000000+00:00", "triaged_in_corpus": 0, "observations_count": 0, "ai_coder_pattern_id": 47}, "scanner": "repobility-threat-engine", "correlation_key": "fp|5932894d01196cdd3ffae7efd84bbf44815fe9c0d0f07e6b935ff696fe765735"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "06-hooks/pre-tool-check.sh"}, "region": {"startLine": 103}}}]}, {"ruleId": "MINED001", "level": "error", "message": {"text": "[MINED001] Bare Except Pass: except: pass or except Exception: pass \u2014 silently swallows everything including KeyboardInterrupt and bugs."}, "properties": {"repobilityId": 34345, "scanner": "repobility-threat-engine", "fingerprint": "d70d7dbc59ecf49a10a3fd8e32d38dae16a50fba5e9d4b1cf2e7bb70e872ee78", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "bare-except-pass", "owasp": null, "cwe_ids": ["CWE-755"], "languages": ["python"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.347744+00:00", "triaged_in_corpus": 15, "observations_count": 1550824, "ai_coder_pattern_id": 6}, "scanner": "repobility-threat-engine", "correlation_key": "fp|d70d7dbc59ecf49a10a3fd8e32d38dae16a50fba5e9d4b1cf2e7bb70e872ee78"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "uk/06-hooks/context-tracker-tiktoken.py"}, "region": {"startLine": 117}}}]}, {"ruleId": "MINED001", "level": "error", "message": {"text": "[MINED001] Bare Except Pass: except: pass or except Exception: pass \u2014 silently swallows everything including KeyboardInterrupt and bugs."}, "properties": {"repobilityId": 34344, "scanner": "repobility-threat-engine", "fingerprint": "2e018631a55c9b5b30750db64f0891f341d4e958410ebc632463807cb3b25d31", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "bare-except-pass", "owasp": null, "cwe_ids": ["CWE-755"], "languages": ["python"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.347744+00:00", "triaged_in_corpus": 15, "observations_count": 1550824, "ai_coder_pattern_id": 6}, "scanner": "repobility-threat-engine", "correlation_key": "fp|2e018631a55c9b5b30750db64f0891f341d4e958410ebc632463807cb3b25d31"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "06-hooks/context-tracker.py"}, "region": {"startLine": 95}}}]}, {"ruleId": "MINED001", "level": "error", "message": {"text": "[MINED001] Bare Except Pass: except: pass or except Exception: pass \u2014 silently swallows everything including KeyboardInterrupt and bugs."}, "properties": {"repobilityId": 34343, "scanner": "repobility-threat-engine", "fingerprint": "888e3e9d4e146c16c8f4ac4a758d4ee8be125ad7c7e66f959ae2746c24c26cf4", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "confirmed", "isResolved": false, "reason": "Pattern matched with no mitigating context found", "evidence": {"mined": true, "mining": {"slug": "bare-except-pass", "owasp": null, "cwe_ids": ["CWE-755"], "languages": ["python"], "precision": 1.0, "promoted_at": "2026-05-18T14:01:32.347744+00:00", "triaged_in_corpus": 15, "observations_count": 1550824, "ai_coder_pattern_id": 6}, "scanner": "repobility-threat-engine", "correlation_key": "fp|888e3e9d4e146c16c8f4ac4a758d4ee8be125ad7c7e66f959ae2746c24c26cf4"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "06-hooks/context-tracker-tiktoken.py"}, "region": {"startLine": 117}}}]}, {"ruleId": "MINED115", "level": "error", "message": {"text": "Action `actions/checkout` pinned to mutable ref `@v4`"}, "properties": {"repobilityId": 34342, "scanner": "repobility-supply-chain", "fingerprint": "d59315a47468ff4a1d778e6a60b72e483673a0fe41d8f7411bdde1684e69d090", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "gha-mutable-ref", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["yaml"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|d59315a47468ff4a1d778e6a60b72e483673a0fe41d8f7411bdde1684e69d090"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".github/workflows/release.yml"}, "region": {"startLine": 20}}}]}, {"ruleId": "MINED115", "level": "error", "message": {"text": "Action `actions/setup-python` pinned to mutable ref `@v4`"}, "properties": {"repobilityId": 34341, "scanner": "repobility-supply-chain", "fingerprint": "82746aa64707edf2b44be0d4976de721d1412646132a30fcfa1b2b50af4aa88b", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "gha-mutable-ref", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["yaml"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|82746aa64707edf2b44be0d4976de721d1412646132a30fcfa1b2b50af4aa88b"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".github/workflows/docs-check.yml"}, "region": {"startLine": 96}}}]}, {"ruleId": "MINED115", "level": "error", "message": {"text": "Action `actions/checkout` pinned to mutable ref `@v4`"}, "properties": {"repobilityId": 34340, "scanner": "repobility-supply-chain", "fingerprint": "010845418ee78132c67a3116368f29dfa60ade4c6b0a50003438610238e80fd5", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "gha-mutable-ref", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["yaml"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|010845418ee78132c67a3116368f29dfa60ade4c6b0a50003438610238e80fd5"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".github/workflows/docs-check.yml"}, "region": {"startLine": 93}}}]}, {"ruleId": "MINED115", "level": "error", "message": {"text": "Action `actions/setup-python` pinned to mutable ref `@v4`"}, "properties": {"repobilityId": 34339, "scanner": "repobility-supply-chain", "fingerprint": "c50a3cf1a11ec85e2378b455036789cdd997cc0649c85eebe046ed71e794797a", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "gha-mutable-ref", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["yaml"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|c50a3cf1a11ec85e2378b455036789cdd997cc0649c85eebe046ed71e794797a"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".github/workflows/docs-check.yml"}, "region": {"startLine": 79}}}]}, {"ruleId": "MINED115", "level": "error", "message": {"text": "Action `actions/setup-node` pinned to mutable ref `@v4`"}, "properties": {"repobilityId": 34338, "scanner": "repobility-supply-chain", "fingerprint": "12a45f1405be138e0ea5ea41b25e68f33d35b96161be7b59d456bc10480874bc", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "gha-mutable-ref", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["yaml"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|12a45f1405be138e0ea5ea41b25e68f33d35b96161be7b59d456bc10480874bc"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".github/workflows/docs-check.yml"}, "region": {"startLine": 71}}}]}, {"ruleId": "MINED115", "level": "error", "message": {"text": "Action `actions/checkout` pinned to mutable ref `@v4`"}, "properties": {"repobilityId": 34337, "scanner": "repobility-supply-chain", "fingerprint": "e4b11c67c6f561554b569212209769b119d80629ec4df84b800b449b3805477d", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "gha-mutable-ref", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["yaml"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|e4b11c67c6f561554b569212209769b119d80629ec4df84b800b449b3805477d"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".github/workflows/docs-check.yml"}, "region": {"startLine": 68}}}]}, {"ruleId": "MINED115", "level": "error", "message": {"text": "Action `actions/setup-python` pinned to mutable ref `@v4`"}, "properties": {"repobilityId": 34336, "scanner": "repobility-supply-chain", "fingerprint": "00ff10f06418e85abda4c34037137379cbc8dfa25cdf2f41f0f97cd810b3ee88", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "gha-mutable-ref", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["yaml"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|00ff10f06418e85abda4c34037137379cbc8dfa25cdf2f41f0f97cd810b3ee88"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".github/workflows/docs-check.yml"}, "region": {"startLine": 54}}}]}, {"ruleId": "MINED115", "level": "error", "message": {"text": "Action `actions/checkout` pinned to mutable ref `@v4`"}, "properties": {"repobilityId": 34335, "scanner": "repobility-supply-chain", "fingerprint": "e5f45be334eb6f1b7c36ec8b76fb649e87af5964f478fe907dc6b33cae9a564e", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "gha-mutable-ref", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["yaml"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|e5f45be334eb6f1b7c36ec8b76fb649e87af5964f478fe907dc6b33cae9a564e"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".github/workflows/docs-check.yml"}, "region": {"startLine": 51}}}]}, {"ruleId": "MINED115", "level": "error", "message": {"text": "Action `actions/setup-node` pinned to mutable ref `@v4`"}, "properties": {"repobilityId": 34334, "scanner": "repobility-supply-chain", "fingerprint": "7d8c064e5b25d7c069894f30031e2a7df3733abbfff9eac0fc53d8c984ec1b68", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "gha-mutable-ref", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["yaml"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|7d8c064e5b25d7c069894f30031e2a7df3733abbfff9eac0fc53d8c984ec1b68"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".github/workflows/docs-check.yml"}, "region": {"startLine": 36}}}]}, {"ruleId": "MINED115", "level": "error", "message": {"text": "Action `actions/checkout` pinned to mutable ref `@v4`"}, "properties": {"repobilityId": 34333, "scanner": "repobility-supply-chain", "fingerprint": "6525ea1df6ab3297676c0ddcca90f10cdfab9a2fc880bfaabd7a9618f615924b", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "gha-mutable-ref", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["yaml"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|6525ea1df6ab3297676c0ddcca90f10cdfab9a2fc880bfaabd7a9618f615924b"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".github/workflows/docs-check.yml"}, "region": {"startLine": 33}}}]}, {"ruleId": "MINED115", "level": "error", "message": {"text": "Action `actions/download-artifact` pinned to mutable ref `@v4`"}, "properties": {"repobilityId": 34332, "scanner": "repobility-supply-chain", "fingerprint": "e56ac0637b5e4f77ae8fc09895ff1f70ac2d57853748889d3531cf2e6925ca32", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "gha-mutable-ref", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["yaml"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|e56ac0637b5e4f77ae8fc09895ff1f70ac2d57853748889d3531cf2e6925ca32"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".github/workflows/test.yml"}, "region": {"startLine": 200}}}]}, {"ruleId": "MINED115", "level": "error", "message": {"text": "Action `actions/upload-artifact` pinned to mutable ref `@v4`"}, "properties": {"repobilityId": 34331, "scanner": "repobility-supply-chain", "fingerprint": "34afa7c338af428bf095cd2872e29960910adff2b07b6194a23f76068e6459b7", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "gha-mutable-ref", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["yaml"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|34afa7c338af428bf095cd2872e29960910adff2b07b6194a23f76068e6459b7"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".github/workflows/test.yml"}, "region": {"startLine": 185}}}]}, {"ruleId": "MINED115", "level": "error", "message": {"text": "Action `astral-sh/setup-uv` pinned to mutable ref `@v4`"}, "properties": {"repobilityId": 34330, "scanner": "repobility-supply-chain", "fingerprint": "9acacaa5d8a3af2590bd263ec50db03392067741e708998552abccf636f65f5f", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "gha-mutable-ref", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["yaml"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|9acacaa5d8a3af2590bd263ec50db03392067741e708998552abccf636f65f5f"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".github/workflows/test.yml"}, "region": {"startLine": 156}}}]}, {"ruleId": "MINED115", "level": "error", "message": {"text": "Action `actions/checkout` pinned to mutable ref `@v4`"}, "properties": {"repobilityId": 34329, "scanner": "repobility-supply-chain", "fingerprint": "a50c5777bb9f13883c9a071c26ce6750084fbc2775f8f32b45b6c681bf691241", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "gha-mutable-ref", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["yaml"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|a50c5777bb9f13883c9a071c26ce6750084fbc2775f8f32b45b6c681bf691241"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".github/workflows/test.yml"}, "region": {"startLine": 153}}}]}, {"ruleId": "MINED115", "level": "error", "message": {"text": "Action `astral-sh/setup-uv` pinned to mutable ref `@v4`"}, "properties": {"repobilityId": 34328, "scanner": "repobility-supply-chain", "fingerprint": "eda1873237850a99137b0511f7f636605c635fbb29d4b1e909fd44ff94544a61", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "gha-mutable-ref", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["yaml"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|eda1873237850a99137b0511f7f636605c635fbb29d4b1e909fd44ff94544a61"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".github/workflows/test.yml"}, "region": {"startLine": 132}}}]}, {"ruleId": "MINED115", "level": "error", "message": {"text": "Action `actions/checkout` pinned to mutable ref `@v4`"}, "properties": {"repobilityId": 34327, "scanner": "repobility-supply-chain", "fingerprint": "ee68bfd95768021e2079f84ae2077e04005e33a60316dab68d1933a0042abcf3", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "gha-mutable-ref", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["yaml"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|ee68bfd95768021e2079f84ae2077e04005e33a60316dab68d1933a0042abcf3"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".github/workflows/test.yml"}, "region": {"startLine": 129}}}]}, {"ruleId": "MINED115", "level": "error", "message": {"text": "Action `actions/upload-artifact` pinned to mutable ref `@v4`"}, "properties": {"repobilityId": 34326, "scanner": "repobility-supply-chain", "fingerprint": "cf2831a4a3751559b059f2cdeb200f8b398526d10227c3ad856d076c6fa59419", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "gha-mutable-ref", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["yaml"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|cf2831a4a3751559b059f2cdeb200f8b398526d10227c3ad856d076c6fa59419"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".github/workflows/test.yml"}, "region": {"startLine": 117}}}]}, {"ruleId": "MINED115", "level": "error", "message": {"text": "Action `astral-sh/setup-uv` pinned to mutable ref `@v4`"}, "properties": {"repobilityId": 34325, "scanner": "repobility-supply-chain", "fingerprint": "c8f60dc216ec58eb06519c27cd91c6bae35fb7b450ee14f3e97bc57360999b18", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "gha-mutable-ref", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["yaml"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|c8f60dc216ec58eb06519c27cd91c6bae35fb7b450ee14f3e97bc57360999b18"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".github/workflows/test.yml"}, "region": {"startLine": 103}}}]}, {"ruleId": "MINED115", "level": "error", "message": {"text": "Action `actions/checkout` pinned to mutable ref `@v4`"}, "properties": {"repobilityId": 34324, "scanner": "repobility-supply-chain", "fingerprint": "822ca229bd1e5a790c3b2c83ac86ac0e22e9e0cdb522a42624acad6721bdb396", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "gha-mutable-ref", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["yaml"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|822ca229bd1e5a790c3b2c83ac86ac0e22e9e0cdb522a42624acad6721bdb396"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".github/workflows/test.yml"}, "region": {"startLine": 100}}}]}, {"ruleId": "MINED115", "level": "error", "message": {"text": "Action `astral-sh/setup-uv` pinned to mutable ref `@v4`"}, "properties": {"repobilityId": 34323, "scanner": "repobility-supply-chain", "fingerprint": "55ff4139116b68d8a05d1aa67605ee859780e88534a0889fd645203974c90e46", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "gha-mutable-ref", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["yaml"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|55ff4139116b68d8a05d1aa67605ee859780e88534a0889fd645203974c90e46"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".github/workflows/test.yml"}, "region": {"startLine": 79}}}]}, {"ruleId": "MINED115", "level": "error", "message": {"text": "Action `actions/checkout` pinned to mutable ref `@v4`"}, "properties": {"repobilityId": 34322, "scanner": "repobility-supply-chain", "fingerprint": "bdb92d42b84eac5a36f09f356b9d414a6c7227ed1de72766311c232588b6391a", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "gha-mutable-ref", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["yaml"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|bdb92d42b84eac5a36f09f356b9d414a6c7227ed1de72766311c232588b6391a"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".github/workflows/test.yml"}, "region": {"startLine": 76}}}]}, {"ruleId": "MINED115", "level": "error", "message": {"text": "Action `actions/upload-artifact` pinned to mutable ref `@v4`"}, "properties": {"repobilityId": 34321, "scanner": "repobility-supply-chain", "fingerprint": "216874cedac4f4f642a45a8d711b5adc118d8a2e2d6338d3121fc44f4d7d6eeb", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "gha-mutable-ref", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["yaml"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|216874cedac4f4f642a45a8d711b5adc118d8a2e2d6338d3121fc44f4d7d6eeb"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".github/workflows/test.yml"}, "region": {"startLine": 63}}}]}, {"ruleId": "MINED115", "level": "error", "message": {"text": "Action `codecov/codecov-action` pinned to mutable ref `@v3`"}, "properties": {"repobilityId": 34320, "scanner": "repobility-supply-chain", "fingerprint": "ab76295e816a5d037dd8cf50c6181b3e510b3e5af696f6c9e32d6bf938d1c5d5", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "gha-mutable-ref", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["yaml"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|ab76295e816a5d037dd8cf50c6181b3e510b3e5af696f6c9e32d6bf938d1c5d5"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".github/workflows/test.yml"}, "region": {"startLine": 53}}}]}, {"ruleId": "MINED115", "level": "error", "message": {"text": "Action `astral-sh/setup-uv` pinned to mutable ref `@v4`"}, "properties": {"repobilityId": 34319, "scanner": "repobility-supply-chain", "fingerprint": "9bf29bc1ed0e1a38bf1a9c74a48e9f3274ba38c3f093149fea9a09889005c050", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "gha-mutable-ref", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["yaml"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|9bf29bc1ed0e1a38bf1a9c74a48e9f3274ba38c3f093149fea9a09889005c050"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".github/workflows/test.yml"}, "region": {"startLine": 38}}}]}, {"ruleId": "MINED115", "level": "error", "message": {"text": "Action `actions/checkout` pinned to mutable ref `@v4`"}, "properties": {"repobilityId": 34318, "scanner": "repobility-supply-chain", "fingerprint": "f5927d8b4c08411d9c11fd160643168b7f84f3df3a4a4b85efd8ca0460be3271", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "gha-mutable-ref", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["yaml"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|f5927d8b4c08411d9c11fd160643168b7f84f3df3a4a4b85efd8ca0460be3271"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".github/workflows/test.yml"}, "region": {"startLine": 35}}}]}, {"ruleId": "MINED131", "level": "error", "message": {"text": "pre-commit hook `https://github.com/pre-commit/mirrors-mypy` pinned to mutable rev `v1.13.0`"}, "properties": {"repobilityId": 34317, "scanner": "repobility-supply-chain", "fingerprint": "a11081a2d6d5c5aa8553559351c1abf3011dba7e6b2fbf54d876beb6c4600fd5", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "precommit-untrusted-repo", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["yaml"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|a11081a2d6d5c5aa8553559351c1abf3011dba7e6b2fbf54d876beb6c4600fd5"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".pre-commit-config.yaml"}, "region": {"startLine": 55}}}]}, {"ruleId": "MINED131", "level": "error", "message": {"text": "pre-commit hook `https://github.com/pre-commit/pre-commit-hooks` pinned to mutable rev `v5.0.0`"}, "properties": {"repobilityId": 34316, "scanner": "repobility-supply-chain", "fingerprint": "38c2a5d04ddbc8d9ad926eb6fb50bd8d1f17bf3a91afe50df12d4a85cab259e6", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "precommit-untrusted-repo", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["yaml"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|38c2a5d04ddbc8d9ad926eb6fb50bd8d1f17bf3a91afe50df12d4a85cab259e6"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".pre-commit-config.yaml"}, "region": {"startLine": 36}}}]}, {"ruleId": "MINED131", "level": "error", "message": {"text": "pre-commit hook `https://github.com/PyCQA/bandit` pinned to mutable rev `1.7.10`"}, "properties": {"repobilityId": 34315, "scanner": "repobility-supply-chain", "fingerprint": "8a7ad89e99398849b61d5d0f569e1b5a6df5edb2d0ee30afa1221f5498527531", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "precommit-untrusted-repo", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["yaml"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|8a7ad89e99398849b61d5d0f569e1b5a6df5edb2d0ee30afa1221f5498527531"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".pre-commit-config.yaml"}, "region": {"startLine": 24}}}]}, {"ruleId": "MINED131", "level": "error", "message": {"text": "pre-commit hook `https://github.com/astral-sh/ruff-pre-commit` pinned to mutable rev `v0.8.2`"}, "properties": {"repobilityId": 34314, "scanner": "repobility-supply-chain", "fingerprint": "cfeb65167c8f07ecfb04f6c8bd9effc615a9c47e311124e9e5c4c53f8b4585aa", "category": "dependency", "severity": "high", "confidence": 0.9, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "precommit-untrusted-repo", "owasp": "A08:2021", "cwe_ids": ["CWE-829"], "languages": ["yaml"], "observations_count": 0}, "scanner": "repobility-supply-chain", "correlation_key": "fp|cfeb65167c8f07ecfb04f6c8bd9effc615a9c47e311124e9e5c4c53f8b4585aa"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": ".pre-commit-config.yaml"}, "region": {"startLine": 10}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "`self.calculate_cyclomatic_complexity` used but never assigned in __init__"}, "properties": {"repobilityId": 34309, "scanner": "repobility-ast-engine", "fingerprint": "dcbeae171e10d7796f70564c7d614333f23a6c0b542b7e772e930617b0976d82", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "fixed", "verdict": "", "isResolved": true, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|dcbeae171e10d7796f70564c7d614333f23a6c0b542b7e772e930617b0976d82"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "uk/03-skills/code-review/scripts/compare-complexity.py"}, "region": {"startLine": 89}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "`self.calculate_cognitive_complexity` used but never assigned in __init__"}, "properties": {"repobilityId": 34308, "scanner": "repobility-ast-engine", "fingerprint": "45593b7ed289f311745a582fbbfadc968b71df2818c8bafa08fb31a2f9d41ff0", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "fixed", "verdict": "", "isResolved": true, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|45593b7ed289f311745a582fbbfadc968b71df2818c8bafa08fb31a2f9d41ff0"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "uk/03-skills/code-review/scripts/compare-complexity.py"}, "region": {"startLine": 74}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "`self.calculate_cyclomatic_complexity` used but never assigned in __init__"}, "properties": {"repobilityId": 34307, "scanner": "repobility-ast-engine", "fingerprint": "706125c5483c81609fbca4a083f0c25e02da9b814d3cc7d2c1c4f3dd7fae4c98", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "fixed", "verdict": "", "isResolved": true, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|706125c5483c81609fbca4a083f0c25e02da9b814d3cc7d2c1c4f3dd7fae4c98"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "uk/03-skills/code-review/scripts/compare-complexity.py"}, "region": {"startLine": 73}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "`self._extract_return_type` used but never assigned in __init__"}, "properties": {"repobilityId": 34306, "scanner": "repobility-ast-engine", "fingerprint": "f0574b348e08d39aa32126383a76ef6ea41b906e2cbc8c76a8e283bf1c4ba92d", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|f0574b348e08d39aa32126383a76ef6ea41b906e2cbc8c76a8e283bf1c4ba92d"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "uk/03-skills/doc-generator/generate-docs.py"}, "region": {"startLine": 19}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "`self.generic_visit` used but never assigned in __init__"}, "properties": {"repobilityId": 34305, "scanner": "repobility-ast-engine", "fingerprint": "0712bc63a460c3c9399a3bd881e656b3361f9ede10efb65c0825fb36b2b7253e", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|0712bc63a460c3c9399a3bd881e656b3361f9ede10efb65c0825fb36b2b7253e"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "uk/03-skills/doc-generator/generate-docs.py"}, "region": {"startLine": 22}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "`self._config` used but never assigned in __init__"}, "properties": {"repobilityId": 34304, "scanner": "repobility-ast-engine", "fingerprint": "aa924273547ba8740b580f0fddfbc1c6d86ab7b55ac99fad6452e6a43b2aae9d", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|aa924273547ba8740b580f0fddfbc1c6d86ab7b55ac99fad6452e6a43b2aae9d"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "scripts/tests/test_build_website.py"}, "region": {"startLine": 410}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "`self._state` used but never assigned in __init__"}, "properties": {"repobilityId": 34303, "scanner": "repobility-ast-engine", "fingerprint": "cffc7a5faaad1c211886ece4e0bdbd54b279422252183adc1874e477b963230d", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|cffc7a5faaad1c211886ece4e0bdbd54b279422252183adc1874e477b963230d"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "scripts/tests/test_build_website.py"}, "region": {"startLine": 410}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "`self._config` used but never assigned in __init__"}, "properties": {"repobilityId": 34302, "scanner": "repobility-ast-engine", "fingerprint": "4abad32df1ac2c6ca00d1253a94ad6d3dd22e72ba52fd8a70009349084474e23", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|4abad32df1ac2c6ca00d1253a94ad6d3dd22e72ba52fd8a70009349084474e23"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "scripts/tests/test_build_website.py"}, "region": {"startLine": 391}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "`self._state` used but never assigned in __init__"}, "properties": {"repobilityId": 34301, "scanner": "repobility-ast-engine", "fingerprint": "d632eb33afa56cbfa9418811731f7996ab3aae36697dd4bc572ca7a6d9efb0b0", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|d632eb33afa56cbfa9418811731f7996ab3aae36697dd4bc572ca7a6d9efb0b0"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "scripts/tests/test_build_website.py"}, "region": {"startLine": 391}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "`self._config` used but never assigned in __init__"}, "properties": {"repobilityId": 34300, "scanner": "repobility-ast-engine", "fingerprint": "1c17a16d1e569610a28e2bbc8887bac5fb5ee33f465b4bcef010b16403638826", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|1c17a16d1e569610a28e2bbc8887bac5fb5ee33f465b4bcef010b16403638826"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "scripts/tests/test_build_website.py"}, "region": {"startLine": 372}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "`self._state` used but never assigned in __init__"}, "properties": {"repobilityId": 34299, "scanner": "repobility-ast-engine", "fingerprint": "ca2a922c1a3d7542f8322ef5ac7250815c7070382c3e8d5eab19fde38525a9d2", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|ca2a922c1a3d7542f8322ef5ac7250815c7070382c3e8d5eab19fde38525a9d2"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "scripts/tests/test_build_website.py"}, "region": {"startLine": 372}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "`self._config` used but never assigned in __init__"}, "properties": {"repobilityId": 34298, "scanner": "repobility-ast-engine", "fingerprint": "1114958c54bc6ee5be08f0d118576b371ec6818ba747d7cf1c3be6e2cc3bfab7", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|1114958c54bc6ee5be08f0d118576b371ec6818ba747d7cf1c3be6e2cc3bfab7"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "scripts/tests/test_build_website.py"}, "region": {"startLine": 352}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "`self._state` used but never assigned in __init__"}, "properties": {"repobilityId": 34297, "scanner": "repobility-ast-engine", "fingerprint": "510f5359465d3252a47a878928f05d5530ec054d1cd368f63f950ad3ad8fc483", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|510f5359465d3252a47a878928f05d5530ec054d1cd368f63f950ad3ad8fc483"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "scripts/tests/test_build_website.py"}, "region": {"startLine": 352}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "`self._config` used but never assigned in __init__"}, "properties": {"repobilityId": 34296, "scanner": "repobility-ast-engine", "fingerprint": "f525c5fa7ef19308969af9813333c8d7d85d1c232d22c5aad12196337815f8d5", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|f525c5fa7ef19308969af9813333c8d7d85d1c232d22c5aad12196337815f8d5"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "scripts/tests/test_build_website.py"}, "region": {"startLine": 332}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "`self._state` used but never assigned in __init__"}, "properties": {"repobilityId": 34295, "scanner": "repobility-ast-engine", "fingerprint": "11660242b0d2738db8d9905d9a99b0a33673c2313df6448f4f466fd6de33650e", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|11660242b0d2738db8d9905d9a99b0a33673c2313df6448f4f466fd6de33650e"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "scripts/tests/test_build_website.py"}, "region": {"startLine": 332}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "`self._config` used but never assigned in __init__"}, "properties": {"repobilityId": 34294, "scanner": "repobility-ast-engine", "fingerprint": "26c05a3a207cea6d7c7ee57e903239c5e5cf5c5ddcbdc8b4a19a7ea761eede2d", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|26c05a3a207cea6d7c7ee57e903239c5e5cf5c5ddcbdc8b4a19a7ea761eede2d"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "scripts/tests/test_build_website.py"}, "region": {"startLine": 313}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "`self._state` used but never assigned in __init__"}, "properties": {"repobilityId": 34293, "scanner": "repobility-ast-engine", "fingerprint": "4cb10b917465e718137bfaccd3f121a82c42bc0534a85363e8d21ec17d7ca04e", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|4cb10b917465e718137bfaccd3f121a82c42bc0534a85363e8d21ec17d7ca04e"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "scripts/tests/test_build_website.py"}, "region": {"startLine": 313}}}]}, {"ruleId": "MINED106", "level": "error", "message": {"text": "Phantom test coverage: test_download_rejects_non_http_scheme"}, "properties": {"repobilityId": 34292, "scanner": "repobility-ast-engine", "fingerprint": "e5b93e475e028f02efe1f67e73dd60674af1da4d73cb67109969d4cf677e4753", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "phantom-test-coverage", "owasp": null, "cwe_ids": ["CWE-1126"], "languages": ["python"], "observations_count": 982154}, "scanner": "repobility-ast-engine", "correlation_key": "fp|e5b93e475e028f02efe1f67e73dd60674af1da4d73cb67109969d4cf677e4753"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "scripts/tests/test_build_website.py"}, "region": {"startLine": 515}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "`self._make_renderer` used but never assigned in __init__"}, "properties": {"repobilityId": 34291, "scanner": "repobility-ast-engine", "fingerprint": "2f40f34dc2fb16d85b9a17021288c33302c3b285c1f605097bbf4b62d0752f56", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|2f40f34dc2fb16d85b9a17021288c33302c3b285c1f605097bbf4b62d0752f56"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "scripts/tests/test_build_epub.py"}, "region": {"startLine": 470}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "`self._make_renderer` used but never assigned in __init__"}, "properties": {"repobilityId": 34290, "scanner": "repobility-ast-engine", "fingerprint": "74a5011d9f104ecf7a1f53a69235f565452b6c2115b6acadf090c2c01040d862", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|74a5011d9f104ecf7a1f53a69235f565452b6c2115b6acadf090c2c01040d862"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "scripts/tests/test_build_epub.py"}, "region": {"startLine": 447}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "`self._make_renderer` used but never assigned in __init__"}, "properties": {"repobilityId": 34289, "scanner": "repobility-ast-engine", "fingerprint": "c3d3aa187cafafd145e0ce84623900fc8ee622061d5dba9aff60c887b14c6f17", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|c3d3aa187cafafd145e0ce84623900fc8ee622061d5dba9aff60c887b14c6f17"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "scripts/tests/test_build_epub.py"}, "region": {"startLine": 432}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "`self._make_renderer` used but never assigned in __init__"}, "properties": {"repobilityId": 34288, "scanner": "repobility-ast-engine", "fingerprint": "5cadf25ef7ef4dbfd99ad04e6cbf624db49889cbf66cce39d4b68d3bdcb8ba99", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|5cadf25ef7ef4dbfd99ad04e6cbf624db49889cbf66cce39d4b68d3bdcb8ba99"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "scripts/tests/test_build_epub.py"}, "region": {"startLine": 420}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "`self._make_renderer` used but never assigned in __init__"}, "properties": {"repobilityId": 34287, "scanner": "repobility-ast-engine", "fingerprint": "c04f6d0de80ac117eff2ee2ada70eeb275b0a09ca8c5648187bccfb74839a734", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|c04f6d0de80ac117eff2ee2ada70eeb275b0a09ca8c5648187bccfb74839a734"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "scripts/tests/test_build_epub.py"}, "region": {"startLine": 399}}}]}, {"ruleId": "MINED106", "level": "error", "message": {"text": "Phantom test coverage: test_render_all_timeout"}, "properties": {"repobilityId": 34286, "scanner": "repobility-ast-engine", "fingerprint": "09bab05efc3ddb5a8ca67fbc2079d9c55a4cda45314e0d50b006ab68590ea5b1", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "phantom-test-coverage", "owasp": null, "cwe_ids": ["CWE-1126"], "languages": ["python"], "observations_count": 982154}, "scanner": "repobility-ast-engine", "correlation_key": "fp|09bab05efc3ddb5a8ca67fbc2079d9c55a4cda45314e0d50b006ab68590ea5b1"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "scripts/tests/test_build_epub.py"}, "region": {"startLine": 464}}}]}, {"ruleId": "MINED106", "level": "error", "message": {"text": "Phantom test coverage: test_render_all_mmdc_failure"}, "properties": {"repobilityId": 34285, "scanner": "repobility-ast-engine", "fingerprint": "9804365b171afd9acdf9462113059db28f28fc06ea816aa7f8dfacdc2808c2a0", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "phantom-test-coverage", "owasp": null, "cwe_ids": ["CWE-1126"], "languages": ["python"], "observations_count": 982154}, "scanner": "repobility-ast-engine", "correlation_key": "fp|9804365b171afd9acdf9462113059db28f28fc06ea816aa7f8dfacdc2808c2a0"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "scripts/tests/test_build_epub.py"}, "region": {"startLine": 428}}}]}, {"ruleId": "MINED106", "level": "error", "message": {"text": "Phantom test coverage: test_render_all_mmdc_not_found"}, "properties": {"repobilityId": 34284, "scanner": "repobility-ast-engine", "fingerprint": "f68ef1a5b71fe07cf4e3bf24ed339b7fffb622464a5f901117215ff6482d03ad", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "phantom-test-coverage", "owasp": null, "cwe_ids": ["CWE-1126"], "languages": ["python"], "observations_count": 982154}, "scanner": "repobility-ast-engine", "correlation_key": "fp|f68ef1a5b71fe07cf4e3bf24ed339b7fffb622464a5f901117215ff6482d03ad"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "scripts/tests/test_build_epub.py"}, "region": {"startLine": 416}}}]}, {"ruleId": "MINED106", "level": "error", "message": {"text": "Phantom test coverage: test_missing_output_directory"}, "properties": {"repobilityId": 34283, "scanner": "repobility-ast-engine", "fingerprint": "c1c1eb42f936d3f1ef4cbf29b266ebc56193a1d9b3fd5d53e032417e6f2d8c7d", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "phantom-test-coverage", "owasp": null, "cwe_ids": ["CWE-1126"], "languages": ["python"], "observations_count": 982154}, "scanner": "repobility-ast-engine", "correlation_key": "fp|c1c1eb42f936d3f1ef4cbf29b266ebc56193a1d9b3fd5d53e032417e6f2d8c7d"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "scripts/tests/test_build_epub.py"}, "region": {"startLine": 155}}}]}, {"ruleId": "MINED106", "level": "error", "message": {"text": "Phantom test coverage: test_no_markdown_files"}, "properties": {"repobilityId": 34282, "scanner": "repobility-ast-engine", "fingerprint": "8622fc1db31bfad3f93479c2ee96f67d1a95c2d99b80d98ee868dd1192faf9f5", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "phantom-test-coverage", "owasp": null, "cwe_ids": ["CWE-1126"], "languages": ["python"], "observations_count": 982154}, "scanner": "repobility-ast-engine", "correlation_key": "fp|8622fc1db31bfad3f93479c2ee96f67d1a95c2d99b80d98ee868dd1192faf9f5"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "scripts/tests/test_build_epub.py"}, "region": {"startLine": 144}}}]}, {"ruleId": "MINED106", "level": "error", "message": {"text": "Phantom test coverage: test_root_path_is_file"}, "properties": {"repobilityId": 34281, "scanner": "repobility-ast-engine", "fingerprint": "82c849afd3d09d1eaca4f96fe949c7a0d7e6303298e5b03b8e40e387e888445f", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "phantom-test-coverage", "owasp": null, "cwe_ids": ["CWE-1126"], "languages": ["python"], "observations_count": 982154}, "scanner": "repobility-ast-engine", "correlation_key": "fp|82c849afd3d09d1eaca4f96fe949c7a0d7e6303298e5b03b8e40e387e888445f"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "scripts/tests/test_build_epub.py"}, "region": {"startLine": 133}}}]}, {"ruleId": "MINED106", "level": "error", "message": {"text": "Phantom test coverage: test_missing_root_path"}, "properties": {"repobilityId": 34280, "scanner": "repobility-ast-engine", "fingerprint": "eb949dd2cc7fdbfe6e5fb2f09f03ea3abe193c1decd86e31d426c70561ba8ea8", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "phantom-test-coverage", "owasp": null, "cwe_ids": ["CWE-1126"], "languages": ["python"], "observations_count": 982154}, "scanner": "repobility-ast-engine", "correlation_key": "fp|eb949dd2cc7fdbfe6e5fb2f09f03ea3abe193c1decd86e31d426c70561ba8ea8"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "scripts/tests/test_build_epub.py"}, "region": {"startLine": 124}}}]}, {"ruleId": "MINED106", "level": "error", "message": {"text": "Phantom test coverage: test_valid_inputs"}, "properties": {"repobilityId": 34279, "scanner": "repobility-ast-engine", "fingerprint": "94c455da79261ebcc5e01ebffc7867a23c93920c8a9e2aa64b0879da2972c731", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "phantom-test-coverage", "owasp": null, "cwe_ids": ["CWE-1126"], "languages": ["python"], "observations_count": 982154}, "scanner": "repobility-ast-engine", "correlation_key": "fp|94c455da79261ebcc5e01ebffc7867a23c93920c8a9e2aa64b0879da2972c731"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "scripts/tests/test_build_epub.py"}, "region": {"startLine": 119}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "`self._collect_folder` used but never assigned in __init__"}, "properties": {"repobilityId": 34278, "scanner": "repobility-ast-engine", "fingerprint": "46f930420f7610283b557bff64fe21404dcdd2b8e9eb7038721b0d7ab2ba7fe3", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|46f930420f7610283b557bff64fe21404dcdd2b8e9eb7038721b0d7ab2ba7fe3"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "scripts/build_epub.py"}, "region": {"startLine": 468}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "`self._render_one` used but never assigned in __init__"}, "properties": {"repobilityId": 34277, "scanner": "repobility-ast-engine", "fingerprint": "bc695c4d6471d5bfde1de3d7afad06ae15b42d84eef65a70280de381e425560f", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|bc695c4d6471d5bfde1de3d7afad06ae15b42d84eef65a70280de381e425560f"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "scripts/build_epub.py"}, "region": {"startLine": 345}}}]}, {"ruleId": "MINED108", "level": "error", "message": {"text": "`self._resolve_mmdc` used but never assigned in __init__"}, "properties": {"repobilityId": 34276, "scanner": "repobility-ast-engine", "fingerprint": "1fcc88c8e256fbca6ffe30d9d4c333f8088da4798e1f4d9c7f1fe94ffabf7f78", "category": "quality", "severity": "high", "confidence": 1.0, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"mined": true, "mining": {"slug": "self-attr-never-set", "owasp": null, "cwe_ids": ["CWE-476"], "languages": ["python"], "observations_count": 25998}, "scanner": "repobility-ast-engine", "correlation_key": "fp|1fcc88c8e256fbca6ffe30d9d4c333f8088da4798e1f4d9c7f1fe94ffabf7f78"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "scripts/build_epub.py"}, "region": {"startLine": 338}}}]}, {"ruleId": "curl-auth-header", "level": "error", "message": {"text": "Discovered a potential authorization token provided in a curl command header, which could compromise the curl accessed resource."}, "properties": {"repobilityId": 52204, "scanner": "gitleaks", "fingerprint": "f3ea4f708d75a2e34a45113bbe775bbc1f10b878ed478cf3b787e5e1cf135a30", "category": "credential_exposure", "severity": "critical", "confidence": 0.95, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"match": "curl -X GET \"https://api.example.com/api/v1/users/usr_123\" \\\n  -H \"Authorization: Bearer <redacted>\"", "rule_id": "curl-auth-header", "scanner": "gitleaks", "detector": "curl-auth-header", "correlation_key": "secret|uk/claude_concepts_guide.md|204|curl -x get token -h authorization: bearer redacted"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "uk/claude_concepts_guide.md"}, "region": {"startLine": 2041}}}]}, {"ruleId": "curl-auth-header", "level": "error", "message": {"text": "Discovered a potential authorization token provided in a curl command header, which could compromise the curl accessed resource."}, "properties": {"repobilityId": 52203, "scanner": "gitleaks", "fingerprint": "08c02989b15283f81fef6cdd4ccbd20eab665527512cf9436b4307d9a05e5fe7", "category": "credential_exposure", "severity": "critical", "confidence": 0.95, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"match": "curl -X GET \"https://api.example.com/api/v1/users/usr_123\" \\\n  -H \"Authorization: Bearer <redacted>\"", "rule_id": "curl-auth-header", "scanner": "gitleaks", "detector": "curl-auth-header", "correlation_key": "secret|ja/claude_concepts_guide.md|204|curl -x get token -h authorization: bearer redacted"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "ja/claude_concepts_guide.md"}, "region": {"startLine": 2046}}}]}, {"ruleId": "curl-auth-header", "level": "error", "message": {"text": "Discovered a potential authorization token provided in a curl command header, which could compromise the curl accessed resource."}, "properties": {"repobilityId": 52202, "scanner": "gitleaks", "fingerprint": "b70e1c8609858e2758796374bc1a6daff34ed4b4ffee553abe3e32ec9aeaa384", "category": "credential_exposure", "severity": "critical", "confidence": 0.95, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"match": "curl -X GET \"https://api.example.com/api/v1/users/usr_123\" \\\n  -H \"Authorization: Bearer <redacted>\"", "rule_id": "curl-auth-header", "scanner": "gitleaks", "detector": "curl-auth-header", "correlation_key": "secret|claude_concepts_guide.md|204|curl -x get token -h authorization: bearer redacted"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "claude_concepts_guide.md"}, "region": {"startLine": 2041}}}]}, {"ruleId": "generic-api-key", "level": "error", "message": {"text": "Detected a Generic API Key, potentially exposing access to various services and sensitive operations."}, "properties": {"repobilityId": 52201, "scanner": "gitleaks", "fingerprint": "27ab99b1193435b4f75f6b4407816a27e3889271ad7029172f334f5f4bf2798c", "category": "credential_exposure", "severity": "critical", "confidence": 0.95, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"match": "api_key = \"<redacted>\"", "rule_id": "generic-api-key", "scanner": "gitleaks", "detector": "generic-api-key", "correlation_key": "secret|zh/security.md|24|api_key redacted"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "zh/SECURITY.md"}, "region": {"startLine": 243}}}]}, {"ruleId": "generic-api-key", "level": "error", "message": {"text": "Detected a Generic API Key, potentially exposing access to various services and sensitive operations."}, "properties": {"repobilityId": 52200, "scanner": "gitleaks", "fingerprint": "d57b56f8f9cecf2da31f77463911be8ad1f9b627d8f0c126e5dd734e59198afa", "category": "credential_exposure", "severity": "critical", "confidence": 0.95, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"match": "api_key = \"<redacted>\"", "rule_id": "generic-api-key", "scanner": "gitleaks", "detector": "generic-api-key", "correlation_key": "secret|uk/security.md|24|api_key redacted"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "uk/SECURITY.md"}, "region": {"startLine": 247}}}]}, {"ruleId": "curl-auth-header", "level": "error", "message": {"text": "Discovered a potential authorization token provided in a curl command header, which could compromise the curl accessed resource."}, "properties": {"repobilityId": 52199, "scanner": "gitleaks", "fingerprint": "33eff50d54180f0dbac84e108fc9d1a41c2c651b1fa749a50cce454fc09b4c8c", "category": "credential_exposure", "severity": "critical", "confidence": 0.95, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"match": "curl -X GET \"https://api.example.com/api/v1/endpoint\" \\\n  -H \"Authorization: Bearer <redacted>\"", "rule_id": "curl-auth-header", "scanner": "gitleaks", "detector": "curl-auth-header", "correlation_key": "secret|token|7|curl -x get token -h authorization: bearer redacted"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "ja/07-plugins/documentation/templates/api-endpoint.md"}, "region": {"startLine": 72}}}]}, {"ruleId": "generic-api-key", "level": "error", "message": {"text": "Detected a Generic API Key, potentially exposing access to various services and sensitive operations."}, "properties": {"repobilityId": 52198, "scanner": "gitleaks", "fingerprint": "a54a542174a0316a011af55f1cc148b9a85fcc10d2d695edb09982574561d507", "category": "credential_exposure", "severity": "critical", "confidence": 0.95, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"match": "api_key = \"<redacted>\"", "rule_id": "generic-api-key", "scanner": "gitleaks", "detector": "generic-api-key", "correlation_key": "secret|security.md|24|api_key redacted"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "SECURITY.md"}, "region": {"startLine": 243}}}]}, {"ruleId": "generic-api-key", "level": "error", "message": {"text": "Detected a Generic API Key, potentially exposing access to various services and sensitive operations."}, "properties": {"repobilityId": 52197, "scanner": "gitleaks", "fingerprint": "045b604b932aebdd0e1161230e4c3f16f76a840cd88885fe71b04590b1314cb0", "category": "credential_exposure", "severity": "critical", "confidence": 0.95, "triageState": "open", "verdict": "", "isResolved": false, "reason": "", "evidence": {"match": "api_key = \"<redacted>\"", "rule_id": "generic-api-key", "scanner": "gitleaks", "detector": "generic-api-key", "correlation_key": "secret|ja/security.md|24|api_key redacted"}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "ja/SECURITY.md"}, "region": {"startLine": 247}}}]}, {"ruleId": "curl-auth-header", "level": "error", "message": {"text": "Discovered a potential authorization token provided in a curl command header, which could compromise the curl accessed resource."}, "properties": {"repobilityId": 52196, "scanner": "gitleaks", "fingerprint": "36520fb89e71c210717de385eccbecc6fa7dc62afe4ce5f67b933b9fb196f8f4", "category": "credential_exposure", "severity": "critical", "confidence": 0.95, "triageState": "open", "verdict": "", "isResolved": false, "reason": "Collapsed 2 duplicate scanner signal(s) for the same underlying issue.", "evidence": {"match": "curl -X GET \"https://api.example.com/api/v1/users/usr_123\" \\\n  -H \"Authorization: Bearer <redacted>\"", "rule_id": "curl-auth-header", "scanner": "gitleaks", "detector": "curl-auth-header", "correlation_key": "secret|token|5|curl -x get token -h authorization: bearer redacted", "duplicate_count": 2, "duplicate_rule_ids": ["curl-auth-header"], "duplicate_scanners": ["gitleaks"], "duplicate_fingerprints": ["07279fe32c27e8b60c16712a74582070382100d370d43e673f991f89a7ce6759", "36520fb89e71c210717de385eccbecc6fa7dc62afe4ce5f67b933b9fb196f8f4", "3e89c085ef86cb813d6d11b53c0c92250298c8f1aba53be2ef941481eeb78838"]}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "03-skills/doc-generator/SKILL.md"}, "region": {"startLine": 57}}}]}, {"ruleId": "curl-auth-header", "level": "error", "message": {"text": "Discovered a potential authorization token provided in a curl command header, which could compromise the curl accessed resource."}, "properties": {"repobilityId": 52195, "scanner": "gitleaks", "fingerprint": "ca0d300f490dd083835a09e5f923dfa3476beb164b089c1ee3fbe7e14c9d43e3", "category": "credential_exposure", "severity": "critical", "confidence": 0.95, "triageState": "open", "verdict": "", "isResolved": false, "reason": "Collapsed 4 duplicate scanner signal(s) for the same underlying issue.", "evidence": {"match": "curl -X GET \"https://api.example.com/api/v1/endpoint\" \\\n  -H \"Authorization: Bearer <redacted>\"", "rule_id": "curl-auth-header", "scanner": "gitleaks", "detector": "curl-auth-header", "correlation_key": "secret|token|6|curl -x get token -h authorization: bearer redacted", "duplicate_count": 4, "duplicate_rule_ids": ["curl-auth-header"], "duplicate_scanners": ["gitleaks"], "duplicate_fingerprints": ["35eb9bde2957a9f401450419d11569e9d71e316e97feefe93ad10b3d2bcfd081", "a6fc15976e7cf3bfa1e5a83388ffafeebe32b3be390c40085d414609967faea0", "ca0d300f490dd083835a09e5f923dfa3476beb164b089c1ee3fbe7e14c9d43e3", "d63fae52a5c0a610af4d5e9190b636cf9ad0aff1021a9346749db0180bb06b09", "df9307d5b0c0c3f448e780008cd7a1c0487d8ceefc5109ad4a0bde081a37a170"]}}, "locations": [{"physicalLocation": {"artifactLocation": {"uri": "07-plugins/documentation/templates/api-endpoint.md"}, "region": {"startLine": 68}}}]}]}]}