Public scan — anyone with this URL can view this analysis. Sign up to track your own repos privately, run scheduled re-scans, and get AI fix prompts via your dashboard.
Sign up free Scan another repo

claude-code-templates

https://github.com/davila7/claude-code-templates.git · scanned 2026-05-17 03:09 UTC (13 hours, 10 minutes ago) · 10 languages

903 findings (15 legacy + 888 scanner) 8/10 scanners ran 68th percentile · Python · small (2-20K LoC) Scanner says 50 (higher by 28)

File as issue Image
UNIFIED Repobility · multi-layer engine · AI coders

Complete repo analysis

Last scanned 13 hours, 10 minutes ago · v2 · 459 findings from 2 sources. Findings combine the legacy security pipeline AND the multi-layer engine (atlas, wiring, flows, ranked) AND verified AI agent contributions.

JSON
Combined
64.4
/100
Repobility
79
15 legacy
9-layer
50
100.0% cov · 444 gaps
Critical
10
click to filter
Agents
6
0 votes
Crowd
0
reported
Severity distribution — click a segment to filter
Active filters: layer: quality × excluding tests × Reset all
Severity: Critical 10 High 49 Medium 101 Low 268 Source: Legacy 15 9-layer 444 Crowd 0 Layer: Quality 144 Security 37 Software 77 Frontend 93 Network 10 Hardware 1 Cicd 20 Api 77
Scan summary Repository scanned at 49.5/100 with 100.0% coverage. It contains 13159 nodes across 30 cross-layer flows, written primarily in mixed languages. Engine surfaced 444 findings — concentrated in quality (134), frontend (93), api (77). Risk profile is high: 10 critical, 44 high, 98 medium. Recommended next step: open the quality layer findings first — that's where the highest-impact wins live.

Showing 144 of 459 findings. Click TP / FP to vote on a finding's accuracy — votes adjust the confidence weighting and improve detection across the platform.

medium Legacy quality practices conf 1.00 [CFG006] Missing .gitignore: No .gitignore file. Risk of committing secrets and build artifacts.
Add a .gitignore appropriate for your language/framework.
practiceslegacy
high Legacy quality error_handling conf 1.00 [ERR001] Silent Exception Swallowing: Silently swallowing all exceptions hides bugs. Even in cleanup code, log at DEBUG level.
Log the error: `except Exception: logger.debug('cleanup failed', exc_info=True)`. Or handle specific exception types.
cli-tool/components/hooks/monitoring/context-timeline.py:171 error_handlinglegacy
high Legacy quality error_handling conf 1.00 [ERR001] Silent Exception Swallowing: Silently swallowing all exceptions hides bugs. Even in cleanup code, log at DEBUG level.
Log the error: `except Exception: logger.debug('cleanup failed', exc_info=True)`. Or handle specific exception types.
cli-tool/components/agents/obsidian-ops-team/Scripts/daily_notes_connector.py:264 error_handlinglegacy
medium Legacy quality quality conf 0.78 Public web service has no security.txt
Add /.well-known/security.txt with Contact, Expires, Canonical, Preferred-Languages, and Policy fields. Keep the contact endpoint monitored.
.well-known/security.txt qualitylegacy
medium 9-layer quality integrity conf 1.00 `fetch()` without try/.catch or AbortSignal — cli-tool/components/sandbox/cloudflare/launcher.ts:330
Bare `fetch(...)` will throw an unhandled rejection on network failure. Wrap in try/catch, attach a `.catch(...)`, or pass an AbortSignal with a timeout.
integrityfragile-runtimerobustness
medium 9-layer quality integrity conf 1.00 `fetch()` without try/.catch or AbortSignal — cli-tool/components/sandbox/cloudflare/src/index.ts:33
Bare `fetch(...)` will throw an unhandled rejection on network failure. Wrap in try/catch, attach a `.catch(...)`, or pass an AbortSignal with a timeout.
integrityfragile-runtimerobustness
medium 9-layer quality integrity conf 1.00 `fetch()` without try/.catch or AbortSignal — cli-tool/components/skills/ai-research/loki-mode/examples/todo-app-generated/frontend/src/api/todos.ts:15
Bare `fetch(...)` will throw an unhandled rejection on network failure. Wrap in try/catch, attach a `.catch(...)`, or pass an AbortSignal with a timeout.
integrityfragile-runtimerobustness
medium 9-layer quality integrity conf 1.00 `fetch()` without try/.catch or AbortSignal — cli-tool/src/index.js:530
Bare `fetch(...)` will throw an unhandled rejection on network failure. Wrap in try/catch, attach a `.catch(...)`, or pass an AbortSignal with a timeout.
integrityfragile-runtimerobustness
medium 9-layer quality integrity conf 1.00 `fetch()` without try/.catch or AbortSignal — cli-tool/src/sdk/global-agent-manager.js:63
Bare `fetch(...)` will throw an unhandled rejection on network failure. Wrap in try/catch, attach a `.catch(...)`, or pass an AbortSignal with a timeout.
integrityfragile-runtimerobustness
medium 9-layer quality integrity conf 1.00 `fetch()` without try/.catch or AbortSignal — cli-tool/src/tracking-service.js:132
Bare `fetch(...)` will throw an unhandled rejection on network failure. Wrap in try/catch, attach a `.catch(...)`, or pass an AbortSignal with a timeout.
integrityfragile-runtimerobustness
medium 9-layer quality integrity conf 1.00 `fetch()` without try/.catch or AbortSignal — cloudflare-workers/crons/index.js:24
Bare `fetch(...)` will throw an unhandled rejection on network failure. Wrap in try/catch, attach a `.catch(...)`, or pass an AbortSignal with a timeout.
integrityfragile-runtimerobustness
medium 9-layer quality integrity conf 1.00 `fetch()` without try/.catch or AbortSignal — cloudflare-workers/docs-monitor/index.js:91
Bare `fetch(...)` will throw an unhandled rejection on network failure. Wrap in try/catch, attach a `.catch(...)`, or pass an AbortSignal with a timeout.
integrityfragile-runtimerobustness
medium 9-layer quality integrity conf 1.00 `fetch()` without try/.catch or AbortSignal — cloudflare-workers/pulse/index.js:28
Bare `fetch(...)` will throw an unhandled rejection on network failure. Wrap in try/catch, attach a `.catch(...)`, or pass an AbortSignal with a timeout.
integrityfragile-runtimerobustness
medium 9-layer quality integrity conf 1.00 `fetch()` without try/.catch or AbortSignal — dashboard/src/components/live-task/LiveTaskPanel.tsx:112
Bare `fetch(...)` will throw an unhandled rejection on network failure. Wrap in try/catch, attach a `.catch(...)`, or pass an AbortSignal with a timeout.
integrityfragile-runtimerobustness
medium 9-layer quality integrity conf 1.00 `fetch()` without try/.catch or AbortSignal — dashboard/src/lib/github-api.ts:32
Bare `fetch(...)` will throw an unhandled rejection on network failure. Wrap in try/catch, attach a `.catch(...)`, or pass an AbortSignal with a timeout.
integrityfragile-runtimerobustness
medium 9-layer quality integrity conf 1.00 `fetch()` without try/.catch or AbortSignal — dashboard/src/pages/api/claude-code-check.ts:10
Bare `fetch(...)` will throw an unhandled rejection on network failure. Wrap in try/catch, attach a `.catch(...)`, or pass an AbortSignal with a timeout.
integrityfragile-runtimerobustness
medium 9-layer quality integrity conf 1.00 `fetch()` without try/.catch or AbortSignal — dashboard/src/pages/api/discord/interactions.ts:29
Bare `fetch(...)` will throw an unhandled rejection on network failure. Wrap in try/catch, attach a `.catch(...)`, or pass an AbortSignal with a timeout.
integrityfragile-runtimerobustness
medium 9-layer quality integrity conf 1.00 `fetch()` without try/.catch or AbortSignal — docs/js/component-page.js:514
Bare `fetch(...)` will throw an unhandled rejection on network failure. Wrap in try/catch, attach a `.catch(...)`, or pass an AbortSignal with a timeout.
integrityfragile-runtimerobustness
medium 9-layer quality integrity conf 1.00 `fetch()` without try/.catch or AbortSignal — docs/js/data-loader.js:37
Bare `fetch(...)` will throw an unhandled rejection on network failure. Wrap in try/catch, attach a `.catch(...)`, or pass an AbortSignal with a timeout.
integrityfragile-runtimerobustness
medium 9-layer quality integrity conf 1.00 `fetch()` without try/.catch or AbortSignal — docs/js/index-events.js:1150
Bare `fetch(...)` will throw an unhandled rejection on network failure. Wrap in try/catch, attach a `.catch(...)`, or pass an AbortSignal with a timeout.
integrityfragile-runtimerobustness
medium 9-layer quality integrity conf 1.00 `fetch()` without try/.catch or AbortSignal — docs/js/script.js:48
Bare `fetch(...)` will throw an unhandled rejection on network failure. Wrap in try/catch, attach a `.catch(...)`, or pass an AbortSignal with a timeout.
integrityfragile-runtimerobustness
medium 9-layer quality integrity conf 1.00 `fetch()` without try/.catch or AbortSignal — docs/js/search-functionality.js:172
Bare `fetch(...)` will throw an unhandled rejection on network failure. Wrap in try/catch, attach a `.catch(...)`, or pass an AbortSignal with a timeout.
integrityfragile-runtimerobustness
medium 9-layer quality integrity conf 1.00 Network/subprocess call without timeout or try/except — cli-tool/components/hooks/monitoring/context-timeline.py:1109
`subprocess.Popen(...)` here lacks both a `timeout=` arg and an enclosing try/except. This is exactly the class of bug that took down our git-clone earlier (HTTP/2 stream cancel surfaced as a fatal). Add a `timeout=` and wrap in try/except, or use a wrapper that retries.
integrityfragile-runtimerobustness
medium 9-layer quality integrity conf 1.00 Network/subprocess call without timeout or try/except — cli-tool/components/hooks/security/secret-scanner.py:320
`subprocess.run(...)` here lacks both a `timeout=` arg and an enclosing try/except. This is exactly the class of bug that took down our git-clone earlier (HTTP/2 stream cancel surfaced as a fatal). Add a `timeout=` and wrap in try/except, or use a wrapper that retries.
integrityfragile-runtimerobustness
medium 9-layer quality integrity conf 1.00 Network/subprocess call without timeout or try/except — cli-tool/components/sandbox/e2b/e2b-launcher.py:37
`subprocess.run(...)` here lacks both a `timeout=` arg and an enclosing try/except. This is exactly the class of bug that took down our git-clone earlier (HTTP/2 stream cancel surfaced as a fatal). Add a `timeout=` and wrap in try/except, or use a wrapper that retries.
integrityfragile-runtimerobustness
medium 9-layer quality integrity conf 1.00 Network/subprocess call without timeout or try/except — cli-tool/components/settings/statusline/context-monitor.py:24
`subprocess.check_output(...)` here lacks both a `timeout=` arg and an enclosing try/except. This is exactly the class of bug that took down our git-clone earlier (HTTP/2 stream cancel surfaced as a fatal). Add a `timeout=` and wrap in try/except, or use a wrapper that retries.
integrityfragile-runtimerobustness
medium 9-layer quality integrity conf 1.00 Network/subprocess call without timeout or try/except — cli-tool/components/settings/statusline/deadline-countdown.py:35
`subprocess.check_output(...)` here lacks both a `timeout=` arg and an enclosing try/except. This is exactly the class of bug that took down our git-clone earlier (HTTP/2 stream cancel surfaced as a fatal). Add a `timeout=` and wrap in try/except, or use a wrapper that retries.
integrityfragile-runtimerobustness
medium 9-layer quality integrity conf 1.00 Network/subprocess call without timeout or try/except — cli-tool/components/skills/development/skill-creator/scripts/run_eval.py:85
`subprocess.Popen(...)` here lacks both a `timeout=` arg and an enclosing try/except. This is exactly the class of bug that took down our git-clone earlier (HTTP/2 stream cancel surfaced as a fatal). Add a `timeout=` and wrap in try/except, or use a wrapper that retries.
integrityfragile-runtimerobustness
medium 9-layer quality integrity conf 1.00 Network/subprocess call without timeout or try/except — cli-tool/components/skills/development/skill-development/scripts/run_eval.py:85
`subprocess.Popen(...)` here lacks both a `timeout=` arg and an enclosing try/except. This is exactly the class of bug that took down our git-clone earlier (HTTP/2 stream cancel surfaced as a fatal). Add a `timeout=` and wrap in try/except, or use a wrapper that retries.
integrityfragile-runtimerobustness
medium 9-layer quality integrity conf 1.00 Network/subprocess call without timeout or try/except — cli-tool/components/skills/document-processing/doc/scripts/render_docx.py:101
`subprocess.run(...)` here lacks both a `timeout=` arg and an enclosing try/except. This is exactly the class of bug that took down our git-clone earlier (HTTP/2 stream cancel surfaced as a fatal). Add a `timeout=` and wrap in try/except, or use a wrapper that retries.
integrityfragile-runtimerobustness
medium 9-layer quality integrity conf 1.00 Network/subprocess call without timeout or try/except — cli-tool/components/skills/document-processing/docx-official/scripts/office/soffice.py:14
`subprocess.run(...)` here lacks both a `timeout=` arg and an enclosing try/except. This is exactly the class of bug that took down our git-clone earlier (HTTP/2 stream cancel surfaced as a fatal). Add a `timeout=` and wrap in try/except, or use a wrapper that retries.
integrityfragile-runtimerobustness
medium 9-layer quality integrity conf 1.00 Network/subprocess call without timeout or try/except — cli-tool/components/skills/document-processing/docx-official/scripts/office/validators/redlining.py:138
`subprocess.run(...)` here lacks both a `timeout=` arg and an enclosing try/except. This is exactly the class of bug that took down our git-clone earlier (HTTP/2 stream cancel surfaced as a fatal). Add a `timeout=` and wrap in try/except, or use a wrapper that retries.
integrityfragile-runtimerobustness
medium 9-layer quality integrity conf 1.00 Network/subprocess call without timeout or try/except — cli-tool/components/skills/document-processing/docx/ooxml/scripts/validation/redlining.py:153
`subprocess.run(...)` here lacks both a `timeout=` arg and an enclosing try/except. This is exactly the class of bug that took down our git-clone earlier (HTTP/2 stream cancel surfaced as a fatal). Add a `timeout=` and wrap in try/except, or use a wrapper that retries.
integrityfragile-runtimerobustness
medium 9-layer quality integrity conf 1.00 Network/subprocess call without timeout or try/except — cli-tool/components/skills/document-processing/docx/scripts/office/soffice.py:14
`subprocess.run(...)` here lacks both a `timeout=` arg and an enclosing try/except. This is exactly the class of bug that took down our git-clone earlier (HTTP/2 stream cancel surfaced as a fatal). Add a `timeout=` and wrap in try/except, or use a wrapper that retries.
integrityfragile-runtimerobustness
medium 9-layer quality integrity conf 1.00 Network/subprocess call without timeout or try/except — cli-tool/components/skills/document-processing/docx/scripts/office/validators/redlining.py:138
`subprocess.run(...)` here lacks both a `timeout=` arg and an enclosing try/except. This is exactly the class of bug that took down our git-clone earlier (HTTP/2 stream cancel surfaced as a fatal). Add a `timeout=` and wrap in try/except, or use a wrapper that retries.
integrityfragile-runtimerobustness
medium 9-layer quality integrity conf 1.00 Network/subprocess call without timeout or try/except — cli-tool/components/skills/document-processing/pptx-official/scripts/office/soffice.py:14
`subprocess.run(...)` here lacks both a `timeout=` arg and an enclosing try/except. This is exactly the class of bug that took down our git-clone earlier (HTTP/2 stream cancel surfaced as a fatal). Add a `timeout=` and wrap in try/except, or use a wrapper that retries.
integrityfragile-runtimerobustness
medium 9-layer quality integrity conf 1.00 Network/subprocess call without timeout or try/except — cli-tool/components/skills/document-processing/pptx-official/scripts/office/validators/redlining.py:138
`subprocess.run(...)` here lacks both a `timeout=` arg and an enclosing try/except. This is exactly the class of bug that took down our git-clone earlier (HTTP/2 stream cancel surfaced as a fatal). Add a `timeout=` and wrap in try/except, or use a wrapper that retries.
integrityfragile-runtimerobustness
medium 9-layer quality integrity conf 1.00 Network/subprocess call without timeout or try/except — cli-tool/components/skills/document-processing/pptx-official/scripts/thumbnail.py:161
`subprocess.run(...)` here lacks both a `timeout=` arg and an enclosing try/except. This is exactly the class of bug that took down our git-clone earlier (HTTP/2 stream cancel surfaced as a fatal). Add a `timeout=` and wrap in try/except, or use a wrapper that retries.
integrityfragile-runtimerobustness
medium 9-layer quality integrity conf 1.00 Network/subprocess call without timeout or try/except — cli-tool/components/skills/document-processing/pptx/ooxml/scripts/validation/redlining.py:153
`subprocess.run(...)` here lacks both a `timeout=` arg and an enclosing try/except. This is exactly the class of bug that took down our git-clone earlier (HTTP/2 stream cancel surfaced as a fatal). Add a `timeout=` and wrap in try/except, or use a wrapper that retries.
integrityfragile-runtimerobustness
medium 9-layer quality integrity conf 1.00 Network/subprocess call without timeout or try/except — cli-tool/components/skills/document-processing/pptx/scripts/office/soffice.py:14
`subprocess.run(...)` here lacks both a `timeout=` arg and an enclosing try/except. This is exactly the class of bug that took down our git-clone earlier (HTTP/2 stream cancel surfaced as a fatal). Add a `timeout=` and wrap in try/except, or use a wrapper that retries.
integrityfragile-runtimerobustness
medium 9-layer quality integrity conf 1.00 Network/subprocess call without timeout or try/except — cli-tool/components/skills/document-processing/pptx/scripts/office/validators/redlining.py:138
`subprocess.run(...)` here lacks both a `timeout=` arg and an enclosing try/except. This is exactly the class of bug that took down our git-clone earlier (HTTP/2 stream cancel surfaced as a fatal). Add a `timeout=` and wrap in try/except, or use a wrapper that retries.
integrityfragile-runtimerobustness
medium 9-layer quality integrity conf 1.00 Network/subprocess call without timeout or try/except — cli-tool/components/skills/document-processing/pptx/scripts/thumbnail.py:161
`subprocess.run(...)` here lacks both a `timeout=` arg and an enclosing try/except. This is exactly the class of bug that took down our git-clone earlier (HTTP/2 stream cancel surfaced as a fatal). Add a `timeout=` and wrap in try/except, or use a wrapper that retries.
integrityfragile-runtimerobustness
medium 9-layer quality integrity conf 1.00 Network/subprocess call without timeout or try/except — cli-tool/components/skills/document-processing/xlsx-official/recalc.py:92
`subprocess.run(...)` here lacks both a `timeout=` arg and an enclosing try/except. This is exactly the class of bug that took down our git-clone earlier (HTTP/2 stream cancel surfaced as a fatal). Add a `timeout=` and wrap in try/except, or use a wrapper that retries.
integrityfragile-runtimerobustness
medium 9-layer quality integrity conf 1.00 Network/subprocess call without timeout or try/except — cli-tool/components/skills/document-processing/xlsx-official/scripts/office/soffice.py:14
`subprocess.run(...)` here lacks both a `timeout=` arg and an enclosing try/except. This is exactly the class of bug that took down our git-clone earlier (HTTP/2 stream cancel surfaced as a fatal). Add a `timeout=` and wrap in try/except, or use a wrapper that retries.
integrityfragile-runtimerobustness
medium 9-layer quality integrity conf 1.00 Network/subprocess call without timeout or try/except — cli-tool/components/skills/document-processing/xlsx-official/scripts/office/validators/redlining.py:138
`subprocess.run(...)` here lacks both a `timeout=` arg and an enclosing try/except. This is exactly the class of bug that took down our git-clone earlier (HTTP/2 stream cancel surfaced as a fatal). Add a `timeout=` and wrap in try/except, or use a wrapper that retries.
integrityfragile-runtimerobustness
medium 9-layer quality integrity conf 1.00 Network/subprocess call without timeout or try/except — cli-tool/components/skills/document-processing/xlsx-official/scripts/recalc.py:92
`subprocess.run(...)` here lacks both a `timeout=` arg and an enclosing try/except. This is exactly the class of bug that took down our git-clone earlier (HTTP/2 stream cancel surfaced as a fatal). Add a `timeout=` and wrap in try/except, or use a wrapper that retries.
integrityfragile-runtimerobustness
medium 9-layer quality integrity conf 1.00 Network/subprocess call without timeout or try/except — cli-tool/components/skills/document-processing/xlsx/recalc.py:92
`subprocess.run(...)` here lacks both a `timeout=` arg and an enclosing try/except. This is exactly the class of bug that took down our git-clone earlier (HTTP/2 stream cancel surfaced as a fatal). Add a `timeout=` and wrap in try/except, or use a wrapper that retries.
integrityfragile-runtimerobustness
medium 9-layer quality integrity conf 1.00 Network/subprocess call without timeout or try/except — cli-tool/components/skills/document-processing/xlsx/scripts/office/soffice.py:14
`subprocess.run(...)` here lacks both a `timeout=` arg and an enclosing try/except. This is exactly the class of bug that took down our git-clone earlier (HTTP/2 stream cancel surfaced as a fatal). Add a `timeout=` and wrap in try/except, or use a wrapper that retries.
integrityfragile-runtimerobustness
medium 9-layer quality integrity conf 1.00 Network/subprocess call without timeout or try/except — cli-tool/components/skills/document-processing/xlsx/scripts/office/validators/redlining.py:138
`subprocess.run(...)` here lacks both a `timeout=` arg and an enclosing try/except. This is exactly the class of bug that took down our git-clone earlier (HTTP/2 stream cancel surfaced as a fatal). Add a `timeout=` and wrap in try/except, or use a wrapper that retries.
integrityfragile-runtimerobustness
medium 9-layer quality integrity conf 1.00 Network/subprocess call without timeout or try/except — cli-tool/components/skills/document-processing/xlsx/scripts/recalc.py:92
`subprocess.run(...)` here lacks both a `timeout=` arg and an enclosing try/except. This is exactly the class of bug that took down our git-clone earlier (HTTP/2 stream cancel surfaced as a fatal). Add a `timeout=` and wrap in try/except, or use a wrapper that retries.
integrityfragile-runtimerobustness
medium 9-layer quality integrity conf 1.00 Network/subprocess call without timeout or try/except — cli-tool/components/skills/media/screenshot/scripts/take_screenshot.py:237
`subprocess.run(...)` here lacks both a `timeout=` arg and an enclosing try/except. This is exactly the class of bug that took down our git-clone earlier (HTTP/2 stream cancel surfaced as a fatal). Add a `timeout=` and wrap in try/except, or use a wrapper that retries.
integrityfragile-runtimerobustness
medium 9-layer quality integrity conf 1.00 Network/subprocess call without timeout or try/except — cli-tool/components/skills/productivity/notebooklm/scripts/__init__.py:53
`subprocess.run(...)` here lacks both a `timeout=` arg and an enclosing try/except. This is exactly the class of bug that took down our git-clone earlier (HTTP/2 stream cancel surfaced as a fatal). Add a `timeout=` and wrap in try/except, or use a wrapper that retries.
integrityfragile-runtimerobustness
medium 9-layer quality integrity conf 1.00 Network/subprocess call without timeout or try/except — cli-tool/components/skills/productivity/notebooklm/scripts/run.py:38
`subprocess.run(...)` here lacks both a `timeout=` arg and an enclosing try/except. This is exactly the class of bug that took down our git-clone earlier (HTTP/2 stream cancel surfaced as a fatal). Add a `timeout=` and wrap in try/except, or use a wrapper that retries.
integrityfragile-runtimerobustness
medium 9-layer quality integrity conf 1.00 Network/subprocess call without timeout or try/except — cli-tool/components/skills/productivity/notebooklm/scripts/setup_environment.py:62
`subprocess.run(...)` here lacks both a `timeout=` arg and an enclosing try/except. This is exactly the class of bug that took down our git-clone earlier (HTTP/2 stream cancel surfaced as a fatal). Add a `timeout=` and wrap in try/except, or use a wrapper that retries.
integrityfragile-runtimerobustness
medium 9-layer quality integrity conf 1.00 Network/subprocess call without timeout or try/except — cli-tool/components/skills/productivity/skill-creator/scripts/run_eval.py:85
`subprocess.Popen(...)` here lacks both a `timeout=` arg and an enclosing try/except. This is exactly the class of bug that took down our git-clone earlier (HTTP/2 stream cancel surfaced as a fatal). Add a `timeout=` and wrap in try/except, or use a wrapper that retries.
integrityfragile-runtimerobustness
medium 9-layer quality integrity conf 1.00 Network/subprocess call without timeout or try/except — cli-tool/components/skills/scientific/biomni/scripts/setup_environment.py:47
`subprocess.run(...)` here lacks both a `timeout=` arg and an enclosing try/except. This is exactly the class of bug that took down our git-clone earlier (HTTP/2 stream cancel surfaced as a fatal). Add a `timeout=` and wrap in try/except, or use a wrapper that retries.
integrityfragile-runtimerobustness
medium 9-layer quality integrity conf 1.00 Network/subprocess call without timeout or try/except — cli-tool/components/skills/scientific/clinicaltrials-database/scripts/query_clinicaltrials.py:87
`requests.get(...)` here lacks both a `timeout=` arg and an enclosing try/except. This is exactly the class of bug that took down our git-clone earlier (HTTP/2 stream cancel surfaced as a fatal). Add a `timeout=` and wrap in try/except, or use a wrapper that retries.
integrityfragile-runtimerobustness
medium 9-layer quality integrity conf 1.00 Network/subprocess call without timeout or try/except — cli-tool/components/skills/scientific/clinpgx-database/scripts/query_clinpgx.py:36
`requests.get(...)` here lacks both a `timeout=` arg and an enclosing try/except. This is exactly the class of bug that took down our git-clone earlier (HTTP/2 stream cancel surfaced as a fatal). Add a `timeout=` and wrap in try/except, or use a wrapper that retries.
integrityfragile-runtimerobustness
medium 9-layer quality integrity conf 1.00 Network/subprocess call without timeout or try/except — cli-tool/components/skills/scientific/document-skills/docx/ooxml/scripts/validation/redlining.py:153
`subprocess.run(...)` here lacks both a `timeout=` arg and an enclosing try/except. This is exactly the class of bug that took down our git-clone earlier (HTTP/2 stream cancel surfaced as a fatal). Add a `timeout=` and wrap in try/except, or use a wrapper that retries.
integrityfragile-runtimerobustness
medium 9-layer quality integrity conf 1.00 Network/subprocess call without timeout or try/except — cli-tool/components/skills/scientific/document-skills/pptx/ooxml/scripts/validation/redlining.py:153
`subprocess.run(...)` here lacks both a `timeout=` arg and an enclosing try/except. This is exactly the class of bug that took down our git-clone earlier (HTTP/2 stream cancel surfaced as a fatal). Add a `timeout=` and wrap in try/except, or use a wrapper that retries.
integrityfragile-runtimerobustness
medium 9-layer quality integrity conf 1.00 Network/subprocess call without timeout or try/except — cli-tool/components/skills/scientific/document-skills/pptx/scripts/thumbnail.py:219
`subprocess.run(...)` here lacks both a `timeout=` arg and an enclosing try/except. This is exactly the class of bug that took down our git-clone earlier (HTTP/2 stream cancel surfaced as a fatal). Add a `timeout=` and wrap in try/except, or use a wrapper that retries.
integrityfragile-runtimerobustness
medium 9-layer quality integrity conf 1.00 Network/subprocess call without timeout or try/except — cli-tool/components/skills/scientific/document-skills/xlsx/recalc.py:92
`subprocess.run(...)` here lacks both a `timeout=` arg and an enclosing try/except. This is exactly the class of bug that took down our git-clone earlier (HTTP/2 stream cancel surfaced as a fatal). Add a `timeout=` and wrap in try/except, or use a wrapper that retries.
integrityfragile-runtimerobustness
medium 9-layer quality integrity conf 1.00 Network/subprocess call without timeout or try/except — cli-tool/components/skills/scientific/ensembl-database/scripts/ensembl_query.py:159
`requests.get(...)` here lacks both a `timeout=` arg and an enclosing try/except. This is exactly the class of bug that took down our git-clone earlier (HTTP/2 stream cancel surfaced as a fatal). Add a `timeout=` and wrap in try/except, or use a wrapper that retries.
integrityfragile-runtimerobustness
medium 9-layer quality integrity conf 1.00 Network/subprocess call without timeout or try/except — cli-tool/components/skills/scientific/generate-image/scripts/generate_image.py:144
`requests.post(...)` here lacks both a `timeout=` arg and an enclosing try/except. This is exactly the class of bug that took down our git-clone earlier (HTTP/2 stream cancel surfaced as a fatal). Add a `timeout=` and wrap in try/except, or use a wrapper that retries.
integrityfragile-runtimerobustness
medium 9-layer quality integrity conf 1.00 Network/subprocess call without timeout or try/except — cli-tool/components/skills/scientific/labarchive-integration/scripts/entry_operations.py:172
`requests.post(...)` here lacks both a `timeout=` arg and an enclosing try/except. This is exactly the class of bug that took down our git-clone earlier (HTTP/2 stream cancel surfaced as a fatal). Add a `timeout=` and wrap in try/except, or use a wrapper that retries.
integrityfragile-runtimerobustness
medium 9-layer quality integrity conf 1.00 Network/subprocess call without timeout or try/except — cli-tool/components/skills/scientific/reactome-database/scripts/reactome_query.py:36
`requests.get(...)` here lacks both a `timeout=` arg and an enclosing try/except. This is exactly the class of bug that took down our git-clone earlier (HTTP/2 stream cancel surfaced as a fatal). Add a `timeout=` and wrap in try/except, or use a wrapper that retries.
integrityfragile-runtimerobustness
medium 9-layer quality integrity conf 1.00 Network/subprocess call without timeout or try/except — cli-tool/components/skills/scientific/uniprot-database/scripts/uniprot_client.py:61
`requests.get(...)` here lacks both a `timeout=` arg and an enclosing try/except. This is exactly the class of bug that took down our git-clone earlier (HTTP/2 stream cancel surfaced as a fatal). Add a `timeout=` and wrap in try/except, or use a wrapper that retries.
integrityfragile-runtimerobustness
medium 9-layer quality integrity conf 1.00 Network/subprocess call without timeout or try/except — cli-tool/components/skills/scientific/uspto-database/scripts/patent_search.py:70
`requests.post(...)` here lacks both a `timeout=` arg and an enclosing try/except. This is exactly the class of bug that took down our git-clone earlier (HTTP/2 stream cancel surfaced as a fatal). Add a `timeout=` and wrap in try/except, or use a wrapper that retries.
integrityfragile-runtimerobustness
medium 9-layer quality integrity conf 1.00 Network/subprocess call without timeout or try/except — cli-tool/components/skills/security/security-ownership-map/scripts/build_ownership_map.py:360
`subprocess.Popen(...)` here lacks both a `timeout=` arg and an enclosing try/except. This is exactly the class of bug that took down our git-clone earlier (HTTP/2 stream cancel surfaced as a fatal). Add a `timeout=` and wrap in try/except, or use a wrapper that retries.
integrityfragile-runtimerobustness
medium 9-layer quality integrity conf 1.00 Network/subprocess call without timeout or try/except — cli-tool/components/skills/security/security-ownership-map/scripts/community_maintainers.py:324
`subprocess.Popen(...)` here lacks both a `timeout=` arg and an enclosing try/except. This is exactly the class of bug that took down our git-clone earlier (HTTP/2 stream cancel surfaced as a fatal). Add a `timeout=` and wrap in try/except, or use a wrapper that retries.
integrityfragile-runtimerobustness
medium 9-layer quality integrity conf 1.00 Network/subprocess call without timeout or try/except — cli-tool/components/skills/security/security-ownership-map/scripts/run_ownership_map.py:195
`subprocess.run(...)` here lacks both a `timeout=` arg and an enclosing try/except. This is exactly the class of bug that took down our git-clone earlier (HTTP/2 stream cancel surfaced as a fatal). Add a `timeout=` and wrap in try/except, or use a wrapper that retries.
integrityfragile-runtimerobustness
medium 9-layer quality integrity conf 1.00 Network/subprocess call without timeout or try/except — scripts/generate_components_json.py:240
`requests.get(...)` here lacks both a `timeout=` arg and an enclosing try/except. This is exactly the class of bug that took down our git-clone earlier (HTTP/2 stream cancel surfaced as a fatal). Add a `timeout=` and wrap in try/except, or use a wrapper that retries.
integrityfragile-runtimerobustness
medium 9-layer quality tests conf 1.00 Very low test-to-source ratio
35 test file(s) for 1062 source file(s) (ratio 0.03). Consider adding integration or unit tests for critical paths.
testscoverage
low Legacy quality quality conf 0.86 Duplicated implementation block across source files
Extract the shared behavior into one function/module or delete the inactive duplicate after proving which path is used.
cli-tool/components/settings/statusline/deadline-countdown.py:13 qualitylegacy
low Legacy quality quality conf 0.86 Duplicated implementation block across source files
Extract the shared behavior into one function/module or delete the inactive duplicate after proving which path is used.
cli-tool/components/hooks/automation/telegram-pr-webhook.py:1 qualitylegacy
low Legacy quality quality conf 0.86 Duplicated implementation block across source files
Extract the shared behavior into one function/module or delete the inactive duplicate after proving which path is used.
cli-tool/components/agents/obsidian-ops-team/Scripts/tag_standardizer.py:116 qualitylegacy
low Legacy quality quality conf 0.86 Duplicated implementation block across source files
Extract the shared behavior into one function/module or delete the inactive duplicate after proving which path is used.
api/track-download-supabase.js:33 qualitylegacy
low Legacy quality quality conf 0.86 Duplicated implementation block across source files
Extract the shared behavior into one function/module or delete the inactive duplicate after proving which path is used.
api/claude-code-monitor/parser.js:1 qualitylegacy
low Legacy quality quality conf 0.86 Duplicated implementation block across source files
Extract the shared behavior into one function/module or delete the inactive duplicate after proving which path is used.
api/claude-code-monitor/check-version.js:4 qualitylegacy
low 9-layer quality maintenance conf 1.00 103 TODO/FIXME markers
High count of TODO/FIXME/HACK markers — track them as issues so they're not forgotten.
maintenance
low 9-layer quality integrity conf 1.00 37 env vars used in code but missing from .env.example
Drift between code and config docs. The first few: `API_BASE_URL`, `CCT_DEBUG`, `CCT_NO_ANALYTICS`, `CCT_NO_TRACKING`, `CI`, `CLOUDFLARE_WORKER_URL`, `CODEX_SANDBOX`, `CONTEXT_TIMELINE_LIMIT` + 29 more. Add them (with a placeholder/comment) to .env.example so onboarding doesn't break.
integrityconfig-drift
low 9-layer quality integrity conf 1.00 Legacy-named symbol `button_v1` in cli-tool/components/skills/creative-design/executing-marketing-campaigns/scripts/marketing_utils.py:39
Names with suffixes like `_old`, `_v1`, `_deprecated` usually indicate replaced-but-not-removed code (typical AI-coder leftover). Confirm and delete, or rename if it's the active version.
integritylegacy-markerdead-code
low 9-layer quality integrity conf 1.00 Legacy-named symbol `days_old` in cli-tool/components/skills/enterprise-communication/session-handoff/scripts/check_staleness.py:144
Names with suffixes like `_old`, `_v1`, `_deprecated` usually indicate replaced-but-not-removed code (typical AI-coder leftover). Confirm and delete, or rename if it's the active version.
integritylegacy-markerdead-code
low 9-layer quality integrity conf 1.00 Legacy-named symbol `notebook_backup` in cli-tool/components/skills/scientific/labarchive-integration/scripts/notebook_operations.py:131
Names with suffixes like `_old`, `_v1`, `_deprecated` usually indicate replaced-but-not-removed code (typical AI-coder leftover). Confirm and delete, or rename if it's the active version.
integritylegacy-markerdead-code
low 9-layer quality integrity conf 1.00 Legacy-named symbol `xml_copy` in cli-tool/components/skills/document-processing/docx-official/scripts/office/validators/base.py:705
Names with suffixes like `_old`, `_v1`, `_deprecated` usually indicate replaced-but-not-removed code (typical AI-coder leftover). Confirm and delete, or rename if it's the active version.
integritylegacy-markerdead-code
low 9-layer quality integrity conf 1.00 Legacy-named symbol `xml_copy` in cli-tool/components/skills/document-processing/docx/ooxml/scripts/validation/base.py:769
Names with suffixes like `_old`, `_v1`, `_deprecated` usually indicate replaced-but-not-removed code (typical AI-coder leftover). Confirm and delete, or rename if it's the active version.
integritylegacy-markerdead-code
low 9-layer quality integrity conf 1.00 Legacy-named symbol `xml_copy` in cli-tool/components/skills/document-processing/docx/scripts/office/validators/base.py:705
Names with suffixes like `_old`, `_v1`, `_deprecated` usually indicate replaced-but-not-removed code (typical AI-coder leftover). Confirm and delete, or rename if it's the active version.
integritylegacy-markerdead-code
low 9-layer quality integrity conf 1.00 Legacy-named symbol `xml_copy` in cli-tool/components/skills/document-processing/pptx-official/scripts/office/validators/base.py:705
Names with suffixes like `_old`, `_v1`, `_deprecated` usually indicate replaced-but-not-removed code (typical AI-coder leftover). Confirm and delete, or rename if it's the active version.
integritylegacy-markerdead-code
low 9-layer quality integrity conf 1.00 Legacy-named symbol `xml_copy` in cli-tool/components/skills/document-processing/pptx/ooxml/scripts/validation/base.py:769
Names with suffixes like `_old`, `_v1`, `_deprecated` usually indicate replaced-but-not-removed code (typical AI-coder leftover). Confirm and delete, or rename if it's the active version.
integritylegacy-markerdead-code
low 9-layer quality integrity conf 1.00 Legacy-named symbol `xml_copy` in cli-tool/components/skills/document-processing/pptx/scripts/office/validators/base.py:705
Names with suffixes like `_old`, `_v1`, `_deprecated` usually indicate replaced-but-not-removed code (typical AI-coder leftover). Confirm and delete, or rename if it's the active version.
integritylegacy-markerdead-code
low 9-layer quality integrity conf 1.00 Legacy-named symbol `xml_copy` in cli-tool/components/skills/document-processing/xlsx-official/scripts/office/validators/base.py:705
Names with suffixes like `_old`, `_v1`, `_deprecated` usually indicate replaced-but-not-removed code (typical AI-coder leftover). Confirm and delete, or rename if it's the active version.
integritylegacy-markerdead-code
low 9-layer quality integrity conf 1.00 Legacy-named symbol `xml_copy` in cli-tool/components/skills/document-processing/xlsx/scripts/office/validators/base.py:705
Names with suffixes like `_old`, `_v1`, `_deprecated` usually indicate replaced-but-not-removed code (typical AI-coder leftover). Confirm and delete, or rename if it's the active version.
integritylegacy-markerdead-code
low 9-layer quality integrity conf 1.00 Legacy-named symbol `xml_copy` in cli-tool/components/skills/scientific/document-skills/docx/ooxml/scripts/validation/base.py:769
Names with suffixes like `_old`, `_v1`, `_deprecated` usually indicate replaced-but-not-removed code (typical AI-coder leftover). Confirm and delete, or rename if it's the active version.
integritylegacy-markerdead-code
low 9-layer quality integrity conf 1.00 Legacy-named symbol `xml_copy` in cli-tool/components/skills/scientific/document-skills/pptx/ooxml/scripts/validation/base.py:769
Names with suffixes like `_old`, `_v1`, `_deprecated` usually indicate replaced-but-not-removed code (typical AI-coder leftover). Confirm and delete, or rename if it's the active version.
integritylegacy-markerdead-code
low 9-layer quality integrity conf 1.00 Near-duplicate function bodies in 2 places
Functions with the same first-5-line body hash: cli-tool/components/skills/security/webapp-testing/scripts/with_server.py:is_server_ready, cli-tool/components/skills/development/webapp-testing/scripts/with_server.py:is_server_ready This is *the* AI-coder failure mode (4× more duplication in vibe-c…
integrityduplicatedry
low 9-layer quality integrity conf 1.00 Near-duplicate function bodies in 2 places
Functions with the same first-5-line body hash: cli-tool/components/skills/security/webapp-testing/scripts/with_server.py:main, cli-tool/components/skills/development/webapp-testing/scripts/with_server.py:main This is *the* AI-coder failure mode (4× more duplication in vibe-coded repos — see https…
integrityduplicatedry
low 9-layer quality integrity conf 1.00 Near-duplicate function bodies in 2 places
Functions with the same first-5-line body hash: cli-tool/components/skills/security/webapp-testing/examples/console_logging.py:handle_console_message, cli-tool/components/skills/development/webapp-testing/examples/console_logging.py:handle_console_message This is *the* AI-coder failure mode (4× mo…
integrityduplicatedry
low 9-layer quality integrity conf 1.00 Near-duplicate function bodies in 2 places
Functions with the same first-5-line body hash: cli-tool/components/skills/security/security-ownership-map/scripts/community_maintainers.py:read_csv, cli-tool/components/skills/security/security-ownership-map/scripts/query_ownership.py:read_csv This is *the* AI-coder failure mode (4× more duplicat…
integrityduplicatedry
low 9-layer quality integrity conf 1.00 Near-duplicate function bodies in 2 places
Functions with the same first-5-line body hash: cli-tool/components/skills/security/security-ownership-map/scripts/community_maintainers.py:main, cli-tool/components/skills/security/security-ownership-map/scripts/query_ownership.py:main This is *the* AI-coder failure mode (4× more duplication in v…
integrityduplicatedry
low 9-layer quality integrity conf 1.00 Near-duplicate function bodies in 2 places
Functions with the same first-5-line body hash: cli-tool/components/skills/security/security-ownership-map/scripts/query_ownership.py:handle_files, cli-tool/components/skills/security/security-ownership-map/scripts/query_ownership.py:handle_file This is *the* AI-coder failure mode (4× more duplica…
integrityduplicatedry
low 9-layer quality integrity conf 1.00 Near-duplicate function bodies in 2 places
Functions with the same first-5-line body hash: cli-tool/components/skills/creative-design/slack-gif-creator/core/easing.py:linear, cli-tool/components/skills/enterprise-communication/slack-gif-creator/core/easing.py:linear This is *the* AI-coder failure mode (4× more duplication in vibe-coded rep…
integrityduplicatedry
low 9-layer quality integrity conf 1.00 Near-duplicate function bodies in 2 places
Functions with the same first-5-line body hash: cli-tool/components/skills/creative-design/slack-gif-creator/core/easing.py:ease_in_quad, cli-tool/components/skills/enterprise-communication/slack-gif-creator/core/easing.py:ease_in_quad This is *the* AI-coder failure mode (4× more duplication in vi…
integrityduplicatedry
low 9-layer quality integrity conf 1.00 Near-duplicate function bodies in 2 places
Functions with the same first-5-line body hash: cli-tool/components/skills/creative-design/slack-gif-creator/core/easing.py:ease_out_quad, cli-tool/components/skills/enterprise-communication/slack-gif-creator/core/easing.py:ease_out_quad This is *the* AI-coder failure mode (4× more duplication in …
integrityduplicatedry
low 9-layer quality integrity conf 1.00 Near-duplicate function bodies in 2 places
Functions with the same first-5-line body hash: cli-tool/components/skills/creative-design/slack-gif-creator/core/easing.py:ease_in_out_quad, cli-tool/components/skills/enterprise-communication/slack-gif-creator/core/easing.py:ease_in_out_quad This is *the* AI-coder failure mode (4× more duplicati…
integrityduplicatedry
low 9-layer quality integrity conf 1.00 Near-duplicate function bodies in 2 places
Functions with the same first-5-line body hash: cli-tool/components/skills/creative-design/slack-gif-creator/core/easing.py:ease_in_cubic, cli-tool/components/skills/enterprise-communication/slack-gif-creator/core/easing.py:ease_in_cubic This is *the* AI-coder failure mode (4× more duplication in …
integrityduplicatedry
low 9-layer quality integrity conf 1.00 Near-duplicate function bodies in 2 places
Functions with the same first-5-line body hash: cli-tool/components/skills/creative-design/slack-gif-creator/core/easing.py:ease_out_cubic, cli-tool/components/skills/enterprise-communication/slack-gif-creator/core/easing.py:ease_out_cubic This is *the* AI-coder failure mode (4× more duplication i…
integrityduplicatedry
low 9-layer quality integrity conf 1.00 Near-duplicate function bodies in 2 places
Functions with the same first-5-line body hash: cli-tool/components/skills/creative-design/slack-gif-creator/core/easing.py:ease_in_out_cubic, cli-tool/components/skills/enterprise-communication/slack-gif-creator/core/easing.py:ease_in_out_cubic This is *the* AI-coder failure mode (4× more duplica…
integrityduplicatedry
low 9-layer quality integrity conf 1.00 Near-duplicate function bodies in 2 places
Functions with the same first-5-line body hash: cli-tool/components/skills/creative-design/slack-gif-creator/core/easing.py:ease_in_bounce, cli-tool/components/skills/enterprise-communication/slack-gif-creator/core/easing.py:ease_in_bounce This is *the* AI-coder failure mode (4× more duplication i…
integrityduplicatedry
low 9-layer quality integrity conf 1.00 Near-duplicate function bodies in 2 places
Functions with the same first-5-line body hash: cli-tool/components/skills/creative-design/slack-gif-creator/core/easing.py:ease_out_bounce, cli-tool/components/skills/enterprise-communication/slack-gif-creator/core/easing.py:ease_out_bounce This is *the* AI-coder failure mode (4× more duplication…
integrityduplicatedry
low 9-layer quality integrity conf 1.00 Near-duplicate function bodies in 2 places
Functions with the same first-5-line body hash: cli-tool/components/skills/creative-design/slack-gif-creator/core/easing.py:ease_in_out_bounce, cli-tool/components/skills/enterprise-communication/slack-gif-creator/core/easing.py:ease_in_out_bounce This is *the* AI-coder failure mode (4× more dupli…
integrityduplicatedry
low 9-layer quality integrity conf 1.00 Near-duplicate function bodies in 2 places
Functions with the same first-5-line body hash: cli-tool/components/skills/creative-design/slack-gif-creator/core/easing.py:ease_in_elastic, cli-tool/components/skills/enterprise-communication/slack-gif-creator/core/easing.py:ease_in_elastic This is *the* AI-coder failure mode (4× more duplication…
integrityduplicatedry
low 9-layer quality integrity conf 1.00 Near-duplicate function bodies in 2 places
Functions with the same first-5-line body hash: cli-tool/components/skills/creative-design/slack-gif-creator/core/easing.py:ease_out_elastic, cli-tool/components/skills/enterprise-communication/slack-gif-creator/core/easing.py:ease_out_elastic This is *the* AI-coder failure mode (4× more duplicati…
integrityduplicatedry
low 9-layer quality integrity conf 1.00 Near-duplicate function bodies in 2 places
Functions with the same first-5-line body hash: cli-tool/components/skills/creative-design/slack-gif-creator/core/easing.py:ease_in_out_elastic, cli-tool/components/skills/enterprise-communication/slack-gif-creator/core/easing.py:ease_in_out_elastic This is *the* AI-coder failure mode (4× more dup…
integrityduplicatedry
low 9-layer quality integrity conf 1.00 Near-duplicate function bodies in 3 places
Functions with the same first-5-line body hash: cli-tool/components/skills/security/security-ownership-map/scripts/community_maintainers.py:in_bucket, cli-tool/components/skills/security/security-ownership-map/scripts/community_maintainers.py:in_bucket, cli-tool/components/skills/security/security-…
integrityduplicatedry
low 9-layer quality complexity conf 1.00 Very large file: cli-tool/components/hooks/monitoring/context-timeline.py (1224 lines)
Files with >800 lines often hide complexity hotspots and discourage tests.
complexity
low 9-layer quality complexity conf 1.00 Very large file: cli-tool/components/skills/ai-research/loki-mode/autonomy/run.sh (1991 lines)
Files with >800 lines often hide complexity hotspots and discourage tests.
complexity
low 9-layer quality complexity conf 1.00 Very large file: cli-tool/components/skills/ai-research/loki-mode/benchmarks/run-benchmarks.sh (1948 lines)
Files with >800 lines often hide complexity hotspots and discourage tests.
complexity
low 9-layer quality complexity conf 1.00 Very large file: cli-tool/components/skills/document-processing/docx/scripts/document.py (1276 lines)
Files with >800 lines often hide complexity hotspots and discourage tests.
complexity
low 9-layer quality complexity conf 1.00 Very large file: cli-tool/components/skills/scientific/document-skills/docx/scripts/document.py (1276 lines)
Files with >800 lines often hide complexity hotspots and discourage tests.
complexity
low 9-layer quality complexity conf 1.00 Very large file: cli-tool/src/analytics-web/components/DashboardPage.js (2323 lines)
Files with >800 lines often hide complexity hotspots and discourage tests.
complexity
low 9-layer quality complexity conf 1.00 Very large file: cli-tool/src/analytics.js (2403 lines)
Files with >800 lines often hide complexity hotspots and discourage tests.
complexity
low 9-layer quality complexity conf 1.00 Very large file: cli-tool/src/index.js (3458 lines)
Files with >800 lines often hide complexity hotspots and discourage tests.
complexity
low 9-layer quality complexity conf 1.00 Very large file: dashboard/src/components/MyComponentsView.tsx (1096 lines)
Files with >800 lines often hide complexity hotspots and discourage tests.
complexity
low 9-layer quality complexity conf 1.00 Very large file: docs/js/component-page.js (1915 lines)
Files with >800 lines often hide complexity hotspots and discourage tests.
complexity
low 9-layer quality complexity conf 1.00 Very large file: docs/js/index-events.js (2018 lines)
Files with >800 lines often hide complexity hotspots and discourage tests.
complexity
low 9-layer quality complexity conf 1.00 Very large file: docs/js/script.js (2194 lines)
Files with >800 lines often hide complexity hotspots and discourage tests.
complexity
info 9-layer quality integrity conf 1.00 Commented-code block (10 lines) in cli-tool/components/skills/enterprise-communication/regulatory-affairs-head/scripts/regulatory_tracker.py:185
A long run of `//` or `#` lines usually means abandoned code. Delete or move to git history. Keeps the canvas + dead-code detection honest.
integritycommented-codedead-code
info 9-layer quality integrity conf 1.00 Commented-code block (5 lines) in cli-tool/components/skills/development/skill-creator/scripts/improve_description.py:158
A long run of `//` or `#` lines usually means abandoned code. Delete or move to git history. Keeps the canvas + dead-code detection honest.
integritycommented-codedead-code
info 9-layer quality integrity conf 1.00 Commented-code block (5 lines) in cli-tool/components/skills/development/skill-development/scripts/improve_description.py:158
A long run of `//` or `#` lines usually means abandoned code. Delete or move to git history. Keeps the canvas + dead-code detection honest.
integritycommented-codedead-code
info 9-layer quality integrity conf 1.00 Commented-code block (5 lines) in cli-tool/components/skills/productivity/skill-creator/scripts/improve_description.py:158
A long run of `//` or `#` lines usually means abandoned code. Delete or move to git history. Keeps the canvas + dead-code detection honest.
integritycommented-codedead-code
info 9-layer quality integrity conf 1.00 Commented-code block (5 lines) in cli-tool/components/skills/scientific/document-skills/pdf/scripts/extract_form_field_info.py:56
A long run of `//` or `#` lines usually means abandoned code. Delete or move to git history. Keeps the canvas + dead-code detection honest.
integritycommented-codedead-code
info 9-layer quality integrity conf 1.00 Commented-code block (5 lines) in cli-tool/components/skills/scientific/matplotlib/scripts/plot_template.py:186
A long run of `//` or `#` lines usually means abandoned code. Delete or move to git history. Keeps the canvas + dead-code detection honest.
integritycommented-codedead-code
info 9-layer quality integrity conf 1.00 Commented-code block (5 lines) in cli-tool/components/skills/scientific/pymc/assets/linear_regression_template.py:20
A long run of `//` or `#` lines usually means abandoned code. Delete or move to git history. Keeps the canvas + dead-code detection honest.
integritycommented-codedead-code
info 9-layer quality integrity conf 1.00 Commented-code block (5 lines) in cli-tool/components/skills/scientific/research-lookup/examples.py:140
A long run of `//` or `#` lines usually means abandoned code. Delete or move to git history. Keeps the canvas + dead-code detection honest.
integritycommented-codedead-code
info 9-layer quality integrity conf 1.00 Commented-code block (5 lines) in cli-tool/components/skills/scientific/stable-baselines3/scripts/train_rl_agent.py:101
A long run of `//` or `#` lines usually means abandoned code. Delete or move to git history. Keeps the canvas + dead-code detection honest.
integritycommented-codedead-code
info 9-layer quality integrity conf 1.00 Commented-code block (6 lines) in cli-tool/components/skills/scientific/document-skills/pptx/scripts/thumbnail.py:32
A long run of `//` or `#` lines usually means abandoned code. Delete or move to git history. Keeps the canvas + dead-code detection honest.
integritycommented-codedead-code
info 9-layer quality integrity conf 1.00 Commented-code block (6 lines) in cli-tool/components/skills/scientific/pufferlib/scripts/env_template.py:39
A long run of `//` or `#` lines usually means abandoned code. Delete or move to git history. Keeps the canvas + dead-code detection honest.
integritycommented-codedead-code
info 9-layer quality integrity conf 1.00 Commented-code block (6 lines) in cli-tool/components/skills/scientific/pymc/assets/hierarchical_model_template.py:20
A long run of `//` or `#` lines usually means abandoned code. Delete or move to git history. Keeps the canvas + dead-code detection honest.
integritycommented-codedead-code
info 9-layer quality integrity conf 1.00 Commented-code block (6 lines) in cli-tool/components/skills/scientific/stable-baselines3/scripts/custom_env_template.py:59
A long run of `//` or `#` lines usually means abandoned code. Delete or move to git history. Keeps the canvas + dead-code detection honest.
integritycommented-codedead-code
info 9-layer quality integrity conf 1.00 Commented-code block (8 lines) in cli-tool/components/skills/creative-design/algorithmic-art/templates/generator_template.js:15
A long run of `//` or `#` lines usually means abandoned code. Delete or move to git history. Keeps the canvas + dead-code detection honest.
integritycommented-codedead-code
info 9-layer quality integrity conf 1.00 Commented-code block (8 lines) in cli-tool/components/skills/development/systematic-debugging/condition-based-waiting-example.ts:140
A long run of `//` or `#` lines usually means abandoned code. Delete or move to git history. Keeps the canvas + dead-code detection honest.
integritycommented-codedead-code
info 9-layer quality integrity conf 1.00 Commented-code block (8 lines) in cli-tool/components/skills/scientific/pydicom/scripts/anonymize_dicom.py:73
A long run of `//` or `#` lines usually means abandoned code. Delete or move to git history. Keeps the canvas + dead-code detection honest.
integritycommented-codedead-code
info 9-layer quality integrity conf 1.00 Commented-code block (8 lines) in cli-tool/components/skills/scientific/pytorch-lightning/scripts/template_datamodule.py:174
A long run of `//` or `#` lines usually means abandoned code. Delete or move to git history. Keeps the canvas + dead-code detection honest.
integritycommented-codedead-code
info 9-layer quality integrity conf 1.00 Commented-code block (8 lines) in cli-tool/components/skills/scientific/stable-baselines3/scripts/evaluate_agent.py:210
A long run of `//` or `#` lines usually means abandoned code. Delete or move to git history. Keeps the canvas + dead-code detection honest.
integritycommented-codedead-code
{# ── 2026-05-17 Round 14: AI-agent bridge footer ────────────────────── Discoverability: the /agents/voting/ guide + MCP manifest exist but aren't linked from anywhere users actually land. Small, opt-in footer. #}
For AI agents: Voting guide (TP/FP) MCP manifest Stdio wrapper SARIF Integrate Findings queue Vote TP/FP on findings to calibrate the engine.
For AI agents + API integrations
Email me when this repo regresses
Free. We re-scan periodically; new criticals → your inbox. No signup required for the scan itself.
API access

This page is publicly accessible at: https://repobility.com/scan/a656f031-2648-4f24-9993-6b291c9bf048/

To check status programmatically (no auth required): 

curl -s https://repobility.com/api/v1/public/scan/a656f031-2648-4f24-9993-6b291c9bf048/

Important — please don't re-submit the same URL repeatedly. The submission endpoint is idempotent: re-submitting the same git URL returns this same scan_token, not a new one. To re-scan this repo, sign up free and use the dashboard.