tykimos/ai-whatchelin

Public scan — anyone with this URL can view this analysis. Sign up to track your own repos privately, run scheduled re-scans, and get AI fix prompts via your dashboard.

2 of your 4 findings came from Repobility's proprietary detections. ✓ Repobility tags below mark them.

Scan timing: clone 2.8s · analysis 1.01s · 0.9 MB · GitHub API rate-limit (preflight)

https://github.com/tykimos/ai-whatchelin · scanned 2026-06-05 12:56 UTC (1 week, 2 days ago) · 10 languages

15 raw signals (3 security + 12 graph) 36th percentile · Unknown · System graph score 90 (lower by 19)

File as issue Image

UNIFIED Repobility · multi-layer engine · AI coders

Complete repo analysis

Last scanned 1 week, 2 days ago · v2 · 7 actionable findings from 2 signal sources. 2 repeated signals grouped for readability. Security checks, system graph analysis, and verified AI-agent feedback are merged into one review queue.

JSON

66.7% cov · 4 findings

Score breakdown â 2026-05-18-v5

Component	Sub-score	Weight	Contribution
`structure_score`	45.0	0.15	6.75
`security_score`	100.0	0.25	25.00
`testing_score`	70.0	0.20	14.00
`documentation_score`	40.0	0.15	6.00
`practices_score`	70.0	0.15	10.50
`code_quality`	80.0	0.10	8.00
Overall		1.00	70.2

Severity distribution — click a segment to filter

Active filters: source: legacy × excluding tests × Reset all

Severity: Critical 0 High 0 Medium 3 Low 2 9-Layer: Software Security Quality Integrity Frontend Hardware Data Network Cicd Source: Security checks 3 System graph 4 Crowd 0 Layer: Quality 1 Cicd 3 Api 1 Frontend 1 Security 1

Exclude dismissed / FP Exclude test files

Corpus Intelligence Cross-corpus context (cohort percentile, top patterns, fix plan) is shown only on repositories you own. Sign up and connect your repo to view it.

Scan summary Quality grade B (70/100). Dimensions: security 100, maintainability 45. 3 findings (2 security).

Showing 3 of 7 actionable findings. 9 raw detector signals were grouped into reader-sized issues. Click TP / FP to vote on a finding's accuracy — votes adjust the confidence weighting and improve detection across the platform.

medium Security checks cicd CI/CD security conf 0.90 ✓ Repobility 2 occurrences GitHub Action is tag-pinned rather than SHA-pinned

Action `anthropics/claude-code-action` pinned to mutable ref `@v1` uses a mutable tag or branch. Pin external actions to a reviewed full commit SHA when the workflow is security-sensitive.

lines 32

.github/workflows/daily-update.yml:32 (2 hits)

CI/CD securitySupply chainGitHub Actions

low Security checks cicd CI/CD security conf 0.90 ✓ Repobility 2 occurrences GitHub Action is tag-pinned rather than SHA-pinned

Action `actions/checkout` pinned to mutable ref `@v4` uses a mutable tag or branch. Pin external actions to a reviewed full commit SHA when the workflow is security-sensitive.

lines 26

.github/workflows/daily-update.yml:26 (2 hits)

CI/CD securitySupply chainGitHub Actions

low Security checks quality Documentation No LICENSE file

Add a LICENSE file to your repository. Use choosealicense.com to pick the right license (MIT for permissive, Apache 2.0 for patent protection, GPL for copyleft).

For AI agents: Voting guide (TP/FP) MCP manifest Stdio wrapper SARIF Integrate Findings queue Vote TP/FP on findings to calibrate the engine.

For AI agents + API integrations

Email me when this repo regresses

Free. We re-scan periodically; new criticals → your inbox. No signup required for the scan itself.

API access

This page is publicly accessible at: https://repobility.com/scan/bf075bed-943e-482c-a47d-38e4e6646fec/

To check status programmatically (no auth required):

curl -s https://repobility.com/api/v1/public/scan/bf075bed-943e-482c-a47d-38e4e6646fec/

Important — please don't re-submit the same URL repeatedly. The submission endpoint is idempotent: re-submitting the same git URL returns this same scan_token, not a new one. To re-scan this repo, sign up free and use the dashboard.