Scan timing: clone 14.92s · analysis 5.83s · 42.6 MB · GitHub API rate-limit (preflight)
https://github.com/affaan-m/ECC
· scanned 2026-06-04 04:10 UTC (1 day, 9 hours ago)
· 10 languages
681 findings (115 legacy + 566 scanner) 11/13 scanners ran 86th percentile · Javascript · large (100-500K LoC) Scanner says 69 (higher by 21)
Last scanned 1 day, 9 hours ago · v2 · 398 findings from 2 sources. Findings combine the legacy security pipeline AND the multi-layer engine (atlas, wiring, flows, ranked) AND verified AI agent contributions.
| Component | Sub-score | Weight | Contribution |
|---|---|---|---|
structure_score |
85.0 | 0.15 | 12.75 |
security_score |
100.0 | 0.25 | 25.00 |
testing_score |
100.0 | 0.20 | 20.00 |
documentation_score |
100.0 | 0.15 | 15.00 |
practices_score |
81.0 | 0.15 | 12.15 |
code_quality |
55.0 | 0.10 | 5.50 |
| Overall | 1.00 | 90.4 |
All 6174 nodes from the latest scan, grouped by kind. Each node is a unit the engine identified (file, function, endpoint, table…). Most users won't need this view — it's primarily for debugging the engine's graph extraction or for AI agents that want to enumerate the project structure.
| Label | Layer | Status | Path |
|---|---|---|---|
get_project_path |
software | healthy | ecc_dashboard.py:24 |
load_agents |
software | healthy | ecc_dashboard.py:29 |
load_skills |
software | healthy | ecc_dashboard.py:93 |
load_commands |
software | healthy | ecc_dashboard.py:173 |
load_rules |
software | healthy | ecc_dashboard.py:222 |
__init__ |
software | healthy | ecc_dashboard.py:275 |
setup_styles |
software | healthy | ecc_dashboard.py:310 |
center_window |
software | healthy | ecc_dashboard.py:327 |
create_widgets |
software | healthy | ecc_dashboard.py:336 |
create_agents_tab |
software | healthy | ecc_dashboard.py:382 |
populate_agents |
software | healthy | ecc_dashboard.py:439 |
filter_agents |
software | dead | ecc_dashboard.py:447 |
on_agent_select |
software | dead | ecc_dashboard.py:460 |
create_skills_tab |
software | healthy | ecc_dashboard.py:487 |
get_categories |
software | healthy | ecc_dashboard.py:550 |
populate_skills |
software | healthy | ecc_dashboard.py:555 |
filter_skills |
software | dead | ecc_dashboard.py:564 |
on_skill_select |
software | dead | ecc_dashboard.py:581 |
create_commands_tab |
software | healthy | ecc_dashboard.py:609 |
create_rules_tab |
software | healthy | ecc_dashboard.py:652 |
get_rule_languages |
software | healthy | ecc_dashboard.py:700 |
populate_rules |
software | healthy | ecc_dashboard.py:705 |
filter_rules |
software | dead | ecc_dashboard.py:714 |
create_settings_tab |
software | healthy | ecc_dashboard.py:729 |
browse_path |
software | dead | ecc_dashboard.py:803 |
open_terminal |
software | dead | ecc_dashboard.py:811 |
_open_project_doc |
software | healthy | ecc_dashboard.py:819 |
open_readme |
software | dead | ecc_dashboard.py:831 |
open_agents |
software | dead | ecc_dashboard.py:835 |
refresh_data |
software | dead | ecc_dashboard.py:839 |
apply_theme |
software | healthy | ecc_dashboard.py:864 |
update_widget_colors |
software | healthy | ecc_dashboard.py:900 |
main |
software | healthy | ecc_dashboard.py:925 |
__init__ |
software | healthy | integrations/aura/adapter.py:57 |
ok |
software | healthy | integrations/aura/adapter.py:93 |
as_dict |
software | healthy | integrations/aura/adapter.py:97 |
from_payload |
software | healthy | integrations/aura/adapter.py:108 |
unreachable |
software | healthy | integrations/aura/adapter.py:123 |
_http_get_json |
software | healthy | integrations/aura/adapter.py:130 |
aura_verdict |
software | healthy | integrations/aura/adapter.py:136 |
before_settle |
software | healthy | integrations/aura/adapter.py:169 |
test_verdict_classes |
software | healthy | integrations/aura/tests/test_adapter.py:38 |
test_minimal_dict_contract |
software | healthy | integrations/aura/tests/test_adapter.py:46 |
test_dimensions_exposed_for_history |
software | healthy | integrations/aura/tests/test_adapter.py:54 |
test_new_agent_has_no_score |
software | healthy | integrations/aura/tests/test_adapter.py:60 |
test_gate_allows_trusted |
software | healthy | integrations/aura/tests/test_adapter.py:68 |
test_gate_allows_caution_and_new_by_default |
software | healthy | integrations/aura/tests/test_adapter.py:73 |
test_gate_rejects_high_risk |
software | healthy | integrations/aura/tests/test_adapter.py:78 |
test_gate_rejects_unknown_by_default |
software | healthy | integrations/aura/tests/test_adapter.py:84 |
test_strict_allow_rejects_new |
software | healthy | integrations/aura/tests/test_adapter.py:89 |
Showing first 50 of this kind. Full payload available via the JSON button at the top of the page.
| Label | Layer | Status | Path |
|---|---|---|---|
REPO-ASSESSMENT.md |
software | healthy | REPO-ASSESSMENT.md |
EVALUATION.md |
software | healthy | EVALUATION.md |
README.zh-CN.md |
software | healthy | README.zh-CN.md |
.markdownlint.json |
software | healthy | .markdownlint.json |
ecc_dashboard.py |
software | healthy | ecc_dashboard.py |
.mcp.json |
software | healthy | .mcp.json |
commitlint.config.js |
software | warning | commitlint.config.js |
SPONSORS.md |
software | healthy | SPONSORS.md |
WORKING-CONTEXT.md |
software | healthy | WORKING-CONTEXT.md |
README.md |
software | healthy | README.md |
COMMANDS-QUICK-REF.md |
software | healthy | COMMANDS-QUICK-REF.md |
CLAUDE.md |
software | healthy | CLAUDE.md |
install.sh |
software | healthy | install.sh |
package.json |
software | healthy | package.json |
CONTRIBUTING.md |
software | healthy | CONTRIBUTING.md |
TROUBLESHOOTING.md |
software | healthy | TROUBLESHOOTING.md |
package-lock.json |
software | healthy | package-lock.json |
agent.yaml |
software | healthy | agent.yaml |
the-security-guide.md |
software | healthy | the-security-guide.md |
the-longform-guide.md |
software | healthy | the-longform-guide.md |
SOUL.md |
software | healthy | SOUL.md |
.env.example |
software | healthy | .env.example |
pyproject.toml |
software | healthy | pyproject.toml |
eslint.config.js |
software | warning | eslint.config.js |
.yarnrc.yml |
software | healthy | .yarnrc.yml |
RULES.md |
software | healthy | RULES.md |
SPONSORING.md |
software | healthy | SPONSORING.md |
CODE_OF_CONDUCT.md |
software | healthy | CODE_OF_CONDUCT.md |
SECURITY.md |
software | healthy | SECURITY.md |
AGENTS.md |
software | healthy | AGENTS.md |
CHANGELOG.md |
software | healthy | CHANGELOG.md |
the-shortform-guide.md |
software | healthy | the-shortform-guide.md |
__init__.py |
software | healthy | integrations/aura/__init__.py |
README.md |
software | healthy | integrations/aura/README.md |
THREAT_MODEL.md |
software | healthy | integrations/aura/THREAT_MODEL.md |
adapter.py |
software | healthy | integrations/aura/adapter.py |
__init__.py |
software | healthy | integrations/aura/tests/__init__.py |
test_adapter.py |
software | healthy | integrations/aura/tests/test_adapter.py |
fixtures.py |
software | healthy | integrations/aura/tests/fixtures.py |
project-stack-mappings.json |
software | healthy | config/project-stack-mappings.json |
codex-config.test.js |
software | healthy | tests/codex-config.test.js |
__init__.py |
software | healthy | tests/__init__.py |
conftest.py |
software | healthy | tests/conftest.py |
test_types.py |
software | healthy | tests/test_types.py |
opencode-config.test.js |
software | healthy | tests/opencode-config.test.js |
test_builder.py |
software | healthy | tests/test_builder.py |
run-all.js |
software | healthy | tests/run-all.js |
opencode-plugin-hooks.test.js |
software | healthy | tests/opencode-plugin-hooks.test.js |
test_resolver.py |
software | healthy | tests/test_resolver.py |
test_executor.py |
software | healthy | tests/test_executor.py |
Showing first 50 of this kind. Full payload available via the JSON button at the top of the page.
| Label | Layer | Status | Path |
|---|---|---|---|
integrations |
software | healthy | integrations |
aura |
software | healthy | integrations/aura |
tests |
software | healthy | integrations/aura/tests |
config |
software | healthy | config |
tests |
software | healthy | tests |
integration |
software | healthy | tests/integration |
commands |
software | healthy | tests/commands |
docs |
software | healthy | tests/docs |
scripts |
software | healthy | tests/scripts |
lib |
software | healthy | tests/lib |
hooks |
software | healthy | tests/hooks |
ci |
software | healthy | tests/ci |
legacy-command-shims |
software | healthy | legacy-command-shims |
commands |
software | healthy | legacy-command-shims/commands |
rules |
software | healthy | rules |
php |
software | healthy | rules/php |
ruby |
software | healthy | rules/ruby |
common |
software | healthy | rules/common |
fsharp |
software | healthy | rules/fsharp |
rust |
software | healthy | rules/rust |
golang |
software | healthy | rules/golang |
typescript |
software | healthy | rules/typescript |
zh |
software | healthy | rules/zh |
csharp |
software | healthy | rules/csharp |
react |
software | healthy | rules/react |
web |
software | healthy | rules/web |
python |
software | healthy | rules/python |
cpp |
software | healthy | rules/cpp |
perl |
software | healthy | rules/perl |
arkts |
software | healthy | rules/arkts |
java |
software | healthy | rules/java |
swift |
software | healthy | rules/swift |
dart |
software | healthy | rules/dart |
kotlin |
software | healthy | rules/kotlin |
angular |
software | healthy | rules/angular |
commands |
software | healthy | commands |
docs |
software | healthy | docs |
security |
software | healthy | docs/security |
releases |
software | healthy | docs/releases |
1.10.0 |
software | healthy | docs/releases/1.10.0 |
2.0.0-rc.1 |
software | healthy | docs/releases/2.0.0-rc.1 |
1.8.0 |
software | healthy | docs/releases/1.8.0 |
2.0.0 |
software | healthy | docs/releases/2.0.0 |
architecture |
software | healthy | docs/architecture |
th |
software | healthy | docs/th |
pt-BR |
software | healthy | docs/pt-BR |
rules |
software | healthy | docs/pt-BR/rules |
commands |
software | healthy | docs/pt-BR/commands |
agents |
software | healthy | docs/pt-BR/agents |
examples |
software | healthy | docs/pt-BR/examples |
Showing first 50 of this kind. Full payload available via the JSON button at the top of the page.
| Label | Layer | Status | Path |
|---|---|---|---|
ECCDashboard |
software | healthy | ecc_dashboard.py:272 |
AuraUntrusted |
software | healthy | integrations/aura/adapter.py:54 |
AuraVerdict |
software | healthy | integrations/aura/adapter.py:65 |
TestRole |
software | healthy | tests/test_types.py:15 |
TestProviderType |
software | healthy | tests/test_types.py:23 |
TestMessage |
software | healthy | tests/test_types.py:32 |
TestToolDefinition |
software | healthy | tests/test_types.py:48 |
TestToolCall |
software | healthy | tests/test_types.py:100 |
TestToolResult |
software | healthy | tests/test_types.py:108 |
TestLLMInput |
software | healthy | tests/test_types.py:115 |
TestLLMOutput |
software | healthy | tests/test_types.py:130 |
TestModelInfo |
software | healthy | tests/test_types.py:142 |
TestPromptBuilder |
software | healthy | tests/test_builder.py:7 |
TestAdaptMessagesForProvider |
software | healthy | tests/test_builder.py:70 |
TestGetProvider |
software | healthy | tests/test_resolver.py:6 |
TestToolRegistry |
software | healthy | tests/test_executor.py:6 |
TestToolExecutor |
software | healthy | tests/test_executor.py:34 |
_Completions |
software | healthy | tests/test_astraflow_provider.py:15 |
_Client |
software | healthy | tests/test_astraflow_provider.py:25 |
_OpenAICompletions |
software | healthy | tests/test_provider_tools.py:19 |
_OpenAIClient |
software | healthy | tests/test_provider_tools.py:31 |
_AnthropicMessages |
software | healthy | tests/test_provider_tools.py:37 |
_AnthropicClient |
software | healthy | tests/test_provider_tools.py:51 |
FakeMessages |
software | healthy | tests/test_claude_provider.py:10 |
FakeClient |
software | healthy | tests/test_claude_provider.py:18 |
FakeWindow |
software | healthy | tests/scripts/ecc-dashboard.test.js:FakeWindow |
and |
software | healthy | tests/scripts/skill-create-output.test.js:and |
methods |
software | healthy | tests/scripts/skill-create-output.test.js:methods |
directly |
software | healthy | tests/scripts/skill-create-output.test.js:directly |
FakeMonitor |
software | healthy | tests/hooks/test_insaits_security_monitor.py:41 |
SkillCreateOutput |
software | healthy | scripts/skill-create-output.js:SkillCreateOutput |
NetworkGraphExplainer |
software | healthy | skills/manim-video/assets/network_graph_scene.py:4 |
_FakeScenario |
software | healthy | skills/skill-comply/tests/test_runner.py:15 |
TestSetupSandboxSkipsShellBuiltins |
software | healthy | skills/skill-comply/tests/test_runner.py:23 |
TestRunScenarioMaxTurnsTermination |
software | healthy | skills/skill-comply/tests/test_runner.py:104 |
TestRunScenarioErrorIncludesStdoutTail |
software | healthy | skills/skill-comply/tests/test_runner.py:146 |
TestParseTrace |
software | healthy | skills/skill-comply/tests/test_parser.py:19 |
TestParseSpec |
software | healthy | skills/skill-comply/tests/test_parser.py:54 |
TestGradeCompliant |
software | healthy | skills/skill-comply/tests/test_grader.py:53 |
TestGradeNoncompliant |
software | healthy | skills/skill-comply/tests/test_grader.py:90 |
TestGradeEdgeCases |
software | healthy | skills/skill-comply/tests/test_grader.py:122 |
ObservationEvent |
software | healthy | skills/skill-comply/scripts/parser.py:13 |
Detector |
software | healthy | skills/skill-comply/scripts/parser.py:23 |
Step |
software | healthy | skills/skill-comply/scripts/parser.py:30 |
ComplianceSpec |
software | healthy | skills/skill-comply/scripts/parser.py:38 |
StepResult |
software | healthy | skills/skill-comply/scripts/grader.py:12 |
ComplianceResult |
software | healthy | skills/skill-comply/scripts/grader.py:20 |
ScenarioRun |
software | healthy | skills/skill-comply/scripts/runner.py:25 |
Scenario |
software | healthy | skills/skill-comply/scripts/scenario_generator.py:17 |
PromptConfig |
software | healthy | src/llm/prompt/builder.py:15 |
Showing first 50 of this kind. Full payload available via the JSON button at the top of the page.
| Label | Layer | Status | Path |
|---|---|---|---|
ioc-watch |
cicd | healthy | .github/workflows/supply-chain-watch.yml |
dependency-check |
cicd | healthy | .github/workflows/maintenance.yml |
security-audit |
cicd | healthy | .github/workflows/maintenance.yml |
stale |
cicd | healthy | .github/workflows/maintenance.yml |
verify |
cicd | healthy | .github/workflows/reusable-release.yml |
publish |
cicd | healthy | .github/workflows/reusable-release.yml |
test |
cicd | healthy | .github/workflows/reusable-test.yml |
test |
cicd | healthy | .github/workflows/ci.yml |
validate |
cicd | healthy | .github/workflows/ci.yml |
security |
cicd | healthy | .github/workflows/ci.yml |
coverage |
cicd | healthy | .github/workflows/ci.yml |
lint |
cicd | healthy | .github/workflows/ci.yml |
validate |
cicd | healthy | .github/workflows/reusable-validate.yml |
snapshot |
cicd | healthy | .github/workflows/monthly-metrics.yml |
verify |
cicd | healthy | .github/workflows/release.yml |
publish |
cicd | healthy | .github/workflows/release.yml |
| Label | Layer | Status | Path |
|---|---|---|---|
auth::tests/scripts/claw.test.js |
security | healthy | tests/scripts/claw.test.js |
auth::scripts/hooks/governance-capture.js |
security | healthy | scripts/hooks/governance-capture.js |
auth::tests/hooks/mcp-health-check.test.js |
security | healthy | tests/hooks/mcp-health-check.test.js |
auth::scripts/hooks/mcp-health-check.js |
security | healthy | scripts/hooks/mcp-health-check.js |
auth::tests/hooks/hooks.test.js |
security | healthy | tests/hooks/hooks.test.js |
auth::tests/docs/legacy-artifact-inventory.test.js |
security | healthy | tests/docs/legacy-artifact-inventory.test.js |
auth::ecc2/src/tui/dashboard.rs |
security | healthy | ecc2/src/tui/dashboard.rs |
auth::scripts/operator-readiness-dashboard.js |
security | healthy | scripts/operator-readiness-dashboard.js |
auth::ecc2/src/main.rs |
security | healthy | ecc2/src/main.rs |
auth::tests/scripts/operator-readiness-dashboard.test.js |
security | healthy | tests/scripts/operator-readiness-dashboard.test.js |
auth::tests/ci/validate-workflow-security.test.js |
security | healthy | tests/ci/validate-workflow-security.test.js |
| Label | Layer | Status | Path |
|---|---|---|---|
/notes |
frontend | healthy | tests/lib/control-pane-state.test.js |
/notes/.env |
frontend | healthy | tests/lib/control-pane-state.test.js |
/notes/hermes |
frontend | healthy | tests/lib/control-pane-state.test.js |
/notes/pinned.md |
frontend | healthy | tests/lib/control-pane-state.test.js |
/notes/malformed |
frontend | healthy | tests/lib/control-pane-state.test.js |
/notes/shared-a.md |
frontend | healthy | tests/lib/control-pane-state.test.js |
/notes/shared-b.md |
frontend | healthy | tests/lib/control-pane-state.test.js |
/workspace/app/ecc-install.json |
frontend | healthy | tests/lib/install-request.test.js |
/repo/a |
frontend | healthy | tests/hooks/ecc-metrics-bridge.test.js |
| Label | Layer | Status | Path |
|---|---|---|---|
gha::supply-chain-watch |
cicd | healthy | .github/workflows/supply-chain-watch.yml |
gha::maintenance |
cicd | healthy | .github/workflows/maintenance.yml |
gha::reusable-release |
cicd | healthy | .github/workflows/reusable-release.yml |
gha::reusable-test |
cicd | healthy | .github/workflows/reusable-test.yml |
gha::ci |
cicd | healthy | .github/workflows/ci.yml |
gha::reusable-validate |
cicd | healthy | .github/workflows/reusable-validate.yml |
gha::monthly-metrics |
cicd | healthy | .github/workflows/monthly-metrics.yml |
gha::release |
cicd | healthy | .github/workflows/release.yml |
| Label | Layer | Status | Path |
|---|---|---|---|
postgresql |
data | healthy | ecc_dashboard.py |
clickhouse |
data | healthy | package.json |
mysql |
data | healthy | package.json |
postgres |
data | healthy | package.json |
redis |
data | healthy | tests/docs/stale-pr-salvage-ledger.test.js |
sqlite |
data | healthy | tests/lib/state-store.test.js |
| Label | Layer | Status | Path |
|---|---|---|---|
127.0.0.1 |
network | healthy | tests/scripts/control-pane.test.js |
169.254.169.254 |
network | healthy | tests/ci/scan-supply-chain-iocs.test.js |
169.254.170.2 |
network | healthy | tests/ci/scan-supply-chain-iocs.test.js |
83.142.209.194 |
network | healthy | scripts/ci/scan-supply-chain-iocs.js |
37.16.75.69 |
network | healthy | scripts/ci/scan-supply-chain-iocs.js |
| Label | Layer | Status | Path |
|---|---|---|---|
vps::aws |
hardware | healthy | tests/hooks/governance-capture.test.js |
vps::azure |
hardware | healthy | scripts/ci/scan-supply-chain-iocs.js |
vps::gcp |
hardware | healthy | scripts/ci/scan-supply-chain-iocs.js |
| Label | Layer | Status | Path |
|---|---|---|---|
github_token::tests/hooks/governance-capture.test.js |
security | healthy | tests/hooks/governance-capture.test.js |
generic_api_key::tests/hooks/governance-capture.test.js |
security | healthy | tests/hooks/governance-capture.test.js |
github_token::tests/hooks/pre-bash-commit-quality.test.js |
security | healthy | tests/hooks/pre-bash-commit-quality.test.js |
| Label | Layer | Status | Path |
|---|---|---|---|
port:11 |
network | healthy | skills/continuous-learning-v2/agents/session-guardian.sh |
port:14 |
network | healthy | .github/workflows/monthly-metrics.yml |
| Label | Layer | Status | Path |
|---|---|---|---|
repobility-clone-70moxm2s |
software | healthy | /tmp/repobility-clone-70moxm2s |
| Label | Layer | Status | Path |
|---|---|---|---|
celery |
data | healthy | tests/docs/stale-pr-salvage-ledger.test.js |
| Label | Layer | Status | Path |
|---|---|---|---|
migrations.js |
data | healthy | scripts/lib/state-store/migrations.js |
| Label | Layer | Status | Path |
|---|---|---|---|
NPM_TOKEN |
cicd | healthy | — |
This page is publicly accessible at:
https://repobility.com/scan/cee07bfa-32f3-4702-be86-74f070e7d41b/
To check status programmatically (no auth required):
curl -s https://repobility.com/api/v1/public/scan/cee07bfa-32f3-4702-be86-74f070e7d41b/Important — please don't re-submit the same URL repeatedly. The submission endpoint is idempotent: re-submitting the same git URL returns this same scan_token, not a new one. To re-scan this repo, sign up free and use the dashboard.