https://github.com/cli/cli.git
· scanned 2026-05-16 09:39 UTC (2 weeks, 5 days ago)
· 10 languages
129 findings (24 legacy + 105 scanner) 50th percentile · Go · large (100-500K LoC) Scanner says 73 (higher by 8)
Last scanned 2 weeks, 5 days ago · v1 · 22 findings from 1 source. Findings combine the legacy security pipeline AND the multi-layer engine (atlas, wiring, flows, ranked) AND verified AI agent contributions.
All 1515 nodes from the latest scan, grouped by kind. Each node is a unit the engine identified (file, function, endpoint, table…). Most users won't need this view — it's primarily for debugging the engine's graph extraction or for AI agents that want to enumerate the project structure.
| Label | Layer | Status | Path |
|---|---|---|---|
.golangci.yml |
software | healthy | .golangci.yml |
README.md |
software | healthy | README.md |
.goreleaser.yml |
software | healthy | .goreleaser.yml |
go.mod |
software | healthy | go.mod |
Makefile |
software | healthy | Makefile |
AGENTS.md |
software | healthy | AGENTS.md |
devcontainer.json |
software | healthy | .devcontainer/devcontainer.json |
client_test.go |
software | healthy | api/client_test.go |
export_pr_test.go |
software | healthy | api/export_pr_test.go |
queries_issue.go |
software | healthy | api/queries_issue.go |
export_repo.go |
software | healthy | api/export_repo.go |
query_builder_test.go |
software | healthy | api/query_builder_test.go |
queries_projects_v2.go |
software | healthy | api/queries_projects_v2.go |
export_pr.go |
software | healthy | api/export_pr.go |
queries_projects_v2_test.go |
software | healthy | api/queries_projects_v2_test.go |
http_client.go |
software | healthy | api/http_client.go |
queries_pr_test.go |
software | healthy | api/queries_pr_test.go |
queries_repo.go |
software | healthy | api/queries_repo.go |
queries_user.go |
software | healthy | api/queries_user.go |
queries_comments.go |
software | healthy | api/queries_comments.go |
reaction_groups.go |
software | healthy | api/reaction_groups.go |
client.go |
software | healthy | api/client.go |
queries_repo_test.go |
software | healthy | api/queries_repo_test.go |
reaction_groups_test.go |
software | healthy | api/reaction_groups_test.go |
http_client_test.go |
software | healthy | api/http_client_test.go |
query_builder.go |
software | healthy | api/query_builder.go |
pull_request_test.go |
software | healthy | api/pull_request_test.go |
queries_branch_issue_reference.go |
software | healthy | api/queries_branch_issue_reference.go |
queries_pr.go |
software | healthy | api/queries_pr.go |
queries_pr_review.go |
software | healthy | api/queries_pr_review.go |
queries_org.go |
software | healthy | api/queries_org.go |
zip_test.go |
software | healthy | internal/zip/zip_test.go |
zip.go |
software | healthy | internal/zip/zip.go |
text.go |
software | healthy | internal/text/text.go |
text_test.go |
software | healthy | internal/text/text_test.go |
config_test.go |
software | healthy | internal/config/config_test.go |
migrate_test.go |
software | healthy | internal/config/migrate_test.go |
stub.go |
software | healthy | internal/config/stub.go |
auth_config_test.go |
software | healthy | internal/config/auth_config_test.go |
config.go |
software | healthy | internal/config/config.go |
multi_account_test.go |
software | healthy | internal/config/migration/multi_account_test.go |
multi_account.go |
software | healthy | internal/config/migration/multi_account.go |
detector_mock.go |
software | healthy | internal/featuredetection/detector_mock.go |
feature_detection.go |
software | healthy | internal/featuredetection/feature_detection.go |
feature_detection_test.go |
software | healthy | internal/featuredetection/feature_detection_test.go |
embed_darwin_arm64.go |
software | healthy | internal/licenses/embed_darwin_arm64.go |
embed_linux_386.go |
software | healthy | internal/licenses/embed_linux_386.go |
embed_linux_amd64.go |
software | healthy | internal/licenses/embed_linux_amd64.go |
embed_windows_386.go |
software | healthy | internal/licenses/embed_windows_386.go |
embed_default.go |
software | healthy | internal/licenses/embed_default.go |
Showing first 50 of this kind. Full payload available via the JSON button at the top of the page.
| Label | Layer | Status | Path |
|---|---|---|---|
.devcontainer |
software | healthy | .devcontainer |
api |
software | healthy | api |
internal |
software | healthy | internal |
zip |
software | healthy | internal/zip |
text |
software | healthy | internal/text |
config |
software | healthy | internal/config |
migration |
software | healthy | internal/config/migration |
featuredetection |
software | healthy | internal/featuredetection |
licenses |
software | healthy | internal/licenses |
docs |
software | healthy | internal/docs |
flock |
software | healthy | internal/flock |
keyring |
software | healthy | internal/keyring |
prompter |
software | healthy | internal/prompter |
tableprinter |
software | healthy | internal/tableprinter |
agents |
software | healthy | internal/agents |
gh |
software | healthy | internal/gh |
ghtelemetry |
software | healthy | internal/gh/ghtelemetry |
mock |
software | healthy | internal/gh/mock |
barista |
software | healthy | internal/barista |
observability |
software | healthy | internal/barista/observability |
authflow |
software | healthy | internal/authflow |
codespaces |
software | healthy | internal/codespaces |
portforwarder |
software | healthy | internal/codespaces/portforwarder |
api |
software | healthy | internal/codespaces/api |
connection |
software | healthy | internal/codespaces/connection |
rpc |
software | healthy | internal/codespaces/rpc |
test |
software | healthy | internal/codespaces/rpc/test |
jupyter |
software | healthy | internal/codespaces/rpc/jupyter |
ssh |
software | healthy | internal/codespaces/rpc/ssh |
codespace |
software | healthy | internal/codespaces/rpc/codespace |
safepaths |
software | healthy | internal/safepaths |
skills |
software | healthy | internal/skills |
registry |
software | healthy | internal/skills/registry |
lockfile |
software | healthy | internal/skills/lockfile |
installer |
software | healthy | internal/skills/installer |
discovery |
software | healthy | internal/skills/discovery |
source |
software | healthy | internal/skills/source |
frontmatter |
software | healthy | internal/skills/frontmatter |
update |
software | healthy | internal/update |
ghcmd |
software | healthy | internal/ghcmd |
ci |
software | healthy | internal/ci |
ghrepo |
software | healthy | internal/ghrepo |
telemetry |
software | healthy | internal/telemetry |
browser |
software | healthy | internal/browser |
ghinstance |
software | healthy | internal/ghinstance |
run |
software | healthy | internal/run |
test |
software | healthy | test |
integration |
software | healthy | test/integration |
attestation-cmd |
software | healthy | test/integration/attestation-cmd |
verify |
software | healthy | test/integration/attestation-cmd/verify |
Showing first 50 of this kind. Full payload available via the JSON button at the top of the page.
| Label | Layer | Status | Path |
|---|---|---|---|
port:10 |
network | healthy | .github/workflows/scripts/spam-detection/eval-prompts.yml |
port:12 |
network | healthy | .github/workflows/scripts/spam-detection/eval-prompts.yml |
port:17 |
network | healthy | .github/workflows/scripts/spam-detection/eval-prompts.yml |
port:4546 |
network | healthy | .github/workflows/scripts/spam-detection/eval-prompts.yml |
port:09 |
network | healthy | .github/workflows/scripts/spam-detection/eval-prompts.yml |
port:44 |
network | healthy | .github/workflows/scripts/spam-detection/eval-prompts.yml |
port:23 |
network | healthy | .github/workflows/scripts/spam-detection/eval-prompts.yml |
port:25 |
network | healthy | .github/workflows/scripts/spam-detection/eval-prompts.yml |
port:06 |
network | healthy | .github/workflows/scripts/spam-detection/eval-prompts.yml |
port:47 |
network | healthy | .github/workflows/scripts/spam-detection/eval-prompts.yml |
port:009 |
network | healthy | .github/workflows/scripts/spam-detection/eval-prompts.yml |
port:223 |
network | healthy | .github/workflows/scripts/spam-detection/eval-prompts.yml |
port:29 |
network | healthy | .github/workflows/scripts/spam-detection/eval-prompts.yml |
port:32 |
network | healthy | .github/workflows/scripts/spam-detection/eval-prompts.yml |
port:002 |
network | healthy | .github/workflows/scripts/spam-detection/eval-prompts.yml |
port:005 |
network | healthy | .github/workflows/scripts/spam-detection/eval-prompts.yml |
port:362 |
network | healthy | .github/workflows/scripts/spam-detection/eval-prompts.yml |
port:14 |
network | healthy | .github/workflows/scripts/spam-detection/eval-prompts.yml |
port:04 |
network | healthy | .github/workflows/scripts/spam-detection/eval-prompts.yml |
port:31 |
network | healthy | .github/workflows/scripts/spam-detection/eval-prompts.yml |
port:949 |
network | healthy | .github/workflows/scripts/spam-detection/eval-prompts.yml |
port:84 |
network | healthy | .github/workflows/scripts/spam-detection/eval-prompts.yml |
port:16 |
network | healthy | .github/workflows/scripts/spam-detection/eval-prompts.yml |
port:28 |
network | healthy | .github/workflows/scripts/spam-detection/eval-prompts.yml |
port:15 |
network | healthy | .github/workflows/scripts/spam-detection/eval-prompts.yml |
port:30 |
network | healthy | .github/workflows/scripts/spam-detection/eval-prompts.yml |
port:01 |
network | healthy | .github/workflows/scripts/spam-detection/eval-prompts.yml |
port:54 |
network | healthy | .github/workflows/scripts/spam-detection/eval-prompts.yml |
port:56 |
network | healthy | .github/workflows/scripts/spam-detection/eval-prompts.yml |
port:35 |
network | healthy | .github/workflows/scripts/spam-detection/eval-prompts.yml |
port:34 |
network | healthy | .github/workflows/scripts/spam-detection/eval-prompts.yml |
port:20 |
network | healthy | .github/workflows/scripts/spam-detection/eval-prompts.yml |
port:36 |
network | healthy | .github/workflows/scripts/spam-detection/eval-prompts.yml |
port:08 |
network | healthy | .github/workflows/scripts/spam-detection/eval-prompts.yml |
port:21 |
network | healthy | .github/workflows/scripts/spam-detection/eval-prompts.yml |
port:13 |
network | healthy | .github/workflows/scripts/spam-detection/eval-prompts.yml |
port:57 |
network | healthy | .github/workflows/scripts/spam-detection/eval-prompts.yml |
port:24 |
network | healthy | .github/workflows/scripts/spam-detection/eval-prompts.yml |
port:48 |
network | healthy | .github/workflows/scripts/spam-detection/eval-prompts.yml |
port:2606 |
network | healthy | .github/workflows/scripts/spam-detection/eval-prompts.yml |
port:50 |
network | healthy | .github/workflows/scripts/spam-detection/eval-prompts.yml |
port:22 |
network | healthy | .github/workflows/scripts/spam-detection/eval-prompts.yml |
port:58 |
network | healthy | .github/workflows/scripts/spam-detection/eval-prompts.yml |
port:11 |
network | healthy | .github/workflows/scripts/spam-detection/eval-prompts.yml |
port:45 |
network | healthy | .github/workflows/scripts/spam-detection/eval-prompts.yml |
port:33 |
network | healthy | .github/workflows/scripts/spam-detection/eval-prompts.yml |
port:91 |
network | healthy | .github/workflows/scripts/spam-detection/eval-prompts.yml |
port:207 |
network | healthy | .github/workflows/scripts/spam-detection/eval-prompts.yml |
port:20275 |
network | healthy | .github/workflows/scripts/spam-detection/eval-prompts.yml |
port:19 |
network | healthy | .github/workflows/scripts/spam-detection/eval-prompts.yml |
Showing first 50 of this kind. Full payload available via the JSON button at the top of the page.
| Label | Layer | Status | Path |
|---|---|---|---|
auth::pkg/cmd/auth/status/status_test.go |
security | healthy | pkg/cmd/auth/status/status_test.go |
auth::pkg/cmd/agent-task/agent_task_test.go |
security | healthy | pkg/cmd/agent-task/agent_task_test.go |
auth::pkg/cmd/auth/refresh/refresh_test.go |
security | healthy | pkg/cmd/auth/refresh/refresh_test.go |
auth::api/client.go |
security | healthy | api/client.go |
auth::pkg/cmd/status/fixtures/search_forbidden.json |
security | healthy | pkg/cmd/status/fixtures/search_forbidden.json |
auth::pkg/cmd/attestation/verification/extensions.go |
security | healthy | pkg/cmd/attestation/verification/extensions.go |
auth::go.mod |
security | healthy | go.mod |
auth::.github/workflows/scripts/spam-detection/eval-prompts… |
security | healthy | .github/workflows/scripts/spam-detection/eval-prompts.yml |
auth::pkg/httpmock/stub.go |
security | healthy | pkg/httpmock/stub.go |
auth::pkg/cmd/repo/sync/sync_test.go |
security | healthy | pkg/cmd/repo/sync/sync_test.go |
auth::internal/gh/gh.go |
security | healthy | internal/gh/gh.go |
auth::pkg/cmd/gpg-key/list/list.go |
security | healthy | pkg/cmd/gpg-key/list/list.go |
auth::pkg/cmd/auth/login/login.go |
security | healthy | pkg/cmd/auth/login/login.go |
auth::pkg/cmd/attestation/verification/policy.go |
security | healthy | pkg/cmd/attestation/verification/policy.go |
auth::internal/config/migration/multi_account_test.go |
security | healthy | internal/config/migration/multi_account_test.go |
auth::pkg/cmd/attestation/verify/verify_integration_test.go |
security | healthy | pkg/cmd/attestation/verify/verify_integration_test.go |
auth::internal/config/config.go |
security | healthy | internal/config/config.go |
auth::internal/config/migration/multi_account.go |
security | healthy | internal/config/migration/multi_account.go |
auth::pkg/cmd/gpg-key/add/add.go |
security | healthy | pkg/cmd/gpg-key/add/add.go |
auth::internal/authflow/flow.go |
security | healthy | internal/authflow/flow.go |
auth::pkg/cmd/gpg-key/list/http.go |
security | healthy | pkg/cmd/gpg-key/list/http.go |
auth::internal/ghcmd/cmd_test.go |
security | healthy | internal/ghcmd/cmd_test.go |
auth::pkg/cmd/release/create/http.go |
security | healthy | pkg/cmd/release/create/http.go |
auth::pkg/cmd/auth/logout/logout.go |
security | healthy | pkg/cmd/auth/logout/logout.go |
auth::pkg/cmd/auth/shared/oauth_scopes_test.go |
security | healthy | pkg/cmd/auth/shared/oauth_scopes_test.go |
auth::pkg/cmd/auth/token/token_test.go |
security | healthy | pkg/cmd/auth/token/token_test.go |
auth::internal/config/auth_config_test.go |
security | healthy | internal/config/auth_config_test.go |
auth::pkg/cmd/release/create/create_test.go |
security | healthy | pkg/cmd/release/create/create_test.go |
auth::pkg/cmd/factory/default.go |
security | healthy | pkg/cmd/factory/default.go |
auth::pkg/cmd/attestation/verify/verify.go |
security | healthy | pkg/cmd/attestation/verify/verify.go |
auth::pkg/cmd/gpg-key/add/http.go |
security | healthy | pkg/cmd/gpg-key/add/http.go |
auth::pkg/cmd/attestation/verification/extensions_test.go |
security | healthy | pkg/cmd/attestation/verification/extensions_test.go |
auth::pkg/cmd/agent-task/agent_task.go |
security | healthy | pkg/cmd/agent-task/agent_task.go |
auth::pkg/cmd/auth/token/token.go |
security | healthy | pkg/cmd/auth/token/token.go |
auth::pkg/cmd/attestation/verify/policy.go |
security | healthy | pkg/cmd/attestation/verify/policy.go |
auth::.github/workflows/deployment.yml |
security | healthy | .github/workflows/deployment.yml |
auth::api/client_test.go |
security | healthy | api/client_test.go |
auth::pkg/cmd/status/status_test.go |
security | healthy | pkg/cmd/status/status_test.go |
auth::pkg/cmd/auth/shared/oauth_scopes.go |
security | healthy | pkg/cmd/auth/shared/oauth_scopes.go |
auth::pkg/cmd/auth/refresh/refresh.go |
security | healthy | pkg/cmd/auth/refresh/refresh.go |
auth::internal/ghcmd/cmd.go |
security | healthy | internal/ghcmd/cmd.go |
| Label | Layer | Status | Path |
|---|---|---|---|
CodeQL-Build |
cicd | healthy | .github/workflows/codeql.yml |
validate-tag-name |
cicd | healthy | .github/workflows/deployment.yml |
linux |
cicd | healthy | .github/workflows/deployment.yml |
macos |
cicd | healthy | .github/workflows/deployment.yml |
windows |
cicd | healthy | .github/workflows/deployment.yml |
release |
cicd | healthy | .github/workflows/deployment.yml |
bump-go |
cicd | healthy | .github/workflows/bump-go.yml |
lint |
cicd | healthy | .github/workflows/lint.yml |
govulncheck |
cicd | healthy | .github/workflows/lint.yml |
build |
cicd | healthy | .github/workflows/go.yml |
integration-tests |
cicd | healthy | .github/workflows/go.yml |
label-incoming |
cicd | healthy | .github/workflows/triage-issues.yml |
close-invalid |
cicd | healthy | .github/workflows/triage-issues.yml |
close-suspected-spam |
cicd | healthy | .github/workflows/triage-issues.yml |
close-single-word |
cicd | healthy | .github/workflows/triage-issues.yml |
close-off-topic |
cicd | healthy | .github/workflows/triage-issues.yml |
enhancement-comment |
cicd | healthy | .github/workflows/triage-issues.yml |
unable-to-reproduce |
cicd | healthy | .github/workflows/triage-issues.yml |
remove-needs-triage |
cicd | healthy | .github/workflows/triage-issues.yml |
on-issue-close |
cicd | healthy | .github/workflows/triage-issues.yml |
issue-spam |
cicd | healthy | .github/workflows/detect-spam.yml |
label-external |
cicd | healthy | .github/workflows/triage-pull-requests.yml |
close-from-default-branch |
cicd | healthy | .github/workflows/triage-pull-requests.yml |
check-requirements |
cicd | healthy | .github/workflows/triage-pull-requests.yml |
close-unmet-requirements |
cicd | healthy | .github/workflows/triage-pull-requests.yml |
close-no-help-wanted |
cicd | healthy | .github/workflows/triage-pull-requests.yml |
ready-for-review |
cicd | healthy | .github/workflows/triage-pull-requests.yml |
discuss |
cicd | healthy | .github/workflows/triage-discussion-label.yml |
govulncheck |
cicd | healthy | .github/workflows/govulncheck.yml |
no-response |
cicd | healthy | .github/workflows/triage-scheduled-tasks.yml |
stale |
cicd | healthy | .github/workflows/triage-scheduled-tasks.yml |
pitch-surface |
cicd | healthy | .github/workflows/triage-scheduled-tasks.yml |
bump |
cicd | healthy | .github/workflows/homebrew-bump.yml |
| Label | Layer | Status | Path |
|---|---|---|---|
TAG |
cicd | healthy | — |
SITE_DEPLOY_PAT |
cicd | healthy | — |
GPG_PASSPHRASE |
cicd | healthy | — |
APPLE_APPLICATION_CERT |
cicd | healthy | — |
APPLE_APPLICATION_CERT_PASSWORD |
cicd | healthy | — |
SPN_GITHUB_CLI_SIGNING_CLIENT_ID |
cicd | healthy | — |
GPG_PUBKEY |
cicd | healthy | — |
APPLE_ID_PASSWORD |
cicd | healthy | — |
SPN_GITHUB_CLI_SIGNING_TENANT_ID |
cicd | healthy | — |
HOMEBREW_PR_PAT |
cicd | healthy | — |
GPG_KEY |
cicd | healthy | — |
AUTOMATION_TOKEN |
cicd | healthy | — |
GPG_KEYGRIP |
cicd | healthy | — |
CLI_DISCUSSION_TRIAGE_TOKEN |
cicd | healthy | — |
REGISTRY |
cicd | healthy | — |
GITHUB_TOKEN |
cicd | healthy | — |
IMAGE |
cicd | healthy | — |
| Label | Layer | Status | Path |
|---|---|---|---|
gha::codeql |
cicd | healthy | .github/workflows/codeql.yml |
gha::deployment |
cicd | healthy | .github/workflows/deployment.yml |
gha::bump-go |
cicd | healthy | .github/workflows/bump-go.yml |
gha::lint |
cicd | healthy | .github/workflows/lint.yml |
gha::go |
cicd | healthy | .github/workflows/go.yml |
gha::triage-issues |
cicd | healthy | .github/workflows/triage-issues.yml |
gha::detect-spam |
cicd | healthy | .github/workflows/detect-spam.yml |
gha::triage-pull-requests |
cicd | healthy | .github/workflows/triage-pull-requests.yml |
gha::triage-discussion-label |
cicd | healthy | .github/workflows/triage-discussion-label.yml |
gha::govulncheck |
cicd | healthy | .github/workflows/govulncheck.yml |
gha::triage-scheduled-tasks |
cicd | healthy | .github/workflows/triage-scheduled-tasks.yml |
gha::homebrew-bump |
cicd | healthy | .github/workflows/homebrew-bump.yml |
gha::eval-prompts |
cicd | healthy | .github/workflows/scripts/spam-detection/eval-prompts.yml |
gha::check-issue-prompts |
cicd | healthy | .github/workflows/scripts/spam-detection/check-issue-prompt… |
| Label | Layer | Status | Path |
|---|---|---|---|
127.0.0.1 |
network | healthy | internal/authflow/flow_test.go |
7.59.4.07 |
network | healthy | internal/authflow/success.go |
1.23.82.72 |
network | healthy | internal/authflow/success.go |
2.33.66.07 |
network | healthy | internal/authflow/success.go |
2.2.82.64 |
network | healthy | internal/authflow/success.go |
2.12.51.56 |
network | healthy | internal/authflow/success.go |
3.95.29.25 |
network | healthy | internal/authflow/success.go |
21.15.46.55 |
network | healthy | internal/authflow/success.go |
1.0.1.1 |
network | healthy | .github/workflows/codeql.yml |
2.0.422.1 |
network | healthy | .github/workflows/scripts/spam-detection/eval-prompts.yml |
| Label | Layer | Status | Path |
|---|---|---|---|
grpc::JupyterServerHost |
api | healthy | internal/codespaces/rpc/jupyter/jupyter_server_host_service… |
grpc::SshServerHost |
api | healthy | internal/codespaces/rpc/ssh/ssh_server_host_service.v1.proto |
grpc::CodespaceHost |
api | healthy | internal/codespaces/rpc/codespace/codespace_host_service.v1… |
| Label | Layer | Status | Path |
|---|---|---|---|
password_literal::internal/prompter/huh_prompter_test.go |
security | healthy | internal/prompter/huh_prompter_test.go |
password_literal::.github/workflows/deployment.yml |
security | healthy | .github/workflows/deployment.yml |
| Label | Layer | Status | Path |
|---|---|---|---|
repobility-clone-bfz5xzf0 |
software | healthy | /tmp/repobility-clone-bfz5xzf0 |
| Label | Layer | Status | Path |
|---|---|---|---|
vps::azure |
hardware | healthy | .github/workflows/deployment.yml |
This page is publicly accessible at:
https://repobility.com/scan/d6788985-9c3a-4a73-a054-0e5a1f821ca9/
To check status programmatically (no auth required):
curl -s https://repobility.com/api/v1/public/scan/d6788985-9c3a-4a73-a054-0e5a1f821ca9/Important — please don't re-submit the same URL repeatedly. The submission endpoint is idempotent: re-submitting the same git URL returns this same scan_token, not a new one. To re-scan this repo, sign up free and use the dashboard.