Public scan — anyone with this URL can view this analysis. Sign up to track your own repos privately, run scheduled re-scans, and get AI fix prompts via your dashboard.
Sign up free Scan another repo
75 of your 119 findings came from Repobility's proprietary detections. ✓ Repobility tags below mark them.

Scan timing: clone 4.59s · analysis 2.56s · 24.8 MB · GitHub API rate-limit (preflight)

microsoft/markitdown

https://github.com/microsoft/markitdown · scanned 2026-06-04 04:10 UTC (1 day, 4 hours ago) · 10 languages

223 findings (115 legacy + 108 scanner) 70th percentile · Python · small (2-20K LoC) Scanner says 89 (lower by 12)

File as issue Image v2 schema
UNIFIED Repobility · multi-layer engine · AI coders

Complete repo analysis

Last scanned 1 day, 4 hours ago · v2 · 169 findings from 2 sources. Findings combine the legacy security pipeline AND the multi-layer engine (atlas, wiring, flows, ranked) AND verified AI agent contributions.

JSON
Combined
83.0
/100
Repobility
77
115 legacy
9-layer
89
88.9% cov · 54 gaps
Critical
0
click to filter
Agents
6
0 votes
Crowd
0
reported
Score breakdown â 2026-05-18-v5
Component Sub-score Weight Contribution
structure_score 55.0 0.15 8.25
security_score 97.7 0.25 24.43
testing_score 85.0 0.20 17.00
documentation_score 80.0 0.15 12.00
practices_score 75.0 0.15 11.25
code_quality 43.6 0.10 4.36
Overall 1.00 77.3
Severity distribution — click a segment to filter
Active filters: excluding tests × Reset all
Severity: Critical 0 High 89 Medium 9 Low 59 9-Layer: Software Security Quality Integrity Frontend Hardware Data Network Cicd Source: Legacy 115 9-layer 54 Crowd 0 Layer: Cicd 6 Quality 115 Software 42 Api 1 Hardware 3 Frontend 1 Security 1
Scan summary Repository scanned at 89.4/100 with 88.9% coverage. It contains 606 nodes across 0 cross-layer flows, written primarily in mixed languages. Engine surfaced 54 findings — concentrated in software (35), quality (12), hardware (3). Risk profile is low: 0 critical, 0 high, 0 medium. Recommended next step: open the software layer findings first — that's where the highest-impact wins live.

Showing 145 of 169 findings. Click TP / FP to vote on a finding's accuracy — votes adjust the confidence weighting and improve detection across the platform.

low Legacy quality quality conf 1.00 ✓ Repobility [MINED001] Bare Except Pass: except: pass or except Exception: pass — silently swallows everything including KeyboardInterrupt and bugs.
Review and fix per the pattern semantics. See CWE-755 / for context.
packages/markitdown-ocr/src/markitdown_ocr/_xlsx_converter_with_ocr.py:211 qualitylegacy
low Legacy quality quality conf 1.00 ✓ Repobility [MINED001] Bare Except Pass: except: pass or except Exception: pass — silently swallows everything including KeyboardInterrupt and bugs.
Review and fix per the pattern semantics. See CWE-755 / for context.
packages/markitdown-ocr/src/markitdown_ocr/_pptx_converter_with_ocr.py:121 qualitylegacy
low Legacy quality quality conf 1.00 ✓ Repobility [MINED001] Bare Except Pass: except: pass or except Exception: pass — silently swallows everything including KeyboardInterrupt and bugs.
Review and fix per the pattern semantics. See CWE-755 / for context.
packages/markitdown-ocr/src/markitdown_ocr/_docx_converter_with_ocr.py:155 qualitylegacy
high Legacy quality quality conf 1.00 ✓ Repobility [MINED006] Overcatch Baseexception: except BaseException: ... — prevents Ctrl+C and SystemExit from working.
Review and fix per the pattern semantics. See CWE-705 / for context.
packages/markitdown/src/markitdown/converters/_rss_converter.py:68 qualitylegacy
high Legacy quality quality conf 1.00 ✓ Repobility `self._column_number_to_letter` used but never assigned in __init__
Method `_extract_and_ocr_sheet_images` of class `XlsxConverterWithOCR` reads `self._column_number_to_letter`, but no assignment to it exists in __init__ (and no class-level fallback). This raises AttributeError the first time the method runs against an instance.
packages/markitdown-ocr/src/markitdown_ocr/_xlsx_converter_with_ocr.py:191 qualitylegacy
high Legacy quality quality conf 1.00 ✓ Repobility `self._convert_chart_to_markdown` used but never assigned in __init__
Method `convert` of class `PptxConverterWithOCR` reads `self._convert_chart_to_markdown`, but no assignment to it exists in __init__ (and no class-level fallback). This raises AttributeError the first time the method runs against an instance.
packages/markitdown-ocr/src/markitdown_ocr/_pptx_converter_with_ocr.py:146 qualitylegacy
high Legacy quality quality conf 1.00 ✓ Repobility `self._convert_standard` used but never assigned in __init__
Method `convert` of class `XlsxConverterWithOCR` reads `self._convert_standard`, but no assignment to it exists in __init__ (and no class-level fallback). This raises AttributeError the first time the method runs against an instance.
packages/markitdown-ocr/src/markitdown_ocr/_xlsx_converter_with_ocr.py:86 qualitylegacy
high Legacy quality quality conf 1.00 ✓ Repobility `self._convert_table_to_markdown` used but never assigned in __init__
Method `convert` of class `PptxConverterWithOCR` reads `self._convert_table_to_markdown`, but no assignment to it exists in __init__ (and no class-level fallback). This raises AttributeError the first time the method runs against an instance.
packages/markitdown-ocr/src/markitdown_ocr/_pptx_converter_with_ocr.py:142 qualitylegacy
high Legacy quality quality conf 1.00 ✓ Repobility `self._convert_with_ocr` used but never assigned in __init__
Method `convert` of class `XlsxConverterWithOCR` reads `self._convert_with_ocr`, but no assignment to it exists in __init__ (and no class-level fallback). This raises AttributeError the first time the method runs against an instance.
packages/markitdown-ocr/src/markitdown_ocr/_xlsx_converter_with_ocr.py:82 qualitylegacy
high Legacy quality quality conf 1.00 ✓ Repobility `self._extract_and_ocr_images` used but never assigned in __init__
Method `convert` of class `DocxConverterWithOCR` reads `self._extract_and_ocr_images`, but no assignment to it exists in __init__ (and no class-level fallback). This raises AttributeError the first time the method runs against an instance.
packages/markitdown-ocr/src/markitdown_ocr/_docx_converter_with_ocr.py:88 qualitylegacy
high Legacy quality quality conf 1.00 ✓ Repobility `self._extract_and_ocr_sheet_images` used but never assigned in __init__
Method `_convert_with_ocr` of class `XlsxConverterWithOCR` reads `self._extract_and_ocr_sheet_images`, but no assignment to it exists in __init__ (and no class-level fallback). This raises AttributeError the first time the method runs against an instance.
packages/markitdown-ocr/src/markitdown_ocr/_xlsx_converter_with_ocr.py:139 qualitylegacy
high Legacy quality quality conf 1.00 ✓ Repobility `self._extract_page_images` used but never assigned in __init__
Method `convert` of class `PdfConverterWithOCR` reads `self._extract_page_images`, but no assignment to it exists in __init__ (and no class-level fallback). This raises AttributeError the first time the method runs against an instance.
packages/markitdown-ocr/src/markitdown_ocr/_pdf_converter_with_ocr.py:193 qualitylegacy
high Legacy quality quality conf 1.00 ✓ Repobility `self._inject_placeholders` used but never assigned in __init__
Method `convert` of class `DocxConverterWithOCR` reads `self._inject_placeholders`, but no assignment to it exists in __init__ (and no class-level fallback). This raises AttributeError the first time the method runs against an instance.
packages/markitdown-ocr/src/markitdown_ocr/_docx_converter_with_ocr.py:99 qualitylegacy
high Legacy quality quality conf 1.00 ✓ Repobility `self._is_picture` used but never assigned in __init__
Method `convert` of class `PptxConverterWithOCR` reads `self._is_picture`, but no assignment to it exists in __init__ (and no class-level fallback). This raises AttributeError the first time the method runs against an instance.
packages/markitdown-ocr/src/markitdown_ocr/_pptx_converter_with_ocr.py:91 qualitylegacy
high Legacy quality quality conf 1.00 ✓ Repobility `self._is_table` used but never assigned in __init__
Method `convert` of class `PptxConverterWithOCR` reads `self._is_table`, but no assignment to it exists in __init__ (and no class-level fallback). This raises AttributeError the first time the method runs against an instance.
packages/markitdown-ocr/src/markitdown_ocr/_pptx_converter_with_ocr.py:141 qualitylegacy
high Legacy quality quality conf 1.00 ✓ Repobility `self._ocr_full_pages` used but never assigned in __init__
Method `convert` of class `PdfConverterWithOCR` reads `self._ocr_full_pages`, but no assignment to it exists in __init__ (and no class-level fallback). This raises AttributeError the first time the method runs against an instance.
packages/markitdown-ocr/src/markitdown_ocr/_pdf_converter_with_ocr.py:309 qualitylegacy
high Legacy quality quality conf 1.00 ✓ Repobility `self.register_converter` used but never assigned in __init__
Method `enable_builtins` of class `MarkItDown` reads `self.register_converter`, but no assignment to it exists in __init__ (and no class-level fallback). This raises AttributeError the first time the method runs against an instance.
packages/markitdown/src/markitdown/_markitdown.py:195 qualitylegacy
high Legacy quality quality conf 1.00 ✓ Repobility `self.register_converter` used but never assigned in __init__
Method `enable_builtins` of class `MarkItDown` reads `self.register_converter`, but no assignment to it exists in __init__ (and no class-level fallback). This raises AttributeError the first time the method runs against an instance.
packages/markitdown/src/markitdown/_markitdown.py:194 qualitylegacy
high Legacy quality quality conf 1.00 ✓ Repobility `self.register_converter` used but never assigned in __init__
Method `enable_builtins` of class `MarkItDown` reads `self.register_converter`, but no assignment to it exists in __init__ (and no class-level fallback). This raises AttributeError the first time the method runs against an instance.
packages/markitdown/src/markitdown/_markitdown.py:193 qualitylegacy
high Legacy quality quality conf 1.00 ✓ Repobility `self.register_converter` used but never assigned in __init__
Method `enable_builtins` of class `MarkItDown` reads `self.register_converter`, but no assignment to it exists in __init__ (and no class-level fallback). This raises AttributeError the first time the method runs against an instance.
packages/markitdown/src/markitdown/_markitdown.py:192 qualitylegacy
high Legacy quality quality conf 1.00 ✓ Repobility `self.register_converter` used but never assigned in __init__
Method `enable_builtins` of class `MarkItDown` reads `self.register_converter`, but no assignment to it exists in __init__ (and no class-level fallback). This raises AttributeError the first time the method runs against an instance.
packages/markitdown/src/markitdown/_markitdown.py:191 qualitylegacy
high Legacy quality quality conf 1.00 ✓ Repobility `self.register_converter` used but never assigned in __init__
Method `enable_builtins` of class `MarkItDown` reads `self.register_converter`, but no assignment to it exists in __init__ (and no class-level fallback). This raises AttributeError the first time the method runs against an instance.
packages/markitdown/src/markitdown/_markitdown.py:188 qualitylegacy
high Legacy quality quality conf 1.00 ✓ Repobility `self.register_converter` used but never assigned in __init__
Method `enable_builtins` of class `MarkItDown` reads `self.register_converter`, but no assignment to it exists in __init__ (and no class-level fallback). This raises AttributeError the first time the method runs against an instance.
packages/markitdown/src/markitdown/_markitdown.py:185 qualitylegacy
high Legacy quality quality conf 1.00 ✓ Repobility `self.register_converter` used but never assigned in __init__
Method `enable_builtins` of class `MarkItDown` reads `self.register_converter`, but no assignment to it exists in __init__ (and no class-level fallback). This raises AttributeError the first time the method runs against an instance.
packages/markitdown/src/markitdown/_markitdown.py:182 qualitylegacy
high Legacy software dependency conf 0.90 ✓ Repobility Action `actions/checkout` pinned to mutable ref `@v5`
`uses: actions/checkout@v5` resolves at workflow-run time. Tags and branches can be re-pushed by the action owner; that made the tj-actions/changed-files compromise (2025) instantly affect ~23K repos. Pin to a 40-char commit SHA + lock with Dependabot or renovate.
.github/workflows/pre-commit.yml:8 dependencylegacy
high Legacy software dependency conf 0.90 ✓ Repobility Action `actions/setup-python` pinned to mutable ref `@v5`
`uses: actions/setup-python@v5` resolves at workflow-run time. Tags and branches can be re-pushed by the action owner; that made the tj-actions/changed-files compromise (2025) instantly affect ~23K repos. Pin to a 40-char commit SHA + lock with Dependabot or renovate.
.github/workflows/pre-commit.yml:10 dependencylegacy
high Legacy software dependency conf 0.90 ✓ Repobility Dockerfile FROM `python:3.13-slim-bullseye` not pinned by digest
`FROM python:3.13-slim-bullseye` resolves the tag at build time. The registry CAN re-push a different image for the same tag, so every build is potentially different. Production images should pin to `image@sha256:...` for reproducibility + supply-chain integrity.
packages/markitdown-mcp/Dockerfile:1 dependencylegacy
high Legacy software dependency conf 0.90 ✓ Repobility Dockerfile FROM `python:3.13-slim-bullseye` not pinned by digest
`FROM python:3.13-slim-bullseye` resolves the tag at build time. The registry CAN re-push a different image for the same tag, so every build is potentially different. Production images should pin to `image@sha256:...` for reproducibility + supply-chain integrity.
Dockerfile:1 dependencylegacy
high Legacy software dependency conf 0.90 ✓ Repobility pre-commit hook `https://github.com/psf/black` pinned to mutable rev `23.7.0`
`.pre-commit-config.yaml` references `https://github.com/psf/black` at `rev: 23.7.0`. If `{rev}` is a branch or version tag, the repo owner can push new code there and `pre-commit install --install-hooks` will fetch it on every developer's machine.
.pre-commit-config.yaml:2 dependencylegacy
medium Legacy quality error_handling conf 1.00 [ERR001] Silent Exception Swallowing: Silently swallowing all exceptions hides bugs. Even in cleanup code, log at DEBUG level.
Log the error: `except Exception: logger.debug('cleanup failed', exc_info=True)`. Or handle specific exception types.
packages/markitdown-ocr/src/markitdown_ocr/_xlsx_converter_with_ocr.py:211 error_handlinglegacy
medium Legacy quality error_handling conf 1.00 [ERR001] Silent Exception Swallowing: Silently swallowing all exceptions hides bugs. Even in cleanup code, log at DEBUG level.
Log the error: `except Exception: logger.debug('cleanup failed', exc_info=True)`. Or handle specific exception types.
packages/markitdown-ocr/src/markitdown_ocr/_pptx_converter_with_ocr.py:121 error_handlinglegacy
medium Legacy quality error_handling conf 1.00 [ERR001] Silent Exception Swallowing: Silently swallowing all exceptions hides bugs. Even in cleanup code, log at DEBUG level.
Log the error: `except Exception: logger.debug('cleanup failed', exc_info=True)`. Or handle specific exception types.
packages/markitdown-ocr/src/markitdown_ocr/_docx_converter_with_ocr.py:155 error_handlinglegacy
medium Legacy quality quality conf 1.00 [SEC123] Production stack trace / debug output exposed: Debug mode left on in production exposes stack traces, environment variables, framework internals — sometimes triggers RCE (Django debug page with arbitrary template eval).
Set DEBUG=False / APP_DEBUG=false in production. Provide a generic 500 handler that logs to backend but returns a sanitized page to clients.
packages/markitdown-mcp/src/markitdown_mcp/__main__.py:129 qualitylegacy
medium Legacy quality quality conf 1.00 [SEC136] AI-typical over-broad exception handler swallowing all errors: Catch-all exception block that silently returns success or no-ops. AI agents reach for this pattern when a flaky test or an unfamiliar API throws — wrap, swallow, return success. Real bugs are masked, observability is destroyed, and callers think the operation worked. CWE-396 (improperly-generalized exception). Distinct from intentional fallback because there's no log line and the success value is fabricated.
Catch the specific exception type, log at error level with full exception info, and return a failure-shaped result. If the operation is genuinely best-effort, log at warning and document why in a comment so the next reader (or scanner) knows.
packages/markitdown/src/markitdown/converters/_llm_caption.py:22 qualitylegacy
medium Legacy quality quality conf 1.00 [SEC136] AI-typical over-broad exception handler swallowing all errors: Catch-all exception block that silently returns success or no-ops. AI agents reach for this pattern when a flaky test or an unfamiliar API throws — wrap, swallow, return success. Real bugs are masked, observability is destroyed, and callers think the operation worked. CWE-396 (improperly-generalized exception). Distinct from intentional fallback because there's no log line and the success value is fabricated.
Catch the specific exception type, log at error level with full exception info, and return a failure-shaped result. If the operation is genuinely best-effort, log at warning and document why in a comment so the next reader (or scanner) knows.
packages/markitdown/src/markitdown/converters/_image_converter.py:110 qualitylegacy
high Legacy quality quality conf 1.00 ✓ Repobility Bare except continues silently
Bare `except:` (or `except Exception:`) that runs code without re-raising or logging the exception. Hides real failures and makes bugs hard to diagnose.
packages/markitdown/src/markitdown/converter_utils/docx/pre_process.py:150 qualitylegacy
high Legacy quality quality conf 1.00 ✓ Repobility Bare except continues silently
Bare `except:` (or `except Exception:`) that runs code without re-raising or logging the exception. Hides real failures and makes bugs hard to diagnose.
packages/markitdown/src/markitdown/converters/_pptx_converter.py:262 qualitylegacy
high Legacy quality quality conf 1.00 ✓ Repobility Bare except continues silently
Bare `except:` (or `except Exception:`) that runs code without re-raising or logging the exception. Hides real failures and makes bugs hard to diagnose.
packages/markitdown/src/markitdown/converters/_image_converter.py:112 qualitylegacy
high Legacy quality quality conf 1.00 ✓ Repobility Bare except continues silently
Bare `except:` (or `except Exception:`) that runs code without re-raising or logging the exception. Hides real failures and makes bugs hard to diagnose.
packages/markitdown/src/markitdown/converters/_pdf_converter.py:576 qualitylegacy
high Legacy quality quality conf 1.00 ✓ Repobility Bare except continues silently
Bare `except:` (or `except Exception:`) that runs code without re-raising or logging the exception. Hides real failures and makes bugs hard to diagnose.
packages/markitdown/src/markitdown/converters/_rss_converter.py:176 qualitylegacy
high Legacy quality quality conf 1.00 ✓ Repobility Bare except continues silently
Bare `except:` (or `except Exception:`) that runs code without re-raising or logging the exception. Hides real failures and makes bugs hard to diagnose.
packages/markitdown/src/markitdown/converters/_youtube_converter.py:176 qualitylegacy
high Legacy quality quality conf 1.00 ✓ Repobility Bare except continues silently
Bare `except:` (or `except Exception:`) that runs code without re-raising or logging the exception. Hides real failures and makes bugs hard to diagnose.
packages/markitdown/src/markitdown/converters/_youtube_converter.py:232 qualitylegacy
high Legacy quality quality conf 1.00 ✓ Repobility Bare except continues silently
Bare `except:` (or `except Exception:`) that runs code without re-raising or logging the exception. Hides real failures and makes bugs hard to diagnose.
packages/markitdown/src/markitdown/converters/_youtube_converter.py:114 qualitylegacy
high Legacy quality quality conf 1.00 ✓ Repobility Bare except continues silently
Bare `except:` (or `except Exception:`) that runs code without re-raising or logging the exception. Hides real failures and makes bugs hard to diagnose.
packages/markitdown/src/markitdown/converters/_llm_caption.py:24 qualitylegacy
high Legacy quality quality conf 1.00 ✓ Repobility Bare except continues silently
Bare `except:` (or `except Exception:`) that runs code without re-raising or logging the exception. Hides real failures and makes bugs hard to diagnose.
packages/markitdown/src/markitdown/_markitdown.py:630 qualitylegacy
high Legacy quality quality conf 1.00 ✓ Repobility Bare except continues silently
Bare `except:` (or `except Exception:`) that runs code without re-raising or logging the exception. Hides real failures and makes bugs hard to diagnose.
packages/markitdown/src/markitdown/_markitdown.py:268 qualitylegacy
high Legacy quality quality conf 1.00 ✓ Repobility Bare except continues silently
Bare `except:` (or `except Exception:`) that runs code without re-raising or logging the exception. Hides real failures and makes bugs hard to diagnose.
packages/markitdown/src/markitdown/_markitdown.py:79 qualitylegacy
high Legacy quality quality conf 1.00 ✓ Repobility Bare except continues silently
Bare `except:` (or `except Exception:`) that runs code without re-raising or logging the exception. Hides real failures and makes bugs hard to diagnose.
packages/markitdown-ocr/src/markitdown_ocr/_ocr_service.py:78 qualitylegacy
high Legacy quality quality conf 1.00 ✓ Repobility Bare except continues silently
Bare `except:` (or `except Exception:`) that runs code without re-raising or logging the exception. Hides real failures and makes bugs hard to diagnose.
packages/markitdown-ocr/src/markitdown_ocr/_ocr_service.py:107 qualitylegacy
high Legacy quality quality conf 1.00 ✓ Repobility Bare except continues silently
Bare `except:` (or `except Exception:`) that runs code without re-raising or logging the exception. Hides real failures and makes bugs hard to diagnose.
packages/markitdown-ocr/src/markitdown_ocr/_pdf_converter_with_ocr.py:413 qualitylegacy
high Legacy quality quality conf 1.00 ✓ Repobility Bare except continues silently
Bare `except:` (or `except Exception:`) that runs code without re-raising or logging the exception. Hides real failures and makes bugs hard to diagnose.
packages/markitdown-ocr/src/markitdown_ocr/_pdf_converter_with_ocr.py:380 qualitylegacy
high Legacy quality quality conf 1.00 ✓ Repobility Bare except continues silently
Bare `except:` (or `except Exception:`) that runs code without re-raising or logging the exception. Hides real failures and makes bugs hard to diagnose.
packages/markitdown-ocr/src/markitdown_ocr/_pdf_converter_with_ocr.py:419 qualitylegacy
high Legacy quality quality conf 1.00 ✓ Repobility Bare except continues silently
Bare `except:` (or `except Exception:`) that runs code without re-raising or logging the exception. Hides real failures and makes bugs hard to diagnose.
packages/markitdown-ocr/src/markitdown_ocr/_pdf_converter_with_ocr.py:302 qualitylegacy
high Legacy quality quality conf 1.00 ✓ Repobility Bare except continues silently
Bare `except:` (or `except Exception:`) that runs code without re-raising or logging the exception. Hides real failures and makes bugs hard to diagnose.
packages/markitdown-ocr/src/markitdown_ocr/_pdf_converter_with_ocr.py:120 qualitylegacy
high Legacy quality quality conf 1.00 ✓ Repobility Bare except continues silently
Bare `except:` (or `except Exception:`) that runs code without re-raising or logging the exception. Hides real failures and makes bugs hard to diagnose.
packages/markitdown-ocr/src/markitdown_ocr/_pdf_converter_with_ocr.py:386 qualitylegacy
high Legacy quality quality conf 1.00 ✓ Repobility Bare except continues silently
Bare `except:` (or `except Exception:`) that runs code without re-raising or logging the exception. Hides real failures and makes bugs hard to diagnose.
packages/markitdown-ocr/src/markitdown_ocr/_pdf_converter_with_ocr.py:297 qualitylegacy
high Legacy quality quality conf 1.00 ✓ Repobility Bare except continues silently
Bare `except:` (or `except Exception:`) that runs code without re-raising or logging the exception. Hides real failures and makes bugs hard to diagnose.
packages/markitdown-ocr/src/markitdown_ocr/_xlsx_converter_with_ocr.py:208 qualitylegacy
high Legacy quality quality conf 1.00 ✓ Repobility Bare except continues silently
Bare `except:` (or `except Exception:`) that runs code without re-raising or logging the exception. Hides real failures and makes bugs hard to diagnose.
packages/markitdown-ocr/src/markitdown_ocr/_docx_converter_with_ocr.py:152 qualitylegacy
high Legacy quality quality conf 1.00 ✓ Repobility Bare except continues silently
Bare `except:` (or `except Exception:`) that runs code without re-raising or logging the exception. Hides real failures and makes bugs hard to diagnose.
packages/markitdown-ocr/src/markitdown_ocr/_pptx_converter_with_ocr.py:248 qualitylegacy
medium Legacy cicd docker conf 0.76 Dockerfile copies broad context with incomplete .dockerignore
COPY . or ADD . is safer when .dockerignore excludes secrets, git history, keys, and generated artifacts.
packages/markitdown-mcp/Dockerfile:17 dockerlegacy
medium Legacy cicd docker conf 0.76 Dockerfile copies broad context with incomplete .dockerignore
COPY . or ADD . is safer when .dockerignore excludes secrets, git history, keys, and generated artifacts.
Dockerfile:22 dockerlegacy
medium Legacy quality quality conf 1.00 ✓ Repobility Mutable default argument in `__init__` (list)
`def __init__(... = []/{}/set())` — Python's default value is constructed ONCE at function definition time and shared across all calls. Mutating it in one call mutates it for every future call too.
packages/markitdown/src/markitdown/converters/_doc_intel_converter.py:133 qualitylegacy
low Legacy cicd docker conf 0.72 .dockerignore misses sensitive defaults
.dockerignore exists but does not cover common secret or VCS patterns.
.dockerignore dockerlegacy
low Legacy cicd docker conf 0.74 Dockerfile leaves apt package indexes in the image layer
Package indexes increase image size and can expose stale metadata in the final image layer.
packages/markitdown-mcp/Dockerfile:10 dockerlegacy
low Legacy cicd docker conf 0.74 Dockerfile leaves apt package indexes in the image layer
Package indexes increase image size and can expose stale metadata in the final image layer.
Dockerfile:8 dockerlegacy
high Legacy quality quality conf 0.86 Duplicated implementation block across source files
Duplicated blocks are a common artifact when generated code is pasted or recreated instead of reused. They increase maintenance cost because every future bug fix must be found in multiple locations.
packages/markitdown/src/markitdown/converters/_zip_converter.py:45 qualitylegacy
high Legacy quality quality conf 0.86 Duplicated implementation block across source files
Duplicated blocks are a common artifact when generated code is pasted or recreated instead of reused. They increase maintenance cost because every future bug fix must be found in multiple locations.
packages/markitdown/src/markitdown/converters/_youtube_converter.py:42 qualitylegacy
high Legacy quality quality conf 0.86 Duplicated implementation block across source files
Duplicated blocks are a common artifact when generated code is pasted or recreated instead of reused. They increase maintenance cost because every future bug fix must be found in multiple locations.
packages/markitdown/src/markitdown/converters/_youtube_converter.py:41 qualitylegacy
high Legacy quality quality conf 0.86 Duplicated implementation block across source files
Duplicated blocks are a common artifact when generated code is pasted or recreated instead of reused. They increase maintenance cost because every future bug fix must be found in multiple locations.
packages/markitdown/src/markitdown/converters/_xlsx_converter.py:46 qualitylegacy
high Legacy quality quality conf 0.86 Duplicated implementation block across source files
Duplicated blocks are a common artifact when generated code is pasted or recreated instead of reused. They increase maintenance cost because every future bug fix must be found in multiple locations.
packages/markitdown/src/markitdown/converters/_wikipedia_converter.py:29 qualitylegacy
high Legacy quality quality conf 0.86 Duplicated implementation block across source files
Duplicated blocks are a common artifact when generated code is pasted or recreated instead of reused. They increase maintenance cost because every future bug fix must be found in multiple locations.
packages/markitdown/src/markitdown/converters/_pptx_converter.py:41 qualitylegacy
high Legacy quality quality conf 0.86 Duplicated implementation block across source files
Duplicated blocks are a common artifact when generated code is pasted or recreated instead of reused. They increase maintenance cost because every future bug fix must be found in multiple locations.
packages/markitdown/src/markitdown/converters/_pptx_converter.py:30 qualitylegacy
high Legacy quality quality conf 0.86 Duplicated implementation block across source files
Duplicated blocks are a common artifact when generated code is pasted or recreated instead of reused. They increase maintenance cost because every future bug fix must be found in multiple locations.
packages/markitdown/src/markitdown/converters/_pptx_converter.py:26 qualitylegacy
high Legacy quality quality conf 0.86 Duplicated implementation block across source files
Duplicated blocks are a common artifact when generated code is pasted or recreated instead of reused. They increase maintenance cost because every future bug fix must be found in multiple locations.
packages/markitdown/src/markitdown/converters/_plain_text_converter.py:35 qualitylegacy
high Legacy quality quality conf 0.86 Duplicated implementation block across source files
Duplicated blocks are a common artifact when generated code is pasted or recreated instead of reused. They increase maintenance cost because every future bug fix must be found in multiple locations.
packages/markitdown/src/markitdown/converters/_pdf_converter.py:354 qualitylegacy
high Legacy quality quality conf 0.86 Duplicated implementation block across source files
Duplicated blocks are a common artifact when generated code is pasted or recreated instead of reused. They increase maintenance cost because every future bug fix must be found in multiple locations.
packages/markitdown/src/markitdown/converters/_pdf_converter.py:350 qualitylegacy
high Legacy quality quality conf 0.86 Duplicated implementation block across source files
Duplicated blocks are a common artifact when generated code is pasted or recreated instead of reused. They increase maintenance cost because every future bug fix must be found in multiple locations.
packages/markitdown/src/markitdown/converters/_pdf_converter.py:342 qualitylegacy
high Legacy quality quality conf 0.86 Duplicated implementation block across source files
Duplicated blocks are a common artifact when generated code is pasted or recreated instead of reused. They increase maintenance cost because every future bug fix must be found in multiple locations.
packages/markitdown/src/markitdown/converters/_outlook_msg_converter.py:21 qualitylegacy
high Legacy quality quality conf 0.86 Duplicated implementation block across source files
Duplicated blocks are a common artifact when generated code is pasted or recreated instead of reused. They increase maintenance cost because every future bug fix must be found in multiple locations.
packages/markitdown/src/markitdown/converters/_llm_caption.py:13 qualitylegacy
high Legacy quality quality conf 0.86 Duplicated implementation block across source files
Duplicated blocks are a common artifact when generated code is pasted or recreated instead of reused. They increase maintenance cost because every future bug fix must be found in multiple locations.
packages/markitdown/src/markitdown/converters/_image_converter.py:23 qualitylegacy
high Legacy quality quality conf 0.86 Duplicated implementation block across source files
Duplicated blocks are a common artifact when generated code is pasted or recreated instead of reused. They increase maintenance cost because every future bug fix must be found in multiple locations.
packages/markitdown/src/markitdown/converters/_image_converter.py:15 qualitylegacy
high Legacy quality quality conf 0.86 Duplicated implementation block across source files
Duplicated blocks are a common artifact when generated code is pasted or recreated instead of reused. They increase maintenance cost because every future bug fix must be found in multiple locations.
packages/markitdown/src/markitdown/converters/_html_converter.py:18 qualitylegacy
high Legacy quality quality conf 0.86 Duplicated implementation block across source files
Duplicated blocks are a common artifact when generated code is pasted or recreated instead of reused. They increase maintenance cost because every future bug fix must be found in multiple locations.
packages/markitdown/src/markitdown/converters/_html_converter.py:4 qualitylegacy
high Legacy quality quality conf 0.86 Duplicated implementation block across source files
Duplicated blocks are a common artifact when generated code is pasted or recreated instead of reused. They increase maintenance cost because every future bug fix must be found in multiple locations.
packages/markitdown/src/markitdown/converters/_epub_converter.py:26 qualitylegacy
high Legacy quality quality conf 0.86 Duplicated implementation block across source files
Duplicated blocks are a common artifact when generated code is pasted or recreated instead of reused. They increase maintenance cost because every future bug fix must be found in multiple locations.
packages/markitdown/src/markitdown/converters/_epub_converter.py:22 qualitylegacy
high Legacy quality quality conf 0.86 Duplicated implementation block across source files
Duplicated blocks are a common artifact when generated code is pasted or recreated instead of reused. They increase maintenance cost because every future bug fix must be found in multiple locations.
packages/markitdown/src/markitdown/converters/_docx_converter.py:37 qualitylegacy
high Legacy quality quality conf 0.86 Duplicated implementation block across source files
Duplicated blocks are a common artifact when generated code is pasted or recreated instead of reused. They increase maintenance cost because every future bug fix must be found in multiple locations.
packages/markitdown/src/markitdown/converters/_docx_converter.py:26 qualitylegacy
high Legacy quality quality conf 0.86 Duplicated implementation block across source files
Duplicated blocks are a common artifact when generated code is pasted or recreated instead of reused. They increase maintenance cost because every future bug fix must be found in multiple locations.
packages/markitdown/src/markitdown/converters/_csv_converter.py:18 qualitylegacy
high Legacy quality quality conf 0.86 Duplicated implementation block across source files
Duplicated blocks are a common artifact when generated code is pasted or recreated instead of reused. They increase maintenance cost because every future bug fix must be found in multiple locations.
packages/markitdown/src/markitdown/converters/_audio_converter.py:21 qualitylegacy
high Legacy quality quality conf 0.86 Duplicated implementation block across source files
Duplicated blocks are a common artifact when generated code is pasted or recreated instead of reused. They increase maintenance cost because every future bug fix must be found in multiple locations.
packages/markitdown-ocr/src/markitdown_ocr/_xlsx_converter_with_ocr.py:25 qualitylegacy
high Legacy quality quality conf 0.86 Duplicated implementation block across source files
Duplicated blocks are a common artifact when generated code is pasted or recreated instead of reused. They increase maintenance cost because every future bug fix must be found in multiple locations.
packages/markitdown-ocr/src/markitdown_ocr/_pptx_converter_with_ocr.py:38 qualitylegacy
high Legacy quality quality conf 0.86 Duplicated implementation block across source files
Duplicated blocks are a common artifact when generated code is pasted or recreated instead of reused. They increase maintenance cost because every future bug fix must be found in multiple locations.
packages/markitdown-ocr/src/markitdown_ocr/_pdf_converter_with_ocr.py:105 qualitylegacy
low 9-layer hardware coverage conf 1.00 Containers defined but no K8s/orchestration manifest found
Repo has Dockerfiles/compose but no Kubernetes/Nomad manifests. If the target deployment is K8s, the manifests may live in a separate ops repo.
coveragedeployment
low 9-layer hardware supply-chain conf 1.00 Docker base image is tag-pinned but not digest-pinned: python:3.13-slim-bullseye
Container tags can be retagged upstream. Pin production base images to a reviewed digest (`image@sha256:...`) when reproducibility and supply-chain integrity matter.
Dockerfile:1 supply-chaindockerpinned-dependencies
low 9-layer hardware supply-chain conf 1.00 Docker base image is tag-pinned but not digest-pinned: python:3.13-slim-bullseye
Container tags can be retagged upstream. Pin production base images to a reviewed digest (`image@sha256:...`) when reproducibility and supply-chain integrity matter.
packages/markitdown-mcp/Dockerfile:1 supply-chaindockerpinned-dependencies
low 9-layer software dead-code-candidate conf 1.00 File has no detected symbols: packages/markitdown-mcp/src/markitdown_mcp/__about__.py
Source file with no class/function declarations — possible config, dead code, or scratch file.
dead-code-candidate
low 9-layer software dead-code-candidate conf 1.00 File has no detected symbols: packages/markitdown-ocr/src/markitdown_ocr/__about__.py
Source file with no class/function declarations — possible config, dead code, or scratch file.
dead-code-candidate
low 9-layer software dead-code-candidate conf 1.00 File has no detected symbols: packages/markitdown-sample-plugin/src/markitdown_sample_plugin/__about__.py
Source file with no class/function declarations — possible config, dead code, or scratch file.
dead-code-candidate
low 9-layer software dead-code-candidate conf 1.00 File has no detected symbols: packages/markitdown/src/markitdown/__about__.py
Source file with no class/function declarations — possible config, dead code, or scratch file.
dead-code-candidate
low 9-layer software dead-code-candidate conf 1.00 File has no detected symbols: packages/markitdown/src/markitdown/converter_utils/docx/math/latex_dict.py
Source file with no class/function declarations — possible config, dead code, or scratch file.
dead-code-candidate
low 9-layer cicd supply-chain conf 1.00 GitHub Action is tag-pinned rather than SHA-pinned
actions/setup-python@v5 can move without a code change in this repo. Pin third-party actions to a reviewed 40-character commit SHA.
.github/workflows/pre-commit.yml:10 supply-chaingithub-actionspinned-dependencies
low 9-layer security owasp conf 1.00 Insecure pattern 'debug_true' in packages/markitdown-mcp/src/markitdown_mcp/__main__.py:129
Found a known-risky pattern (debug_true). Review and replace if possible.
packages/markitdown-mcp/src/markitdown_mcp/__main__.py:129 owaspdebug_true
low 9-layer quality integrity conf 1.00 Near-duplicate function bodies in 18 places
Functions with the same first-5-line body hash: packages/markitdown/src/markitdown/_base_converter.py:accepts, packages/markitdown/src/markitdown/converters/_audio_converter.py:accepts, packages/markitdown/src/markitdown/converters/_youtube_converter.py:accepts, packages/markitdown/src/markitdown/c…
integrityduplicatedry
low 9-layer quality integrity conf 1.00 Near-duplicate function bodies in 19 places
Functions with the same first-5-line body hash: packages/markitdown/src/markitdown/_base_converter.py:convert, packages/markitdown/src/markitdown/converters/_audio_converter.py:convert, packages/markitdown/src/markitdown/converters/_youtube_converter.py:convert, packages/markitdown/src/markitdown/c…
integrityduplicatedry
low 9-layer quality integrity conf 1.00 Near-duplicate function bodies in 2 places
Functions with the same first-5-line body hash: packages/markitdown/src/markitdown/_base_converter.py:text_content, packages/markitdown/src/markitdown/_base_converter.py:text_content This is *the* AI-coder failure mode (4× more duplication in vibe-coded repos — see https://jw.hn/ai-code-hygiene). …
integrityduplicatedry
low 9-layer quality integrity conf 1.00 Near-duplicate function bodies in 2 places
Functions with the same first-5-line body hash: packages/markitdown/src/markitdown/converter_utils/docx/math/omml.py:process_children_list, packages/markitdown/src/markitdown/converter_utils/docx/math/omml.py:process_children This is *the* AI-coder failure mode (4× more duplication in vibe-coded r…
integrityduplicatedry
low 9-layer quality integrity conf 1.00 Near-duplicate function bodies in 2 places
Functions with the same first-5-line body hash: packages/markitdown/src/markitdown/converter_utils/docx/math/omml.py:process_unknow, packages/markitdown/src/markitdown/converter_utils/docx/math/omml.py:process_unknow This is *the* AI-coder failure mode (4× more duplication in vibe-coded repos — se…
integrityduplicatedry
low 9-layer quality integrity conf 1.00 Near-duplicate function bodies in 2 places
Functions with the same first-5-line body hash: packages/markitdown/src/markitdown/converter_utils/docx/math/omml.py:do_rad, packages/markitdown/src/markitdown/converter_utils/docx/math/omml.py:do_r This is *the* AI-coder failure mode (4× more duplication in vibe-coded repos — see https://jw.hn/ai…
integrityduplicatedry
low 9-layer quality integrity conf 1.00 Near-duplicate function bodies in 2 places
Functions with the same first-5-line body hash: packages/markitdown/src/markitdown/converter_utils/docx/math/omml.py:do_limlow, packages/markitdown/src/markitdown/converter_utils/docx/math/omml.py:do_lim This is *the* AI-coder failure mode (4× more duplication in vibe-coded repos — see https://jw.…
integrityduplicatedry
low 9-layer quality integrity conf 1.00 Near-duplicate function bodies in 3 places
Functions with the same first-5-line body hash: packages/markitdown/src/markitdown/converters/_markdownify.py:convert_a, packages/markitdown/src/markitdown/converters/_markdownify.py:convert_img, packages/markitdown/src/markitdown/converters/_markdownify.py:convert_input This is *the* AI-coder fai…
integrityduplicatedry
low 9-layer quality integrity conf 1.00 Near-duplicate function bodies in 7 places
Functions with the same first-5-line body hash: packages/markitdown-ocr/src/markitdown_ocr/_pptx_converter_with_ocr.py:convert, packages/markitdown-ocr/src/markitdown_ocr/_docx_converter_with_ocr.py:convert, packages/markitdown-ocr/src/markitdown_ocr/_xlsx_converter_with_ocr.py:convert, packages/ma…
integrityduplicatedry
low 9-layer quality integrity conf 1.00 Near-duplicate function bodies in 8 places
Functions with the same first-5-line body hash: packages/markitdown-ocr/src/markitdown_ocr/_pptx_converter_with_ocr.py:accepts, packages/markitdown-ocr/src/markitdown_ocr/_docx_converter_with_ocr.py:accepts, packages/markitdown-ocr/src/markitdown_ocr/_xlsx_converter_with_ocr.py:accepts, packages/ma…
integrityduplicatedry
low 9-layer software dead-code conf 1.00 Possibly dead Python function: convert_a
No callers detected by AST scan in this repo. Could be exported for external callers or a framework handler.
packages/markitdown/src/markitdown/converters/_markdownify.py:39 dead-code
low 9-layer software dead-code conf 1.00 Possibly dead Python function: convert_img
No callers detected by AST scan in this repo. Could be exported for external callers or a framework handler.
packages/markitdown/src/markitdown/converters/_markdownify.py:85 dead-code
low 9-layer software dead-code conf 1.00 Possibly dead Python function: convert_input
No callers detected by AST scan in this repo. Could be exported for external callers or a framework handler.
packages/markitdown/src/markitdown/converters/_markdownify.py:112 dead-code
low 9-layer software dead-code conf 1.00 Possibly dead Python function: convert_url
No callers detected by AST scan in this repo. Could be exported for external callers or a framework handler.
packages/markitdown/src/markitdown/_markitdown.py:409 dead-code
low 9-layer software dead-code conf 1.00 Possibly dead Python function: do_acc
No callers detected by AST scan in this repo. Could be exported for external callers or a framework handler.
packages/markitdown/src/markitdown/converter_utils/docx/math/omml.py:200 dead-code
low 9-layer software dead-code conf 1.00 Possibly dead Python function: do_bar
No callers detected by AST scan in this repo. Could be exported for external callers or a framework handler.
packages/markitdown/src/markitdown/converter_utils/docx/math/omml.py:210 dead-code
low 9-layer software dead-code conf 1.00 Possibly dead Python function: do_brk
No callers detected by AST scan in this repo. Could be exported for external callers or a framework handler.
packages/markitdown/src/markitdown/converter_utils/docx/math/omml.py:149 dead-code
low 9-layer software dead-code conf 1.00 Possibly dead Python function: do_common
No callers detected by AST scan in this repo. Could be exported for external callers or a framework handler.
packages/markitdown/src/markitdown/converter_utils/docx/math/omml.py:153 dead-code
low 9-layer software dead-code conf 1.00 Possibly dead Python function: do_d
No callers detected by AST scan in this repo. Could be exported for external callers or a framework handler.
packages/markitdown/src/markitdown/converter_utils/docx/math/omml.py:219 dead-code
low 9-layer software dead-code conf 1.00 Possibly dead Python function: do_eqarr
No callers detected by AST scan in this repo. Could be exported for external callers or a framework handler.
packages/markitdown/src/markitdown/converter_utils/docx/math/omml.py:302 dead-code
low 9-layer software dead-code conf 1.00 Possibly dead Python function: do_f
No callers detected by AST scan in this repo. Could be exported for external callers or a framework handler.
packages/markitdown/src/markitdown/converter_utils/docx/math/omml.py:248 dead-code
low 9-layer software dead-code conf 1.00 Possibly dead Python function: do_fname
No callers detected by AST scan in this repo. Could be exported for external callers or a framework handler.
packages/markitdown/src/markitdown/converter_utils/docx/math/omml.py:265 dead-code
low 9-layer software dead-code conf 1.00 Possibly dead Python function: do_func
No callers detected by AST scan in this repo. Could be exported for external callers or a framework handler.
packages/markitdown/src/markitdown/converter_utils/docx/math/omml.py:257 dead-code
low 9-layer software dead-code conf 1.00 Possibly dead Python function: do_groupchr
No callers detected by AST scan in this repo. Could be exported for external callers or a framework handler.
packages/markitdown/src/markitdown/converter_utils/docx/math/omml.py:281 dead-code
low 9-layer software dead-code conf 1.00 Possibly dead Python function: do_lim
No callers detected by AST scan in this repo. Could be exported for external callers or a framework handler.
packages/markitdown/src/markitdown/converter_utils/docx/math/omml.py:330 dead-code
low 9-layer software dead-code conf 1.00 Possibly dead Python function: do_limlow
No callers detected by AST scan in this repo. Could be exported for external callers or a framework handler.
packages/markitdown/src/markitdown/converter_utils/docx/math/omml.py:312 dead-code
low 9-layer software dead-code conf 1.00 Possibly dead Python function: do_limupp
No callers detected by AST scan in this repo. Could be exported for external callers or a framework handler.
packages/markitdown/src/markitdown/converter_utils/docx/math/omml.py:323 dead-code
low 9-layer software dead-code conf 1.00 Possibly dead Python function: do_m
No callers detected by AST scan in this repo. Could be exported for external callers or a framework handler.
packages/markitdown/src/markitdown/converter_utils/docx/math/omml.py:336 dead-code
low 9-layer software dead-code conf 1.00 Possibly dead Python function: do_mr
No callers detected by AST scan in this repo. Could be exported for external callers or a framework handler.
packages/markitdown/src/markitdown/converter_utils/docx/math/omml.py:348 dead-code
low 9-layer software dead-code conf 1.00 Possibly dead Python function: do_nary
No callers detected by AST scan in this repo. Could be exported for external callers or a framework handler.
packages/markitdown/src/markitdown/converter_utils/docx/math/omml.py:356 dead-code
low 9-layer software dead-code conf 1.00 Possibly dead Python function: do_r
No callers detected by AST scan in this repo. Could be exported for external callers or a framework handler.
packages/markitdown/src/markitdown/converter_utils/docx/math/omml.py:369 dead-code
low 9-layer software dead-code conf 1.00 Possibly dead Python function: do_rad
No callers detected by AST scan in this repo. Could be exported for external callers or a framework handler.
packages/markitdown/src/markitdown/converter_utils/docx/math/omml.py:290 dead-code
low 9-layer software dead-code conf 1.00 Possibly dead Python function: do_spre
No callers detected by AST scan in this repo. Could be exported for external callers or a framework handler.
packages/markitdown/src/markitdown/converter_utils/docx/math/omml.py:234 dead-code
low 9-layer software dead-code conf 1.00 Possibly dead Python function: do_sub
No callers detected by AST scan in this repo. Could be exported for external callers or a framework handler.
packages/markitdown/src/markitdown/converter_utils/docx/math/omml.py:240 dead-code
low 9-layer software dead-code conf 1.00 Possibly dead Python function: do_sup
No callers detected by AST scan in this repo. Could be exported for external callers or a framework handler.
packages/markitdown/src/markitdown/converter_utils/docx/math/omml.py:244 dead-code
low 9-layer software dead-code conf 1.00 Possibly dead Python function: handle_sse
No callers detected by AST scan in this repo. Could be exported for external callers or a framework handler.
packages/markitdown-mcp/src/markitdown_mcp/__main__.py:43 dead-code
low 9-layer software dead-code conf 1.00 Possibly dead Python function: handle_streamable_http
No callers detected by AST scan in this repo. Could be exported for external callers or a framework handler.
packages/markitdown-mcp/src/markitdown_mcp/__main__.py:55 dead-code
low 9-layer software dead-code conf 1.00 Possibly dead Python function: load_string
No callers detected by AST scan in this repo. Could be exported for external callers or a framework handler.
packages/markitdown/src/markitdown/converter_utils/docx/math/omml.py:49 dead-code
low 9-layer software dead-code conf 1.00 Possibly dead Python function: register_page_converter
No callers detected by AST scan in this repo. Could be exported for external callers or a framework handler.
packages/markitdown/src/markitdown/_markitdown.py:656 dead-code
low 9-layer software dead-code conf 1.00 Possibly dead Python function: replace_img
No callers detected by AST scan in this repo. Could be exported for external callers or a framework handler.
packages/markitdown-ocr/src/markitdown_ocr/_docx_converter_with_ocr.py:175 dead-code
low 9-layer quality integrity conf 1.00 Stub function `process_unknow` (body is just `pass`/`return`) — packages/markitdown/src/markitdown/converter_utils/docx/math/omml.py:123
Likely an AI scaffold that was never filled in. Remove or implement.
integrityempty-handlerdead-code
low Legacy quality quality conf 1.00 ✓ Repobility [MINED062] Python Dataclass No Fields: @dataclass over an empty class — unfinished model.
Review and fix per the pattern semantics.
packages/markitdown/src/markitdown/_stream_info.py:5 qualitylegacy
low Legacy quality quality conf 1.00 ✓ Repobility [MINED062] Python Dataclass No Fields: @dataclass over an empty class — unfinished model.
Review and fix per the pattern semantics.
packages/markitdown-ocr/src/markitdown_ocr/_ocr_service.py:13 qualitylegacy
For AI agents: Voting guide (TP/FP) MCP manifest Stdio wrapper SARIF Integrate Findings queue Vote TP/FP on findings to calibrate the engine.
For AI agents + API integrations
Email me when this repo regresses
Free. We re-scan periodically; new criticals → your inbox. No signup required for the scan itself.
API access

This page is publicly accessible at: https://repobility.com/scan/dbdaf599-dde3-40fb-aea4-0a5672c27966/

To check status programmatically (no auth required): 

curl -s https://repobility.com/api/v1/public/scan/dbdaf599-dde3-40fb-aea4-0a5672c27966/

Important — please don't re-submit the same URL repeatedly. The submission endpoint is idempotent: re-submitting the same git URL returns this same scan_token, not a new one. To re-scan this repo, sign up free and use the dashboard.