← Back to scan
File as GitHub Issue repo: OpenSenseNova/SenseNova-Skills

Push this scan report to OpenSenseNova/SenseNova-Skills

Click the green button below to open GitHub’s new-issue form, pre-filled with the report title, summary table, top findings, and an embedded score-card image. No authentication needed — you review on GitHub before submitting. Repobility is credited as the scanner.

Embedded score card image

This image will render at the top of the issue body. Hosted on Repobility, refreshes automatically after re-scans.

Repobility score card

Issue title

`self._get_client` used but never assigned in __init__

Curate findings to include

Pick exactly which findings appear in the issue body. By default the top 5 are included. Uncheck noise, check what matters.

Top 5 (default)
Severity Rule Title File:line
CRIT MINED107 [MINED107] Missing import: `html` used but not imported: The file uses `html.something(..… skills/sn-ppt-standard/scripts/run_stag…:1052
CRIT MINED013 [MINED013] Password In Url: https://user:password@host — leaks creds via logs, referrer, … skills/sn-image-base/scripts/sn_image_b…:64
HIGH MINED108 [MINED108] `self._api_key` used but never assigned in __init__: Method `api_key` of class… skills/sn-image-base/scripts/sn_image_b…:205
HIGH MINED108 [MINED108] `self.parse_response` used but never assigned in __init__: Method `generate` o… skills/sn-image-base/scripts/sn_image_b…:147
HIGH MINED108 [MINED108] `self._get_client` used but never assigned in __init__: Method `generate` of c… skills/sn-image-base/scripts/sn_image_b…:139
HIGH MINED108 [MINED108] `self._resolve_size` used but never assigned in __init__: Method `generate` of… skills/sn-image-base/scripts/sn_image_b…:121
HIGH MINED108 [MINED108] `self.get_api_url` used but never assigned in __init__: Method `generate` of c… skills/sn-image-base/scripts/sn_image_b…:131
HIGH MINED108 [MINED108] `self.build_payload` used but never assigned in __init__: Method `generate` of… skills/sn-image-base/scripts/sn_image_b…:125
HIGH MINED108 [MINED108] `self.model` used but never assigned in __init__: Method `generate` of class `… skills/sn-image-base/scripts/sn_image_b…:107
HIGH MINED108 [MINED108] `self.headers` used but never assigned in __init__: Method `generate` of class… skills/sn-image-base/scripts/sn_image_b…:130
HIGH MINED108 [MINED108] `self._post_payload` used but never assigned in __init__: Method `vision_compl… skills/sn-image-base/scripts/sn_image_b…:216
HIGH MINED108 [MINED108] `self._build_payload` used but never assigned in __init__: Method `vision_comp… skills/sn-image-base/scripts/sn_image_b…:210
HIGH MINED108 [MINED108] `self._post_payload` used but never assigned in __init__: Method `text_complet… skills/sn-image-base/scripts/sn_image_b…:200
HIGH MINED108 [MINED108] `self._build_payload` used but never assigned in __init__: Method `text_comple… skills/sn-image-base/scripts/sn_image_b…:199
HIGH MINED108 [MINED108] `self._get_client` used but never assigned in __init__: Method `_post_payload`… skills/sn-image-base/scripts/sn_image_b…:176
HIGH MINED108 [MINED108] `self._headers` used but never assigned in __init__: Method `_post_payload` of… skills/sn-image-base/scripts/sn_image_b…:176
HIGH MINED108 [MINED108] `self._parse_response` used but never assigned in __init__: Method `_post_payl… skills/sn-image-base/scripts/sn_image_b…:190
HIGH MINED108 [MINED108] `self._build_vision_content` used but never assigned in __init__: Method `_bui… skills/sn-image-base/scripts/sn_image_b…:99
HIGH MINED108 [MINED108] `self._post_payload` used but never assigned in __init__: Method `vision_compl… skills/sn-image-base/scripts/sn_image_b…:156
HIGH MINED108 [MINED108] `self._build_payload` used but never assigned in __init__: Method `vision_comp… skills/sn-image-base/scripts/sn_image_b…:150
HIGH MINED108 [MINED108] `self._post_payload` used but never assigned in __init__: Method `text_complet… skills/sn-image-base/scripts/sn_image_b…:141
HIGH MINED108 [MINED108] `self._build_payload` used but never assigned in __init__: Method `text_comple… skills/sn-image-base/scripts/sn_image_b…:140
HIGH MINED108 [MINED108] `self._get_client` used but never assigned in __init__: Method `_post_payload`… skills/sn-image-base/scripts/sn_image_b…:123
HIGH MINED108 [MINED108] `self._headers` used but never assigned in __init__: Method `_post_payload` of… skills/sn-image-base/scripts/sn_image_b…:123
HIGH MINED108 [MINED108] `self._parse_response` used but never assigned in __init__: Method `_post_payl… skills/sn-image-base/scripts/sn_image_b…:132
HIGH MINED108 [MINED108] `self._build_vision_content` used but never assigned in __init__: Method `_bui… skills/sn-image-base/scripts/sn_image_b…:97
HIGH MINED108 [MINED108] `self.get_annotated_field` used but never assigned in __init__: Method `get_en… skills/sn-image-base/scripts/sn_image_b…:275
HIGH MINED001 [MINED001] Bare Except Pass: except: pass or except Exception: pass — silently swallows e… skills/sn-search-academic/scripts/seman…:106
HIGH MINED001 [MINED001] Bare Except Pass: except: pass or except Exception: pass — silently swallows e… skills/sn-ppt-entry/scripts/parse_user_…:163
HIGH SEC128 [SEC128] Async function without await — fire-and-forget Promise (AI mistake): Async call … skills/sn-search-academic/scripts/searc…:106
HIGH SEC128 [SEC128] Async function without await — fire-and-forget Promise (AI mistake): Async call … skills/sn-ppt-entry/scripts/caption_ima…:181
HIGH SEC128 [SEC128] Async function without await — fire-and-forget Promise (AI mistake): Async call … skills/sn-image-base/scripts/sn_image_b…:79
HIGH SEC029 [SEC029] Server-Side Request Forgery (SSRF) — outbound HTTP from user input: Outbound HTT… skills/sn-image-base/scripts/sn_image_b…:80
HIGH SEC029 [SEC029] Server-Side Request Forgery (SSRF) — outbound HTTP from user input: Outbound HTT… skills/sn-image-base/scripts/sn_image_b…:49
HIGH SEC029 [SEC029] Server-Side Request Forgery (SSRF) — outbound HTTP from user input: Outbound HTT… skills/sn-image-base/scripts/sn_image_b…:61
HIGH SEC029 [SEC029] Server-Side Request Forgery (SSRF) — outbound HTTP from user input: Outbound HTT… skills/sn-image-base/scripts/sn_image_b…:61
HIGH COMP001 [COMP001] High cognitive complexity: Function `generate` has cognitive complexity 32 (Son… skills/sn-image-base/scripts/sn_image_b…:72
HIGH MINED115 [MINED115] Action `marocchino/sticky-pull-request-comment` pinned to mutable ref `@v2`: `… .github/workflows/pr_check.yml:72
HIGH MINED115 [MINED115] Action `marocchino/sticky-pull-request-comment` pinned to mutable ref `@v2`: `… .github/workflows/pr_check.yml:52
HIGH MINED115 [MINED115] Action `amannn/action-semantic-pull-request` pinned to mutable ref `@v6`: `use… .github/workflows/pr_check.yml:25
MED MINED111 [MINED111] Bare except continues silently: Bare `except:` (or `except Exception:`) that r… skills/sn-ppt-standard/scripts/run_stag…:1294
MED MINED111 [MINED111] Bare except continues silently: Bare `except:` (or `except Exception:`) that r… skills/sn-ppt-standard/scripts/run_stag…:834
MED MINED111 [MINED111] Bare except continues silently: Bare `except:` (or `except Exception:`) that r… skills/sn-ppt-standard/scripts/run_stag…:766
MED MINED111 [MINED111] Bare except continues silently: Bare `except:` (or `except Exception:`) that r… skills/sn-ppt-standard/scripts/run_stag…:642
MED MINED111 [MINED111] Bare except continues silently: Bare `except:` (or `except Exception:`) that r… skills/sn-ppt-standard/scripts/run_stag…:267
MED MINED111 [MINED111] Bare except continues silently: Bare `except:` (or `except Exception:`) that r… skills/sn-ppt-standard/scripts/run_stag…:155
MED MINED111 [MINED111] Bare except continues silently: Bare `except:` (or `except Exception:`) that r… skills/sn-image-base/scripts/sn_agent_r…:396
MED MINED111 [MINED111] Bare except continues silently: Bare `except:` (or `except Exception:`) that r… skills/sn-image-base/scripts/sn_agent_r…:350
MED MINED111 [MINED111] Bare except continues silently: Bare `except:` (or `except Exception:`) that r… skills/sn-ppt-doctor/ppt_doctor/check_e…:411
MED MINED111 [MINED111] Bare except continues silently: Bare `except:` (or `except Exception:`) that r… skills/sn-search-social-cn/scripts/douy…:84
MED MINED111 [MINED111] Bare except continues silently: Bare `except:` (or `except Exception:`) that r… skills/sn-ppt-standard/lib/model_client…:334
MED MINED111 [MINED111] Bare except continues silently: Bare `except:` (or `except Exception:`) that r… skills/sn-image-base/scripts/sn_image_b…:309
MED MINED111 [MINED111] Bare except continues silently: Bare `except:` (or `except Exception:`) that r… skills/sn-search-code/scripts/stackover…:79
MED MINED111 [MINED111] Bare except continues silently: Bare `except:` (or `except Exception:`) that r… skills/sn-search-code/scripts/huggingfa…:132
MED MINED111 [MINED111] Bare except continues silently: Bare `except:` (or `except Exception:`) that r… skills/sn-search-code/scripts/hackernew…:83
MED MINED111 [MINED111] Bare except continues silently: Bare `except:` (or `except Exception:`) that r… skills/sn-search-code/scripts/search_ut…:148
MED MINED111 [MINED111] Bare except continues silently: Bare `except:` (or `except Exception:`) that r… skills/sn-search-code/scripts/github_se…:90
MED MINED111 [MINED111] Bare except continues silently: Bare `except:` (or `except Exception:`) that r… skills/sn-search-academic/scripts/seman…:98
MED MINED111 [MINED111] Bare except continues silently: Bare `except:` (or `except Exception:`) that r… skills/sn-search-academic/scripts/arxiv…:294
MED MINED111 [MINED111] Bare except continues silently: Bare `except:` (or `except Exception:`) that r… skills/sn-search-academic/scripts/wikip…:73
MED MINED111 [MINED111] Bare except continues silently: Bare `except:` (or `except Exception:`) that r… skills/sn-search-academic/scripts/searc…:148
MED MINED111 [MINED111] Bare except continues silently: Bare `except:` (or `except Exception:`) that r… skills/sn-search-academic/scripts/seman…:225
MED MINED111 [MINED111] Bare except continues silently: Bare `except:` (or `except Exception:`) that r… skills/sn-search-academic/scripts/pubme…:159
MED MINED111 [MINED111] Bare except continues silently: Bare `except:` (or `except Exception:`) that r… skills/sn-search-academic/scripts/arxiv…:233
MED MINED111 [MINED111] Bare except continues silently: Bare `except:` (or `except Exception:`) that r… skills/sn-search-academic/scripts/pmc_p…:444
MED CFG006 [CFG006] Missing .gitignore: No .gitignore file. Risk of committing secrets and build art…
MED ERR001 [ERR001] Silent Exception Swallowing: Silently swallowing all exceptions hides bugs. Even… skills/sn-search-academic/scripts/seman…:106
MED ERR001 [ERR001] Silent Exception Swallowing: Silently swallowing all exceptions hides bugs. Even… skills/sn-ppt-entry/scripts/parse_user_…:163
MED SEC031 [SEC031] Catastrophic Backtracking Regex (ReDoS): Regex contains nested quantifiers like … skills/sn-ppt-entry/scripts/parse_user_…:56
MED ERR001 [ERR001] Silent Exception Swallowing: Silently swallowing all exceptions hides bugs. Even… skills/sn-search-academic/scripts/seman…:106
MED ERR001 [ERR001] Silent Exception Swallowing: Silently swallowing all exceptions hides bugs. Even… skills/sn-ppt-entry/scripts/parse_user_…:163
MED SEC031 [SEC031] Catastrophic Backtracking Regex (ReDoS): Regex contains nested quantifiers like … skills/sn-ppt-entry/scripts/parse_user_…:56
MED COMP001 [COMP001] High cognitive complexity: Function `_scan_balanced` has cognitive complexity 2… skills/sn-image-base/scripts/extract_js…:44
LOW COMP001 [COMP001] High cognitive complexity: Function `_balanced_spans` has cognitive complexity … skills/sn-image-base/scripts/extract_js…:74
INFO MINED043 [MINED043] Http Not Https: Hardcoded http:// (not localhost) for endpoints that handle cr… skills/sn-image-base/scripts/sn_image_b…:64
INFO MINED050 [MINED050] Stub Only Function: Function declared but body is just pass, return None, rais… skills/sn-search-academic/scripts/seman…:107
INFO MINED050 [MINED050] Stub Only Function: Function declared but body is just pass, return None, rais… skills/sn-ppt-entry/scripts/parse_user_…:224
INFO MINED064 [MINED064] Python Input Call: input() blocks for stdin. Inappropriate in services. skills/sn-ppt-doctor/ppt_doctor/interac…:33
INFO MINED043 [MINED043] Http Not Https: Hardcoded http:// (not localhost) for endpoints that handle cr… skills/sn-search-academic/scripts/arxiv…:29
INFO MINED043 [MINED043] Http Not Https: Hardcoded http:// (not localhost) for endpoints that handle cr… skills/sn-ppt-entry/scripts/parse_user_…:99
Reset to top 5 80 findings available (after auto-suppression of test files + won't-fix)

Issue body (markdown)

## Code-quality scan: `OpenSenseNova/SenseNova-Skills`

**Score: 83/100 (B+)**  ·  76 findings  ·  scanned 2026-06-05 02:04 UTC  ·  12,010 LOC

| Severity | Count |
|---|---|
| CRITICAL | 2 |
| HIGH | 38 |
| MEDIUM | 33 |
| LOW | 1 |

📊 [Full filterable report](https://repobility.com/scan/efdf8664-d5e9-424b-8109-741c1097785f/)  ·  ![scorecard](https://repobility.com/scan/efdf8664-d5e9-424b-8109-741c1097785f/report.png?v=1780625062-s2)

### Top findings

1. **CRITICAL** `MINED107` — Missing import: `html` used but not imported
   `skills/sn-ppt-standard/scripts/run_stage.py:1052` · ✓ Repobility
2. **CRITICAL** `MINED013` — Password In Url
   `skills/sn-image-base/scripts/sn_image_base/utils/httpx_client.py:64` · CWE-200 · ✓ Repobility
3. **HIGH** `MINED108` — `self._api_key` used but never assigned in __init__
   `skills/sn-image-base/scripts/sn_image_base/generation/openai_image.py:205` · ✓ Repobility
4. **HIGH** `MINED108` — `self.parse_response` used but never assigned in __init__
   `skills/sn-image-base/scripts/sn_image_base/generation/openai_image.py:147` · ✓ Repobility
5. **HIGH** `MINED108` — `self._get_client` used but never assigned in __init__
   `skills/sn-image-base/scripts/sn_image_base/generation/openai_image.py:139` · ✓ Repobility

---

_Filed automatically. Close this issue if not useful — we won't refile. Full report: https://repobility.com/scan/efdf8664-d5e9-424b-8109-741c1097785f/_
Megaproject â high spam risk
Could not determine 'OpenSenseNova/SenseNova-Skills' star count (GitHub API rate-limited or unreachable). When in doubt about repo size, prefer opening a focused PR or a discussion rather than an issue.
Open in GitHub to file this issue Cancel

The button opens GitHubâs new-issue page in a new tab. You will see the title + body pre-filled â review, edit if you want, then click GitHubâs "Submit new issue" button. Repobility never posts anything on your behalf.

For real security findings on big repos: use the project's SECURITY.md or private advisory flow instead of a public issue.