Public scan — anyone with this URL can view this analysis. Sign up to track your own repos privately, run scheduled re-scans, and get AI fix prompts via your dashboard.
Sign up free Scan another repo
139 of your 203 findings came from Repobility's proprietary detections. ✓ Repobility tags below mark them.

Scan timing: clone 1.44s · analysis 12.43s · 2.7 MB · GitHub API rate-limit (preflight)

CelestoAI/SmolVM

https://github.com/CelestoAI/SmolVM · scanned 2026-06-05 14:54 UTC (5 days, 3 hours ago) · 10 languages

513 raw signals (191 security + 322 graph) 68th percentile · Python · medium (20-100K LoC) System graph score 60 (higher by 13)

File as issue Image
UNIFIED Repobility · multi-layer engine · AI coders

Complete repo analysis

Last scanned 5 days, 3 hours ago · v2 · 214 actionable findings from 2 signal sources. 113 repeated signals grouped for readability. Security checks, system graph analysis, and verified AI-agent feedback are merged into one review queue.

JSON
Combined
64.3
/100
Security checks
68
98 findings
System graph
61
100.0% cov · 116 findings
Critical
5
click to filter
Agents
6
0 votes
Crowd
0
reported
Score breakdown â 2026-05-18-v5
Component Sub-score Weight Contribution
structure_score 85.0 0.15 12.75
security_score 45.4 0.25 11.35
testing_score 100.0 0.20 20.00
documentation_score 100.0 0.15 15.00
practices_score 74.0 0.15 11.10
code_quality 35.1 0.10 3.51
Overall 1.00 73.7
Severity distribution — click a segment to filter
Active filters: excluding tests × Reset all
Severity: Critical 5 High 32 Medium 26 Low 83 9-Layer: Software Security Quality Integrity Frontend Hardware Data Network Cicd Source: Security checks 98 System graph 116 Crowd 0 Layer: Quality 118 Security 24 Cicd 7 Software 52 Frontend 3 Network 2 Api 8
Corpus Intelligence Cross-corpus context (cohort percentile, top patterns, fix plan) is shown only on repositories you own. Sign up and connect your repo to view it.
Scan summary Strongest structure (82), documentation (82); weakest code quality (62), practices (63). ~64h tech debt (rating D).

Showing 146 of 214 actionable findings. 327 raw detector signals were grouped into reader-sized issues. Click TP / FP to vote on a finding's accuracy — votes adjust the confidence weighting and improve detection across the platform.

critical Security checks quality Quality conf 1.00 ✓ Repobility [MINED007] Sql String Concat: cursor.execute(f"... {user_input} ...") — SQL injection.
Review and fix per the pattern semantics. See CWE-89 / A03:2021 for context.
examples/cua/legacy_report_fetcher/pipeline/import_reports.py:43
high Security checks quality Quality conf 1.00 ✓ Repobility Missing import: `stat` used but not imported
The file uses `stat.something(...)` but never imports `stat`. This raises NameError at runtime the first time the line executes.
src/smolvm/host/doctor.py:410
high Security checks quality Quality conf 1.00 ✓ Repobility Missing import: `warnings` used but not imported
The file uses `warnings.something(...)` but never imports `warnings`. This raises NameError at runtime the first time the line executes.
src/smolvm/cli/main.py:1447
critical System graph security Secrets conf 1.00 Possible secret in scripts/exp_final.py
Detected pattern matching password_literal. Rotate the credential and move to a secret manager.
scripts/exp_final.py:38
critical System graph security Secrets conf 1.00 Possible secret in scripts/exp_userspace.py
Detected pattern matching password_literal. Rotate the credential and move to a secret manager.
scripts/exp_userspace.py:97
critical System graph security Secrets conf 1.00 Possible secret in scripts/exp_vsock_trim.py
Detected pattern matching password_literal. Rotate the credential and move to a secret manager.
scripts/exp_vsock_trim.py:39
critical System graph security Secrets conf 1.00 Possible secret in src/smolvm/windows/build_image.py
Detected pattern matching password_literal. Rotate the credential and move to a secret manager.
src/smolvm/windows/build_image.py:85
high Security checks security auth conf 0.70 [AUC003] Object-level route lacks visible authorization: A route with an object id-like parameter does not show nearby authentication or authorization evidence. This is a BOLA/IDOR review target. Endpoint: DELETE /api/vms/{vm_id}.
A route with an object id-like parameter does not show nearby authentication or authorization evidence. This is a BOLA/IDOR review target. Endpoint: DELETE /api/vms/{vm_id}.
src/smolvm/dashboard/server.py:599
high Security checks security auth conf 0.70 [AUC003] Object-level route lacks visible authorization: A route with an object id-like parameter does not show nearby authentication or authorization evidence. This is a BOLA/IDOR review target. Endpoint: GET /api/vms/{vm_id}.
A route with an object id-like parameter does not show nearby authentication or authorization evidence. This is a BOLA/IDOR review target. Endpoint: GET /api/vms/{vm_id}.
src/smolvm/dashboard/server.py:507
high Security checks security auth conf 0.70 [AUC003] Object-level route lacks visible authorization: A route with an object id-like parameter does not show nearby authentication or authorization evidence. This is a BOLA/IDOR review target. Endpoint: GET /api/vms/{vm_id}/processes.
A route with an object id-like parameter does not show nearby authentication or authorization evidence. This is a BOLA/IDOR review target. Endpoint: GET /api/vms/{vm_id}/processes.
src/smolvm/dashboard/server.py:519
high Security checks security auth conf 0.70 [AUC003] Object-level route lacks visible authorization: A route with an object id-like parameter does not show nearby authentication or authorization evidence. This is a BOLA/IDOR review target. Endpoint: POST /api/vms/{vm_id}/stop.
A route with an object id-like parameter does not show nearby authentication or authorization evidence. This is a BOLA/IDOR review target. Endpoint: POST /api/vms/{vm_id}/stop.
src/smolvm/dashboard/server.py:611
low Security checks quality Quality conf 1.00 ✓ Repobility [MINED006] Overcatch Baseexception: except BaseException: ... — prevents Ctrl+C and SystemExit from working.
Review and fix per the pattern semantics. See CWE-705 / for context.
src/smolvm/cli/_kvm_session.py:126
low Security checks quality Quality conf 1.00 ✓ Repobility [MINED012] Curl Pipe Bash: curl ... | sh / bash — runs unverified network code.
Review and fix per the pattern semantics. See CWE-494 / A08:2021 for context.
src/smolvm/presets/_scripts.py:52
low Security checks quality Quality conf 1.00 ✓ Repobility [MINED012] Curl Pipe Bash: curl ... | sh / bash — runs unverified network code.
Review and fix per the pattern semantics. See CWE-494 / A08:2021 for context.
scripts/install.sh:84
high Security checks security Injection conf 0.50 [SEC004] SQL Injection Risk: String interpolation in SQL execution. Allows SQL injection.
Use parameterized queries: conn.execute('SELECT * FROM t WHERE id = ?', [id]). For dynamic table or column names, choose identifiers from a hard-coded allowlist and keep values in parameters.
examples/cua/legacy_report_fetcher/pipeline/import_reports.py:49
low Security checks security Injection conf 0.80 [SEC005] Command Injection Risk: Unsafe shell execution or eval of user input.
Use subprocess with shell=False and a list of args. Never eval user input.
src/smolvm/cli/_kvm_session.py:101
high Security checks quality Quality conf 1.00 [SEC080] Python: tarfile.extractall without filter: tarfile.extract*() without filter='data' allows path-traversal (CVE-2007-4559, fixed via PEP 706 in 3.12). Ported from bandit B202 (Apache-2.0).
Add `filter='data'` (Python ≥ 3.12) or manually validate member paths against `os.path.abspath`.
src/smolvm/host/manager.py:303
high Security checks software dependencies conf 0.90 ✓ Repobility Dockerfile FROM `alpine:3.20` not pinned by digest
`FROM alpine:3.20` resolves the tag at build time. The registry CAN re-push a different image for the same tag, so every build is potentially different. Production images should pin to `image@sha256:...` for reproducibility + supply-chain integrity.
scripts/ci/Dockerfile.base-alpine-rootfs:14
high Security checks software dependencies conf 0.90 ✓ Repobility Dockerfile FROM `ubuntu:24.04` not pinned by digest
`FROM ubuntu:24.04` resolves the tag at build time. The registry CAN re-push a different image for the same tag, so every build is potentially different. Production images should pin to `image@sha256:...` for reproducibility + supply-chain integrity.
scripts/ci/Dockerfile.base-rootfs:15
high Security checks cicd CI/CD security conf 0.92 3 occurrences Dockerfile pipes a remote script into a shell
Piping downloaded code directly into a shell bypasses checksum verification and makes builds dependent on mutable remote content.
2 files, 3 locations
scripts/ci/Dockerfile.base-rootfs:23, 63 (2 hits)
scripts/ci/Dockerfile.base-alpine-rootfs:50
CI/CD securitycontainers
high Security checks quality Quality conf 0.80 ✓ Repobility FastAPI DELETE /api/vms/{vm_id} has no auth
Handler `delete_vm` is registered with router/app.delete(...) but no Depends/Security parameter is declared and no auth marker appears in the function body.
src/smolvm/dashboard/server.py:600
high Security checks quality Quality conf 0.80 ✓ Repobility FastAPI POST /api/command has no auth
Handler `execute_command` is registered with router/app.post(...) but no Depends/Security parameter is declared and no auth marker appears in the function body.
src/smolvm/dashboard/server.py:624
high Security checks quality Quality conf 0.80 ✓ Repobility FastAPI POST /api/vms/{vm_id}/stop has no auth
Handler `stop_vm` is registered with router/app.post(...) but no Depends/Security parameter is declared and no auth marker appears in the function body.
src/smolvm/dashboard/server.py:612
medium Security checks cicd CI/CD security conf 0.90 ✓ Repobility 9 occurrences GitHub Action is tag-pinned rather than SHA-pinned
Action `dtolnay/rust-toolchain` pinned to mutable ref `@stable` uses a mutable tag or branch. Pin external actions to a reviewed full commit SHA when the workflow is security-sensitive.
4 files, 9 locations
.github/workflows/publish-core.yml:53, 82, 99 (3 hits)
.github/workflows/build-published-images.yml:136 (2 hits)
.github/workflows/e2e.yml:51 (2 hits)
.github/workflows/pytest.yml:28, 77 (2 hits)
CI/CD securitySupply chainGitHub Actions
high Security checks software dependencies conf 0.88 paste: RUSTSEC-2024-0436
paste - no longer maintained
Cargo.lock
high Security checks software dependencies conf 0.90 ✓ Repobility 4 occurrences pre-commit hook `https://github.com/pre-commit/pre-commit-hooks` pinned to mutable rev `v4.5.0`
`.pre-commit-config.yaml` references `https://github.com/pre-commit/pre-commit-hooks` at `rev: v4.5.0`. If `{rev}` is a branch or version tag, the repo owner can push new code there and `pre-commit install --install-hooks` will fetch it on every developer's machine.
lines 2, 19, 27, 38
.pre-commit-config.yaml:2, 19, 27, 38 (4 hits)
high System graph security auth conf 1.00 FastAPI DELETE `delete_vm` without auth dependency — src/smolvm/dashboard/server.py:599
`@router.delete` decorator with no `Depends(get_current_user)` or auth-shaped dependency in its signature. Mutating endpoints should require authentication unless explicitly public.
src/smolvm/dashboard/server.py:599 securityAuth fastapi unauth mutation
high System graph security auth conf 1.00 FastAPI POST `execute_command` without auth dependency — src/smolvm/dashboard/server.py:623
`@router.post` decorator with no `Depends(get_current_user)` or auth-shaped dependency in its signature. Mutating endpoints should require authentication unless explicitly public.
src/smolvm/dashboard/server.py:623 securityAuth fastapi unauth mutation
high System graph security auth conf 1.00 FastAPI POST `stop_vm` without auth dependency — src/smolvm/dashboard/server.py:611
`@router.post` decorator with no `Depends(get_current_user)` or auth-shaped dependency in its signature. Mutating endpoints should require authentication unless explicitly public.
src/smolvm/dashboard/server.py:611 securityAuth fastapi unauth mutation
medium Security checks security auth conf 0.92 [AUC001] No Repobility access matrix policy found: The repository uses web/API frameworks but does not define .repobility/access.yml or equivalent authorization documentation.
The repository uses web/API frameworks but does not define .repobility/access.yml or equivalent authorization documentation.
high Security checks security auth conf 0.74 [AUC002] Low visible authorization coverage in route inventory: Only 12.5% of discovered routes show nearby authentication, authorization, middleware, or public-route evidence.
Only 12.5% of discovered routes show nearby authentication, authorization, middleware, or public-route evidence.
high Security checks security auth conf 0.66 [AUC004] Admin route does not show super_admin separation: An administrative route was detected without nearby evidence that platform super_admin access is separated from tenant/application admin access. Endpoint: GET /api/vms/particles.
An administrative route was detected without nearby evidence that platform super_admin access is separated from tenant/application admin access. Endpoint: GET /api/vms/particles.
src/smolvm/dashboard/server.py:496
high Security checks security auth conf 0.66 [AUC004] Admin route does not show super_admin separation: An administrative route was detected without nearby evidence that platform super_admin access is separated from tenant/application admin access. Endpoint: GET /api/vms/{vm_id}.
An administrative route was detected without nearby evidence that platform super_admin access is separated from tenant/application admin access. Endpoint: GET /api/vms/{vm_id}.
src/smolvm/dashboard/server.py:507
high Security checks security auth conf 0.66 [AUC004] Admin route does not show super_admin separation: An administrative route was detected without nearby evidence that platform super_admin access is separated from tenant/application admin access. Endpoint: POST /api/command.
An administrative route was detected without nearby evidence that platform super_admin access is separated from tenant/application admin access. Endpoint: POST /api/command.
src/smolvm/dashboard/server.py:623
high Security checks security auth conf 0.68 [AUC009] Sensitive function route lacks elevated authorization evidence: A route appears to perform a sensitive function such as export, invite, role, token, billing, or destructive action without elevated policy evidence. Endpoint: DELETE /api/vms/{vm_id}.
A route appears to perform a sensitive function such as export, invite, role, token, billing, or destructive action without elevated policy evidence. Endpoint: DELETE /api/vms/{vm_id}.
src/smolvm/dashboard/server.py:599
high Security checks security auth conf 0.68 [AUC009] Sensitive function route lacks elevated authorization evidence: A route appears to perform a sensitive function such as export, invite, role, token, billing, or destructive action without elevated policy evidence. Endpoint: POST /api/vms/{vm_id}/stop.
A route appears to perform a sensitive function such as export, invite, role, token, billing, or destructive action without elevated policy evidence. Endpoint: POST /api/vms/{vm_id}/stop.
src/smolvm/dashboard/server.py:611
medium Security checks security auth conf 0.72 [AUC012] FastAPI interactive docs may be exposed by framework defaults: FastAPI exposes /docs, /redoc, and /openapi.json by default. Public production APIs should explicitly disable those defaults, protect them behind admin authentication, or publish a reviewed OpenAPI spec with declared security requirements.
FastAPI exposes /docs, /redoc, and /openapi.json by default. Public production APIs should explicitly disable those defaults, protect them behind admin authentication, or publish a reviewed OpenAPI spec with declared security requirements.
low Security checks quality Error handling conf 1.00 [ERR001] Silent Exception Swallowing: Silently swallowing all exceptions hides bugs. Even in cleanup code, log at DEBUG level.
Log the error: `except Exception: logger.debug('cleanup failed', exc_info=True)`. Or handle specific exception types.
scripts/bench_backends.py:68
medium Security checks quality Error handling conf 1.00 [ERR002] Empty Catch Block: Empty catch blocks hide errors.
Log the error or rethrow it. Use console.error() at minimum.
ui/src/hooks/useSwarmData.js:113
medium Security checks security path traversal conf 1.00 [SEC012] ZipSlip — Archive Path Traversal: Archive extraction without path validation allows writing files outside the target directory.
Validate extracted paths with os.path.realpath() and ensure they stay within the target directory.
src/smolvm/host/manager.py:298
high Security checks quality Quality conf 0.72 Agent control bridge may listen on a network interface without visible auth
Agent, MCP, sidecar, and command bridge servers often start as local helpers. Binding them to 0.0.0.0 or a default all-interface listener without an authorization guard can expose tool execution or session data to the LAN.
src/smolvm/images/builder.py:11
low Security checks quality Error handling conf 0.55 ✓ Repobility 25 occurrences Broad exception handler needs review
This handler catches Exception/BaseException. It is actionable when it swallows errors without logging, re-raising, or returning a structured error. Handlers that intentionally convert exceptions into typed error results should not be treated as high risk.
11 files, 25 locations
src/smolvm/cli/cleanup.py:223, 231, 286, 398 (4 hits)
src/smolvm/facade.py:1887, 1919, 2230, 2239 (4 hits)
scripts/profile_boot.py:100, 106, 116 (3 hits)
src/smolvm/cli/main.py:1547, 1656, 2094 (3 hits)
scripts/bench_backends.py:81, 100 (2 hits)
scripts/benchmarks/bench.py:148, 406 (2 hits)
scripts/exp_final.py:64, 72 (2 hits)
scripts/exp_userspace.py:118, 123 (2 hits)
Error handlingquality
medium Security checks cicd CI/CD security conf 0.90 Docker build context has no .dockerignore
Without .dockerignore, build context can include source history, local env files, dependencies, and generated artifacts.
.dockerignore CI/CD securitycontainers
high Security checks cicd CI/CD security conf 0.82 Docker final stage has no non-root USER
Docker images run as root unless the image or Dockerfile switches to a non-root user.
scripts/ci/Dockerfile.base-rootfs:16 CI/CD securitycontainers
high Security checks cicd CI/CD security conf 0.82 Docker final stage has no non-root USER
Docker images run as root unless the image or Dockerfile switches to a non-root user.
scripts/ci/Dockerfile.base-alpine-rootfs:15 CI/CD securitycontainers
high Security checks quality Quality conf 0.74 Frontend API reference is not matched by discovered backend routes
A frontend string references a same-origin API path that Repobility could not match to backend route inventory. This often causes live 404s in user journeys.
ui/src/hooks/useSwarmData.js:28
medium Security checks software dependencies conf 0.90 npm package `@react-three/fiber` is 1 major version(s) behind (8.18.0 -> 9.6.1)
`@react-three/fiber` is pinned/resolved at 8.18.0 but the latest stable release on the npm registry is 9.6.1 (1 major version(s) behind). Outdated dependencies accumulate unpatched bugs and make future security upgrades harder. This is the version-currency signal Dependabot version-update PRs raise.
ui/package.json
medium Security checks software dependencies conf 0.90 npm package `@react-three/postprocessing` is 1 major version(s) behind (2.19.1 -> 3.0.4)
`@react-three/postprocessing` is pinned/resolved at 2.19.1 but the latest stable release on the npm registry is 3.0.4 (1 major version(s) behind). Outdated dependencies accumulate unpatched bugs and make future security upgrades harder. This is the version-currency signal Dependabot version-update …
ui/package.json
medium Security checks software dependencies conf 0.90 npm package `@types/react-dom` is 1 major version(s) behind (18.3.7 -> 19.2.3)
`@types/react-dom` is pinned/resolved at 18.3.7 but the latest stable release on the npm registry is 19.2.3 (1 major version(s) behind). Outdated dependencies accumulate unpatched bugs and make future security upgrades harder. This is the version-currency signal Dependabot version-update PRs raise.
ui/package.json
medium Security checks software dependencies conf 0.90 npm package `@vitejs/plugin-react` is 2 major version(s) behind (4.7.0 -> 6.0.2)
`@vitejs/plugin-react` is pinned/resolved at 4.7.0 but the latest stable release on the npm registry is 6.0.2 (2 major version(s) behind). Outdated dependencies accumulate unpatched bugs and make future security upgrades harder. This is the version-currency signal Dependabot version-update PRs rais…
ui/package.json
medium Security checks software dependencies conf 0.90 npm package `zustand` is 2 major version(s) behind (3.7.2 -> 5.0.14)
`zustand` is pinned/resolved at 3.7.2 but the latest stable release on the npm registry is 5.0.14 (2 major version(s) behind). Outdated dependencies accumulate unpatched bugs and make future security upgrades harder. This is the version-currency signal Dependabot version-update PRs raise.
ui/package.json
medium Security checks quality Quality conf 0.78 Public web service has no security.txt
security.txt gives researchers and customers a safe disclosure channel. Public web apps and APIs should publish it under /.well-known/security.txt.
.well-known/security.txt
high Security checks software dependencies conf 0.70 Remote install command pipes network code directly to a shell
Agent helper projects often publish one-line installers. `curl | sh` style commands are convenient, but they bypass review unless the script is pinned, signed, or checksum-verified.
src/smolvm/presets/_scripts.py:52
high Security checks software dependencies conf 0.70 Remote install command pipes network code directly to a shell
Agent helper projects often publish one-line installers. `curl | sh` style commands are convenient, but they bypass review unless the script is pinned, signed, or checksum-verified.
README.md:91
medium System graph quality Integrity conf 1.00 `fetch()` without try/.catch or AbortSignal — ui/src/hooks/useSwarmData.js:71
Bare `fetch(...)` will throw an unhandled rejection on network failure. Wrap in try/catch, attach a `.catch(...)`, or pass an AbortSignal with a timeout.
runtime safetyRobustness
medium System graph cicd CI/CD security conf 1.00 5 occurrences GitHub Actions workflow grants broad write permissions
CI tokens with write permissions increase blast radius when an action, dependency, or PR workflow is compromised. Prefer job-level least-privilege permissions.
5 files, 5 locations
.github/workflows/build-microvm-kernel.yml
.github/workflows/build-published-images.yml
.github/workflows/publish-core.yml
.github/workflows/publish-dashboard-ui.yml
.github/workflows/publish.yml
CI/CD securitySupply chainGithub actions
medium System graph quality Integrity conf 1.00 Network/subprocess call without timeout or try/except — examples/cua/legacy_report_fetcher/ops/start_portal.py:61
`subprocess.Popen(...)` here lacks both a `timeout=` arg and an enclosing try/except. This is exactly the class of bug that took down our git-clone earlier (HTTP/2 stream cancel surfaced as a fatal). Add a `timeout=` and wrap in try/except, or use a wrapper that retries.
runtime safetyRobustness
medium System graph quality Integrity conf 1.00 Network/subprocess call without timeout or try/except — examples/cua/legacy_report_fetcher/run_demo.py:301
`subprocess.run(...)` here lacks both a `timeout=` arg and an enclosing try/except. This is exactly the class of bug that took down our git-clone earlier (HTTP/2 stream cancel surfaced as a fatal). Add a `timeout=` and wrap in try/except, or use a wrapper that retries.
runtime safetyRobustness
medium System graph quality Integrity conf 1.00 Network/subprocess call without timeout or try/except — src/smolvm/cli/main.py:2560
`subprocess.run(...)` here lacks both a `timeout=` arg and an enclosing try/except. This is exactly the class of bug that took down our git-clone earlier (HTTP/2 stream cancel surfaced as a fatal). Add a `timeout=` and wrap in try/except, or use a wrapper that retries.
runtime safetyRobustness
medium System graph quality Integrity conf 1.00 Network/subprocess call without timeout or try/except — src/smolvm/facade.py:170
`subprocess.run(...)` here lacks both a `timeout=` arg and an enclosing try/except. This is exactly the class of bug that took down our git-clone earlier (HTTP/2 stream cancel surfaced as a fatal). Add a `timeout=` and wrap in try/except, or use a wrapper that retries.
runtime safetyRobustness
medium System graph quality Integrity conf 1.00 Network/subprocess call without timeout or try/except — src/smolvm/host/setup.py:167
`subprocess.run(...)` here lacks both a `timeout=` arg and an enclosing try/except. This is exactly the class of bug that took down our git-clone earlier (HTTP/2 stream cancel surfaced as a fatal). Add a `timeout=` and wrap in try/except, or use a wrapper that retries.
runtime safetyRobustness
medium System graph quality Integrity conf 1.00 Network/subprocess call without timeout or try/except — src/smolvm/images/builder.py:1557
`subprocess.run(...)` here lacks both a `timeout=` arg and an enclosing try/except. This is exactly the class of bug that took down our git-clone earlier (HTTP/2 stream cancel surfaced as a fatal). Add a `timeout=` and wrap in try/except, or use a wrapper that retries.
runtime safetyRobustness
medium System graph quality Integrity conf 1.00 Network/subprocess call without timeout or try/except — src/smolvm/runtime/qemu.py:512
`subprocess.run(...)` here lacks both a `timeout=` arg and an enclosing try/except. This is exactly the class of bug that took down our git-clone earlier (HTTP/2 stream cancel surfaced as a fatal). Add a `timeout=` and wrap in try/except, or use a wrapper that retries.
runtime safetyRobustness
medium System graph quality Integrity conf 1.00 Network/subprocess call without timeout or try/except — src/smolvm/utils.py:55
`subprocess.run(...)` here lacks both a `timeout=` arg and an enclosing try/except. This is exactly the class of bug that took down our git-clone earlier (HTTP/2 stream cancel surfaced as a fatal). Add a `timeout=` and wrap in try/except, or use a wrapper that retries.
runtime safetyRobustness
medium System graph quality Integrity conf 1.00 Network/subprocess call without timeout or try/except — src/smolvm/vm.py:462
`subprocess.run(...)` here lacks both a `timeout=` arg and an enclosing try/except. This is exactly the class of bug that took down our git-clone earlier (HTTP/2 stream cancel surfaced as a fatal). Add a `timeout=` and wrap in try/except, or use a wrapper that retries.
runtime safetyRobustness
medium System graph quality Integrity conf 1.00 Network/subprocess call without timeout or try/except — src/smolvm/windows/build_image.py:151
`subprocess.run(...)` here lacks both a `timeout=` arg and an enclosing try/except. This is exactly the class of bug that took down our git-clone earlier (HTTP/2 stream cancel surfaced as a fatal). Add a `timeout=` and wrap in try/except, or use a wrapper that retries.
runtime safetyRobustness
medium System graph network Security conf 1.00 Privileged port 127 in use
Port 127 is privileged (<1024). Make sure the service runs with the right caps or front it with a non-privileged port via a load balancer.
src/smolvm/cli/main.py Ports
medium System graph network Security conf 1.00 Privileged port 128 in use
Port 128 is privileged (<1024). Make sure the service runs with the right caps or front it with a non-privileged port via a load balancer.
src/smolvm/guest_agent/agent.py Ports
low Security checks quality Quality conf 0.64 Duplicate top-level symbol appears in a patch-style file
A generated replacement file defining the same public function or class name as another module can mean the new logic is not actually wired into the running code.
scripts/exp_final.py:1
low Security checks quality Quality conf 0.60 4 occurrences Duplicated implementation block across source files
Duplicate implementation blocks are maintenance debt. Keep them visible, but they are not a high-severity defect unless the duplicated logic is security-sensitive or drifting.
4 files, 4 locations
src/smolvm/runtime/qemu.py:372
src/smolvm/storage/_protocol.py:98
src/smolvm/storage/_sqlite.py:16
ui/src/hooks/useSwarmData.js:2
duplicationquality
low Security checks software dependencies conf 0.90 npm package `autoprefixer` is minor version(s) behind (10.4.24 -> 10.5.0)
`autoprefixer` is pinned/resolved at 10.4.24 but the latest stable release on the npm registry is 10.5.0 (minor version(s) behind). Outdated dependencies accumulate unpatched bugs and make future security upgrades harder. This is the version-currency signal Dependabot version-update PRs raise.
ui/package.json
low Security checks software dependencies conf 0.90 npm package `three` is minor version(s) behind (0.170.0 -> 0.184.0)
`three` is pinned/resolved at 0.170.0 but the latest stable release on the npm registry is 0.184.0 (minor version(s) behind). Outdated dependencies accumulate unpatched bugs and make future security upgrades harder. This is the version-currency signal Dependabot version-update PRs raise.
ui/package.json
high Security checks quality Quality conf 0.62 Source file name looks like an AI patch artifact
Files named as final, fixed, copy, new, or backup are often temporary patch artifacts. They may be legitimate, but they deserve review before becoming production surface area.
scripts/exp_final.py:1
low System graph software Dead code candidate conf 1.00 File has no detected symbols: src/smolvm/host/_accel.py
Source file with no class/function declarations — possible config, dead code, or scratch file.
low System graph software Dead code candidate conf 1.00 File has no detected symbols: src/smolvm/presets/claude_code.py
Source file with no class/function declarations — possible config, dead code, or scratch file.
low System graph software Dead code candidate conf 1.00 File has no detected symbols: src/smolvm/presets/codex.py
Source file with no class/function declarations — possible config, dead code, or scratch file.
low System graph software Dead code candidate conf 1.00 File has no detected symbols: src/smolvm/presets/hermes.py
Source file with no class/function declarations — possible config, dead code, or scratch file.
low System graph software Dead code candidate conf 1.00 File has no detected symbols: src/smolvm/presets/openclaw.py
Source file with no class/function declarations — possible config, dead code, or scratch file.
low System graph software Dead code candidate conf 1.00 File has no detected symbols: src/smolvm/presets/pi.py
Source file with no class/function declarations — possible config, dead code, or scratch file.
low System graph software Dead code candidate conf 1.00 File has no detected symbols: tests/conftest.py
Source file with no class/function declarations — possible config, dead code, or scratch file.
low System graph software Dead code candidate conf 1.00 File has no detected symbols: ui/postcss.config.js
Source file with no class/function declarations — possible config, dead code, or scratch file.
low System graph software Dead code candidate conf 1.00 File has no detected symbols: ui/src/features/nebula/ParticleSwarm.jsx
Source file with no class/function declarations — possible config, dead code, or scratch file.
low System graph software Dead code candidate conf 1.00 File has no detected symbols: ui/src/main.jsx
Source file with no class/function declarations — possible config, dead code, or scratch file.
low System graph software Dead code candidate conf 1.00 File has no detected symbols: ui/src/stores/useViewStore.js
Source file with no class/function declarations — possible config, dead code, or scratch file.
low System graph software Dead code candidate conf 1.00 File has no detected symbols: ui/tailwind.config.js
Source file with no class/function declarations — possible config, dead code, or scratch file.
low System graph software Dead code candidate conf 1.00 File has no detected symbols: ui/vite.config.js
Source file with no class/function declarations — possible config, dead code, or scratch file.
low System graph cicd CI/CD security conf 1.00 39 occurrences GitHub Action is tag-pinned rather than SHA-pinned
actions/checkout@v4 can move without a code change in this repo. Pin third-party actions to a reviewed 40-character commit SHA.
6 files, 39 locations
.github/workflows/build-published-images.yml:74, 88, 124, 130, 140, 327, 358 (14 hits)
.github/workflows/publish-core.yml:15, 52, 60, 73, 74, 88, 98, 105, +1 more (9 hits)
.github/workflows/e2e.yml:41, 46, 54 (6 hits)
.github/workflows/pytest.yml:18, 23, 31, 67, 72, 80 (6 hits)
.github/workflows/build-microvm-kernel.yml:61, 76 (2 hits)
.github/workflows/smoke-published-images.yml:69 (2 hits)
CI/CD securitySupply chainGitHub Actions
low System graph quality Integrity conf 1.00 12 occurrences Near-duplicate function bodies in 2 places
Functions with the same first-5-line body hash: scripts/exp_userspace.py:markers, scripts/exp_userspace.py:m This is *the* AI-coder failure mode (4× more duplication in vibe-coded repos — see https://jw.hn/ai-code-hygiene). Consolidate or document why they're separate.
12 occurrences
repo-level (12 hits)
duplicatesduplication
low System graph quality Integrity conf 1.00 6 occurrences Near-duplicate function bodies in 3 places
Functions with the same first-5-line body hash: examples/agent_tools/langchain_tool.py:run_in_smolvm, examples/agent_tools/openai_agents_tool.py:run_in_smolvm, examples/agent_tools/pydanticai_tool.py:run_in_smolvm This is *the* AI-coder failure mode (4× more duplication in vibe-coded repos — see h…
6 occurrences
repo-level (6 hits)
duplicatesduplication
low System graph quality Integrity conf 1.00 2 occurrences Near-duplicate function bodies in 4 places
Functions with the same first-5-line body hash: src/smolvm/host/network.py:setup_ssh_port_forward, src/smolvm/host/network.py:async_setup_ssh_port_forward, src/smolvm/host/network.py:cleanup_ssh_port_forward, src/smolvm/host/network.py:async_cleanup_ssh_port_forward This is *the* AI-coder failure …
2 occurrences
repo-level (2 hits)
duplicatesduplication
low System graph quality Integrity conf 1.00 Old/deprecated-named symbol `guest_copy` in tests/test_vsock_channel.py:98
Names with suffixes like `_old`, `_v1`, `_deprecated` usually indicate replaced-but-not-removed code (typical AI-coder leftover). Confirm and delete, or rename if it's the active version.
old markerDead code
low System graph quality Integrity conf 1.00 Old/deprecated-named symbol `model_copy` in src/smolvm/browser.py:221
Names with suffixes like `_old`, `_v1`, `_deprecated` usually indicate replaced-but-not-removed code (typical AI-coder leftover). Confirm and delete, or rename if it's the active version.
old markerDead code
low System graph quality Integrity conf 1.00 Old/deprecated-named symbol `model_copy` in src/smolvm/facade.py:1026
Names with suffixes like `_old`, `_v1`, `_deprecated` usually indicate replaced-but-not-removed code (typical AI-coder leftover). Confirm and delete, or rename if it's the active version.
old markerDead code
low System graph quality Integrity conf 1.00 Old/deprecated-named symbol `model_copy` in src/smolvm/images/published.py:438
Names with suffixes like `_old`, `_v1`, `_deprecated` usually indicate replaced-but-not-removed code (typical AI-coder leftover). Confirm and delete, or rename if it's the active version.
old markerDead code
low System graph quality Integrity conf 1.00 Old/deprecated-named symbol `model_copy` in src/smolvm/runtime/qemu.py:386
Names with suffixes like `_old`, `_v1`, `_deprecated` usually indicate replaced-but-not-removed code (typical AI-coder leftover). Confirm and delete, or rename if it's the active version.
old markerDead code
low System graph quality Integrity conf 1.00 Old/deprecated-named symbol `model_copy` in src/smolvm/vm.py:587
Names with suffixes like `_old`, `_v1`, `_deprecated` usually indicate replaced-but-not-removed code (typical AI-coder leftover). Confirm and delete, or rename if it's the active version.
old markerDead code
low System graph quality Integrity conf 1.00 Old/deprecated-named symbol `model_copy` in tests/test_browser.py:306
Names with suffixes like `_old`, `_v1`, `_deprecated` usually indicate replaced-but-not-removed code (typical AI-coder leftover). Confirm and delete, or rename if it's the active version.
old markerDead code
low System graph quality Integrity conf 1.00 Old/deprecated-named symbol `model_copy` in tests/test_facade.py:2381
Names with suffixes like `_old`, `_v1`, `_deprecated` usually indicate replaced-but-not-removed code (typical AI-coder leftover). Confirm and delete, or rename if it's the active version.
old markerDead code
low System graph quality Integrity conf 1.00 Old/deprecated-named symbol `model_copy` in tests/test_qemu_args.py:103
Names with suffixes like `_old`, `_v1`, `_deprecated` usually indicate replaced-but-not-removed code (typical AI-coder leftover). Confirm and delete, or rename if it's the active version.
old markerDead code
low System graph quality Integrity conf 1.00 Old/deprecated-named symbol `model_copy` in tests/test_snapshot.py:101
Names with suffixes like `_old`, `_v1`, `_deprecated` usually indicate replaced-but-not-removed code (typical AI-coder leftover). Confirm and delete, or rename if it's the active version.
old markerDead code
low System graph quality Integrity conf 1.00 Old/deprecated-named symbol `model_copy` in tests/test_storage.py:413
Names with suffixes like `_old`, `_v1`, `_deprecated` usually indicate replaced-but-not-removed code (typical AI-coder leftover). Confirm and delete, or rename if it's the active version.
old markerDead code
low System graph quality Integrity conf 1.00 Old/deprecated-named symbol `model_copy` in tests/test_vm.py:153
Names with suffixes like `_old`, `_v1`, `_deprecated` usually indicate replaced-but-not-removed code (typical AI-coder leftover). Confirm and delete, or rename if it's the active version.
old markerDead code
low System graph quality Integrity conf 1.00 Old/deprecated-named symbol `model_copy` in tests/test_vm_qemu.py:125
Names with suffixes like `_old`, `_v1`, `_deprecated` usually indicate replaced-but-not-removed code (typical AI-coder leftover). Confirm and delete, or rename if it's the active version.
old markerDead code
low System graph quality Integrity conf 1.00 Old/deprecated-named symbol `test_sh_wrap_is_byte_identical_to_legacy` in tests/test_ssh.py:311
Names with suffixes like `_old`, `_v1`, `_deprecated` usually indicate replaced-but-not-removed code (typical AI-coder leftover). Confirm and delete, or rename if it's the active version.
old markerDead code
low System graph software Dead code conf 1.00 Possibly dead Python function: async_cleanup_local_port_forward
No callers detected by AST scan in this repo. Could be exported for external callers or a framework handler.
src/smolvm/host/network.py:1456
low System graph software Dead code conf 1.00 Possibly dead Python function: async_create
No callers detected by AST scan in this repo. Could be exported for external callers or a framework handler.
src/smolvm/vm.py:2295
low System graph software Dead code conf 1.00 Possibly dead Python function: async_run
No callers detected by AST scan in this repo. Could be exported for external callers or a framework handler.
src/smolvm/facade.py:2105
low System graph software Dead code conf 1.00 Possibly dead Python function: async_setup_local_port_forward
No callers detected by AST scan in this repo. Could be exported for external callers or a framework handler.
src/smolvm/host/network.py:1379
low System graph software Dead code conf 1.00 Possibly dead Python function: async_wait_for_socket
No callers detected by AST scan in this repo. Could be exported for external callers or a framework handler.
src/smolvm/api.py:146
low System graph software Dead code conf 1.00 Possibly dead Python function: bench_cold_start
No callers detected by AST scan in this repo. Could be exported for external callers or a framework handler.
scripts/benchmarks/bench.py:232
low System graph software Dead code conf 1.00 Possibly dead Python function: bench_pause_resume
No callers detected by AST scan in this repo. Could be exported for external callers or a framework handler.
scripts/benchmarks/bench.py:245
low System graph software Dead code conf 1.00 Possibly dead Python function: bench_snapshot
No callers detected by AST scan in this repo. Could be exported for external callers or a framework handler.
scripts/benchmarks/bench.py:295
low System graph software Dead code conf 1.00 Possibly dead Python function: bench_tti
No callers detected by AST scan in this repo. Could be exported for external callers or a framework handler.
scripts/benchmarks/bench.py:238
low System graph software Dead code conf 1.00 Possibly dead Python function: do_GET
No callers detected by AST scan in this repo. Could be exported for external callers or a framework handler.
examples/cua/legacy_report_fetcher/portal/server.py:76
low System graph software Dead code conf 1.00 Possibly dead Python function: do_POST
No callers detected by AST scan in this repo. Could be exported for external callers or a framework handler.
examples/cua/legacy_report_fetcher/portal/server.py:95
low System graph software Dead code conf 1.00 Possibly dead Python function: f
No callers detected by AST scan in this repo. Could be exported for external callers or a framework handler.
scripts/exp_final.py:100
low System graph software Dead code conf 1.00 Possibly dead Python function: handle_get_file
No callers detected by AST scan in this repo. Could be exported for external callers or a framework handler.
src/smolvm/guest_agent/agent.py:291
low System graph software Dead code conf 1.00 Possibly dead Python function: handle_ping
No callers detected by AST scan in this repo. Could be exported for external callers or a framework handler.
src/smolvm/guest_agent/agent.py:136
low System graph software Dead code conf 1.00 Possibly dead Python function: handle_put_file
No callers detected by AST scan in this repo. Could be exported for external callers or a framework handler.
src/smolvm/guest_agent/agent.py:215
low System graph software Dead code conf 1.00 Possibly dead Python function: handle_run
No callers detected by AST scan in this repo. Could be exported for external callers or a framework handler.
src/smolvm/guest_agent/agent.py:148
low System graph software Dead code conf 1.00 Possibly dead Python function: heartbeat
No callers detected by AST scan in this repo. Could be exported for external callers or a framework handler.
examples/cua/legacy_report_fetcher/run_demo.py:100
low System graph software Dead code conf 1.00 Possibly dead Python function: log_message
No callers detected by AST scan in this repo. Could be exported for external callers or a framework handler.
examples/cua/legacy_report_fetcher/portal/server.py:115
low System graph software Dead code conf 1.00 Possibly dead Python function: mk_after
No callers detected by AST scan in this repo. Could be exported for external callers or a framework handler.
scripts/exp_final.py:106
low System graph software Dead code conf 1.00 Possibly dead Python function: pull_file
No callers detected by AST scan in this repo. Could be exported for external callers or a framework handler.
src/smolvm/browser.py:487
low System graph software Dead code conf 1.00 Possibly dead Python function: push_file
No callers detected by AST scan in this repo. Could be exported for external callers or a framework handler.
src/smolvm/browser.py:480
low System graph software Dead code conf 1.00 Possibly dead Python function: query_version
No callers detected by AST scan in this repo. Could be exported for external callers or a framework handler.
src/smolvm/qmp.py:160
low System graph software Dead code conf 1.00 Possibly dead Python function: run_in_reusable_smolvm
No callers detected by AST scan in this repo. Could be exported for external callers or a framework handler.
examples/agent_tools/pydanticai_reusable_tool.py:108
low System graph software Dead code conf 1.00 3 occurrences Possibly dead Python function: run_in_smolvm
No callers detected by AST scan in this repo. Could be exported for external callers or a framework handler.
3 files, 3 locations
examples/agent_tools/langchain_tool.py:67
examples/agent_tools/openai_agents_tool.py:67
examples/agent_tools/pydanticai_tool.py:66
low System graph frontend Frontend quality conf 1.00 Stray `console.log` in TS/JS — ui/src/components/ui/CommandBar.jsx:9
Replace with the toast helper, an error boundary, or remove. `console.warn` / `console.error` are acceptable. Why: Hygiene — easy to leak debug output. Rule id: fq.console-leak
Fq console leak
low System graph frontend Frontend quality conf 1.00 Stray `console.log` in TS/JS — ui/src/features/nebula/InteractionManager.jsx:35
Replace with the toast helper, an error boundary, or remove. `console.warn` / `console.error` are acceptable. Why: Hygiene — easy to leak debug output. Rule id: fq.console-leak
Fq console leak
low System graph quality Integrity conf 1.00 Stub function `create_vm` (body is just `pass`/`return`) — src/smolvm/storage/_protocol.py:54
Likely an AI scaffold that was never filled in. Remove or implement.
Empty handlerDead code
low System graph api Wiring conf 1.00 Unused endpoint: DELETE /api/vms/{vm_id}
`src/smolvm/dashboard/server.py` declares `DELETE /api/vms/{vm_id}` but no frontend code we scanned calls it. This is fine if the endpoint serves external clients (mobile app, third-party, server-side webhooks). Otherwise it's dead code — consider removing or documenting who consumes it.
Unused endpoint
low System graph api Wiring conf 1.00 Unused endpoint: GET /api/health
`src/smolvm/dashboard/server.py` declares `GET /api/health` but no frontend code we scanned calls it. This is fine if the endpoint serves external clients (mobile app, third-party, server-side webhooks). Otherwise it's dead code — consider removing or documenting who consumes it.
Unused endpoint
low System graph api Wiring conf 1.00 Unused endpoint: GET /api/vms
`src/smolvm/dashboard/server.py` declares `GET /api/vms` but no frontend code we scanned calls it. This is fine if the endpoint serves external clients (mobile app, third-party, server-side webhooks). Otherwise it's dead code — consider removing or documenting who consumes it.
Unused endpoint
low System graph api Wiring conf 1.00 Unused endpoint: GET /api/vms/particles
`src/smolvm/dashboard/server.py` declares `GET /api/vms/particles` but no frontend code we scanned calls it. This is fine if the endpoint serves external clients (mobile app, third-party, server-side webhooks). Otherwise it's dead code — consider removing or documenting who consumes it.
Unused endpoint
low System graph api Wiring conf 1.00 Unused endpoint: GET /api/vms/{vm_id}
`src/smolvm/dashboard/server.py` declares `GET /api/vms/{vm_id}` but no frontend code we scanned calls it. This is fine if the endpoint serves external clients (mobile app, third-party, server-side webhooks). Otherwise it's dead code — consider removing or documenting who consumes it.
Unused endpoint
low System graph api Wiring conf 1.00 Unused endpoint: GET /api/vms/{vm_id}/processes
`src/smolvm/dashboard/server.py` declares `GET /api/vms/{vm_id}/processes` but no frontend code we scanned calls it. This is fine if the endpoint serves external clients (mobile app, third-party, server-side webhooks). Otherwise it's dead code — consider removing or documenting who consumes it.
Unused endpoint
low System graph api Wiring conf 1.00 Unused endpoint: POST /api/command
`src/smolvm/dashboard/server.py` declares `POST /api/command` but no frontend code we scanned calls it. This is fine if the endpoint serves external clients (mobile app, third-party, server-side webhooks). Otherwise it's dead code — consider removing or documenting who consumes it.
Unused endpoint
low System graph api Wiring conf 1.00 Unused endpoint: POST /api/vms/{vm_id}/stop
`src/smolvm/dashboard/server.py` declares `POST /api/vms/{vm_id}/stop` but no frontend code we scanned calls it. This is fine if the endpoint serves external clients (mobile app, third-party, server-side webhooks). Otherwise it's dead code — consider removing or documenting who consumes it.
Unused endpoint
low System graph quality Complexity conf 1.00 Very large file: src/smolvm/cli/main.py (3949 lines)
Files with >800 lines often hide complexity hotspots and discourage tests.
low System graph quality Complexity conf 1.00 Very large file: src/smolvm/facade.py (3020 lines)
Files with >800 lines often hide complexity hotspots and discourage tests.
low System graph quality Complexity conf 1.00 Very large file: src/smolvm/host/network.py (1854 lines)
Files with >800 lines often hide complexity hotspots and discourage tests.
low System graph quality Complexity conf 1.00 Very large file: src/smolvm/images/builder.py (1762 lines)
Files with >800 lines often hide complexity hotspots and discourage tests.
low System graph quality Complexity conf 1.00 Very large file: src/smolvm/vm.py (2741 lines)
Files with >800 lines often hide complexity hotspots and discourage tests.
low System graph quality Complexity conf 1.00 Very large file: tests/test_cli.py (3619 lines)
Files with >800 lines often hide complexity hotspots and discourage tests.
low System graph quality Complexity conf 1.00 Very large file: tests/test_facade.py (2971 lines)
Files with >800 lines often hide complexity hotspots and discourage tests.
For AI agents: Voting guide (TP/FP) MCP manifest Stdio wrapper SARIF Integrate Findings queue Vote TP/FP on findings to calibrate the engine.
For AI agents + API integrations
Email me when this repo regresses
Free. We re-scan periodically; new criticals → your inbox. No signup required for the scan itself.
API access

This page is publicly accessible at: https://repobility.com/scan/f1293bd5-b6e8-4fcf-84d1-4baea17e58a3/

To check status programmatically (no auth required): 

curl -s https://repobility.com/api/v1/public/scan/f1293bd5-b6e8-4fcf-84d1-4baea17e58a3/

Important — please don't re-submit the same URL repeatedly. The submission endpoint is idempotent: re-submitting the same git URL returns this same scan_token, not a new one. To re-scan this repo, sign up free and use the dashboard.