Public scan — anyone with this URL can view this analysis. Sign up to track your own repos privately, run scheduled re-scans, and get AI fix prompts via your dashboard.
Sign up free Scan another repo
67 of your 162 findings came from Repobility's proprietary detections. ✓ Repobility tags below mark them.

Scan timing: clone 23.37s · analysis 8.68s · 52.9 MB · GitHub API rate-limit (preflight)

ollama/ollama

https://github.com/ollama/ollama · scanned 2026-06-05 04:39 UTC (1 week, 1 day ago) · 10 languages

330 raw signals (144 security + 186 graph) 11/13 scanners ran 76th percentile · Go · large (100-500K LoC) System graph score 64 (higher by 25)

File as issue Image
UNIFIED Repobility · multi-layer engine · AI coders

Complete repo analysis

Last scanned 1 week, 1 day ago · v2 · 134 actionable findings from 2 signal sources. 103 repeated signals grouped for readability. Security checks, system graph analysis, and verified AI-agent feedback are merged into one review queue.

JSON
Combined
77.4
/100
Security checks
91
56 findings
System graph
64
100.0% cov · 78 findings
Critical
0
click to filter
Agents
6
0 votes
Crowd
0
reported
Score breakdown â 2026-05-18-v5
Component Sub-score Weight Contribution
structure_score 85.0 0.15 12.75
security_score 100.0 0.25 25.00
testing_score 95.0 0.20 19.00
documentation_score 77.0 0.15 11.55
practices_score 87.0 0.15 13.05
code_quality 70.0 0.10 7.00
Overall 1.00 88.3
security_score may be inflated — optional security scanners were skipped on this fast scan
Severity distribution — click a segment to filter
Active filters: excluding tests × Reset all
Severity: Critical 0 High 15 Medium 17 Low 59 9-Layer: Software Security Quality Integrity Frontend Hardware Data Network Cicd Source: Security checks 56 System graph 78 Crowd 0 Layer: Security 16 Cicd 8 Software 23 Quality 57 Api 1 Frontend 12 Data 1 Network 8 Hardware 8
Scan summary Quality grade A- (88/100). Dimensions: security 100, maintainability 85. 144 findings (55 security). 321,788 lines analyzed.

Showing 89 of 134 actionable findings. 237 raw detector signals were grouped into reader-sized issues. Click TP / FP to vote on a finding's accuracy — votes adjust the confidence weighting and improve detection across the platform.

low Security checks quality Quality conf 1.00 ✓ Repobility [MINED012] Curl Pipe Bash: curl ... | sh / bash — runs unverified network code.
Review and fix per the pattern semantics. See CWE-494 / A08:2021 for context.
cmd/launch/kimi.go:310
high Security checks software dependencies conf 0.90 ✓ Repobility [MINED118] Dockerfile FROM `ubuntu:24.04` not pinned by digest: `FROM ubuntu:24.04` resolves the tag at build time. The registry CAN re-push a different image for the same tag, so every build is potentially different. Production images should pin to `image@sha256:...` for reproducibility + supply-chain integrity.
Replace with: `FROM ubuntu:24.04@sha256:<digest>`. Get the digest from `docker manifest inspect`. Re-pin via a scheduled bot (Renovate, Dependabot).
Dockerfile:294
low Security checks quality Quality conf 1.00 3 occurrences [SEC093] Go: exec.Command with non-literal: exec.Command(<var>) — variable command name allows command injection. Ported from gosec G204 (Apache-2.0).
Use a constant command name and validate args via a whitelist.
3 files, 3 locations
app/cmd/app/app_windows.go:417
app/server/server_unix.go:24
app/server/server_windows.go:23
low Security checks cicd CI/CD security conf 0.90 ✓ Repobility 35 occurrences GitHub Action is tag-pinned rather than SHA-pinned
[MINED115] Action `actions/checkout` pinned to mutable ref `@v4`: `uses: actions/checkout@v4` resolves at workflow-run time. Tags and branches can be re-pushed by the action owner; that made the tj-actions/changed-files compromise (2025) instantly affect ~23K repos. Pin to a 40-char commit SHA + lo…
3 files, 35 locations
.github/workflows/test.yaml:28, 65, 124, 152, 241, 311, 319, 321, +5 more (16 hits)
.github/workflows/release.yaml:21, 46, 55, 68, 173, 243, 251, 252, +3 more (13 hits)
.github/workflows/test-llamacpp-update.yaml:271, 277, 283, 357, 409, 488 (6 hits)
CI/CD securitySupply chainGitHub Actions
medium Security checks security auth conf 0.92 [AUC001] No Repobility access matrix policy found: The repository uses web/API frameworks but does not define .repobility/access.yml or equivalent authorization documentation.
Add .repobility/access.yml mapping routes to anonymous, authenticated, owner, admin, and super_admin. Keep business-specific rules in the repo so CI can enforce them.
high Security checks security auth conf 0.74 [AUC002] Low visible authorization coverage in route inventory: Only 15.8% of discovered routes show nearby authentication, authorization, middleware, or public-route evidence.
Review the access matrix and add explicit framework auth declarations or policy-file exceptions for intentionally public routes.
high Security checks security auth conf 0.68 [AUC009] Sensitive function route lacks elevated authorization evidence: A route appears to perform a sensitive function such as export, invite, role, token, billing, or destructive action without elevated policy evidence. Endpoint: DELETE /api/delete.
Require an explicit admin, maintainer, super_admin, or scoped service role in code and .repobility/access.yml.
server/routes.go:1842
high Security checks security auth conf 0.68 [AUC009] Sensitive function route lacks elevated authorization evidence: A route appears to perform a sensitive function such as export, invite, role, token, billing, or destructive action without elevated policy evidence. Endpoint: DELETE /api/user/keys/:encodedKey.
Require an explicit admin, maintainer, super_admin, or scoped service role in code and .repobility/access.yml.
server/routes.go:1848
high Security checks security auth conf 0.68 [AUC009] Sensitive function route lacks elevated authorization evidence: A route appears to perform a sensitive function such as export, invite, role, token, billing, or destructive action without elevated policy evidence. Endpoint: GET /api/tags.
Require an explicit admin, maintainer, super_admin, or scoped service role in code and .repobility/access.yml.
server/routes.go:1840
high Security checks security auth conf 0.68 [AUC009] Sensitive function route lacks elevated authorization evidence: A route appears to perform a sensitive function such as export, invite, role, token, billing, or destructive action without elevated policy evidence. Endpoint: GET /www-authenticate.
Require an explicit admin, maintainer, super_admin, or scoped service role in code and .repobility/access.yml.
server/upload.go:283
high Security checks security auth conf 0.68 [AUC009] Sensitive function route lacks elevated authorization evidence: A route appears to perform a sensitive function such as export, invite, role, token, billing, or destructive action without elevated policy evidence. Endpoint: POST /api/create.
Require an explicit admin, maintainer, super_admin, or scoped service role in code and .repobility/access.yml.
server/routes.go:1851
high Security checks security auth conf 0.68 [AUC009] Sensitive function route lacks elevated authorization evidence: A route appears to perform a sensitive function such as export, invite, role, token, billing, or destructive action without elevated policy evidence. Endpoint: POST /api/me.
Require an explicit admin, maintainer, super_admin, or scoped service role in code and .repobility/access.yml.
server/routes.go:1844
high Security checks security auth conf 0.68 [AUC009] Sensitive function route lacks elevated authorization evidence: A route appears to perform a sensitive function such as export, invite, role, token, billing, or destructive action without elevated policy evidence. Endpoint: POST /api/pull.
Require an explicit admin, maintainer, super_admin, or scoped service role in code and .repobility/access.yml.
server/routes.go:1837
high Security checks security auth conf 0.68 [AUC009] Sensitive function route lacks elevated authorization evidence: A route appears to perform a sensitive function such as export, invite, role, token, billing, or destructive action without elevated policy evidence. Endpoint: POST /api/push.
Require an explicit admin, maintainer, super_admin, or scoped service role in code and .repobility/access.yml.
server/routes.go:1838
high Security checks security auth conf 0.68 [AUC009] Sensitive function route lacks elevated authorization evidence: A route appears to perform a sensitive function such as export, invite, role, token, billing, or destructive action without elevated policy evidence. Endpoint: POST /api/show.
Require an explicit admin, maintainer, super_admin, or scoped service role in code and .repobility/access.yml.
server/routes.go:1841
high Security checks security auth conf 0.68 [AUC009] Sensitive function route lacks elevated authorization evidence: A route appears to perform a sensitive function such as export, invite, role, token, billing, or destructive action without elevated policy evidence. Endpoint: POST /api/signout.
Require an explicit admin, maintainer, super_admin, or scoped service role in code and .repobility/access.yml.
server/routes.go:1846
medium Security checks quality Error handling conf 1.00 [ERR002] Empty Catch Block: Empty catch blocks hide errors.
Log the error or rethrow it. Use console.error() at minimum.
app/ui/app/src/components/LaunchCommands.tsx:129
low Security checks security Injection conf 0.50 [SEC005] Command Injection Risk: Unsafe shell execution or eval of user input.
Use subprocess with shell=False and a list of args. Never eval user input.
x/imagegen/mlx/compile.go:115
high Security checks cicd CI/CD security conf 0.82 Docker final stage has no non-root USER
Add a non-root USER in the final runtime stage after files and permissions are prepared.
Dockerfile:295 CI/CD securitycontainers
medium Security checks cicd CI/CD security conf 0.76 Dockerfile copies broad context with incomplete .dockerignore
Tighten .dockerignore or replace COPY . with explicit COPY statements.
Dockerfile:247 CI/CD securitycontainers
high Security checks software dependencies conf 0.70 7 occurrences Remote install command pipes network code directly to a shell
Publish a package-manager install path or add checksum/signature verification before execution. For docs, show the inspect-then-run flow and pin the downloaded artifact version.
7 files, 7 locations
README.md:16
docs/faq.mdx:12
docs/integrations/claude-code.mdx:18
docs/integrations/copilot-cli.mdx:24
docs/integrations/droid.mdx:11
docs/integrations/hermes.mdx:59
docs/integrations/opencode.mdx:12
medium System graph quality Integrity conf 1.00 `fetch()` without try/.catch or AbortSignal — app/ui/app/src/api.ts:49
Bare `fetch(...)` will throw an unhandled rejection on network failure. Wrap in try/catch, attach a `.catch(...)`, or pass an AbortSignal with a timeout.
runtime safetyRobustness
medium System graph hardware Supply chain conf 1.00 Docker base image uses a mutable or implicit tag: base-${TARGETARCH}
Container tags can be retagged upstream. Pin production base images to a reviewed digest (`image@sha256:...`) when reproducibility and supply-chain integrity matter.
Dockerfile:28 containersPinned dependencies
medium System graph hardware Security conf 1.00 Dockerfile runs as root: Dockerfile
No non-root USER set. Containers running as root expand the blast radius of any vulnerability inside the image.
Container
medium System graph cicd CI/CD security conf 1.00 6 occurrences GitHub Action is tag-pinned rather than SHA-pinned
docker/login-action@v3 can move without a code change in this repo. Pin third-party actions to a reviewed 40-character commit SHA.
3 files, 6 locations
.github/workflows/release.yaml:151, 571, 663 (4 hits)
.github/workflows/latest.yaml:14
.github/workflows/test.yaml:417
CI/CD securitySupply chainGitHub Actions
medium System graph cicd CI/CD security conf 1.00 GitHub Actions workflow grants broad write permissions
CI tokens with write permissions increase blast radius when an action, dependency, or PR workflow is compromised. Prefer job-level least-privilege permissions.
.github/workflows/release.yaml CI/CD securitySupply chainGithub actions
medium System graph data Coverage conf 1.00 ORM models found but no DB engine detected
The repo defines tables/models but no DB connection string was found. Likely lives in env vars or a config file the scanner didn't read.
medium System graph network Security conf 1.00 Privileged port 14 in use
Port 14 is privileged (<1024). Make sure the service runs with the right caps or front it with a non-privileged port via a load balancer.
docs/openapi.yaml Ports
medium System graph network Security conf 1.00 Privileged port 15 in use
Port 15 is privileged (<1024). Make sure the service runs with the right caps or front it with a non-privileged port via a load balancer.
docs/openapi.yaml Ports
medium System graph network Security conf 1.00 Privileged port 16 in use
Port 16 is privileged (<1024). Make sure the service runs with the right caps or front it with a non-privileged port via a load balancer.
docs/openapi.yaml Ports
medium System graph network Security conf 1.00 Privileged port 23 in use
Port 23 is privileged (<1024). Make sure the service runs with the right caps or front it with a non-privileged port via a load balancer.
docs/openapi.yaml Ports
medium System graph network Security conf 1.00 Privileged port 34 in use
Port 34 is privileged (<1024). Make sure the service runs with the right caps or front it with a non-privileged port via a load balancer.
docs/openapi.yaml Ports
medium System graph network Security conf 1.00 Privileged port 47 in use
Port 47 is privileged (<1024). Make sure the service runs with the right caps or front it with a non-privileged port via a load balancer.
docs/openapi.yaml Ports
medium System graph network Security conf 1.00 Privileged port 49 in use
Port 49 is privileged (<1024). Make sure the service runs with the right caps or front it with a non-privileged port via a load balancer.
docs/openapi.yaml Ports
low Security checks cicd CI/CD security conf 0.72 .dockerignore misses sensitive defaults
Add missing patterns such as .env, .git, private keys, certificates, dependency folders, and local databases.
.dockerignore CI/CD securitycontainers
low Security checks quality Error handling conf 1.00 3 occurrences [ERR003] Ignored Error (Go): Ignoring error return values.
Handle the error or use errcheck linter.
3 files, 3 locations
app/dialog/dlgs_windows.go:171
app/updater/updater.go:230
app/wintray/eventloop.go:91
low Security checks cicd CI/CD security conf 0.72 3 occurrences Dockerfile installs recommended OS packages
Add `--no-install-recommends` and explicitly list only packages the image needs.
lines 159, 179, 298
Dockerfile:159, 179, 298 (3 hits)
CI/CD securitycontainers
low Security checks cicd CI/CD security conf 0.74 2 occurrences Dockerfile leaves apt package indexes in the image layer
End the apt install layer with `rm -rf /var/lib/apt/lists/*`.
lines 159, 179
Dockerfile:159, 179 (2 hits)
CI/CD securitycontainers
low Security checks quality Quality conf 0.60 29 occurrences Duplicated implementation block across source files
Duplicate implementation blocks are maintenance debt. Keep them visible, but they are not a high-severity defect unless the duplicated logic is security-sensitive or drifting.
12 files, 18 locations
convert/convert_llama.go:12, 142, 174 (3 hits)
convert/convert_mistral_causal.go:12, 72, 133 (3 hits)
convert/convert_llama_adapter.go:45, 70 (2 hits)
convert/convert_mistral.go:109, 171 (2 hits)
app/tools/web_search.go:1
cmd/start_windows.go:74
convert/convert_deepseekocr.go:65
convert/convert_gemma2.go:30
duplicationquality
low System graph quality Maintenance conf 1.00 119 TODO/FIXME markers
High count of TODO/FIXME/HACK markers — track them as issues so they're not forgotten.
low System graph hardware Coverage conf 1.00 Containers defined but no K8s/orchestration manifest found
Repo has Dockerfiles/compose but no Kubernetes/Nomad manifests. If the target deployment is K8s, the manifests may live in a separate ops repo.
Deployment
low System graph hardware Supply chain conf 1.00 Docker base image is tag-pinned but not digest-pinned: almalinux:8
Container tags can be retagged upstream. Pin production base images to a reviewed digest (`image@sha256:...`) when reproducibility and supply-chain integrity matter.
Dockerfile:21 containersPinned dependencies
low System graph hardware Supply chain conf 1.00 Docker base image is tag-pinned but not digest-pinned: nvcr.io/nvidia/l4t-jetpack:${JETPACK5VERSION}
Container tags can be retagged upstream. Pin production base images to a reviewed digest (`image@sha256:...`) when reproducibility and supply-chain integrity matter.
Dockerfile:155 containersPinned dependencies
low System graph hardware Supply chain conf 1.00 Docker base image is tag-pinned but not digest-pinned: nvcr.io/nvidia/l4t-jetpack:${JETPACK6VERSION}
Container tags can be retagged upstream. Pin production base images to a reviewed digest (`image@sha256:...`) when reproducibility and supply-chain integrity matter.
Dockerfile:175 containersPinned dependencies
low System graph hardware Supply chain conf 1.00 Docker base image is tag-pinned but not digest-pinned: rocm/dev-almalinux-8:${ROCMVERSION}-complete
Container tags can be retagged upstream. Pin production base images to a reviewed digest (`image@sha256:...`) when reproducibility and supply-chain integrity matter.
Dockerfile:16 containersPinned dependencies
low System graph hardware Supply chain conf 1.00 Docker base image is tag-pinned but not digest-pinned: ubuntu:24.04
Container tags can be retagged upstream. Pin production base images to a reviewed digest (`image@sha256:...`) when reproducibility and supply-chain integrity matter.
Dockerfile:294 containersPinned dependencies
low System graph software Dead code candidate conf 1.00 File has no detected symbols: app/ui/app/eslint.config.js
Source file with no class/function declarations — possible config, dead code, or scratch file.
low System graph software Dead code candidate conf 1.00 File has no detected symbols: app/ui/app/src/components/StreamingMarkdownContent.test.tsx
Source file with no class/function declarations — possible config, dead code, or scratch file.
low System graph software Dead code candidate conf 1.00 File has no detected symbols: app/ui/app/src/components/ui/link.tsx
Source file with no class/function declarations — possible config, dead code, or scratch file.
low System graph software Dead code candidate conf 1.00 File has no detected symbols: app/ui/app/src/lib/config.ts
Source file with no class/function declarations — possible config, dead code, or scratch file.
low System graph software Dead code candidate conf 1.00 File has no detected symbols: app/ui/app/src/lib/highlighter.ts
Source file with no class/function declarations — possible config, dead code, or scratch file.
low System graph software Dead code candidate conf 1.00 File has no detected symbols: app/ui/app/src/lib/ollama-client.ts
Source file with no class/function declarations — possible config, dead code, or scratch file.
low System graph software Dead code candidate conf 1.00 File has no detected symbols: app/ui/app/src/main.tsx
Source file with no class/function declarations — possible config, dead code, or scratch file.
low System graph software Dead code candidate conf 1.00 File has no detected symbols: app/ui/app/src/routes/index.tsx
Source file with no class/function declarations — possible config, dead code, or scratch file.
low System graph software Dead code candidate conf 1.00 File has no detected symbols: app/ui/app/src/routes/settings.tsx
Source file with no class/function declarations — possible config, dead code, or scratch file.
low System graph software Dead code candidate conf 1.00 File has no detected symbols: app/ui/app/src/routeTree.gen.ts
Source file with no class/function declarations — possible config, dead code, or scratch file.
low System graph software Dead code candidate conf 1.00 File has no detected symbols: app/ui/app/src/types/webview.d.ts
Source file with no class/function declarations — possible config, dead code, or scratch file.
low System graph software Dead code candidate conf 1.00 File has no detected symbols: app/ui/app/src/utils/clipboard.test.ts
Source file with no class/function declarations — possible config, dead code, or scratch file.
low System graph software Dead code candidate conf 1.00 File has no detected symbols: app/ui/app/src/utils/vram.test.ts
Source file with no class/function declarations — possible config, dead code, or scratch file.
low System graph software Dead code candidate conf 1.00 File has no detected symbols: app/ui/app/src/vite-env.d.ts
Source file with no class/function declarations — possible config, dead code, or scratch file.
low System graph software Dead code candidate conf 1.00 File has no detected symbols: app/ui/app/tailwind.config.js
Source file with no class/function declarations — possible config, dead code, or scratch file.
low System graph software Dead code candidate conf 1.00 File has no detected symbols: app/ui/app/vite.config.ts
Source file with no class/function declarations — possible config, dead code, or scratch file.
low System graph software Dead code candidate conf 1.00 File has no detected symbols: app/ui/app/vitest.config.ts
Source file with no class/function declarations — possible config, dead code, or scratch file.
low System graph software Dead code candidate conf 1.00 File has no detected symbols: app/ui/app/vitest.shims.d.ts
Source file with no class/function declarations — possible config, dead code, or scratch file.
low System graph frontend Frontend quality conf 1.00 Stray `console.log` in TS/JS — app/ui/app/src/components/Message.stories.tsx:313
Replace with the toast helper, an error boundary, or remove. `console.warn` / `console.error` are acceptable. Why: Hygiene — easy to leak debug output. Rule id: fq.console-leak
Fq console leak
low System graph quality Complexity conf 1.00 Very large file: app/ui/ui.go (1799 lines)
Files with >800 lines often hide complexity hotspots and discourage tests.
low System graph quality Complexity conf 1.00 Very large file: cmd/cmd.go (2687 lines)
Files with >800 lines often hide complexity hotspots and discourage tests.
low System graph quality Complexity conf 1.00 Very large file: cmd/cmd_test.go (2392 lines)
Files with >800 lines often hide complexity hotspots and discourage tests.
low System graph quality Complexity conf 1.00 Very large file: cmd/launch/codex_app_test.go (1676 lines)
Files with >800 lines often hide complexity hotspots and discourage tests.
low System graph quality Complexity conf 1.00 Very large file: cmd/launch/integrations_test.go (2092 lines)
Files with >800 lines often hide complexity hotspots and discourage tests.
low System graph quality Complexity conf 1.00 Very large file: cmd/launch/launch_test.go (3622 lines)
Files with >800 lines often hide complexity hotspots and discourage tests.
low System graph quality Complexity conf 1.00 Very large file: cmd/launch/openclaw_test.go (2778 lines)
Files with >800 lines often hide complexity hotspots and discourage tests.
low System graph quality Complexity conf 1.00 Very large file: cmd/launch/pi_test.go (1721 lines)
Files with >800 lines often hide complexity hotspots and discourage tests.
low System graph quality Complexity conf 1.00 Very large file: convert/sentencepiece/sentencepiece_model.pb.go (1497 lines)
Files with >800 lines often hide complexity hotspots and discourage tests.
low System graph quality Complexity conf 1.00 Very large file: llm/llama_server.go (2647 lines)
Files with >800 lines often hide complexity hotspots and discourage tests.
low System graph quality Complexity conf 1.00 Very large file: llm/llama_server_test.go (3024 lines)
Files with >800 lines often hide complexity hotspots and discourage tests.
low System graph quality Complexity conf 1.00 Very large file: middleware/anthropic_test.go (3006 lines)
Files with >800 lines often hide complexity hotspots and discourage tests.
low System graph quality Complexity conf 1.00 Very large file: model/renderers/gemma4_reference_test.go (1964 lines)
Files with >800 lines often hide complexity hotspots and discourage tests.
low System graph quality Complexity conf 1.00 Very large file: openai/responses_test.go (2051 lines)
Files with >800 lines often hide complexity hotspots and discourage tests.
low System graph quality Complexity conf 1.00 Very large file: server/routes.go (3238 lines)
Files with >800 lines often hide complexity hotspots and discourage tests.
low System graph quality Complexity conf 1.00 Very large file: server/routes_create_test.go (2055 lines)
Files with >800 lines often hide complexity hotspots and discourage tests.
low System graph quality Complexity conf 1.00 Very large file: server/routes_generate_test.go (3200 lines)
Files with >800 lines often hide complexity hotspots and discourage tests.
low System graph quality Complexity conf 1.00 Very large file: server/sched.go (1739 lines)
Files with >800 lines often hide complexity hotspots and discourage tests.
low System graph quality Complexity conf 1.00 Very large file: server/sched_test.go (2246 lines)
Files with >800 lines often hide complexity hotspots and discourage tests.
low System graph quality Complexity conf 1.00 Very large file: x/create/create.go (1919 lines)
Files with >800 lines often hide complexity hotspots and discourage tests.
low System graph quality Complexity conf 1.00 Very large file: x/create/create_test.go (2483 lines)
Files with >800 lines often hide complexity hotspots and discourage tests.
low System graph quality Complexity conf 1.00 Very large file: x/imagegen/mlx/mlx.go (2303 lines)
Files with >800 lines often hide complexity hotspots and discourage tests.
low System graph quality Complexity conf 1.00 Very large file: x/models/gemma4/gemma4.go (1525 lines)
Files with >800 lines often hide complexity hotspots and discourage tests.
low System graph quality Complexity conf 1.00 Very large file: x/transfer/transfer_test.go (2909 lines)
Files with >800 lines often hide complexity hotspots and discourage tests.
For AI agents: Voting guide (TP/FP) MCP manifest Stdio wrapper SARIF Integrate Findings queue Vote TP/FP on findings to calibrate the engine.
For AI agents + API integrations
Email me when this repo regresses
Free. We re-scan periodically; new criticals → your inbox. No signup required for the scan itself.
API access

This page is publicly accessible at: https://repobility.com/scan/ff72a002-360c-4f68-8a75-bd77281b31a1/

To check status programmatically (no auth required): 

curl -s https://repobility.com/api/v1/public/scan/ff72a002-360c-4f68-8a75-bd77281b31a1/

Important — please don't re-submit the same URL repeatedly. The submission endpoint is idempotent: re-submitting the same git URL returns this same scan_token, not a new one. To re-scan this repo, sign up free and use the dashboard.