https://github.com/diegosouzapw/OmniRoute/ ·
lang: typescript ·
LOC: ·
source: both
| Rule | Severity | Count |
|---|---|---|
MINED115 GitHub Action pinned to mutable ref (not 40-char SHA) |
high | 25 |
AIC003 Duplicated implementation block across source files |
low | 20 |
MINED052 Ts Any Typed |
info | 4 |
MINED045 Ts Non Null Assertion |
info | 4 |
SEC083 JS: new RegExp() with non-literal |
high | 4 |
SEC128 Async function without await — fire-and-forget Promise (AI … |
high | 4 |
MINED044 Js Console Log Prod |
info | 4 |
SEC029 Server-Side Request Forgery (SSRF) — outbound HTTP from use… |
high | 4 |
SEC040 innerHTML XSS — template literal with server-supplied data |
high | 4 |
SEC045 eval()/exec() on stored or user-supplied data |
medium | 3 |
JRN001
Token handoff appears to use a callback URL or fragment
open-sse/executors/chatgpt-web.ts:275
· conf 0.88
Token handoff appears to use a callback URL or fragmentMINED116
GHA pull_request workflow leaks secrets to forks
CWE-829
.github/workflows/ci.yml:385
· conf 0.90
[MINED116] Workflow uses `secrets.SONAR_TOKEN` on a `pull_request` trigger: This workflow triggers on `pull_request`, which checks out the FORK's code. Referencing `${ secrets.SONAR_TOKEN }` lets a P…MINED116
GHA pull_request workflow leaks secrets to forks
CWE-829
.github/workflows/ci.yml:386
· conf 0.90
[MINED116] Workflow uses `secrets.SONAR_HOST_URL` on a `pull_request` trigger: This workflow triggers on `pull_request`, which checks out the FORK's code. Referencing `${ secrets.SONAR_HOST_URL }` le…DKR014
Dockerfile copies the entire context without .dockerignore
Dockerfile:44
· conf 0.92
Dockerfile copies the entire context without .dockerignoreJRN004
Consent is collected in UI without visible backend audit persistence
open-sse/services/compression/engines/rtk/commandDetector.ts:319
· conf 0.78
Consent is collected in UI without visible backend audit persistenceMINED115
GitHub Action pinned to mutable ref (not 40-char SHA)
CWE-829
.github/workflows/ci.yml:28
· conf 0.90
[MINED115] Action `actions/checkout` pinned to mutable ref `@v6`: `uses: actions/checkout@v6` resolves at workflow-run time. Tags and branches can be re-pushed by the action owner; that made the tj-a…MINED115
GitHub Action pinned to mutable ref (not 40-char SHA)
CWE-829
.github/workflows/ci.yml:29
· conf 0.90
[MINED115] Action `actions/setup-node` pinned to mutable ref `@v6`: `uses: actions/setup-node@v6` resolves at workflow-run time. Tags and branches can be re-pushed by the action owner; that made the …MINED115
GitHub Action pinned to mutable ref (not 40-char SHA)
CWE-829
.github/workflows/ci.yml:52
· conf 0.90
[MINED115] Action `actions/checkout` pinned to mutable ref `@v6`: `uses: actions/checkout@v6` resolves at workflow-run time. Tags and branches can be re-pushed by the action owner; that made the tj-a…MINED115
GitHub Action pinned to mutable ref (not 40-char SHA)
CWE-829
.github/workflows/ci.yml:53
· conf 0.90
[MINED115] Action `actions/setup-node` pinned to mutable ref `@v6`: `uses: actions/setup-node@v6` resolves at workflow-run time. Tags and branches can be re-pushed by the action owner; that made the …MINED115
GitHub Action pinned to mutable ref (not 40-char SHA)
CWE-829
.github/workflows/ci.yml:66
· conf 0.90
[MINED115] Action `actions/checkout` pinned to mutable ref `@v6`: `uses: actions/checkout@v6` resolves at workflow-run time. Tags and branches can be re-pushed by the action owner; that made the tj-a…MINED115
GitHub Action pinned to mutable ref (not 40-char SHA)
CWE-829
.github/workflows/ci.yml:67
· conf 0.90
[MINED115] Action `actions/setup-node` pinned to mutable ref `@v6`: `uses: actions/setup-node@v6` resolves at workflow-run time. Tags and branches can be re-pushed by the action owner; that made the …MINED115
GitHub Action pinned to mutable ref (not 40-char SHA)
CWE-829
.github/workflows/ci.yml:80
· conf 0.90
[MINED115] Action `actions/checkout` pinned to mutable ref `@v6`: `uses: actions/checkout@v6` resolves at workflow-run time. Tags and branches can be re-pushed by the action owner; that made the tj-a…MINED115
GitHub Action pinned to mutable ref (not 40-char SHA)
CWE-829
.github/workflows/docker-publish.yml:44
· conf 0.90
[MINED115] Action `actions/checkout` pinned to mutable ref `@v6`: `uses: actions/checkout@v6` resolves at workflow-run time. Tags and branches can be re-pushed by the action owner; that made the tj-a…MINED115
GitHub Action pinned to mutable ref (not 40-char SHA)
CWE-829
.github/workflows/docker-publish.yml:141
· conf 0.90
[MINED115] Action `actions/checkout` pinned to mutable ref `@v6`: `uses: actions/checkout@v6` resolves at workflow-run time. Tags and branches can be re-pushed by the action owner; that made the tj-a…MINED115
GitHub Action pinned to mutable ref (not 40-char SHA)
CWE-829
.github/workflows/docker-publish.yml:189
· conf 0.90
[MINED115] Action `actions/upload-artifact` pinned to mutable ref `@v4`: `uses: actions/upload-artifact@v4` resolves at workflow-run time. Tags and branches can be re-pushed by the action owner; that…MINED115
GitHub Action pinned to mutable ref (not 40-char SHA)
CWE-829
.github/workflows/docker-publish.yml:210
· conf 0.90
[MINED115] Action `actions/checkout` pinned to mutable ref `@v6`: `uses: actions/checkout@v6` resolves at workflow-run time. Tags and branches can be re-pushed by the action owner; that made the tj-a…MINED115
GitHub Action pinned to mutable ref (not 40-char SHA)
CWE-829
.github/workflows/docker-publish.yml:232
· conf 0.90
[MINED115] Action `actions/download-artifact` pinned to mutable ref `@v4`: `uses: actions/download-artifact@v4` resolves at workflow-run time. Tags and branches can be re-pushed by the action owner; …MINED115
GitHub Action pinned to mutable ref (not 40-char SHA)
CWE-829
.github/workflows/docker-publish.yml:289
· conf 0.90
[MINED115] Action `peter-evans/dockerhub-description` pinned to mutable ref `@v5`: `uses: peter-evans/dockerhub-description@v5` resolves at workflow-run time. Tags and branches can be re-pushed by th…MINED115
GitHub Action pinned to mutable ref (not 40-char SHA)
CWE-829
.github/workflows/electron-release.yml:27
· conf 0.90
[MINED115] Action `actions/checkout` pinned to mutable ref `@v6`: `uses: actions/checkout@v6` resolves at workflow-run time. Tags and branches can be re-pushed by the action owner; that made the tj-a…MINED115
GitHub Action pinned to mutable ref (not 40-char SHA)
CWE-829
.github/workflows/electron-release.yml:74
· conf 0.90
[MINED115] Action `actions/checkout` pinned to mutable ref `@v6`: `uses: actions/checkout@v6` resolves at workflow-run time. Tags and branches can be re-pushed by the action owner; that made the tj-a…MINED115
GitHub Action pinned to mutable ref (not 40-char SHA)
CWE-829
.github/workflows/electron-release.yml:76
· conf 0.90
[MINED115] Action `actions/setup-node` pinned to mutable ref `@v6`: `uses: actions/setup-node@v6` resolves at workflow-run time. Tags and branches can be re-pushed by the action owner; that made the …MINED115
GitHub Action pinned to mutable ref (not 40-char SHA)
CWE-829
.github/workflows/electron-release.yml:82
· conf 0.90
[MINED115] Action `actions/cache` pinned to mutable ref `@v5`: `uses: actions/cache@v5` resolves at workflow-run time. Tags and branches can be re-pushed by the action owner; that made the tj-actions…MINED115
GitHub Action pinned to mutable ref (not 40-char SHA)
CWE-829
.github/workflows/electron-release.yml:179
· conf 0.90
[MINED115] Action `actions/upload-artifact` pinned to mutable ref `@v7`: `uses: actions/upload-artifact@v7` resolves at workflow-run time. Tags and branches can be re-pushed by the action owner; that…MINED115
GitHub Action pinned to mutable ref (not 40-char SHA)
CWE-829
.github/workflows/electron-release.yml:190
· conf 0.90
[MINED115] Action `actions/checkout` pinned to mutable ref `@v6`: `uses: actions/checkout@v6` resolves at workflow-run time. Tags and branches can be re-pushed by the action owner; that made the tj-a…MINED115
GitHub Action pinned to mutable ref (not 40-char SHA)
CWE-829
.github/workflows/electron-release.yml:195
· conf 0.90
[MINED115] Action `actions/download-artifact` pinned to mutable ref `@v8`: `uses: actions/download-artifact@v8` resolves at workflow-run time. Tags and branches can be re-pushed by the action owner; …MINED115
GitHub Action pinned to mutable ref (not 40-char SHA)
CWE-829
.github/workflows/electron-release.yml:217
· conf 0.90
[MINED115] Action `softprops/action-gh-release` pinned to mutable ref `@v3`: `uses: softprops/action-gh-release@v3` resolves at workflow-run time. Tags and branches can be re-pushed by the action own…MINED115
GitHub Action pinned to mutable ref (not 40-char SHA)
CWE-829
.github/workflows/npm-publish.yml:53
· conf 0.90
[MINED115] Action `actions/checkout` pinned to mutable ref `@v6`: `uses: actions/checkout@v6` resolves at workflow-run time. Tags and branches can be re-pushed by the action owner; that made the tj-a…MINED115
GitHub Action pinned to mutable ref (not 40-char SHA)
CWE-829
.github/workflows/npm-publish.yml:60
· conf 0.90
[MINED115] Action `actions/setup-node` pinned to mutable ref `@v6`: `uses: actions/setup-node@v6` resolves at workflow-run time. Tags and branches can be re-pushed by the action owner; that made the …MINED115
GitHub Action pinned to mutable ref (not 40-char SHA)
CWE-829
.github/workflows/npm-publish.yml:177
· conf 0.90
[MINED115] Action `actions/checkout` pinned to mutable ref `@v6`: `uses: actions/checkout@v6` resolves at workflow-run time. Tags and branches can be re-pushed by the action owner; that made the tj-a…MINED115
GitHub Action pinned to mutable ref (not 40-char SHA)
CWE-829
.github/workflows/npm-publish.yml:180
· conf 0.90
[MINED115] Action `actions/setup-node` pinned to mutable ref `@v6`: `uses: actions/setup-node@v6` resolves at workflow-run time. Tags and branches can be re-pushed by the action owner; that made the …MINED118
Dockerfile FROM not pinned by sha256 digest
CWE-829
Dockerfile:2
· conf 0.90
[MINED118] Dockerfile FROM `node:24-trixie-slim` not pinned by digest: `FROM node:24-trixie-slim` resolves the tag at build time. The registry CAN re-push a different image for the same tag, so every…SEC029
Server-Side Request Forgery (SSRF) — outbound HTTP from user input
open-sse/config/azureAi.ts:5
· conf 1.00
[SEC029] Server-Side Request Forgery (SSRF) — outbound HTTP from user input: Outbound HTTP request to a user-controlled URL without allowlist validation. Attackers can probe internal services (169.25…SEC029
Server-Side Request Forgery (SSRF) — outbound HTTP from user input
open-sse/config/bedrock.ts:14
· conf 1.00
[SEC029] Server-Side Request Forgery (SSRF) — outbound HTTP from user input: Outbound HTTP request to a user-controlled URL without allowlist validation. Attackers can probe internal services (169.25…SEC029
Server-Side Request Forgery (SSRF) — outbound HTTP from user input
open-sse/config/datarobot.ts:9
· conf 1.00
[SEC029] Server-Side Request Forgery (SSRF) — outbound HTTP from user input: Outbound HTTP request to a user-controlled URL without allowlist validation. Attackers can probe internal services (169.25…SEC040
innerHTML XSS — template literal with server-supplied data
open-sse/config/antigravityUpstream.ts:11
· conf 1.00
[SEC040] innerHTML XSS — template literal with server-supplied data: Setting .innerHTML with a template literal that interpolates server-supplied or user-supplied data is the canonical stored/reflect…SEC040
innerHTML XSS — template literal with server-supplied data
open-sse/services/apiKeyRotator.ts:222
· conf 1.00
[SEC040] innerHTML XSS — template literal with server-supplied data: Setting .innerHTML with a template literal that interpolates server-supplied or user-supplied data is the canonical stored/reflect…SEC040
innerHTML XSS — template literal with server-supplied data
open-sse/services/evalRouting.ts:264
· conf 1.00
[SEC040] innerHTML XSS — template literal with server-supplied data: Setting .innerHTML with a template literal that interpolates server-supplied or user-supplied data is the canonical stored/reflect…SEC083
JS: new RegExp() with non-literal
open-sse/services/antigravityObfuscation.ts:46
· conf 1.00
[SEC083] JS: new RegExp() with non-literal: new RegExp(<variable>) — variable input can craft a ReDoS pattern. Ported from eslint-plugin-security detect-non-literal-regexp (Apache-2.0).SEC083
JS: new RegExp() with non-literal
open-sse/services/claudeCodeObfuscation.ts:50
· conf 1.00
[SEC083] JS: new RegExp() with non-literal: new RegExp(<variable>) — variable input can craft a ReDoS pattern. Ported from eslint-plugin-security detect-non-literal-regexp (Apache-2.0).SEC083
JS: new RegExp() with non-literal
open-sse/services/comboAgentMiddleware.ts:127
· conf 1.00
[SEC083] JS: new RegExp() with non-literal: new RegExp(<variable>) — variable input can craft a ReDoS pattern. Ported from eslint-plugin-security detect-non-literal-regexp (Apache-2.0).SEC085
JS: child_process.exec with non-literal
open-sse/services/apiKeyRotator.ts:315
· conf 1.00
[SEC085] JS: child_process.exec with non-literal: child_process.exec with user-derived input enables command injection. Ported from eslint-plugin-security detect-child-process (Apache-2.0).SEC085
JS: child_process.exec with non-literal
open-sse/services/comboAgentMiddleware.ts:93
· conf 1.00
[SEC085] JS: child_process.exec with non-literal: child_process.exec with user-derived input enables command injection. Ported from eslint-plugin-security detect-child-process (Apache-2.0).SEC085
JS: child_process.exec with non-literal
open-sse/services/signatureCache.ts:126
· conf 1.00
[SEC085] JS: child_process.exec with non-literal: child_process.exec with user-derived input enables command injection. Ported from eslint-plugin-security detect-child-process (Apache-2.0).SEC128
Async function without await — fire-and-forget Promise (AI mistake)
open-sse/config/cliFingerprints.ts:268
· conf 1.00
[SEC128] Async function without await — fire-and-forget Promise (AI mistake): Async call invoked without `await` returns an unhandled Promise. The outer function resolves before the inner work comple…SEC128
Async function without await — fire-and-forget Promise (AI mistake)
open-sse/executors/deepseek-web-with-auto-refresh.ts:104
· conf 1.00
[SEC128] Async function without await — fire-and-forget Promise (AI mistake): Async call invoked without `await` returns an unhandled Promise. The outer function resolves before the inner work comple…SEC128
Async function without await — fire-and-forget Promise (AI mistake)
open-sse/mcp-server/httpTransport.ts:54
· conf 1.00
[SEC128] Async function without await — fire-and-forget Promise (AI mistake): Async call invoked without `await` returns an unhandled Promise. The outer function resolves before the inner work comple…AGT006
React interval is created without an explicit cleanup
open-sse/services/accountFallback.ts:359
· conf 0.78
React interval is created without an explicit cleanupAUC001
[AUC001] No Repobility access matrix policy found: The repository uses web/API frameworks but does not define .repobility/access.yml or equivalent authorization documentation.
[AUC001] No Repobility access matrix policy found: The repository uses web/API frameworks but does not define .repobility/access.yml or equivalent authorization documentation.CFG006
[CFG006] Missing .gitignore: No .gitignore file. Risk of committing secrets and build artifacts.
[CFG006] Missing .gitignore: No .gitignore file. Risk of committing secrets and build artifacts.DKR007
Docker build context has no .dockerignore
.dockerignore
· conf 0.90
Docker build context has no .dockerignoreERR002
[ERR002] Empty Catch Block: Empty catch blocks hide errors.
open-sse/executors/gemini-web.ts:175
· conf 1.00
[ERR002] Empty Catch Block: Empty catch blocks hide errors.ERR002
[ERR002] Empty Catch Block: Empty catch blocks hide errors.
open-sse/handlers/embeddings.ts:213
· conf 1.00
[ERR002] Empty Catch Block: Empty catch blocks hide errors.SEC031
Catastrophic Backtracking Regex (ReDoS)
open-sse/services/compression/preservation.ts:30
· conf 1.00
[SEC031] Catastrophic Backtracking Regex (ReDoS): Regex contains nested quantifiers like `(a+)+` or quantified alternation with overlapping branches. On adversarial input these patterns exhibit expon…SEC045
eval()/exec() on stored or user-supplied data
open-sse/services/apiKeyRotator.ts:315
· conf 1.00
[SEC045] eval()/exec() on stored or user-supplied data: eval() and exec() on data — even admin-stored data — is a lateral-movement vector after any one credential compromise. Sandboxes (__builtins__ …SEC045
eval()/exec() on stored or user-supplied data
open-sse/services/comboAgentMiddleware.ts:93
· conf 1.00
[SEC045] eval()/exec() on stored or user-supplied data: eval() and exec() on data — even admin-stored data — is a lateral-movement vector after any one credential compromise. Sandboxes (__builtins__ …SEC045
eval()/exec() on stored or user-supplied data
open-sse/services/signatureCache.ts:126
· conf 1.00
[SEC045] eval()/exec() on stored or user-supplied data: eval() and exec() on data — even admin-stored data — is a lateral-movement vector after any one credential compromise. Sandboxes (__builtins__ …SEC087
JS: weak Math.random for crypto
open-sse/executors/github.ts:154
· conf 1.00
[SEC087] JS: weak Math.random for crypto: Math.random() is not cryptographically secure; using it for tokens/keys/nonces is predictable. Ported from gosec G404 / eslint detect-pseudoRandomBytes conce…SEC087
JS: weak Math.random for crypto
open-sse/services/autoCombo/engine.ts:137
· conf 1.00
[SEC087] JS: weak Math.random for crypto: Math.random() is not cryptographically secure; using it for tokens/keys/nonces is predictable. Ported from gosec G404 / eslint detect-pseudoRandomBytes conce…WEB003
Public web service has no security.txt
.well-known/security.txt
· conf 0.78
Public web service has no security.txtAIC003
Duplicated implementation block across source files
open-sse/config/registryUtils.ts:17
· conf 0.86
Duplicated implementation block across source filesAIC003
Duplicated implementation block across source files
open-sse/executors/default.ts:240
· conf 0.86
Duplicated implementation block across source filesAIC003
Duplicated implementation block across source files
open-sse/executors/gitlab.ts:35
· conf 0.86
Duplicated implementation block across source filesAIC003
Duplicated implementation block across source files
open-sse/executors/ninerouter.ts:29
· conf 0.86
Duplicated implementation block across source filesAIC003
Duplicated implementation block across source files
open-sse/executors/nlpcloud.ts:20
· conf 0.86
Duplicated implementation block across source filesAIC003
Duplicated implementation block across source files
open-sse/executors/nlpcloud.ts:24
· conf 0.86
Duplicated implementation block across source filesAIC003
Duplicated implementation block across source files
open-sse/executors/opencode.ts:62
· conf 0.86
Duplicated implementation block across source filesAIC003
Duplicated implementation block across source files
open-sse/executors/petals.ts:18
· conf 0.86
Duplicated implementation block across source filesAIC003
Duplicated implementation block across source files
open-sse/executors/petals.ts:23
· conf 0.86
Duplicated implementation block across source filesAIC003
Duplicated implementation block across source files
open-sse/executors/petals.ts:132
· conf 0.86
Duplicated implementation block across source filesAIC003
Duplicated implementation block across source files
open-sse/handlers/audioTranscription.ts:15
· conf 0.86
Duplicated implementation block across source filesAIC003
Duplicated implementation block across source files
open-sse/handlers/videoGeneration.ts:69
· conf 0.86
Duplicated implementation block across source filesAIC003
Duplicated implementation block across source files
open-sse/services/claudeCodeObfuscation.ts:3
· conf 0.86
Duplicated implementation block across source filesAIC003
Duplicated implementation block across source files
open-sse/services/claudeTlsClient.ts:12
· conf 0.86
Duplicated implementation block across source filesAIC003
Duplicated implementation block across source files
open-sse/services/codexQuotaFetcher.ts:14
· conf 0.86
Duplicated implementation block across source filesAIC003
Duplicated implementation block across source files
open-sse/services/compression/strategySelector.ts:91
· conf 0.86
Duplicated implementation block across source filesAIC003
Duplicated implementation block across source files
open-sse/services/crofUsageFetcher.ts:11
· conf 0.86
Duplicated implementation block across source filesAIC003
Duplicated implementation block across source files
open-sse/services/deepseekQuotaFetcher.ts:23
· conf 0.86
Duplicated implementation block across source filesAIC003
Duplicated implementation block across source files
open-sse/services/genericQuotaFetcher.ts:22
· conf 0.86
Duplicated implementation block across source filesAIC003
Duplicated implementation block across source files
open-sse/services/perplexityTlsClient.ts:12
· conf 0.86
Duplicated implementation block across source filesWEB002
Public web app has no sitemap
sitemap.xml
· conf 0.72
Public web app has no sitemapWEB005
robots.txt does not advertise a sitemap
open-sse/services/antigravityHeaders.ts
· conf 0.74
robots.txt does not advertise a sitemapWEB008
Public docs site has no llms.txt
llms.txt
· conf 0.64
Public docs site has no llms.txtWEB011
Public web app has no humans.txt
humans.txt
· conf 0.50
Public web app has no humans.txtMINED043
Http Not Https
CWE-319
open-sse/executors/ninerouter.ts:45
· conf 1.00
[MINED043] Http Not Https: Hardcoded http:// (not localhost) for endpoints that handle credentials or data.MINED044
Js Console Log Prod
CWE-532
[MINED044] Js Console Log Prod (and 9 more): Same pattern found in 9 additional files. Review if needed.MINED044
Js Console Log Prod
CWE-532
open-sse/config/constants.ts:6
· conf 1.00
[MINED044] Js Console Log Prod: console.log left in code. Should be replaced with logger or removed.MINED044
Js Console Log Prod
CWE-532
open-sse/config/credentialLoader.ts:50
· conf 1.00
[MINED044] Js Console Log Prod: console.log left in code. Should be replaced with logger or removed.MINED044
Js Console Log Prod
CWE-532
open-sse/executors/deepseek-web-with-auto-refresh.ts:74
· conf 1.00
[MINED044] Js Console Log Prod: console.log left in code. Should be replaced with logger or removed.MINED045
Ts Non Null Assertion
CWE-476
[MINED045] Ts Non Null Assertion (and 3 more): Same pattern found in 3 additional files. Review if needed.MINED045
Ts Non Null Assertion
CWE-476
open-sse/mcp-server/httpTransport.ts:174
· conf 1.00
[MINED045] Ts Non Null Assertion: x! asserts not null - bypasses null checks - TypeError if wrong.MINED045
Ts Non Null Assertion
CWE-476
open-sse/services/claudeCodeCCH.ts:36
· conf 1.00
[MINED045] Ts Non Null Assertion: x! asserts not null - bypasses null checks - TypeError if wrong.MINED045
Ts Non Null Assertion
CWE-476
open-sse/services/cloudCodeThinking.ts:18
· conf 1.00
[MINED045] Ts Non Null Assertion: x! asserts not null - bypasses null checks - TypeError if wrong.MINED052
Ts Any Typed
CWE-704
[MINED052] Ts Any Typed (and 6 more): Same pattern found in 6 additional files. Review if needed.MINED052
Ts Any Typed
CWE-704
open-sse/executors/azure-openai.ts:20
· conf 1.00
[MINED052] Ts Any Typed: : any used as type annotation. Defeats TypeScript type safety.MINED052
Ts Any Typed
CWE-704
open-sse/executors/gemini-web.ts:166
· conf 1.00
[MINED052] Ts Any Typed: : any used as type annotation. Defeats TypeScript type safety.MINED052
Ts Any Typed
CWE-704
open-sse/executors/github.ts:39
· conf 1.00
[MINED052] Ts Any Typed: : any used as type annotation. Defeats TypeScript type safety.MINED053
Placeholder Default Username
CWE-1392CWE-798
open-sse/executors/veoaifree-web.ts:12
· conf 1.00
[MINED053] Placeholder Default Username: [email protected] / [email protected] / admin/admin / changeme — typical AI placeholder credentials.MINED054
Ts As Any
CWE-704
open-sse/executors/claude-web-auto-refresh.ts:77
· conf 1.00
[MINED054] Ts As Any: Casting to any (as any) bypasses type checking entirely.MINED054
Ts As Any
CWE-704
open-sse/executors/claude-web-with-auto-refresh.ts:57
· conf 1.00
[MINED054] Ts As Any: Casting to any (as any) bypasses type checking entirely.MINED054
Ts As Any
CWE-704
open-sse/mcp-server/tools/gamificationTools.ts:19
· conf 1.00
[MINED054] Ts As Any: Casting to any (as any) bypasses type checking entirely.SEC029
Server-Side Request Forgery (SSRF) — outbound HTTP from user input
[SEC029] Server-Side Request Forgery (SSRF) — outbound HTTP from user input (and 18 more): Same pattern found in 18 additional files. Review if needed.SEC040
innerHTML XSS — template literal with server-supplied data
[SEC040] innerHTML XSS — template literal with server-supplied data (and 1 more): Same pattern found in 1 additional files. Review if needed.SEC083
JS: new RegExp() with non-literal
[SEC083] JS: new RegExp() with non-literal (and 5 more): Same pattern found in 5 additional files. Review if needed.SEC118
UUIDv1 / UUIDv3 used for security-sensitive identifier
open-sse/executors/github.ts:154
· conf 0.10
[SEC118] UUIDv1 / UUIDv3 used for security-sensitive identifier: UUIDv1 encodes the MAC address and timestamp, making it predictable. Used as a session token or password-reset key, it's enumerable.SEC118
UUIDv1 / UUIDv3 used for security-sensitive identifier
open-sse/services/antigravityIdentity.ts:14
· conf 0.10
[SEC118] UUIDv1 / UUIDv3 used for security-sensitive identifier: UUIDv1 encodes the MAC address and timestamp, making it predictable. Used as a session token or password-reset key, it's enumerable.SEC128
Async function without await — fire-and-forget Promise (AI mistake)
[SEC128] Async function without await — fire-and-forget Promise (AI mistake) (and 17 more): Same pattern found in 17 additional files. Review if needed.Reading from rp.scan + rp.finding + rp.rule (unified schema, R78 series). Legacy data path unchanged. Compare with /scan/02d1bbe5-16e0-48bb-ad1c-c94b08d58ffa/.