← Legacy view v2 (rp.*)

thanaduangnamo-sketch/botpy

https://github.com/thanaduangnamo-sketch/botpy.git · lang: python · LOC: · source: user_submitted

Quality

68.3

Grade B-

Security

100.0

Findings

0 critical · 2 high

Status

completed

May 28, 2026 14:13

medium: 4 info: 3 high: 2 low: 1

Top rules by occurrence

Rule	Severity	Count
`MINED124` requirements.txt entry has no version pin	medium	2
`CORE_NO_LICENSE` No LICENSE file	low	1
`MINED111` Bare except continues silently	medium	1
`MINED036` Python Os System Call	high	1
`CFG006` [CFG006] Missing .gitignore: No .gitignore file. Risk of co…	medium	1
`CORE_NO_CI` No CI/CD configuration found	medium	1
`COMP001` [COMP001] High cognitive complexity: Function `load_yfinanc…	low	1
`MINED064` Python Input Call	info	1
`CORE_NO_TESTS` No test files found	high	1

First 10 findings (severity-sorted)

high COMP001 [COMP001] High cognitive complexity: Function `load_yfinance_data` has cognitive complexity 9 (SonarSource scale). Cognitive complexity measures how hard the function is for a human to understand — nested branches, boolean chains, and recursion all weigh in. Breakdown: except=1, for=1, if=2, nested_bonus=3, or=2.

main.py:45 · conf 0.95

[COMP001] High cognitive complexity: Function `copyserver` has cognitive complexity 30 (SonarSource scale). Cognitive complexity measures how hard the function is for a human to understand — nested b…

high MINED036 Python Os System Call CWE-78

main.py:19 · conf 1.00

[MINED036] Python Os System Call: os.system() invokes shell with no escaping.

medium CFG006 [CFG006] Missing .gitignore: No .gitignore file. Risk of committing secrets and build artifacts.

· conf 1.00

[CFG006] Missing .gitignore: No .gitignore file. Risk of committing secrets and build artifacts.

medium MINED111 Bare except continues silently

main.py:66 · conf 1.00

[MINED111] Bare except continues silently: Bare `except:` (or `except Exception:`) that runs code without re-raising or logging the exception. Hides real failures and makes bugs hard to diagnose.

medium MINED124 requirements.txt entry has no version pin CWE-1357

requirements.txt:1 · conf 0.90

[MINED124] requirements.txt: `colorama` has no version pin: Unpinned pip requirement means every fresh install may resolve a different version. Newer releases can introduce malicious code (typosquats…

medium MINED124 requirements.txt entry has no version pin CWE-1357

requirements.txt:3 · conf 0.90

[MINED124] requirements.txt: `requests` has no version pin: Unpinned pip requirement means every fresh install may resolve a different version. Newer releases can introduce malicious code (typosquats…

low CORE_NO_LICENSE No LICENSE file

No LICENSE file

info CORE_NO_CI No CI/CD configuration found

· conf 0.35

No CI/CD configuration found

info CORE_NO_TESTS No test files found

· conf 0.35

No test files found in a documentation, catalog, or template-heavy repository

info MINED064 Python Input Call

main.py:21 · conf 1.00

[MINED064] Python Input Call: input() blocks for stdin. Inappropriate in services.

Reading from rp.scan + rp.finding + rp.rule (unified schema, R78 series). Legacy data path unchanged. Compare with /scan/04587534-e4dd-4b3d-97c4-7ecde756364b/.