← Legacy view v2 (rp.*)

chopratejas/headroom

https://github.com/chopratejas/headroom · lang: python · LOC: · source: both

Quality
87.9
Grade A-
Security
100.0
Findings
346
16 critical · 155 high
Status
completed
Jun 2, 2026 20:56
high: 155 medium: 66 info: 62 low: 47 critical: 16
Top rules by occurrence
RuleSeverityCount
AIC003 Duplicated implementation block across source files low 30
MINED111 Bare except continues silently medium 25
MINED106 Phantom test coverage (assertion-free test) high 25
MINED108 self.attribute used but never assigned in __init__ high 25
MINED112 FastAPI POST/PUT/DELETE/PATCH endpoint without auth high 25
MINED115 GitHub Action pinned to mutable ref (not 40-char SHA) high 25
MINED107 Missing Python import (NameError at runtime) critical 10
AUC009 [AUC009] Sensitive function route lacks elevated authorizat… medium 10
AUC003 [AUC003] Object-level route lacks visible authorization: A … high 8
DKR002 Dockerfile base image has no explicit tag medium 6
First 200 findings (severity-sorted)
high AGT002 LLM memory extraction can be prompt-injected into storing fake facts
headroom/proxy/handlers/gemini.py:170 · conf 0.82 
LLM memory extraction can be prompt-injected into storing fake facts
high AUC003 [AUC003] Object-level route lacks visible authorization: A route with an object id-like parameter does not show nearby authentication or authorization evidence. This is a BOLA/IDOR review target. Endpoint: ANY /plugins/<slug:plugin_slug>/.
headroom/providers/proxy_routes.py:339 · conf 0.70 
[AUC003] Object-level route lacks visible authorization: A route with an object id-like parameter does not show nearby authentication or authorization evidence. This is a BOLA/IDOR review target. End…
high AUC003 [AUC003] Object-level route lacks visible authorization: A route with an object id-like parameter does not show nearby authentication or authorization evidence. This is a BOLA/IDOR review target. Endpoint: ANY /plugins/<slug:plugin_slug>/.
headroom/providers/proxy_routes.py:343 · conf 0.70 
[AUC003] Object-level route lacks visible authorization: A route with an object id-like parameter does not show nearby authentication or authorization evidence. This is a BOLA/IDOR review target. End…
high AUC003 [AUC003] Object-level route lacks visible authorization: A route with an object id-like parameter does not show nearby authentication or authorization evidence. This is a BOLA/IDOR review target. Endpoint: ANY /plugins/<slug:plugin_slug>/.
headroom/providers/proxy_routes.py:347 · conf 0.70 
[AUC003] Object-level route lacks visible authorization: A route with an object id-like parameter does not show nearby authentication or authorization evidence. This is a BOLA/IDOR review target. End…
high AUC003 [AUC003] Object-level route lacks visible authorization: A route with an object id-like parameter does not show nearby authentication or authorization evidence. This is a BOLA/IDOR review target. Endpoint: ANY /plugins/<slug:plugin_slug>/.
headroom/providers/proxy_routes.py:442 · conf 0.70 
[AUC003] Object-level route lacks visible authorization: A route with an object id-like parameter does not show nearby authentication or authorization evidence. This is a BOLA/IDOR review target. End…
high AUC003 [AUC003] Object-level route lacks visible authorization: A route with an object id-like parameter does not show nearby authentication or authorization evidence. This is a BOLA/IDOR review target. Endpoint: ANY /plugins/<slug:plugin_slug>/.
headroom/providers/proxy_routes.py:446 · conf 0.70 
[AUC003] Object-level route lacks visible authorization: A route with an object id-like parameter does not show nearby authentication or authorization evidence. This is a BOLA/IDOR review target. End…
high AUC003 [AUC003] Object-level route lacks visible authorization: A route with an object id-like parameter does not show nearby authentication or authorization evidence. This is a BOLA/IDOR review target. Endpoint: ANY /plugins/<slug:plugin_slug>/.
headroom/providers/proxy_routes.py:488 · conf 0.70 
[AUC003] Object-level route lacks visible authorization: A route with an object id-like parameter does not show nearby authentication or authorization evidence. This is a BOLA/IDOR review target. End…
high AUC003 [AUC003] Object-level route lacks visible authorization: A route with an object id-like parameter does not show nearby authentication or authorization evidence. This is a BOLA/IDOR review target. Endpoint: ANY /plugins/<slug:plugin_slug>/.
headroom/providers/proxy_routes.py:621 · conf 0.70 
[AUC003] Object-level route lacks visible authorization: A route with an object id-like parameter does not show nearby authentication or authorization evidence. This is a BOLA/IDOR review target. End…
high AUC003 [AUC003] Object-level route lacks visible authorization: A route with an object id-like parameter does not show nearby authentication or authorization evidence. This is a BOLA/IDOR review target. Endpoint: ANY /plugins/<slug:plugin_slug>/.
headroom/providers/proxy_routes.py:630 · conf 0.70 
[AUC003] Object-level route lacks visible authorization: A route with an object id-like parameter does not show nearby authentication or authorization evidence. This is a BOLA/IDOR review target. End…
high DKC011 Database service publishes a host port
docker-compose.yml:33 · conf 0.84 
Database service publishes a host port
high DKR006 Dockerfile pipes a remote script into a shell
Dockerfile:35 · conf 0.92 
Dockerfile pipes a remote script into a shell
high DKR006 Dockerfile pipes a remote script into a shell
e2e/init/Dockerfile:15 · conf 0.92 
Dockerfile pipes a remote script into a shell
high DKR006 Dockerfile pipes a remote script into a shell
e2e/wrap/Dockerfile:28 · conf 0.92 
Dockerfile pipes a remote script into a shell
high DKR006 Dockerfile pipes a remote script into a shell
e2e/wrap/Dockerfile:76 · conf 0.92 
Dockerfile pipes a remote script into a shell
high MINED001 Bare Except Pass CWE-755
headroom/cache/registry.py:174 · conf 1.00 
[MINED001] Bare Except Pass: except: pass or except Exception: pass — silently swallows everything including KeyboardInterrupt and bugs.
high MINED001 Bare Except Pass CWE-755
headroom/cli/__init__.py:30 · conf 1.00 
[MINED001] Bare Except Pass: except: pass or except Exception: pass — silently swallows everything including KeyboardInterrupt and bugs.
high MINED001 Bare Except Pass CWE-755
headroom/cli/install.py:74 · conf 1.00 
[MINED001] Bare Except Pass: except: pass or except Exception: pass — silently swallows everything including KeyboardInterrupt and bugs.
high MINED003 Rust Unwrap In Prod CWE-755
crates/headroom-core/benches/auth_mode.rs:22 · conf 1.00 
[MINED003] Rust Unwrap In Prod: .unwrap() panics if None/Err. Acceptable in tests; risky elsewhere.
high MINED003 Rust Unwrap In Prod CWE-755
crates/headroom-core/benches/ccr_store.rs:63 · conf 1.00 
[MINED003] Rust Unwrap In Prod: .unwrap() panics if None/Err. Acceptable in tests; risky elsewhere.
high MINED003 Rust Unwrap In Prod CWE-755
crates/headroom-core/src/auth_mode.rs:246 · conf 1.00 
[MINED003] Rust Unwrap In Prod: .unwrap() panics if None/Err. Acceptable in tests; risky elsewhere.
high MINED004 Weak Crypto CWE-327
headroom/utils.py:38 · conf 1.00 
[MINED004] Weak Crypto: MD5/SHA1/DES/RC4 used for security context (not just checksums).
high MINED009 Floats For Money CWE-682
headroom/utils.py:238 · conf 1.00 
[MINED009] Floats For Money: Variable named price/amount/cost typed as float instead of Decimal.
high MINED020 Logging Credential Via Fstring CWE-532
headroom/evals/cost_tracker.py:87 · conf 1.00 
[MINED020] Logging Credential Via Fstring: logger.error(f"failed for {api_key}") — secrets end up in log aggregators / sentry.
high MINED020 Logging Credential Via Fstring CWE-532
headroom/integrations/langchain/memory.py:159 · conf 1.00 
[MINED020] Logging Credential Via Fstring: logger.error(f"failed for {api_key}") — secrets end up in log aggregators / sentry.
high MINED020 Logging Credential Via Fstring CWE-532
headroom/tokenizers/huggingface.py:124 · conf 1.00 
[MINED020] Logging Credential Via Fstring: logger.error(f"failed for {api_key}") — secrets end up in log aggregators / sentry.
medium AGT015 Remote install command pipes network code directly to a shell
docs/content/docs/docker-install.mdx:13 · conf 0.70 
Remote install command pipes network code directly to a shell
medium AGT015 Remote install command pipes network code directly to a shell
.github/workflows/ci.yml:286 · conf 0.70 
Remote install command pipes network code directly to a shell
medium AGT016 Codex session log reader may expose prompts or tool-call content
e2e/init/run.py:8 · conf 0.73 
Codex session log reader may expose prompts or tool-call content
medium AGT016 Codex session log reader may expose prompts or tool-call content
headroom/learn/plugins/codex.py:1 · conf 0.73 
Codex session log reader may expose prompts or tool-call content
medium AGT016 Codex session log reader may expose prompts or tool-call content
headroom/subscription/tracker.py:14 · conf 0.73 
Codex session log reader may expose prompts or tool-call content
medium AGT016 Codex session log reader may expose prompts or tool-call content
scripts/replay_codex_ws_load.py:2 · conf 0.73 
Codex session log reader may expose prompts or tool-call content
medium AUC001 [AUC001] No Repobility access matrix policy found: The repository uses web/API frameworks but does not define .repobility/access.yml or equivalent authorization documentation.
· conf 0.92 
[AUC001] No Repobility access matrix policy found: The repository uses web/API frameworks but does not define .repobility/access.yml or equivalent authorization documentation.
medium AUC002 [AUC002] Low visible authorization coverage in route inventory: Only 0.0% of discovered routes show nearby authentication, authorization, middleware, or public-route evidence.
· conf 0.74 
[AUC002] Low visible authorization coverage in route inventory: Only 15.4% of discovered routes show nearby authentication, authorization, middleware, or public-route evidence.
medium AUC009 [AUC009] Sensitive function route lacks elevated authorization evidence: A route appears to perform a sensitive function such as export, invite, role, token, billing, or destructive action without elevated policy evidence. Endpoint: DELETE /items/{item_id}.
headroom/providers/proxy_routes.py:318 · conf 0.68 
[AUC009] Sensitive function route lacks elevated authorization evidence: A route appears to perform a sensitive function such as export, invite, role, token, billing, or destructive action without el…
medium AUC009 [AUC009] Sensitive function route lacks elevated authorization evidence: A route appears to perform a sensitive function such as export, invite, role, token, billing, or destructive action without elevated policy evidence. Endpoint: DELETE /items/{item_id}.
headroom/providers/proxy_routes.py:322 · conf 0.68 
[AUC009] Sensitive function route lacks elevated authorization evidence: A route appears to perform a sensitive function such as export, invite, role, token, billing, or destructive action without el…
medium AUC009 [AUC009] Sensitive function route lacks elevated authorization evidence: A route appears to perform a sensitive function such as export, invite, role, token, billing, or destructive action without elevated policy evidence. Endpoint: DELETE /items/{item_id}.
headroom/providers/proxy_routes.py:331 · conf 0.68 
[AUC009] Sensitive function route lacks elevated authorization evidence: A route appears to perform a sensitive function such as export, invite, role, token, billing, or destructive action without el…
medium AUC009 [AUC009] Sensitive function route lacks elevated authorization evidence: A route appears to perform a sensitive function such as export, invite, role, token, billing, or destructive action without elevated policy evidence. Endpoint: DELETE /items/{item_id}.
headroom/providers/proxy_routes.py:434 · conf 0.68 
[AUC009] Sensitive function route lacks elevated authorization evidence: A route appears to perform a sensitive function such as export, invite, role, token, billing, or destructive action without el…
medium AUC009 [AUC009] Sensitive function route lacks elevated authorization evidence: A route appears to perform a sensitive function such as export, invite, role, token, billing, or destructive action without elevated policy evidence. Endpoint: DELETE /items/{item_id}.
headroom/providers/proxy_routes.py:454 · conf 0.68 
[AUC009] Sensitive function route lacks elevated authorization evidence: A route appears to perform a sensitive function such as export, invite, role, token, billing, or destructive action without el…
medium AUC009 [AUC009] Sensitive function route lacks elevated authorization evidence: A route appears to perform a sensitive function such as export, invite, role, token, billing, or destructive action without elevated policy evidence. Endpoint: DELETE /items/{item_id}.
headroom/providers/proxy_routes.py:458 · conf 0.68 
[AUC009] Sensitive function route lacks elevated authorization evidence: A route appears to perform a sensitive function such as export, invite, role, token, billing, or destructive action without el…
medium AUC009 [AUC009] Sensitive function route lacks elevated authorization evidence: A route appears to perform a sensitive function such as export, invite, role, token, billing, or destructive action without elevated policy evidence. Endpoint: DELETE /items/{item_id}.
headroom/providers/proxy_routes.py:462 · conf 0.68 
[AUC009] Sensitive function route lacks elevated authorization evidence: A route appears to perform a sensitive function such as export, invite, role, token, billing, or destructive action without el…
medium AUC009 [AUC009] Sensitive function route lacks elevated authorization evidence: A route appears to perform a sensitive function such as export, invite, role, token, billing, or destructive action without elevated policy evidence. Endpoint: DELETE /items/{item_id}.
headroom/providers/proxy_routes.py:466 · conf 0.68 
[AUC009] Sensitive function route lacks elevated authorization evidence: A route appears to perform a sensitive function such as export, invite, role, token, billing, or destructive action without el…
medium AUC009 [AUC009] Sensitive function route lacks elevated authorization evidence: A route appears to perform a sensitive function such as export, invite, role, token, billing, or destructive action without elevated policy evidence. Endpoint: DELETE /items/{item_id}.
headroom/providers/proxy_routes.py:595 · conf 0.68 
[AUC009] Sensitive function route lacks elevated authorization evidence: A route appears to perform a sensitive function such as export, invite, role, token, billing, or destructive action without el…
medium AUC009 [AUC009] Sensitive function route lacks elevated authorization evidence: A route appears to perform a sensitive function such as export, invite, role, token, billing, or destructive action without elevated policy evidence. Endpoint: DELETE /items/{item_id}.
headroom/providers/proxy_routes.py:599 · conf 0.68 
[AUC009] Sensitive function route lacks elevated authorization evidence: A route appears to perform a sensitive function such as export, invite, role, token, billing, or destructive action without el…
medium AUC012 [AUC012] FastAPI interactive docs may be exposed by framework defaults: FastAPI exposes /docs, /redoc, and /openapi.json by default. Public production APIs should explicitly disable those defaults, protect them behind admin authentication, or publish a reviewed OpenAPI spec with declared security requirements.
· conf 0.72 
[AUC012] FastAPI interactive docs may be exposed by framework defaults: FastAPI exposes /docs, /redoc, and /openapi.json by default. Public production APIs should explicitly disable those defaults, p…
medium DKC015 Database service has no healthcheck
docker-compose.yml:33 · conf 0.88 
Database service has no healthcheck
medium DKR001 Docker final stage has no non-root USER
.devcontainer/Dockerfile:2 · conf 0.82 
Docker final stage has no non-root USER
medium DKR001 Docker final stage has no non-root USER
Dockerfile:125 · conf 0.82 
Docker final stage has no non-root USER
medium DKR001 Docker final stage has no non-root USER
e2e/init/Dockerfile:35 · conf 0.82 
Docker final stage has no non-root USER
medium DKR001 Docker final stage has no non-root USER
e2e/wrap/Dockerfile:61 · conf 0.82 
Docker final stage has no non-root USER
medium DKR002 Dockerfile base image has no explicit tag
e2e/init/Dockerfile:7 · conf 0.90 
Dockerfile base image has no explicit tag
medium DKR002 Dockerfile base image has no explicit tag
e2e/wrap/Dockerfile:10 · conf 0.90 
Dockerfile base image has no explicit tag
medium ERR001 [ERR001] Silent Exception Swallowing (and 2 more): Same pattern found in 2 additional files. Review if needed.
headroom/graph/installer.py:111 · conf 1.00 
[ERR001] Silent Exception Swallowing: Silently swallowing all exceptions hides bugs. Even in cleanup code, log at DEBUG level.
medium ERR001 [ERR001] Silent Exception Swallowing (and 2 more): Same pattern found in 2 additional files. Review if needed.
headroom/integrations/strands/providers.py:138 · conf 1.00 
[ERR001] Silent Exception Swallowing: Silently swallowing all exceptions hides bugs. Even in cleanup code, log at DEBUG level.
medium ERR001 [ERR001] Silent Exception Swallowing (and 2 more): Same pattern found in 2 additional files. Review if needed.
headroom/providers/cohere.py:279 · conf 1.00 
[ERR001] Silent Exception Swallowing: Silently swallowing all exceptions hides bugs. Even in cleanup code, log at DEBUG level.
medium MINED111 Bare except continues silently
benchmarks/headroom_worst_case_benchmark.py:676 · conf 1.00 
[MINED111] Bare except continues silently: Bare `except:` (or `except Exception:`) that runs code without re-raising or logging the exception. Hides real failures and makes bugs hard to diagnose.
medium MINED111 Bare except continues silently
benchmarks/prefix_cache_benchmark.py:586 · conf 1.00 
[MINED111] Bare except continues silently: Bare `except:` (or `except Exception:`) that runs code without re-raising or logging the exception. Hides real failures and makes bugs hard to diagnose.
medium MINED111 Bare except continues silently
claude_analysis_ttl.py:55 · conf 1.00 
[MINED111] Bare except continues silently: Bare `except:` (or `except Exception:`) that runs code without re-raising or logging the exception. Hides real failures and makes bugs hard to diagnose.
medium MINED111 Bare except continues silently
claude_analysis_ttl.py:65 · conf 1.00 
[MINED111] Bare except continues silently: Bare `except:` (or `except Exception:`) that runs code without re-raising or logging the exception. Hides real failures and makes bugs hard to diagnose.
medium MINED111 Bare except continues silently
claude_analysis_ttl.py:108 · conf 1.00 
[MINED111] Bare except continues silently: Bare `except:` (or `except Exception:`) that runs code without re-raising or logging the exception. Hides real failures and makes bugs hard to diagnose.
medium MINED111 Bare except continues silently
examples/strands_bedrock_demo.py:981 · conf 1.00 
[MINED111] Bare except continues silently: Bare `except:` (or `except Exception:`) that runs code without re-raising or logging the exception. Hides real failures and makes bugs hard to diagnose.
medium MINED111 Bare except continues silently
examples/strands_bundle_demo.py:83 · conf 1.00 
[MINED111] Bare except continues silently: Bare `except:` (or `except Exception:`) that runs code without re-raising or logging the exception. Hides real failures and makes bugs hard to diagnose.
medium MINED111 Bare except continues silently
examples/strands_bundle_demo.py:101 · conf 1.00 
[MINED111] Bare except continues silently: Bare `except:` (or `except Exception:`) that runs code without re-raising or logging the exception. Hides real failures and makes bugs hard to diagnose.
medium MINED111 Bare except continues silently
examples/strands_bundle_demo.py:243 · conf 1.00 
[MINED111] Bare except continues silently: Bare `except:` (or `except Exception:`) that runs code without re-raising or logging the exception. Hides real failures and makes bugs hard to diagnose.
medium MINED111 Bare except continues silently
examples/strands_mcp_dispatch_test.py:73 · conf 1.00 
[MINED111] Bare except continues silently: Bare `except:` (or `except Exception:`) that runs code without re-raising or logging the exception. Hides real failures and makes bugs hard to diagnose.
medium MINED111 Bare except continues silently
examples/strands_mcp_dispatch_test.py:226 · conf 1.00 
[MINED111] Bare except continues silently: Bare `except:` (or `except Exception:`) that runs code without re-raising or logging the exception. Hides real failures and makes bugs hard to diagnose.
medium MINED111 Bare except continues silently
examples/strands_mcp_dispatch_test.py:256 · conf 1.00 
[MINED111] Bare except continues silently: Bare `except:` (or `except Exception:`) that runs code without re-raising or logging the exception. Hides real failures and makes bugs hard to diagnose.
medium MINED111 Bare except continues silently
examples/strands_via_proxy_demo.py:197 · conf 1.00 
[MINED111] Bare except continues silently: Bare `except:` (or `except Exception:`) that runs code without re-raising or logging the exception. Hides real failures and makes bugs hard to diagnose.
medium MINED111 Bare except continues silently
examples/strands_via_proxy_demo.py:288 · conf 1.00 
[MINED111] Bare except continues silently: Bare `except:` (or `except Exception:`) that runs code without re-raising or logging the exception. Hides real failures and makes bugs hard to diagnose.
medium MINED111 Bare except continues silently
examples/test_intelligent_context_toin_ccr.py:330 · conf 1.00 
[MINED111] Bare except continues silently: Bare `except:` (or `except Exception:`) that runs code without re-raising or logging the exception. Hides real failures and makes bugs hard to diagnose.
medium MINED111 Bare except continues silently
headroom/client.py:922 · conf 1.00 
[MINED111] Bare except continues silently: Bare `except:` (or `except Exception:`) that runs code without re-raising or logging the exception. Hides real failures and makes bugs hard to diagnose.
medium MINED111 Bare except continues silently
headroom/client.py:931 · conf 1.00 
[MINED111] Bare except continues silently: Bare `except:` (or `except Exception:`) that runs code without re-raising or logging the exception. Hides real failures and makes bugs hard to diagnose.
medium MINED111 Bare except continues silently
headroom/client.py:943 · conf 1.00 
[MINED111] Bare except continues silently: Bare `except:` (or `except Exception:`) that runs code without re-raising or logging the exception. Hides real failures and makes bugs hard to diagnose.
medium MINED111 Bare except continues silently
headroom/client.py:952 · conf 1.00 
[MINED111] Bare except continues silently: Bare `except:` (or `except Exception:`) that runs code without re-raising or logging the exception. Hides real failures and makes bugs hard to diagnose.
medium MINED111 Bare except continues silently
headroom/onnx_runtime.py:50 · conf 1.00 
[MINED111] Bare except continues silently: Bare `except:` (or `except Exception:`) that runs code without re-raising or logging the exception. Hides real failures and makes bugs hard to diagnose.
medium MINED111 Bare except continues silently
headroom/_version.py:43 · conf 1.00 
[MINED111] Bare except continues silently: Bare `except:` (or `except Exception:`) that runs code without re-raising or logging the exception. Hides real failures and makes bugs hard to diagnose.
medium MINED111 Bare except continues silently
scripts/replay_codex_ws_load.py:263 · conf 1.00 
[MINED111] Bare except continues silently: Bare `except:` (or `except Exception:`) that runs code without re-raising or logging the exception. Hides real failures and makes bugs hard to diagnose.
medium MINED111 Bare except continues silently
scripts/repro_codex_replay.py:300 · conf 1.00 
[MINED111] Bare except continues silently: Bare `except:` (or `except Exception:`) that runs code without re-raising or logging the exception. Hides real failures and makes bugs hard to diagnose.
medium MINED111 Bare except continues silently
scripts/repro_codex_replay.py:682 · conf 1.00 
[MINED111] Bare except continues silently: Bare `except:` (or `except Exception:`) that runs code without re-raising or logging the exception. Hides real failures and makes bugs hard to diagnose.
medium MINED111 Bare except continues silently
scripts/smoke_issue_327.py:226 · conf 1.00 
[MINED111] Bare except continues silently: Bare `except:` (or `except Exception:`) that runs code without re-raising or logging the exception. Hides real failures and makes bugs hard to diagnose.
medium SEC012 ZipSlip — Archive Path Traversal
scripts/audit_wheel_glibc_symbols.py:189 · conf 1.00 
[SEC012] ZipSlip — Archive Path Traversal: Archive extraction without path validation allows writing files outside the target directory.
medium SEC034 Log Injection / Log Forging — unsanitized user input in log
headroom/evals/cost_tracker.py:87 · conf 1.00 
[SEC034] Log Injection / Log Forging — unsanitized user input in log: User input is logged without sanitizing newlines or control characters. Attackers inject `\n` to forge fake log entries, hide tra…
medium SEC034 Log Injection / Log Forging — unsanitized user input in log
headroom/integrations/agno/hooks.py:120 · conf 1.00 
[SEC034] Log Injection / Log Forging — unsanitized user input in log: User input is logged without sanitizing newlines or control characters. Attackers inject `\n` to forge fake log entries, hide tra…
medium SEC034 Log Injection / Log Forging — unsanitized user input in log
headroom/proxy/stage_timer.py:180 · conf 1.00 
[SEC034] Log Injection / Log Forging — unsanitized user input in log: User input is logged without sanitizing newlines or control characters. Attackers inject `\n` to forge fake log entries, hide tra…
medium SEC087 JS: weak Math.random for crypto
sdk/typescript/examples/basic-compress.ts:22 · conf 1.00 
[SEC087] JS: weak Math.random for crypto: Math.random() is not cryptographically secure; using it for tokens/keys/nonces is predictable. Ported from gosec G404 / eslint detect-pseudoRandomBytes conce…
medium SEC087 JS: weak Math.random for crypto
sdk/typescript/examples/simulation-dry-run.ts:17 · conf 1.00 
[SEC087] JS: weak Math.random for crypto: Math.random() is not cryptographically secure; using it for tokens/keys/nonces is predictable. Ported from gosec G404 / eslint detect-pseudoRandomBytes conce…
medium SEC087 JS: weak Math.random for crypto
sdk/typescript/examples/tool-calling-agent.ts:21 · conf 1.00 
[SEC087] JS: weak Math.random for crypto: Math.random() is not cryptographically secure; using it for tokens/keys/nonces is predictable. Ported from gosec G404 / eslint detect-pseudoRandomBytes conce…
medium SEC119 World-writable / world-readable file permissions
headroom/proxy/interceptors/astgrep.py:183 · conf 1.00 
[SEC119] World-writable / world-readable file permissions: World-writable files let any local user (or container neighbor) tamper with data; world-readable files leak secrets.
medium SEC134 AI scaffold leftover — Lorem ipsum / example.com / John Doe in code
examples/mcp_demo/mock_mcp_servers.py:179 · conf 1.00 
[SEC134] AI scaffold leftover — Lorem ipsum / example.com / John Doe in code: Lorem ipsum / John Doe / example.com left in non-test code. AI agents emit these as 'reasonable defaults' when they don't…
medium SEC136 AI-typical over-broad exception handler swallowing all errors
headroom/proxy/debug_introspection.py:61 · conf 1.00 
[SEC136] AI-typical over-broad exception handler swallowing all errors: Catch-all exception block that silently returns success or no-ops. AI agents reach for this pattern when a flaky test or an unf…
medium SEC136 AI-typical over-broad exception handler swallowing all errors
headroom/subscription/session_tracking.py:84 · conf 1.00 
[SEC136] AI-typical over-broad exception handler swallowing all errors: Catch-all exception block that silently returns success or no-ops. AI agents reach for this pattern when a flaky test or an unf…
medium WEB003 Public web service has no security.txt
.well-known/security.txt · conf 0.78 
Public web service has no security.txt
low AIC003 Duplicated implementation block across source files
crates/headroom-core/src/tokenizer/registry.rs:77 · conf 0.86 
Duplicated implementation block across source files
low AIC003 Duplicated implementation block across source files
crates/headroom-core/src/transforms/pipeline/offloads/json_offload.rs:80 · conf 0.86 
Duplicated implementation block across source files
low AIC003 Duplicated implementation block across source files
crates/headroom-core/src/transforms/pipeline/offloads/log_offload.rs:93 · conf 0.86 
Duplicated implementation block across source files
low AIC003 Duplicated implementation block across source files
crates/headroom-core/src/transforms/pipeline/offloads/search_offload.rs:73 · conf 0.86 
Duplicated implementation block across source files
low AIC003 Duplicated implementation block across source files
crates/headroom-proxy/src/bedrock/invoke_streaming.rs:31 · conf 0.86 
Duplicated implementation block across source files
low AIC003 Duplicated implementation block across source files
crates/headroom-proxy/src/compression/live_zone_responses.rs:100 · conf 0.86 
Duplicated implementation block across source files
low AIC003 Duplicated implementation block across source files
crates/headroom-proxy/src/handlers/responses.rs:61 · conf 0.86 
Duplicated implementation block across source files
low AIC003 Duplicated implementation block across source files
crates/headroom-proxy/src/sse/openai_chat.rs:144 · conf 0.86 
Duplicated implementation block across source files
low AIC003 Duplicated implementation block across source files
crates/headroom-proxy/src/sse/openai_responses.rs:317 · conf 0.86 
Duplicated implementation block across source files
low AIC003 Duplicated implementation block across source files
headroom/compression/handlers/code_handler.py:198 · conf 0.86 
Duplicated implementation block across source files
low AIC003 Duplicated implementation block across source files
headroom/evals/memory/runner_v2.py:154 · conf 0.86 
Duplicated implementation block across source files
low AIC003 Duplicated implementation block across source files
headroom/evals/runners/before_after.py:280 · conf 0.86 
Duplicated implementation block across source files
low AIC003 Duplicated implementation block across source files
headroom/integrations/langchain/chat_model.py:387 · conf 0.86 
Duplicated implementation block across source files
low AIC003 Duplicated implementation block across source files
headroom/integrations/langchain/__init__.py:60 · conf 0.86 
Duplicated implementation block across source files
low AIC003 Duplicated implementation block across source files
headroom/integrations/litellm_callback.py:91 · conf 0.86 
Duplicated implementation block across source files
low AIC003 Duplicated implementation block across source files
headroom/integrations/strands/model.py:104 · conf 0.86 
Duplicated implementation block across source files
low AIC003 Duplicated implementation block across source files
headroom/learn/plugins/gemini.py:86 · conf 0.86 
Duplicated implementation block across source files
low AIC003 Duplicated implementation block across source files
headroom/mcp_registry/codex.py:160 · conf 0.86 
Duplicated implementation block across source files
low AIC003 Duplicated implementation block across source files
headroom/memory/adapters/sqlite_graph.py:269 · conf 0.86 
Duplicated implementation block across source files
low AIC003 Duplicated implementation block across source files
headroom/memory/adapters/sqlite.py:50 · conf 0.86 
Duplicated implementation block across source files
low AIC003 Duplicated implementation block across source files
headroom/memory/adapters/sqlite.py:197 · conf 0.86 
Duplicated implementation block across source files
low AIC003 Duplicated implementation block across source files
headroom/memory/adapters/sqlite_vector.py:114 · conf 0.86 
Duplicated implementation block across source files
low AIC003 Duplicated implementation block across source files
headroom/memory/backends/__init__.py:38 · conf 0.86 
Duplicated implementation block across source files
low AIC003 Duplicated implementation block across source files
headroom/memory/backends/mem0_system_adapter.py:82 · conf 0.86 
Duplicated implementation block across source files
low AIC003 Duplicated implementation block across source files
headroom/memory/core.py:439 · conf 0.86 
Duplicated implementation block across source files
low AIC003 Duplicated implementation block across source files
headroom/memory/system.py:21 · conf 0.86 
Duplicated implementation block across source files
low AIC003 Duplicated implementation block across source files
headroom/memory/system.py:50 · conf 0.86 
Duplicated implementation block across source files
low AIC003 Duplicated implementation block across source files
headroom/memory/writers/codex_writer.py:20 · conf 0.86 
Duplicated implementation block across source files
low AIC003 Duplicated implementation block across source files
headroom/memory/writers/generic_writer.py:28 · conf 0.86 
Duplicated implementation block across source files
low AIC003 Duplicated implementation block across source files
headroom/models/__init__.py:34 · conf 0.86 
Duplicated implementation block across source files
low COMP001 [COMP001] High cognitive complexity: Function `load_yfinance_data` has cognitive complexity 9 (SonarSource scale). Cognitive complexity measures how hard the function is for a human to understand — nested branches, boolean chains, and recursion all weigh in. Breakdown: except=1, for=1, if=2, nested_bonus=3, or=2.
benchmarks/dynamic_detector_benchmark.py:221 · conf 0.95 
[COMP001] High cognitive complexity: Function `print_results` has cognitive complexity 9 (SonarSource scale). Cognitive complexity measures how hard the function is for a human to understand — nested…
low COMP001 [COMP001] High cognitive complexity: Function `load_yfinance_data` has cognitive complexity 9 (SonarSource scale). Cognitive complexity measures how hard the function is for a human to understand — nested branches, boolean chains, and recursion all weigh in. Breakdown: except=1, for=1, if=2, nested_bonus=3, or=2.
benchmarks/dynamic_detector_benchmark.py:257 · conf 0.95 
[COMP001] High cognitive complexity: Function `print_comparison` has cognitive complexity 13 (SonarSource scale). Cognitive complexity measures how hard the function is for a human to understand — ne…
low COMP001 [COMP001] High cognitive complexity: Function `load_yfinance_data` has cognitive complexity 9 (SonarSource scale). Cognitive complexity measures how hard the function is for a human to understand — nested branches, boolean chains, and recursion all weigh in. Breakdown: except=1, for=1, if=2, nested_bonus=3, or=2.
benchmarks/proxy_mode_benchmark.py:154 · conf 0.95 
[COMP001] High cognitive complexity: Function `_simulate_mode` has cognitive complexity 12 (SonarSource scale). Cognitive complexity measures how hard the function is for a human to understand — nest…
low DKC006 Compose service does not declare a runtime user
docker-compose.yml:1 · conf 0.56 
Compose service does not declare a runtime user
low DKC006 Compose service does not declare a runtime user
docker-compose.yml:22 · conf 0.56 
Compose service does not declare a runtime user
low DKC006 Compose service does not declare a runtime user
docker-compose.yml:33 · conf 0.56 
Compose service does not declare a runtime user
low DKC010 Compose service lacks no-new-privileges hardening
docker-compose.yml:1 · conf 0.62 
Compose service lacks no-new-privileges hardening
low DKC010 Compose service lacks no-new-privileges hardening
docker-compose.yml:22 · conf 0.62 
Compose service lacks no-new-privileges hardening
low DKC010 Compose service lacks no-new-privileges hardening
docker-compose.yml:33 · conf 0.62 
Compose service lacks no-new-privileges hardening
low DKC016 App service does not wait for database health
docker-compose.yml:1 · conf 0.68 
App service does not wait for database health
low DKR008 .dockerignore misses sensitive defaults
.dockerignore · conf 0.72 
.dockerignore misses sensitive defaults
low DKR012 Dockerfile keeps pip download cache
Dockerfile:49 · conf 0.72 
Dockerfile keeps pip download cache
low DKR012 Dockerfile keeps pip download cache
e2e/init/Dockerfile:27 · conf 0.72 
Dockerfile keeps pip download cache
low DKR012 Dockerfile keeps pip download cache
e2e/init/Dockerfile:74 · conf 0.72 
Dockerfile keeps pip download cache
low DKR012 Dockerfile keeps pip download cache
e2e/wrap/Dockerfile:45 · conf 0.72 
Dockerfile keeps pip download cache
low DKR012 Dockerfile keeps pip download cache
e2e/wrap/Dockerfile:104 · conf 0.72 
Dockerfile keeps pip download cache
low WEB005 robots.txt does not advertise a sitemap
crates/headroom-core/benches/auth_mode.rs · conf 0.74 
robots.txt does not advertise a sitemap
info COMP001 [COMP001] High cognitive complexity: Function `load_yfinance_data` has cognitive complexity 9 (SonarSource scale). Cognitive complexity measures how hard the function is for a human to understand — nested branches, boolean chains, and recursion all weigh in. Breakdown: except=1, for=1, if=2, nested_bonus=3, or=2.
· conf 0.20 
[COMP001] High cognitive complexity (and 123 more): Same pattern found in 123 additional files. Review if needed.
info DKR002 Dockerfile base image has no explicit tag
.devcontainer/Dockerfile:2 · conf 0.48 
Dockerfile base image is selected through a build variable
info DKR002 Dockerfile base image has no explicit tag
Dockerfile:7 · conf 0.48 
Dockerfile base image is selected through a build variable
info DKR002 Dockerfile base image has no explicit tag
Dockerfile:64 · conf 0.48 
Dockerfile base image is selected through a build variable
info DKR002 Dockerfile base image has no explicit tag
Dockerfile:101 · conf 0.48 
Dockerfile base image is selected through a build variable
info ERR001 [ERR001] Silent Exception Swallowing (and 2 more): Same pattern found in 2 additional files. Review if needed.
· conf 0.20 
[ERR001] Silent Exception Swallowing (and 3 more): Same pattern found in 3 additional files. Review if needed.
info MINED001 Bare Except Pass CWE-755
· conf 0.20 
[MINED001] Bare Except Pass (and 12 more): Same pattern found in 12 additional files. Review if needed.
info MINED003 Rust Unwrap In Prod CWE-755
· conf 0.20 
[MINED003] Rust Unwrap In Prod (and 14 more): Same pattern found in 14 additional files. Review if needed.
info MINED004 Weak Crypto CWE-327
· conf 0.20 
[MINED004] Weak Crypto (and 1 more): Same pattern found in 1 additional files. Review if needed.
info MINED004 Weak Crypto CWE-327
headroom/cache/base.py:323 · conf 0.10 
[MINED004] Weak Crypto: MD5/SHA1/DES/RC4 used for security context (not just checksums).
info MINED004 Weak Crypto CWE-327
headroom/parser.py:36 · conf 0.10 
[MINED004] Weak Crypto: MD5/SHA1/DES/RC4 used for security context (not just checksums).
info MINED043 Http Not Https CWE-319
· conf 0.20 
[MINED043] Http Not Https (and 1 more): Same pattern found in 1 additional files. Review if needed.
info MINED043 Http Not Https CWE-319
headroom/graph/installer.py:72 · conf 1.00 
[MINED043] Http Not Https: Hardcoded http:// (not localhost) for endpoints that handle credentials or data.
info MINED043 Http Not Https CWE-319
headroom/lean_ctx/installer.py:100 · conf 1.00 
[MINED043] Http Not Https: Hardcoded http:// (not localhost) for endpoints that handle credentials or data.
info MINED043 Http Not Https CWE-319
headroom/providers/codex/install.py:24 · conf 1.00 
[MINED043] Http Not Https: Hardcoded http:// (not localhost) for endpoints that handle credentials or data.
info MINED044 Js Console Log Prod CWE-532
· conf 0.20 
[MINED044] Js Console Log Prod (and 9 more): Same pattern found in 9 additional files. Review if needed.
info MINED044 Js Console Log Prod CWE-532
sdk/typescript/examples/basic-compress.ts:51 · conf 1.00 
[MINED044] Js Console Log Prod: console.log left in code. Should be replaced with logger or removed.
info MINED044 Js Console Log Prod CWE-532
sdk/typescript/examples/ccr-retrieve.ts:48 · conf 1.00 
[MINED044] Js Console Log Prod: console.log left in code. Should be replaced with logger or removed.
info MINED044 Js Console Log Prod CWE-532
sdk/typescript/examples/hooks-custom-compression.ts:26 · conf 1.00 
[MINED044] Js Console Log Prod: console.log left in code. Should be replaced with logger or removed.
info MINED045 Ts Non Null Assertion CWE-476
sdk/typescript/src/utils/case.ts:17 · conf 1.00 
[MINED045] Ts Non Null Assertion: x! asserts not null - bypasses null checks - TypeError if wrong.
info MINED045 Ts Non Null Assertion CWE-476
sdk/typescript/src/utils/stream.ts:11 · conf 1.00 
[MINED045] Ts Non Null Assertion: x! asserts not null - bypasses null checks - TypeError if wrong.
info MINED049 Print Pii CWE-532
· conf 0.20 
[MINED049] Print Pii (and 19 more): Same pattern found in 19 additional files. Review if needed.
info MINED049 Print Pii CWE-532
benchmarks/proxy_mode_benchmark.py:246 · conf 1.00 
[MINED049] Print Pii: Logging password/token/email/ssn directly to stdout.
info MINED049 Print Pii CWE-532
examples/langchain_demo/mock_tools.py:235 · conf 1.00 
[MINED049] Print Pii: Logging password/token/email/ssn directly to stdout.
info MINED049 Print Pii CWE-532
examples/langchain_demo/show_compression.py:19 · conf 1.00 
[MINED049] Print Pii: Logging password/token/email/ssn directly to stdout.
info MINED050 Stub Only Function CWE-1188
· conf 0.20 
[MINED050] Stub Only Function (and 33 more): Same pattern found in 33 additional files. Review if needed.
info MINED050 Stub Only Function CWE-1188
headroom/backends/base.py:169 · conf 1.00 
[MINED050] Stub Only Function: Function declared but body is just pass, return None, raise NotImplementedError, or TODO comment.
info MINED050 Stub Only Function CWE-1188
headroom/cache/backends/base.py:50 · conf 1.00 
[MINED050] Stub Only Function: Function declared but body is just pass, return None, raise NotImplementedError, or TODO comment.
info MINED050 Stub Only Function CWE-1188
headroom/cache/backends/__init__.py:19 · conf 1.00 
[MINED050] Stub Only Function: Function declared but body is just pass, return None, raise NotImplementedError, or TODO comment.
info MINED052 Ts Any Typed CWE-704
· conf 0.20 
[MINED052] Ts Any Typed (and 8 more): Same pattern found in 8 additional files. Review if needed.
info MINED052 Ts Any Typed CWE-704
plugins/openclaw/src/engine.ts:62 · conf 1.00 
[MINED052] Ts Any Typed: : any used as type annotation. Defeats TypeScript type safety.
info MINED052 Ts Any Typed CWE-704
plugins/openclaw/src/gateway-config.ts:68 · conf 1.00 
[MINED052] Ts Any Typed: : any used as type annotation. Defeats TypeScript type safety.
info MINED052 Ts Any Typed CWE-704
plugins/openclaw/src/plugin/index.ts:26 · conf 1.00 
[MINED052] Ts Any Typed: : any used as type annotation. Defeats TypeScript type safety.
info MINED054 Ts As Any CWE-704
· conf 0.20 
[MINED054] Ts As Any (and 4 more): Same pattern found in 4 additional files. Review if needed.
info MINED054 Ts As Any CWE-704
plugins/openclaw/src/engine.ts:109 · conf 1.00 
[MINED054] Ts As Any: Casting to any (as any) bypasses type checking entirely.
info MINED054 Ts As Any CWE-704
plugins/openclaw/src/gateway-config.ts:62 · conf 1.00 
[MINED054] Ts As Any: Casting to any (as any) bypasses type checking entirely.
info MINED054 Ts As Any CWE-704
sdk/typescript/examples/ccr-retrieve.ts:44 · conf 1.00 
[MINED054] Ts As Any: Casting to any (as any) bypasses type checking entirely.
info MINED055 Npm Install No Lockfile CWE-1357
headroom/prediction/__init__.py:28 · conf 1.00 
[MINED055] Npm Install No Lockfile: Production image runs npm install (resolves new versions on every build) instead of npm ci.
info MINED055 Npm Install No Lockfile CWE-1357
headroom/tokenizers/huggingface.py:164 · conf 1.00 
[MINED055] Npm Install No Lockfile: Production image runs npm install (resolves new versions on every build) instead of npm ci.
info MINED059 Rust Expect In Prod CWE-755
· conf 0.20 
[MINED059] Rust Expect In Prod (and 20 more): Same pattern found in 20 additional files. Review if needed.
info MINED059 Rust Expect In Prod CWE-755
crates/headroom-core/benches/tokenizer.rs:11 · conf 1.00 
[MINED059] Rust Expect In Prod: .expect(...) panics same as unwrap with a custom message.
info MINED059 Rust Expect In Prod CWE-755
crates/headroom-core/src/ccr/backends/in_memory.rs:68 · conf 1.00 
[MINED059] Rust Expect In Prod: .expect(...) panics same as unwrap with a custom message.
info MINED059 Rust Expect In Prod CWE-755
crates/headroom-core/src/ccr/backends/sqlite.rs:128 · conf 1.00 
[MINED059] Rust Expect In Prod: .expect(...) panics same as unwrap with a custom message.
info MINED062 Python Dataclass No Fields
· conf 0.20 
[MINED062] Python Dataclass No Fields (and 47 more): Same pattern found in 47 additional files. Review if needed.
info MINED062 Python Dataclass No Fields
benchmarks/dynamic_detector_benchmark.py:20 · conf 1.00 
[MINED062] Python Dataclass No Fields: @dataclass over an empty class — unfinished model.
info MINED062 Python Dataclass No Fields
headroom/backends/base.py:15 · conf 1.00 
[MINED062] Python Dataclass No Fields: @dataclass over an empty class — unfinished model.
info MINED062 Python Dataclass No Fields
headroom/cache/base.py:43 · conf 1.00 
[MINED062] Python Dataclass No Fields: @dataclass over an empty class — unfinished model.
info MINED064 Python Input Call
headroom/proxy/memory_injection.py:63 · conf 1.00 
[MINED064] Python Input Call: input() blocks for stdin. Inappropriate in services.
info MINED066 Rust Panic Macro CWE-755
· conf 0.20 
[MINED066] Rust Panic Macro (and 4 more): Same pattern found in 4 additional files. Review if needed.
info MINED066 Rust Panic Macro CWE-755
crates/headroom-core/src/tokenizer/tiktoken_impl.rs:234 · conf 1.00 
[MINED066] Rust Panic Macro: panic!() unwinds the stack. Use Result for recoverable errors.
info MINED066 Rust Panic Macro CWE-755
crates/headroom-core/src/transforms/pipeline/offloads/diff_offload.rs:275 · conf 1.00 
[MINED066] Rust Panic Macro: panic!() unwinds the stack. Use Result for recoverable errors.
info MINED066 Rust Panic Macro CWE-755
crates/headroom-core/src/transforms/pipeline/offloads/log_offload.rs:280 · conf 1.00 
[MINED066] Rust Panic Macro: panic!() unwinds the stack. Use Result for recoverable errors.
info MINED067 Python Requests No Timeout CWE-400
headroom/ccr/batch_store.py:83 · conf 1.00 
[MINED067] Python Requests No Timeout: requests.get/post/etc. without timeout= can hang forever.
info MINED073 Redos Greedy Quantifier CWE-1333CWE-400
headroom/memory/budget.py:199 · conf 1.00 
[MINED073] Redos Greedy Quantifier: Pattern with nested quantifiers like (a+)+ applied to network/user data — denial of service.
info MINED074 Ai Tell Fake Citation
examples/langchain_demo/mock_tools.py:67 · conf 1.00 
[MINED074] Ai Tell Fake Citation: Plausible-looking but non-existent URLs (e.g., docs.example.com/v2). Common AI hallucination.
info MINED074 Ai Tell Fake Citation
examples/strands_bundle_demo.py:148 · conf 1.00 
[MINED074] Ai Tell Fake Citation: Plausible-looking but non-existent URLs (e.g., docs.example.com/v2). Common AI hallucination.
info MINED077 Python Open No Context CWE-772
headroom/install/runtime.py:202 · conf 1.00 
[MINED077] Python Open No Context: fp = open(path) outside with-block leaks file handles.
info SEC020 Secret Printed to Logs
· conf 0.20 
[SEC020] Secret Printed to Logs (and 23 more): Same pattern found in 23 additional files. Review if needed.
info SEC029 Server-Side Request Forgery (SSRF) — outbound HTTP from user input
· conf 0.20 
[SEC029] Server-Side Request Forgery (SSRF) — outbound HTTP from user input (and 19 more): Same pattern found in 19 additional files. Review if needed.
info SEC087 JS: weak Math.random for crypto
· conf 0.20 
[SEC087] JS: weak Math.random for crypto (and 1 more): Same pattern found in 1 additional files. Review if needed.
info SEC103 LDAP injection — non-constant search filter
· conf 0.20 
[SEC103] LDAP injection — non-constant search filter (and 1 more): Same pattern found in 1 additional files. Review if needed.
info SEC128 Async function without await — fire-and-forget Promise (AI mistake)
· conf 0.20 
[SEC128] Async function without await — fire-and-forget Promise (AI mistake) (and 8 more): Same pattern found in 8 additional files. Review if needed.

Reading from rp.scan + rp.finding + rp.rule (unified schema, R78 series). Legacy data path unchanged. Compare with /scan/04f454c6-373b-476d-b668-bef91275fe42/.