← Legacy view v2 (rp.*)

zhulinsen/daily_stock_analysis

https://github.com/ZhuLinsen/daily_stock_analysis · lang: python · LOC: · source: corpus_mined

Quality
71.3
Grade B
Security
52.7
Findings
10
0 critical · 2 high
Status
completed
May 15, 2026 22:07
info: 6 high: 2 medium: 2
Top rules by occurrence
RuleSeverityCount
SEC020 Secret Printed to Logs high 4
SEC015 Insecure Randomness for Security medium 4
SEC004 SQL Injection Risk high 1
SEC013 Path Traversal — User Input in File Path high 1
First 10 findings (severity-sorted)
high SEC004 SQL Injection Risk
src/storage.py:743 · conf 0.50 
[SEC004] SQL Injection Risk: String interpolation in SQL execution. Allows SQL injection.
high SEC013 Path Traversal — User Input in File Path
data_provider/yfinance_fetcher.py:436 · conf 0.80 
[SEC013] Path Traversal — User Input in File Path: User-controlled input used in file path without sanitization. Allows reading arbitrary files.
medium SEC015 Insecure Randomness for Security
src/services/image_stock_extractor.py:249 · conf 1.00 
[SEC015] Insecure Randomness for Security: Weak PRNG used in security-sensitive context. Output is predictable.
medium SEC020 Secret Printed to Logs
src/search_service.py:2185 · conf 0.45 
[SEC020] Secret Printed to Logs: Debug or diagnostic code appears to print a credential-bearing value. This is a frequent AI-assisted coding failure: the helper exposes the exact value needed for tro…
info SEC015 Insecure Randomness for Security
· conf 0.20 
[SEC015] Insecure Randomness for Security (and 2 more): Same pattern found in 2 additional files. Review if needed.
info SEC015 Insecure Randomness for Security
apps/dsa-web/src/utils/uuid.ts:11 · conf 0.25 
[SEC015] Insecure Randomness for Security: Weak PRNG used in security-sensitive context. Output is predictable.
info SEC015 Insecure Randomness for Security
src/stock_analyzer.py:842 · conf 0.25 
[SEC015] Insecure Randomness for Security: Weak PRNG used in security-sensitive context. Output is predictable.
info SEC020 Secret Printed to Logs
· conf 0.20 
[SEC020] Secret Printed to Logs (and 10 more): Same pattern found in 10 additional files. Review if needed.
info SEC020 Secret Printed to Logs
src/auth.py:469 · conf 0.15 
[SEC020] Secret Printed to Logs: Debug or diagnostic code appears to print a credential-bearing value. This is a frequent AI-assisted coding failure: the helper exposes the exact value needed for tro…
info SEC020 Secret Printed to Logs
src/notification.py:555 · conf 0.15 
[SEC020] Secret Printed to Logs: Debug or diagnostic code appears to print a credential-bearing value. This is a frequent AI-assisted coding failure: the helper exposes the exact value needed for tro…

Reading from rp.scan + rp.finding + rp.rule (unified schema, R78 series). Legacy data path unchanged. Compare with /scan/11bb3fd7-21a1-404a-a0ce-db52f1055f95/.