← Legacy view v2 (rp.*)

obra/superpowers

https://github.com/obra/superpowers · lang: javascript · LOC: · source: user_submitted

Quality

77.1

Grade B+

Security

98.9

Findings

0 critical · 0 high

Status

completed

May 15, 2026 23:05

low: 1

Top rules by occurrence

Rule	Severity	Count
`SEC006` XSS Risk	high	1

First 1 findings (severity-sorted)

low SEC006 XSS Risk

skills/brainstorming/scripts/helper.js:57 · conf 0.40

[SEC006] XSS Risk: Direct HTML injection without sanitization.

Reading from rp.scan + rp.finding + rp.rule (unified schema, R78 series). Legacy data path unchanged. Compare with /scan/27d5efbb-710e-4fb2-9b57-54713849fa68/.