← Legacy view v2 (rp.*)

composiohq/awesome-codex-skills

https://github.com/ComposioHQ/awesome-codex-skills.git · lang: python · LOC: · source: user_submitted

Quality
50.8
Grade C-
Security
96.0
Findings
5
0 critical · 0 high
Status
completed
May 16, 2026 02:44
medium: 3 info: 2
Top rules by occurrence
RuleSeverityCount
SEC015 Insecure Randomness for Security medium 2
SEC012 ZipSlip — Archive Path Traversal medium 2
SEC005 Command Injection Risk high 1
First 5 findings (severity-sorted)
medium SEC005 Command Injection Risk
webapp-testing/scripts/with_server.py:69 · conf 0.50 
[SEC005] Command Injection Risk: Unsafe shell execution or eval of user input.
medium SEC012 ZipSlip — Archive Path Traversal
skill-installer/scripts/install-skill-from-github.py:112 · conf 1.00 
[SEC012] ZipSlip — Archive Path Traversal: Archive extraction without path validation allows writing files outside the target directory.
medium SEC012 ZipSlip — Archive Path Traversal
skill-installer/scripts/install-skill-from-github.py:128 · conf 1.00 
[SEC012] ZipSlip — Archive Path Traversal: Archive extraction without path validation allows writing files outside the target directory.
info SEC015 Insecure Randomness for Security
slack-gif-creator/core/visual_effects.py:164 · conf 0.25 
[SEC015] Insecure Randomness for Security: Weak PRNG used in security-sensitive context. Output is predictable.
info SEC015 Insecure Randomness for Security
slack-gif-creator/templates/explode.py:67 · conf 0.25 
[SEC015] Insecure Randomness for Security: Weak PRNG used in security-sensitive context. Output is predictable.

Reading from rp.scan + rp.finding + rp.rule (unified schema, R78 series). Legacy data path unchanged. Compare with /scan/28eb09ce-accb-4997-acbd-105126a9e802/.