← Legacy view v2 (rp.*)

buildingjoshbetter/truememory

https://github.com/buildingjoshbetter/TrueMemory · lang: python · LOC: · source: user_submitted

Quality
77.2
Grade B+
Security
78.2
Findings
8
0 critical · 3 high
Status
completed
May 15, 2026 06:14
high: 3 info: 3 low: 1 medium: 1
Top rules by occurrence
RuleSeverityCount
SEC004 SQL Injection Risk high 4
SEC016 LLM Prompt Injection — User Input in AI Prompt high 2
SEC020 Secret Printed to Logs high 1
SEC017 Unbounded Input to LLM/External API medium 1
First 8 findings (severity-sorted)
high SEC004 SQL Injection Risk
truememory/storage.py:342 · conf 1.00 
[SEC004] SQL Injection Risk: String interpolation in SQL execution. Allows SQL injection.
high SEC004 SQL Injection Risk
truememory/temporal.py:553 · conf 0.85 
[SEC004] SQL Injection Risk: String interpolation in SQL execution. Allows SQL injection.
high SEC016 LLM Prompt Injection — User Input in AI Prompt
truememory/engine.py:1972 · conf 0.90 
[SEC016] LLM Prompt Injection — User Input in AI Prompt: User-supplied text is interpolated directly into an AI/LLM prompt (e.g. OpenAI, Anthropic, or local model). This is the AI equivalent of SQL i…
medium SEC017 Unbounded Input to LLM/External API
truememory/engine.py:1972 · conf 0.80 
[SEC017] Unbounded Input to LLM/External API: User input is passed to an LLM or external AI API (OpenAI, Anthropic, etc.) without any visible length or size validation. This creates two risks: (1) Co…
low SEC004 SQL Injection Risk
truememory/engine.py:536 · conf 0.20 
[SEC004] SQL Injection Risk: String interpolation in SQL execution. Allows SQL injection.
info SEC004 SQL Injection Risk
· conf 0.20 
[SEC004] SQL Injection Risk (and 1 more): Same pattern found in 1 additional files. Review if needed.
info SEC016 LLM Prompt Injection — User Input in AI Prompt
truememory/hyde.py:77 · conf 0.10 
[SEC016] LLM Prompt Injection — User Input in AI Prompt: User-supplied text is interpolated directly into an AI/LLM prompt (e.g. OpenAI, Anthropic, or local model). This is the AI equivalent of SQL i…
info SEC020 Secret Printed to Logs
truememory/ingest/cli.py:729 · conf 0.15 
[SEC020] Secret Printed to Logs: Debug or diagnostic code appears to print a credential-bearing value. This is a frequent AI-assisted coding failure: the helper exposes the exact value needed for tro…

Reading from rp.scan + rp.finding + rp.rule (unified schema, R78 series). Legacy data path unchanged. Compare with /scan/493756b5-9d72-4a48-88a4-dd14a9704063/.