← Legacy view v2 (rp.*)

uwaserver/uwas

https://github.com/uwaserver/uwas.git · lang: go · LOC: · source: corpus_mined

Quality

72.8

Grade B

Security

52.2

Findings

1 critical · 1 high

Status

completed

May 16, 2026 08:42

critical: 1 high: 1 info: 1

Top rules by occurrence

Rule	Severity	Count
`SEC001` Hardcoded Password	critical	1
`SEC020` Secret Printed to Logs	high	1
`SEC013` Path Traversal — User Input in File Path	high	1

First 3 findings (severity-sorted)

critical SEC001 Hardcoded Password

internal/database/docker.go:92 · conf 0.90

[SEC001] Hardcoded Password: Hardcoded password found in source code.

high SEC013 Path Traversal — User Input in File Path

internal/cli/backup.go:197 · conf 0.80

[SEC013] Path Traversal — User Input in File Path: User-controlled input used in file path without sanitization. Allows reading arbitrary files.

info SEC020 Secret Printed to Logs

internal/server/server.go:819 · conf 0.10

[SEC020] Secret Printed to Logs: Debug or diagnostic code appears to print a credential-bearing value. This is a frequent AI-assisted coding failure: the helper exposes the exact value needed for tro…

Reading from rp.scan + rp.finding + rp.rule (unified schema, R78 series). Legacy data path unchanged. Compare with /scan/5318fb65-b278-4ce1-96c1-388f37dec9a6/.