← Legacy view v2 (rp.*)

digitalv3rtice/confirmacao

https://github.com/digitalv3rtice/confirmacao.git · lang: javascript · LOC: · source: user_submitted

Quality
41.6
Grade D
Security
97.0
Findings
12
0 critical · 2 high
Status
completed
May 27, 2026 21:30
low: 5 medium: 5 high: 2
Top rules by occurrence
RuleSeverityCount
SEC001 Hardcoded Password critical 1
CORE_NO_LICENSE No LICENSE file low 1
CFG006 [CFG006] Missing .gitignore: No .gitignore file. Risk of co… medium 1
SEC006 XSS Risk high 1
CORE_NO_CI No CI/CD configuration found medium 1
WEB003 Public web service has no security.txt medium 1
CORE_NO_TESTS No test files found high 1
WEB015 Public web app has no Content Security Policy medium 1
WEB011 Public web app has no humans.txt low 1
WEB001 Public web app has no robots.txt low 1
First 12 findings (severity-sorted)
high CORE_NO_TESTS No test files found 
No test files found
high SEC061 JWT in source
script.js:6 · conf 1.00 
[SEC061] JWT in source: Three-part JWT (likely signed token). Even if expired, may leak structure or claims. Ported from gitleaks jwt (MIT).
medium CFG006 [CFG006] Missing .gitignore: No .gitignore file. Risk of committing secrets and build artifacts.
· conf 1.00 
[CFG006] Missing .gitignore: No .gitignore file. Risk of committing secrets and build artifacts.
medium CORE_NO_CI No CI/CD configuration found 
No CI/CD configuration found
medium SEC001 Hardcoded Password
script.js:162 · conf 0.30 
[SEC001] Hardcoded Password: Hardcoded password found in source code.
medium WEB003 Public web service has no security.txt
.well-known/security.txt · conf 0.78 
Public web service has no security.txt
medium WEB015 Public web app has no Content Security Policy
index.html · conf 0.70 
Public web app has no Content Security Policy
low CORE_NO_LICENSE No LICENSE file 
No LICENSE file
low SEC006 XSS Risk
script.js:225 · conf 0.40 
[SEC006] XSS Risk: Direct HTML injection without sanitization.
low WEB001 Public web app has no robots.txt
robots.txt · conf 0.74 
Public web app has no robots.txt
low WEB002 Public web app has no sitemap
sitemap.xml · conf 0.72 
Public web app has no sitemap
low WEB011 Public web app has no humans.txt
humans.txt · conf 0.50 
Public web app has no humans.txt

Reading from rp.scan + rp.finding + rp.rule (unified schema, R78 series). Legacy data path unchanged. Compare with /scan/65cb4b32-049b-4e90-bf2c-b965fe8b20f3/.