https://github.com/dog-qiuqiu/invincat.git ·
lang: python ·
LOC: ·
source: user_submitted
| Rule | Severity | Count |
|---|---|---|
SEC020 Secret Printed to Logs |
high | 3 |
SEC004 SQL Injection Risk |
high | 1 |
SEC005 Command Injection Risk |
high | 1 |
SEC016 LLM Prompt Injection — User Input in AI Prompt |
high | 1 |
SEC004
SQL Injection Risk
invincat_cli/io/file_op_approval.py:76
· conf 0.50
[SEC004] SQL Injection Risk: String interpolation in SQL execution. Allows SQL injection.SEC005
Command Injection Risk
invincat_cli/app_runtime/shell_handlers.py:59
· conf 0.50
[SEC005] Command Injection Risk: Unsafe shell execution or eval of user input.SEC016
LLM Prompt Injection — User Input in AI Prompt
invincat_cli/cli/stdin.py:79
· conf 0.10
[SEC016] LLM Prompt Injection — User Input in AI Prompt: User-supplied text is interpolated directly into an AI/LLM prompt (e.g. OpenAI, Anthropic, or local model). This is the AI equivalent of SQL i…SEC020
Secret Printed to Logs
invincat_cli/app_runtime/memory_handlers.py:46
· conf 0.15
[SEC020] Secret Printed to Logs: Debug or diagnostic code appears to print a credential-bearing value. This is a frequent AI-assisted coding failure: the helper exposes the exact value needed for tro…SEC020
Secret Printed to Logs
invincat_cli/cli/runtime.py:147
· conf 0.10
[SEC020] Secret Printed to Logs: Debug or diagnostic code appears to print a credential-bearing value. This is a frequent AI-assisted coding failure: the helper exposes the exact value needed for tro…SEC020
Secret Printed to Logs
invincat_cli/textual_adapter/turn_cleanup.py:104
· conf 0.15
[SEC020] Secret Printed to Logs: Debug or diagnostic code appears to print a credential-bearing value. This is a frequent AI-assisted coding failure: the helper exposes the exact value needed for tro…Reading from rp.scan + rp.finding + rp.rule (unified schema, R78 series). Legacy data path unchanged. Compare with /scan/6a28597d-7fe1-4aa4-a45a-728843daae24/.