https://github.com/pacheco973008-ops/portifolio1.git ·
lang: python ·
LOC: ·
source: user_submitted
| Rule | Severity | Count |
|---|---|---|
SEC135 Auth/permission check missing on AI-generated endpoint |
high | 1 |
CORE_NO_LICENSE No LICENSE file |
low | 1 |
CFG006 [CFG006] Missing .gitignore: No .gitignore file. Risk of co… |
medium | 1 |
MINED069 Debug True Prod |
info | 1 |
CORE_NO_CI No CI/CD configuration found |
medium | 1 |
CORE_NO_TESTS No test files found |
high | 1 |
SEC123 Production stack trace / debug output exposed |
medium | 1 |
CORE_NO_TESTS
No test files found
No test files foundSEC135
Auth/permission check missing on AI-generated endpoint
main.py:15
· conf 1.00
[SEC135] Auth/permission check missing on AI-generated endpoint: Mutating HTTP endpoint generated by an AI agent without an auth decorator or middleware. The number-one production-incident pattern we…CFG006
[CFG006] Missing .gitignore: No .gitignore file. Risk of committing secrets and build artifacts.
[CFG006] Missing .gitignore: No .gitignore file. Risk of committing secrets and build artifacts.CORE_NO_CI
No CI/CD configuration found
No CI/CD configuration foundSEC123
Production stack trace / debug output exposed
main.py:22
· conf 1.00
[SEC123] Production stack trace / debug output exposed: Debug mode left on in production exposes stack traces, environment variables, framework internals — sometimes triggers RCE (Django debug page w…CORE_NO_LICENSE
No LICENSE file
No LICENSE fileMINED069
Debug True Prod
CWE-489
main.py:22
· conf 1.00
[MINED069] Debug True Prod: Django/Flask DEBUG=True or app.debug=True in non-test files.Reading from rp.scan + rp.finding + rp.rule (unified schema, R78 series). Legacy data path unchanged. Compare with /scan/6fce3fb3-58fe-48e9-b0d8-a4ae0270e88a/.