https://github.com/gptme/gptme.git ·
lang: python ·
LOC: ·
source: user_submitted
| Rule | Severity | Count |
|---|---|---|
SEC004 SQL Injection Risk |
high | 4 |
SEC020 Secret Printed to Logs |
high | 4 |
SEC016 LLM Prompt Injection — User Input in AI Prompt |
high | 4 |
SEC015 Insecure Randomness for Security |
medium | 3 |
SEC005 Command Injection Risk |
high | 3 |
SEC017 Unbounded Input to LLM/External API |
medium | 2 |
SEC006 XSS Risk |
high | 1 |
SEC013 Path Traversal — User Input in File Path |
high | 1 |
SEC004
SQL Injection Risk
gptme/eval/dspy/tasks.py:513
· conf 0.85
[SEC004] SQL Injection Risk: String interpolation in SQL execution. Allows SQL injection.SEC004
SQL Injection Risk
gptme/eval/suites/practical15.py:175
· conf 0.85
[SEC004] SQL Injection Risk: String interpolation in SQL execution. Allows SQL injection.SEC004
SQL Injection Risk
gptme/hooks/form_autodetect.py:157
· conf 0.50
[SEC004] SQL Injection Risk: String interpolation in SQL execution. Allows SQL injection.SEC005
Command Injection Risk
gptme/eval/main.py:53
· conf 0.80
[SEC005] Command Injection Risk: Unsafe shell execution or eval of user input.SEC013
Path Traversal — User Input in File Path
webui/src/utils/taskApi.ts:214
· conf 0.80
[SEC013] Path Traversal — User Input in File Path: User-controlled input used in file path without sanitization. Allows reading arbitrary files.SEC016
LLM Prompt Injection — User Input in AI Prompt
gptme/hooks/elicitation.py:202
· conf 0.90
[SEC016] LLM Prompt Injection — User Input in AI Prompt: User-supplied text is interpolated directly into an AI/LLM prompt (e.g. OpenAI, Anthropic, or local model). This is the AI equivalent of SQL i…SEC016
LLM Prompt Injection — User Input in AI Prompt
gptme/tools/morph.py:140
· conf 0.90
[SEC016] LLM Prompt Injection — User Input in AI Prompt: User-supplied text is interpolated directly into an AI/LLM prompt (e.g. OpenAI, Anthropic, or local model). This is the AI equivalent of SQL i…SEC020
Secret Printed to Logs
gptme/context/adaptive_compressor.py:279
· conf 0.85
[SEC020] Secret Printed to Logs: Debug or diagnostic code appears to print a credential-bearing value. This is a frequent AI-assisted coding failure: the helper exposes the exact value needed for tro…SEC020
Secret Printed to Logs
gptme/hooks/token_awareness.py:69
· conf 0.85
[SEC020] Secret Printed to Logs: Debug or diagnostic code appears to print a credential-bearing value. This is a frequent AI-assisted coding failure: the helper exposes the exact value needed for tro…SEC020
Secret Printed to Logs
webui/src/utils/api.ts:486
· conf 0.85
[SEC020] Secret Printed to Logs: Debug or diagnostic code appears to print a credential-bearing value. This is a frequent AI-assisted coding failure: the helper exposes the exact value needed for tro…SEC005
Command Injection Risk
gptme/eval/swe_extra/swe_bench_test_spec.py:137
· conf 0.50
[SEC005] Command Injection Risk: Unsafe shell execution or eval of user input.SEC005
Command Injection Risk
gptme/prompts/context_cmd.py:54
· conf 0.50
[SEC005] Command Injection Risk: Unsafe shell execution or eval of user input.SEC017
Unbounded Input to LLM/External API
gptme/hooks/elicitation.py:202
· conf 0.80
[SEC017] Unbounded Input to LLM/External API: User input is passed to an LLM or external AI API (OpenAI, Anthropic, etc.) without any visible length or size validation. This creates two risks: (1) Co…SEC017
Unbounded Input to LLM/External API
gptme/tools/morph.py:140
· conf 0.80
[SEC017] Unbounded Input to LLM/External API: User input is passed to an LLM or external AI API (OpenAI, Anthropic, etc.) without any visible length or size validation. This creates two risks: (1) Co…SEC006
XSS Risk
webui/src/utils/markdownRenderer.ts:139
· conf 0.40
[SEC006] XSS Risk: Direct HTML injection without sanitization.SEC004
SQL Injection Risk
[SEC004] SQL Injection Risk (and 1 more): Same pattern found in 1 additional files. Review if needed.SEC015
Insecure Randomness for Security
gptme/eval/dspy/tasks.py:1108
· conf 0.25
[SEC015] Insecure Randomness for Security: Weak PRNG used in security-sensitive context. Output is predictable.SEC015
Insecure Randomness for Security
webui/src/polyfills.ts:7
· conf 0.25
[SEC015] Insecure Randomness for Security: Weak PRNG used in security-sensitive context. Output is predictable.SEC015
Insecure Randomness for Security
webui/src/types/servers.ts:30
· conf 0.25
[SEC015] Insecure Randomness for Security: Weak PRNG used in security-sensitive context. Output is predictable.SEC016
LLM Prompt Injection — User Input in AI Prompt
[SEC016] LLM Prompt Injection — User Input in AI Prompt (and 1 more): Same pattern found in 1 additional files. Review if needed.SEC016
LLM Prompt Injection — User Input in AI Prompt
gptme/tools/mcp_adapter.py:863
· conf 0.10
[SEC016] LLM Prompt Injection — User Input in AI Prompt: User-supplied text is interpolated directly into an AI/LLM prompt (e.g. OpenAI, Anthropic, or local model). This is the AI equivalent of SQL i…SEC020
Secret Printed to Logs
[SEC020] Secret Printed to Logs (and 20 more): Same pattern found in 20 additional files. Review if needed.Reading from rp.scan + rp.finding + rp.rule (unified schema, R78 series). Legacy data path unchanged. Compare with /scan/852baae1-fabf-447b-9d40-b658b164911d/.