← Legacy view v2 (rp.*)

jazzenchen/vibearound

https://github.com/jazzenchen/VibeAround · lang: rust · LOC: · source: corpus_mined

Quality
58.0
Grade C
Security
94.0
Findings
3
0 critical · 0 high
Status
completed
May 15, 2026 05:00
info: 2 low: 1
Top rules by occurrence
RuleSeverityCount
SEC006 XSS Risk high 1
SEC015 Insecure Randomness for Security medium 1
SEC002 Hardcoded API Key critical 1
First 3 findings (severity-sorted)
low SEC006 XSS Risk
src/server/src/web_server/preview/markdown.rs:120 · conf 0.40 
[SEC006] XSS Risk: Direct HTML injection without sanitization.
info SEC002 Hardcoded API Key
src/desktop-ui/src/Launch/ProfileConnectionManualGuide.tsx:15 · conf 0.10 
[SEC002] Hardcoded API Key: Hardcoded API key found in source code.
info SEC015 Insecure Randomness for Security
src/web/src/components/chat/ChatView.tsx:487 · conf 0.15 
[SEC015] Insecure Randomness for Security: Weak PRNG used in security-sensitive context. Output is predictable.

Reading from rp.scan + rp.finding + rp.rule (unified schema, R78 series). Legacy data path unchanged. Compare with /scan/91d00d9c-f481-4cf3-8f3c-c410b81d3b9a/.