https://github.com/affaan-m/everything-claude-code ·
lang: markdown ·
LOC: ·
source: corpus_mined
| Rule | Severity | Count |
|---|---|---|
SEC020 Secret Printed to Logs |
high | 4 |
SEC018 AI-Agent Secret Retrieval Command |
high | 1 |
SEC015 Insecure Randomness for Security |
medium | 1 |
SEC018
AI-Agent Secret Retrieval Command
scripts/codex/merge-mcp-config.js:70
· conf 1.00
[SEC018] AI-Agent Secret Retrieval Command: A command that prints or embeds credentials was committed. AI coding agents often add these commands while trying to help with setup or deployment, but the…SEC020
Secret Printed to Logs
scripts/claw.js:430
· conf 0.85
[SEC020] Secret Printed to Logs: Debug or diagnostic code appears to print a credential-bearing value. This is a frequent AI-assisted coding failure: the helper exposes the exact value needed for tro…SEC015
Insecure Randomness for Security
scripts/loop-status.js:643
· conf 0.15
[SEC015] Insecure Randomness for Security: Weak PRNG used in security-sensitive context. Output is predictable.SEC020
Secret Printed to Logs
[SEC020] Secret Printed to Logs (and 2 more): Same pattern found in 2 additional files. Review if needed.SEC020
Secret Printed to Logs
.cursor/hooks/before-submit-prompt.js:16
· conf 0.15
[SEC020] Secret Printed to Logs: Debug or diagnostic code appears to print a credential-bearing value. This is a frequent AI-assisted coding failure: the helper exposes the exact value needed for tro…SEC020
Secret Printed to Logs
scripts/setup-package-manager.js:76
· conf 0.10
[SEC020] Secret Printed to Logs: Debug or diagnostic code appears to print a credential-bearing value. This is a frequent AI-assisted coding failure: the helper exposes the exact value needed for tro…Reading from rp.scan + rp.finding + rp.rule (unified schema, R78 series). Legacy data path unchanged. Compare with /scan/92ec4de5-55f6-4920-b255-5b8cbcf52ded/.