← Legacy view v2 (rp.*)

srrajapkt-boop/alex-botv3

https://github.com/srrajapkt-boop/Alex-botv3.git · lang: unknown · source: user_submitted

Quality

49.5

Grade D+

Security

100.0

Findings

0 critical · 3 high

Status

completed

May 27, 2026 06:06

high: 3 medium: 2 low: 1

Top rules by occurrence

Rule	Severity	Count
`MINED115` GitHub Action pinned to mutable ref (not 40-char SHA)	high	2
`CORE_NO_LICENSE` No LICENSE file	low	1
`CFG006` [CFG006] Missing .gitignore: No .gitignore file. Risk of co…	medium	1
`CORE_NO_README` No README file found	medium	1
`CORE_NO_TESTS` No test files found	high	1

First 6 findings (severity-sorted)

high CORE_NO_TESTS No test files found

No test files found

high MINED115 GitHub Action pinned to mutable ref (not 40-char SHA) CWE-829

.github/workflows/build.yml:7 · conf 0.90

[MINED115] Action `actions/checkout` pinned to mutable ref `@v3`: `uses: actions/checkout@v3` resolves at workflow-run time. Tags and branches can be re-pushed by the action owner; that made the tj-a…

high MINED115 GitHub Action pinned to mutable ref (not 40-char SHA) CWE-829

.github/workflows/build.yml:13 · conf 0.90

[MINED115] Action `actions/upload-artifact` pinned to mutable ref `@v3`: `uses: actions/upload-artifact@v3` resolves at workflow-run time. Tags and branches can be re-pushed by the action owner; that…

medium CFG006 [CFG006] Missing .gitignore: No .gitignore file. Risk of committing secrets and build artifacts.

· conf 1.00

[CFG006] Missing .gitignore: No .gitignore file. Risk of committing secrets and build artifacts.

medium CORE_NO_README No README file found

No README file found

low CORE_NO_LICENSE No LICENSE file

No LICENSE file

Reading from rp.scan + rp.finding + rp.rule (unified schema, R78 series). Legacy data path unchanged. Compare with /scan/96aee8fa-fb87-4818-951f-aa6b808b0a9c/.