← Legacy view v2 (rp.*)

hashicorp/terraform-provider-aws

https://github.com/hashicorp/terraform-provider-aws.git · lang: go · LOC: · source: user_submitted

Quality

76.3

Grade B+

Security

88.0

Findings

0 critical · 3 high

Status

completed

May 16, 2026 09:43

high: 3 info: 2 medium: 1

Top rules by occurrence

Rule	Severity	Count
`SEC013` Path Traversal — User Input in File Path	high	4
`SEC001` Hardcoded Password	critical	1
`SEC003` Hardcoded Secret	critical	1

First 6 findings (severity-sorted)

high SEC013 Path Traversal — User Input in File Path

internal/provider/framework/intercept.go:82 · conf 0.80

[SEC013] Path Traversal — User Input in File Path: User-controlled input used in file path without sanitization. Allows reading arbitrary files.

high SEC013 Path Traversal — User Input in File Path

internal/provider/framework/region.go:136 · conf 0.80

[SEC013] Path Traversal — User Input in File Path: User-controlled input used in file path without sanitization. Allows reading arbitrary files.

high SEC013 Path Traversal — User Input in File Path

internal/provider/framework/wrap.go:307 · conf 0.80

[SEC013] Path Traversal — User Input in File Path: User-controlled input used in file path without sanitization. Allows reading arbitrary files.

medium SEC003 Hardcoded Secret

names/attr_consts_gen.go:178 · conf 0.30

[SEC003] Hardcoded Secret: Hardcoded secret key found in source code.

info SEC001 Hardcoded Password

names/attr_consts_gen.go:141 · conf 0.15

[SEC001] Hardcoded Password: Hardcoded password found in source code.

info SEC013 Path Traversal — User Input in File Path

· conf 0.20

[SEC013] Path Traversal — User Input in File Path (and 1 more): Same pattern found in 1 additional files. Review if needed.

Reading from rp.scan + rp.finding + rp.rule (unified schema, R78 series). Legacy data path unchanged. Compare with /scan/9a9e7132-3643-4b82-9d1f-4323f23805f3/.