← Legacy view v2 (rp.*)

hkuds/nanobot

https://github.com/HKUDS/nanobot · lang: python · LOC: · source: user_submitted

Quality
72.5
Grade B
Security
54.4
Findings
16
0 critical · 5 high
Status
completed
May 15, 2026 05:01
info: 7 high: 5 medium: 4
Top rules by occurrence
RuleSeverityCount
SEC020 Secret Printed to Logs high 4
SEC017 Unbounded Input to LLM/External API medium 4
SEC016 LLM Prompt Injection — User Input in AI Prompt high 4
SEC015 Insecure Randomness for Security medium 3
SEC014 SSL Verification Disabled medium 1
First 16 findings (severity-sorted)
high SEC016 LLM Prompt Injection — User Input in AI Prompt
nanobot/providers/anthropic_provider.py:72 · conf 0.90 
[SEC016] LLM Prompt Injection — User Input in AI Prompt: User-supplied text is interpolated directly into an AI/LLM prompt (e.g. OpenAI, Anthropic, or local model). This is the AI equivalent of SQL i…
high SEC016 LLM Prompt Injection — User Input in AI Prompt
nanobot/providers/azure_openai_provider.py:120 · conf 0.90 
[SEC016] LLM Prompt Injection — User Input in AI Prompt: User-supplied text is interpolated directly into an AI/LLM prompt (e.g. OpenAI, Anthropic, or local model). This is the AI equivalent of SQL i…
high SEC016 LLM Prompt Injection — User Input in AI Prompt
nanobot/providers/openai_compat_provider.py:1090 · conf 0.90 
[SEC016] LLM Prompt Injection — User Input in AI Prompt: User-supplied text is interpolated directly into an AI/LLM prompt (e.g. OpenAI, Anthropic, or local model). This is the AI equivalent of SQL i…
high SEC020 Secret Printed to Logs
nanobot/cli/commands.py:1547 · conf 0.85 
[SEC020] Secret Printed to Logs: Debug or diagnostic code appears to print a credential-bearing value. This is a frequent AI-assisted coding failure: the helper exposes the exact value needed for tro…
high SEC020 Secret Printed to Logs
nanobot/cli/onboard.py:547 · conf 0.85 
[SEC020] Secret Printed to Logs: Debug or diagnostic code appears to print a credential-bearing value. This is a frequent AI-assisted coding failure: the helper exposes the exact value needed for tro…
medium SEC014 SSL Verification Disabled
nanobot/providers/openai_codex_provider.py:77 · conf 1.00 
[SEC014] SSL Verification Disabled: SSL certificate verification is disabled, allowing man-in-the-middle attacks.
medium SEC017 Unbounded Input to LLM/External API
nanobot/providers/anthropic_provider.py:72 · conf 0.80 
[SEC017] Unbounded Input to LLM/External API: User input is passed to an LLM or external AI API (OpenAI, Anthropic, etc.) without any visible length or size validation. This creates two risks: (1) Co…
medium SEC017 Unbounded Input to LLM/External API
nanobot/providers/azure_openai_provider.py:120 · conf 0.80 
[SEC017] Unbounded Input to LLM/External API: User input is passed to an LLM or external AI API (OpenAI, Anthropic, etc.) without any visible length or size validation. This creates two risks: (1) Co…
medium SEC017 Unbounded Input to LLM/External API
nanobot/providers/openai_compat_provider.py:1090 · conf 0.80 
[SEC017] Unbounded Input to LLM/External API: User input is passed to an LLM or external AI API (OpenAI, Anthropic, etc.) without any visible length or size validation. This creates two risks: (1) Co…
info SEC015 Insecure Randomness for Security
nanobot/channels/weixin.py:898 · conf 0.25 
[SEC015] Insecure Randomness for Security: Weak PRNG used in security-sensitive context. Output is predictable.
info SEC015 Insecure Randomness for Security
webui/src/hooks/useAttachedImages.ts:55 · conf 0.25 
[SEC015] Insecure Randomness for Security: Weak PRNG used in security-sensitive context. Output is predictable.
info SEC015 Insecure Randomness for Security
webui/src/main.tsx:16 · conf 0.25 
[SEC015] Insecure Randomness for Security: Weak PRNG used in security-sensitive context. Output is predictable.
info SEC016 LLM Prompt Injection — User Input in AI Prompt
· conf 0.20 
[SEC016] LLM Prompt Injection — User Input in AI Prompt (and 1 more): Same pattern found in 1 additional files. Review if needed.
info SEC017 Unbounded Input to LLM/External API
· conf 0.20 
[SEC017] Unbounded Input to LLM/External API (and 1 more): Same pattern found in 1 additional files. Review if needed.
info SEC020 Secret Printed to Logs
· conf 0.20 
[SEC020] Secret Printed to Logs (and 14 more): Same pattern found in 14 additional files. Review if needed.
info SEC020 Secret Printed to Logs
bridge/src/index.ts:31 · conf 0.15 
[SEC020] Secret Printed to Logs: Debug or diagnostic code appears to print a credential-bearing value. This is a frequent AI-assisted coding failure: the helper exposes the exact value needed for tro…

Reading from rp.scan + rp.finding + rp.rule (unified schema, R78 series). Legacy data path unchanged. Compare with /scan/9cb48be6-42ed-41b5-8e46-4312e8f96321/.