← Legacy view v2 (rp.*)

ruvnet/ruview

https://github.com/ruvnet/RuView · lang: rust · LOC: · source: user_submitted

Quality
64.5
Grade C+
Security
58.9
Findings
10
0 critical · 1 high
Status
completed
May 16, 2026 08:03
info: 8 high: 1 medium: 1
Top rules by occurrence
RuleSeverityCount
SEC020 Secret Printed to Logs high 4
SEC015 Insecure Randomness for Security medium 4
SEC011 Unsafe PyTorch Model Loading medium 1
SEC014 SSL Verification Disabled medium 1
First 10 findings (severity-sorted)
high SEC020 Secret Printed to Logs
scripts/provision.py:216 · conf 0.92 
[SEC020] Secret Printed to Logs: Debug or diagnostic code appears to print a credential-bearing value. This is a frequent AI-assisted coding failure: the helper exposes the exact value needed for tro…
medium SEC014 SSL Verification Disabled
scripts/seed_csi_bridge.py:219 · conf 1.00 
[SEC014] SSL Verification Disabled: SSL certificate verification is disabled, allowing man-in-the-middle attacks.
info SEC011 Unsafe PyTorch Model Loading
references/wifi_densepose_pytorch.py:444 · conf 0.10 
[SEC011] Unsafe PyTorch Model Loading: torch.load() uses pickle internally and can execute arbitrary code from untrusted model files.
info SEC015 Insecure Randomness for Security
· conf 0.20 
[SEC015] Insecure Randomness for Security (and 3 more): Same pattern found in 3 additional files. Review if needed.
info SEC015 Insecure Randomness for Security
references/app.js:68 · conf 0.25 
[SEC015] Insecure Randomness for Security: Weak PRNG used in security-sensitive context. Output is predictable.
info SEC015 Insecure Randomness for Security
references/script_5.py:212 · conf 0.25 
[SEC015] Insecure Randomness for Security: Weak PRNG used in security-sensitive context. Output is predictable.
info SEC015 Insecure Randomness for Security
scripts/mesh-graph-transformer.js:173 · conf 0.15 
[SEC015] Insecure Randomness for Security: Weak PRNG used in security-sensitive context. Output is predictable.
info SEC020 Secret Printed to Logs
· conf 0.20 
[SEC020] Secret Printed to Logs (and 7 more): Same pattern found in 7 additional files. Review if needed.
info SEC020 Secret Printed to Logs
scripts/csi-spectrogram.js:376 · conf 0.15 
[SEC020] Secret Printed to Logs: Debug or diagnostic code appears to print a credential-bearing value. This is a frequent AI-assisted coding failure: the helper exposes the exact value needed for tro…
info SEC020 Secret Printed to Logs
scripts/publish-huggingface.py:73 · conf 0.15 
[SEC020] Secret Printed to Logs: Debug or diagnostic code appears to print a credential-bearing value. This is a frequent AI-assisted coding failure: the helper exposes the exact value needed for tro…

Reading from rp.scan + rp.finding + rp.rule (unified schema, R78 series). Legacy data path unchanged. Compare with /scan/ad982fad-13fd-4eb8-940c-33c7ef4b6332/.