← Legacy view v2 (rp.*)

copilotkit/aimock

https://github.com/CopilotKit/aimock · lang: typescript · LOC: · source: user_submitted

Quality
80.1
Grade A-
Security
90.3
Findings
4
0 critical · 0 high
Status
completed
May 15, 2026 23:19
info: 2 low: 1 medium: 1
Top rules by occurrence
RuleSeverityCount
SEC015 Insecure Randomness for Security medium 2
SEC006 XSS Risk high 1
SEC012 ZipSlip — Archive Path Traversal medium 1
First 4 findings (severity-sorted)
medium SEC012 ZipSlip — Archive Path Traversal
packages/aimock-pytest/src/aimock_pytest/_node_manager.py:153 · conf 1.00 
[SEC012] ZipSlip — Archive Path Traversal: Archive extraction without path validation allows writing files outside the target directory.
low SEC006 XSS Risk
docs/sidebar.js:128 · conf 0.40 
[SEC006] XSS Risk: Direct HTML injection without sanitization.
info SEC015 Insecure Randomness for Security
src/chaos.ts:109 · conf 0.25 
[SEC015] Insecure Randomness for Security: Weak PRNG used in security-sensitive context. Output is predictable.
info SEC015 Insecure Randomness for Security
src/sse-writer.ts:43 · conf 0.15 
[SEC015] Insecure Randomness for Security: Weak PRNG used in security-sensitive context. Output is predictable.

Reading from rp.scan + rp.finding + rp.rule (unified schema, R78 series). Legacy data path unchanged. Compare with /scan/b724a53c-3962-4ed3-bb64-f5c1ef67990f/.