← Legacy view v2 (rp.*)

521xueweihan/hellogithub

https://github.com/521xueweihan/HelloGitHub.git · lang: python · LOC: · source: user_submitted

Quality
70.7
Grade B
Security
96.0
Findings
10
0 critical · 1 high
Status
completed
May 17, 2026 20:09
medium: 8 high: 1 low: 1
Top rules by occurrence
RuleSeverityCount
AGT015 Remote install command pipes network code directly to a she… medium 8
CORE_NO_LICENSE No LICENSE file low 1
SEC013 Path Traversal — User Input in File Path high 1
First 10 findings (severity-sorted)
high SEC013 Path Traversal — User Input in File Path
script/make_content/make_content.py:45 · conf 0.80 
[SEC013] Path Traversal — User Input in File Path: User-controlled input used in file path without sanitization. Allows reading arbitrary files.
medium AGT015 Remote install command pipes network code directly to a shell
content/en/HelloGitHub102.md:188 · conf 0.70 
Remote install command pipes network code directly to a shell
medium AGT015 Remote install command pipes network code directly to a shell
content/en/HelloGitHub29.md:32 · conf 0.70 
Remote install command pipes network code directly to a shell
medium AGT015 Remote install command pipes network code directly to a shell
content/en/HelloGitHub50.md:48 · conf 0.70 
Remote install command pipes network code directly to a shell
medium AGT015 Remote install command pipes network code directly to a shell
content/en/HelloGitHub92.md:81 · conf 0.70 
Remote install command pipes network code directly to a shell
medium AGT015 Remote install command pipes network code directly to a shell
content/HelloGitHub102.md:195 · conf 0.70 
Remote install command pipes network code directly to a shell
medium AGT015 Remote install command pipes network code directly to a shell
content/HelloGitHub29.md:39 · conf 0.70 
Remote install command pipes network code directly to a shell
medium AGT015 Remote install command pipes network code directly to a shell
content/HelloGitHub50.md:55 · conf 0.70 
Remote install command pipes network code directly to a shell
medium AGT015 Remote install command pipes network code directly to a shell
content/HelloGitHub92.md:88 · conf 0.70 
Remote install command pipes network code directly to a shell
low CORE_NO_LICENSE No LICENSE file 
No LICENSE file

Reading from rp.scan + rp.finding + rp.rule (unified schema, R78 series). Legacy data path unchanged. Compare with /scan/c1a4d15c-54b9-41da-9273-c48aaa1fc173/.