← Legacy view v2 (rp.*)

jackwener/opencli

https://github.com/jackwener/OpenCLI · lang: typescript · LOC: · source: corpus_mined

Quality
81.6
Grade A-
Security
85.5
Findings
9
0 critical · 1 high
Status
completed
May 15, 2026 08:40
info: 4 medium: 4 high: 1
Top rules by occurrence
RuleSeverityCount
SEC015 Insecure Randomness for Security medium 4
SEC020 Secret Printed to Logs high 2
SEC007 Unsafe Deserialization medium 2
SEC013 Path Traversal — User Input in File Path high 1
First 9 findings (severity-sorted)
high SEC013 Path Traversal — User Input in File Path
clis/instagram/post.js:180 · conf 0.80 
[SEC013] Path Traversal — User Input in File Path: User-controlled input used in file path without sanitization. Allows reading arbitrary files.
medium SEC007 Unsafe Deserialization
src/electron-apps.ts:69 · conf 1.00 
[SEC007] Unsafe Deserialization: Unsafe deserialization can execute arbitrary code.
medium SEC007 Unsafe Deserialization
src/external.ts:52 · conf 1.00 
[SEC007] Unsafe Deserialization: Unsafe deserialization can execute arbitrary code.
medium SEC015 Insecure Randomness for Security
clis/instagram/post.js:499 · conf 1.00 
[SEC015] Insecure Randomness for Security: Weak PRNG used in security-sensitive context. Output is predictable.
medium SEC015 Insecure Randomness for Security
clis/maimai/search-talents.js:57 · conf 1.00 
[SEC015] Insecure Randomness for Security: Weak PRNG used in security-sensitive context. Output is predictable.
info SEC015 Insecure Randomness for Security
· conf 0.20 
[SEC015] Insecure Randomness for Security (and 5 more): Same pattern found in 5 additional files. Review if needed.
info SEC015 Insecure Randomness for Security
src/plugin.ts:223 · conf 0.25 
[SEC015] Insecure Randomness for Security: Weak PRNG used in security-sensitive context. Output is predictable.
info SEC020 Secret Printed to Logs
scripts/postinstall.js:159 · conf 0.15 
[SEC020] Secret Printed to Logs: Debug or diagnostic code appears to print a credential-bearing value. This is a frequent AI-assisted coding failure: the helper exposes the exact value needed for tro…
info SEC020 Secret Printed to Logs
src/cli.ts:3151 · conf 0.10 
[SEC020] Secret Printed to Logs: Debug or diagnostic code appears to print a credential-bearing value. This is a frequent AI-assisted coding failure: the helper exposes the exact value needed for tro…

Reading from rp.scan + rp.finding + rp.rule (unified schema, R78 series). Legacy data path unchanged. Compare with /scan/e4f5616e-522d-4189-a8e5-6b5ff4ffb3d9/.