https://github.com/CloakHQ/CloakBrowser ·
lang: python ·
LOC: ·
source: user_submitted
| Rule | Severity | Count |
|---|---|---|
MINED106 Phantom test coverage (assertion-free test) |
high | 25 |
MINED108 self.attribute used but never assigned in __init__ |
high | 25 |
MINED111 Bare except continues silently |
medium | 25 |
AIC003 Duplicated implementation block across source files |
low | 7 |
COMP001 [COMP001] High cognitive complexity: Function `load_yfinanc… |
low | 4 |
MINED044 Js Console Log Prod |
info | 4 |
MINED045 Ts Non Null Assertion |
info | 3 |
SEC029 Server-Side Request Forgery (SSRF) — outbound HTTP from use… |
high | 3 |
SEC087 JS: weak Math.random for crypto |
medium | 3 |
DKR001 Docker final stage has no non-root USER |
medium | 2 |
MINED107
Missing Python import (NameError at runtime)
CWE-1075
tests/test_geoip.py:62
· conf 1.00
[MINED107] Missing import: `locale` used but not imported: The file uses `locale.something(...)` but never imports `locale`. This raises NameError at runtime the first time the line executes.DKR006
Dockerfile pipes a remote script into a shell
Dockerfile:4
· conf 0.92
Dockerfile pipes a remote script into a shellMINED001
Bare Except Pass
CWE-755
cloakbrowser/config.py:177
· conf 1.00
[MINED001] Bare Except Pass: except: pass or except Exception: pass — silently swallows everything including KeyboardInterrupt and bugs.MINED001
Bare Except Pass
CWE-755
cloakbrowser/geoip.py:128
· conf 1.00
[MINED001] Bare Except Pass: except: pass or except Exception: pass — silently swallows everything including KeyboardInterrupt and bugs.MINED006
Overcatch Baseexception
CWE-705
cloakbrowser/__main__.py:103
· conf 1.00
[MINED006] Overcatch Baseexception: except BaseException: ... — prevents Ctrl+C and SystemExit from working.MINED106
Phantom test coverage (assertion-free test)
CWE-1126
examples/fingerprint_scan_test.py:27
· conf 1.00
[MINED106] Phantom test coverage: test_fingerprint_scan: Test function `test_fingerprint_scan` runs code but contains no assert / expect / should call — it passes regardless of behaviour. Adds line c…MINED106
Phantom test coverage (assertion-free test)
CWE-1126
examples/fingerprint_scan_test.py:89
· conf 1.00
[MINED106] Phantom test coverage: test_creepjs: Test function `test_creepjs` runs code but contains no assert / expect / should call — it passes regardless of behaviour. Adds line coverage without ve…MINED106
Phantom test coverage (assertion-free test)
CWE-1126
examples/stealth_test.py:27
· conf 1.00
[MINED106] Phantom test coverage: test_bot_sannysoft: Test function `test_bot_sannysoft` runs code but contains no assert / expect / should call — it passes regardless of behaviour. Adds line coverag…MINED106
Phantom test coverage (assertion-free test)
CWE-1126
examples/stealth_test.py:53
· conf 1.00
[MINED106] Phantom test coverage: test_bot_incolumitas: Test function `test_bot_incolumitas` runs code but contains no assert / expect / should call — it passes regardless of behaviour. Adds line cov…MINED106
Phantom test coverage (assertion-free test)
CWE-1126
examples/stealth_test.py:80
· conf 1.00
[MINED106] Phantom test coverage: test_browserscan: Test function `test_browserscan` runs code but contains no assert / expect / should call — it passes regardless of behaviour. Adds line coverage wi…MINED106
Phantom test coverage (assertion-free test)
CWE-1126
examples/stealth_test.py:101
· conf 1.00
[MINED106] Phantom test coverage: test_deviceandbrowserinfo: Test function `test_deviceandbrowserinfo` runs code but contains no assert / expect / should call — it passes regardless of behaviour. Add…MINED106
Phantom test coverage (assertion-free test)
CWE-1126
examples/stealth_test.py:126
· conf 1.00
[MINED106] Phantom test coverage: test_fingerprintjs: Test function `test_fingerprintjs` runs code but contains no assert / expect / should call — it passes regardless of behaviour. Adds line coverag…MINED106
Phantom test coverage (assertion-free test)
CWE-1126
examples/stealth_test.py:148
· conf 1.00
[MINED106] Phantom test coverage: test_recaptcha: Test function `test_recaptcha` runs code but contains no assert / expect / should call — it passes regardless of behaviour. Adds line coverage withou…MINED106
Phantom test coverage (assertion-free test)
CWE-1126
tests/test_backend.py:37
· conf 1.00
[MINED106] Phantom test coverage: test_resolve_backend_invalid_raises: Test function `test_resolve_backend_invalid_raises` runs code but contains no assert / expect / should call — it passes regardle…MINED106
Phantom test coverage (assertion-free test)
CWE-1126
tests/test_backend.py:42
· conf 1.00
[MINED106] Phantom test coverage: test_resolve_backend_invalid_env_raises: Test function `test_resolve_backend_invalid_env_raises` runs code but contains no assert / expect / should call — it passes …MINED106
Phantom test coverage (assertion-free test)
CWE-1126
tests/test_config.py:110
· conf 1.00
[MINED106] Phantom test coverage: test_unsupported_raises: Test function `test_unsupported_raises` runs code but contains no assert / expect / should call — it passes regardless of behaviour. Adds li…MINED106
Phantom test coverage (assertion-free test)
CWE-1126
tests/test_extract.py:46
· conf 1.00
[MINED106] Phantom test coverage: test_path_traversal_blocked: Test function `test_path_traversal_blocked` runs code but contains no assert / expect / should call — it passes regardless of behaviour.…MINED106
Phantom test coverage (assertion-free test)
CWE-1126
tests/test_extract.py:104
· conf 1.00
[MINED106] Phantom test coverage: test_path_traversal_blocked: Test function `test_path_traversal_blocked` runs code but contains no assert / expect / should call — it passes regardless of behaviour.…MINED106
Phantom test coverage (assertion-free test)
CWE-1126
tests/test_geoip.py:73
· conf 1.00
[MINED106] Phantom test coverage: test_resolve_geo_raises_when_geoip2_missing: Test function `test_resolve_geo_raises_when_geoip2_missing` runs code but contains no assert / expect / should call — it…MINED106
Phantom test coverage (assertion-free test)
CWE-1126
tests/test_humanize_unit.py:94
· conf 1.00
[MINED106] Phantom test coverage: test_invalid_preset_raises: Test function `test_invalid_preset_raises` runs code but contains no assert / expect / should call — it passes regardless of behaviour. A…MINED106
Phantom test coverage (assertion-free test)
CWE-1126
tests/test_humanize_unit.py:274
· conf 1.00
[MINED106] Phantom test coverage: test_press_skips_click_when_focused: Test function `test_press_skips_click_when_focused` runs code but contains no assert / expect / should call — it passes regardle…MINED106
Phantom test coverage (assertion-free test)
CWE-1126
tests/test_humanize_unit.py:292
· conf 1.00
[MINED106] Phantom test coverage: test_press_clicks_when_not_focused: Test function `test_press_clicks_when_not_focused` runs code but contains no assert / expect / should call — it passes regardless…MINED106
Phantom test coverage (assertion-free test)
CWE-1126
tests/test_humanize_unit.py:565
· conf 1.00
[MINED106] Phantom test coverage: test_no_error_on_cyrillic: Test function `test_no_error_on_cyrillic` runs code but contains no assert / expect / should call — it passes regardless of behaviour. Add…MINED106
Phantom test coverage (assertion-free test)
CWE-1126
tests/test_humanize_unit.py:1382
· conf 1.00
[MINED106] Phantom test coverage: test_get_element_box_default_timeout: Test function `test_get_element_box_default_timeout` runs code but contains no assert / expect / should call — it passes regard…MINED106
Phantom test coverage (assertion-free test)
CWE-1126
tests/test_humanize_unit.py:1395
· conf 1.00
[MINED106] Phantom test coverage: test_get_element_box_custom_timeout: Test function `test_get_element_box_custom_timeout` runs code but contains no assert / expect / should call — it passes regardle…MINED106
Phantom test coverage (assertion-free test)
CWE-1126
tests/test_humanize_unit.py:1408
· conf 1.00
[MINED106] Phantom test coverage: test_scroll_to_element_forwards_timeout: Test function `test_scroll_to_element_forwards_timeout` runs code but contains no assert / expect / should call — it passes …MINED106
Phantom test coverage (assertion-free test)
CWE-1126
tests/test_humanize_unit.py:1919
· conf 1.00
[MINED106] Phantom test coverage: test_handle_still_raises_when_covered: Test function `test_handle_still_raises_when_covered` runs code but contains no assert / expect / should call — it passes rega…MINED106
Phantom test coverage (assertion-free test)
CWE-1126
tests/test_lambda_security.py:31
· conf 1.00
[MINED106] Phantom test coverage: test_rejects_non_http_schemes: Test function `test_rejects_non_http_schemes` runs code but contains no assert / expect / should call — it passes regardless of behavi…MINED106
Phantom test coverage (assertion-free test)
CWE-1126
tests/test_proxy.py:147
· conf 1.00
[MINED106] Phantom test coverage: test_geoip_socks5_dict_no_auth_uses_server: Test function `test_geoip_socks5_dict_no_auth_uses_server` runs code but contains no assert / expect / should call — it p…MINED106
Phantom test coverage (assertion-free test)
CWE-1126
tests/test_proxy.py:153
· conf 1.00
[MINED106] Phantom test coverage: test_geoip_http_dict_does_not_inline_creds: Test function `test_geoip_http_dict_does_not_inline_creds` runs code but contains no assert / expect / should call — it p…MINED108
self.attribute used but never assigned in __init__
CWE-476
tests/test_cloakserve.py:160
· conf 1.00
[MINED108] `self._Request` used but never assigned in __init__: Method `test_forwarded_host_overrides_internal_host` of class `TestExternalHost` reads `self._Request`, but no assignment to it exists …MINED108
self.attribute used but never assigned in __init__
CWE-476
tests/test_cloakserve.py:167
· conf 1.00
[MINED108] `self._Request` used but never assigned in __init__: Method `test_forwarded_host_uses_first_value` of class `TestExternalHost` reads `self._Request`, but no assignment to it exists in __in…MINED108
self.attribute used but never assigned in __init__
CWE-476
tests/test_cloakserve.py:174
· conf 1.00
[MINED108] `self._Request` used but never assigned in __init__: Method `test_blank_forwarded_host_falls_back_to_host_header` of class `TestExternalHost` reads `self._Request`, but no assignment to it…MINED108
self.attribute used but never assigned in __init__
CWE-476
tests/test_cloakserve.py:181
· conf 1.00
[MINED108] `self._Request` used but never assigned in __init__: Method `test_falls_back_to_host_header` of class `TestExternalHost` reads `self._Request`, but no assignment to it exists in __init__ (…MINED108
self.attribute used but never assigned in __init__
CWE-476
tests/test_cloakserve.py:185
· conf 1.00
[MINED108] `self._Request` used but never assigned in __init__: Method `test_falls_back_to_app_port_without_host_header` of class `TestExternalHost` reads `self._Request`, but no assignment to it exi…MINED108
self.attribute used but never assigned in __init__
CWE-476
tests/test_cloakserve.py:189
· conf 1.00
[MINED108] `self._Request` used but never assigned in __init__: Method `test_forwarded_proto_selects_wss` of class `TestExternalHost` reads `self._Request`, but no assignment to it exists in __init__…MINED108
self.attribute used but never assigned in __init__
CWE-476
tests/test_cloakserve.py:193
· conf 1.00
[MINED108] `self._Request` used but never assigned in __init__: Method `test_forwarded_proto_uses_first_value` of class `TestExternalHost` reads `self._Request`, but no assignment to it exists in __i…MINED108
self.attribute used but never assigned in __init__
CWE-476
tests/test_cloakserve.py:241
· conf 1.00
[MINED108] `self._FakeSession` used but never assigned in __init__: Method `_patch_session` of class `TestHandlerURLRewriting` reads `self._FakeSession`, but no assignment to it exists in __init__ (a…MINED108
self.attribute used but never assigned in __init__
CWE-476
tests/test_cloakserve.py:245
· conf 1.00
[MINED108] `self._patch_session` used but never assigned in __init__: Method `test_json_version_uses_forwarded_host_and_proto` of class `TestHandlerURLRewriting` reads `self._patch_session`, but no a…MINED108
self.attribute used but never assigned in __init__
CWE-476
tests/test_cloakserve.py:248
· conf 1.00
[MINED108] `self._Request` used but never assigned in __init__: Method `test_json_version_uses_forwarded_host_and_proto` of class `TestHandlerURLRewriting` reads `self._Request`, but no assignment to…MINED108
self.attribute used but never assigned in __init__
CWE-476
tests/test_cloakserve.py:262
· conf 1.00
[MINED108] `self._patch_session` used but never assigned in __init__: Method `test_json_list_uses_forwarded_host_and_proto` of class `TestHandlerURLRewriting` reads `self._patch_session`, but no assi…MINED108
self.attribute used but never assigned in __init__
CWE-476
tests/test_cloakserve.py:265
· conf 1.00
[MINED108] `self._Request` used but never assigned in __init__: Method `test_json_list_uses_forwarded_host_and_proto` of class `TestHandlerURLRewriting` reads `self._Request`, but no assignment to it…MINED108
self.attribute used but never assigned in __init__
CWE-476
tests/test_cloakserve.py:392
· conf 1.00
[MINED108] `self._rewrite_version` used but never assigned in __init__: Method `test_version_rewrite_with_seed` of class `TestHandlerURLRewriting` reads `self._rewrite_version`, but no assignment to …MINED108
self.attribute used but never assigned in __init__
CWE-476
tests/test_cloakserve.py:397
· conf 1.00
[MINED108] `self._rewrite_version` used but never assigned in __init__: Method `test_version_rewrite_no_seed` of class `TestHandlerURLRewriting` reads `self._rewrite_version`, but no assignment to it…MINED108
self.attribute used but never assigned in __init__
CWE-476
tests/test_cloakserve.py:402
· conf 1.00
[MINED108] `self._rewrite_list_entry` used but never assigned in __init__: Method `test_list_rewrite_page_with_seed` of class `TestHandlerURLRewriting` reads `self._rewrite_list_entry`, but no assign…MINED108
self.attribute used but never assigned in __init__
CWE-476
tests/test_cloakserve.py:407
· conf 1.00
[MINED108] `self._rewrite_list_entry` used but never assigned in __init__: Method `test_list_rewrite_page_no_seed` of class `TestHandlerURLRewriting` reads `self._rewrite_list_entry`, but no assignme…MINED108
self.attribute used but never assigned in __init__
CWE-476
tests/test_cloakserve.py:412
· conf 1.00
[MINED108] `self._rewrite_list_entry` used but never assigned in __init__: Method `test_list_rewrite_browser` of class `TestHandlerURLRewriting` reads `self._rewrite_list_entry`, but no assignment to…MINED108
self.attribute used but never assigned in __init__
CWE-476
tests/test_cloakserve.py:417
· conf 1.00
[MINED108] `self._rewrite_version` used but never assigned in __init__: Method `test_wss_scheme_version` of class `TestHandlerURLRewriting` reads `self._rewrite_version`, but no assignment to it exis…MINED108
self.attribute used but never assigned in __init__
CWE-476
tests/test_update.py:175
· conf 1.00
[MINED108] `self._make_assets` used but never assigned in __init__: Method `test_parses_chromium_tag_with_platform_asset` of class `TestGetLatestVersion` reads `self._make_assets`, but no assignment …MINED108
self.attribute used but never assigned in __init__
CWE-476
tests/test_update.py:191
· conf 1.00
[MINED108] `self._make_assets` used but never assigned in __init__: Method `test_skips_release_without_platform_asset` of class `TestGetLatestVersion` reads `self._make_assets`, but no assignment to …MINED108
self.attribute used but never assigned in __init__
CWE-476
tests/test_update.py:196
· conf 1.00
[MINED108] `self._make_assets` used but never assigned in __init__: Method `test_skips_release_without_platform_asset` of class `TestGetLatestVersion` reads `self._make_assets`, but no assignment to …MINED108
self.attribute used but never assigned in __init__
CWE-476
tests/test_update.py:213
· conf 1.00
[MINED108] `self._make_assets` used but never assigned in __init__: Method `test_skips_draft_releases` of class `TestGetLatestVersion` reads `self._make_assets`, but no assignment to it exists in __i…MINED108
self.attribute used but never assigned in __init__
CWE-476
tests/test_update.py:214
· conf 1.00
[MINED108] `self._make_assets` used but never assigned in __init__: Method `test_skips_draft_releases` of class `TestGetLatestVersion` reads `self._make_assets`, but no assignment to it exists in __i…MINED108
self.attribute used but never assigned in __init__
CWE-476
tests/test_update.py:226
· conf 1.00
[MINED108] `self._make_assets` used but never assigned in __init__: Method `test_skips_non_chromium_tags` of class `TestGetLatestVersion` reads `self._make_assets`, but no assignment to it exists in …MINED108
self.attribute used but never assigned in __init__
CWE-476
tests/test_update.py:227
· conf 1.00
[MINED108] `self._make_assets` used but never assigned in __init__: Method `test_skips_non_chromium_tags` of class `TestGetLatestVersion` reads `self._make_assets`, but no assignment to it exists in …MINED118
Dockerfile FROM not pinned by sha256 digest
CWE-829
Dockerfile:1
· conf 0.90
[MINED118] Dockerfile FROM `python:3.12-slim` not pinned by digest: `FROM python:3.12-slim` resolves the tag at build time. The registry CAN re-push a different image for the same tag, so every build…MINED118
Dockerfile FROM not pinned by sha256 digest
CWE-829
examples/integrations/aws_lambda/Dockerfile:35
· conf 0.90
[MINED118] Dockerfile FROM `cloakhq/cloakbrowser:latest` not pinned by digest: `FROM cloakhq/cloakbrowser:latest` resolves the tag at build time. The registry CAN re-push a different image for the sa…MINED119
Dockerfile ADD pulls remote URL with no integrity check
CWE-829CWE-494
examples/integrations/aws_lambda/Dockerfile:45
· conf 0.90
[MINED119] Dockerfile `ADD https://github.com/aws/aws-lambda-runtime-interface-emulator/releases/latest/download/aws-lambda-rie-${TARGETARCH}`: Dockerfile `ADD <url>` downloads a remote artifact into…SEC029
Server-Side Request Forgery (SSRF) — outbound HTTP from user input
cloakbrowser/config.py:218
· conf 1.00
[SEC029] Server-Side Request Forgery (SSRF) — outbound HTTP from user input: Outbound HTTP request to a user-controlled URL without allowlist validation. Attackers can probe internal services (169.25…SEC029
Server-Side Request Forgery (SSRF) — outbound HTTP from user input
js/src/config.ts:138
· conf 1.00
[SEC029] Server-Side Request Forgery (SSRF) — outbound HTTP from user input: Outbound HTTP request to a user-controlled URL without allowlist validation. Attackers can probe internal services (169.25…SEC029
Server-Side Request Forgery (SSRF) — outbound HTTP from user input
js/src/puppeteer.ts:46
· conf 1.00
[SEC029] Server-Side Request Forgery (SSRF) — outbound HTTP from user input: Outbound HTTP request to a user-controlled URL without allowlist validation. Attackers can probe internal services (169.25…SEC128
Async function without await — fire-and-forget Promise (AI mistake)
cloakbrowser/human/config.py:200
· conf 1.00
[SEC128] Async function without await — fire-and-forget Promise (AI mistake): Async call invoked without `await` returns an unhandled Promise. The outer function resolves before the inner work comple…DKR001
Docker final stage has no non-root USER
Dockerfile:1
· conf 0.82
Docker final stage has no non-root USERDKR001
Docker final stage has no non-root USER
examples/integrations/aws_lambda/Dockerfile:36
· conf 0.82
Docker final stage has no non-root USERDKR003
Dockerfile base image uses the latest tag
examples/integrations/aws_lambda/Dockerfile:36
· conf 0.94
Dockerfile base image uses the latest tagDKR007
Docker build context has no .dockerignore
.dockerignore
· conf 0.90
Docker build context has no .dockerignoreDKR013
Dockerfile ADD downloads remote content
examples/integrations/aws_lambda/Dockerfile:45
· conf 0.84
Dockerfile ADD downloads remote contentMINED111
Bare except continues silently
cloakbrowser/download.py:208
· conf 1.00
[MINED111] Bare except continues silently: Bare `except:` (or `except Exception:`) that runs code without re-raising or logging the exception. Hides real failures and makes bugs hard to diagnose.MINED111
Bare except continues silently
cloakbrowser/geoip.py:233
· conf 1.00
[MINED111] Bare except continues silently: Bare `except:` (or `except Exception:`) that runs code without re-raising or logging the exception. Hides real failures and makes bugs hard to diagnose.MINED111
Bare except continues silently
cloakbrowser/human/__init__.py:110
· conf 1.00
[MINED111] Bare except continues silently: Bare `except:` (or `except Exception:`) that runs code without re-raising or logging the exception. Hides real failures and makes bugs hard to diagnose.MINED111
Bare except continues silently
cloakbrowser/human/__init__.py:115
· conf 1.00
[MINED111] Bare except continues silently: Bare `except:` (or `except Exception:`) that runs code without re-raising or logging the exception. Hides real failures and makes bugs hard to diagnose.MINED111
Bare except continues silently
cloakbrowser/human/__init__.py:178
· conf 1.00
[MINED111] Bare except continues silently: Bare `except:` (or `except Exception:`) that runs code without re-raising or logging the exception. Hides real failures and makes bugs hard to diagnose.MINED111
Bare except continues silently
cloakbrowser/human/__init__.py:246
· conf 1.00
[MINED111] Bare except continues silently: Bare `except:` (or `except Exception:`) that runs code without re-raising or logging the exception. Hides real failures and makes bugs hard to diagnose.MINED111
Bare except continues silently
cloakbrowser/human/__init__.py:280
· conf 1.00
[MINED111] Bare except continues silently: Bare `except:` (or `except Exception:`) that runs code without re-raising or logging the exception. Hides real failures and makes bugs hard to diagnose.MINED111
Bare except continues silently
cloakbrowser/human/__init__.py:309
· conf 1.00
[MINED111] Bare except continues silently: Bare `except:` (or `except Exception:`) that runs code without re-raising or logging the exception. Hides real failures and makes bugs hard to diagnose.MINED111
Bare except continues silently
cloakbrowser/human/__init__.py:338
· conf 1.00
[MINED111] Bare except continues silently: Bare `except:` (or `except Exception:`) that runs code without re-raising or logging the exception. Hides real failures and makes bugs hard to diagnose.MINED111
Bare except continues silently
cloakbrowser/human/__init__.py:444
· conf 1.00
[MINED111] Bare except continues silently: Bare `except:` (or `except Exception:`) that runs code without re-raising or logging the exception. Hides real failures and makes bugs hard to diagnose.MINED111
Bare except continues silently
cloakbrowser/human/__init__.py:682
· conf 1.00
[MINED111] Bare except continues silently: Bare `except:` (or `except Exception:`) that runs code without re-raising or logging the exception. Hides real failures and makes bugs hard to diagnose.MINED111
Bare except continues silently
cloakbrowser/human/__init__.py:1039
· conf 1.00
[MINED111] Bare except continues silently: Bare `except:` (or `except Exception:`) that runs code without re-raising or logging the exception. Hides real failures and makes bugs hard to diagnose.MINED111
Bare except continues silently
cloakbrowser/human/__init__.py:1056
· conf 1.00
[MINED111] Bare except continues silently: Bare `except:` (or `except Exception:`) that runs code without re-raising or logging the exception. Hides real failures and makes bugs hard to diagnose.MINED111
Bare except continues silently
cloakbrowser/human/__init__.py:1154
· conf 1.00
[MINED111] Bare except continues silently: Bare `except:` (or `except Exception:`) that runs code without re-raising or logging the exception. Hides real failures and makes bugs hard to diagnose.MINED111
Bare except continues silently
cloakbrowser/human/__init__.py:1369
· conf 1.00
[MINED111] Bare except continues silently: Bare `except:` (or `except Exception:`) that runs code without re-raising or logging the exception. Hides real failures and makes bugs hard to diagnose.MINED111
Bare except continues silently
cloakbrowser/human/__init__.py:1614
· conf 1.00
[MINED111] Bare except continues silently: Bare `except:` (or `except Exception:`) that runs code without re-raising or logging the exception. Hides real failures and makes bugs hard to diagnose.MINED111
Bare except continues silently
cloakbrowser/human/__init__.py:1966
· conf 1.00
[MINED111] Bare except continues silently: Bare `except:` (or `except Exception:`) that runs code without re-raising or logging the exception. Hides real failures and makes bugs hard to diagnose.MINED111
Bare except continues silently
cloakbrowser/human/__init__.py:1983
· conf 1.00
[MINED111] Bare except continues silently: Bare `except:` (or `except Exception:`) that runs code without re-raising or logging the exception. Hides real failures and makes bugs hard to diagnose.MINED111
Bare except continues silently
cloakbrowser/human/__init__.py:2074
· conf 1.00
[MINED111] Bare except continues silently: Bare `except:` (or `except Exception:`) that runs code without re-raising or logging the exception. Hides real failures and makes bugs hard to diagnose.MINED111
Bare except continues silently
cloakbrowser/human/__init__.py:2298
· conf 1.00
[MINED111] Bare except continues silently: Bare `except:` (or `except Exception:`) that runs code without re-raising or logging the exception. Hides real failures and makes bugs hard to diagnose.MINED111
Bare except continues silently
cloakbrowser/human/__init__.py:2543
· conf 1.00
[MINED111] Bare except continues silently: Bare `except:` (or `except Exception:`) that runs code without re-raising or logging the exception. Hides real failures and makes bugs hard to diagnose.MINED111
Bare except continues silently
cloakbrowser/__main__.py:105
· conf 1.00
[MINED111] Bare except continues silently: Bare `except:` (or `except Exception:`) that runs code without re-raising or logging the exception. Hides real failures and makes bugs hard to diagnose.MINED111
Bare except continues silently
examples/stealth_test.py:264
· conf 1.00
[MINED111] Bare except continues silently: Bare `except:` (or `except Exception:`) that runs code without re-raising or logging the exception. Hides real failures and makes bugs hard to diagnose.MINED111
Bare except continues silently
examples/stealth_test.py:272
· conf 1.00
[MINED111] Bare except continues silently: Bare `except:` (or `except Exception:`) that runs code without re-raising or logging the exception. Hides real failures and makes bugs hard to diagnose.MINED111
Bare except continues silently
examples/stealth_test.py:298
· conf 1.00
[MINED111] Bare except continues silently: Bare `except:` (or `except Exception:`) that runs code without re-raising or logging the exception. Hides real failures and makes bugs hard to diagnose.SEC087
JS: weak Math.random for crypto
js/src/human/config.ts:233
· conf 1.00
[SEC087] JS: weak Math.random for crypto: Math.random() is not cryptographically secure; using it for tokens/keys/nonces is predictable. Ported from gosec G404 / eslint detect-pseudoRandomBytes conce…SEC087
JS: weak Math.random for crypto
js/src/human/keyboard.ts:62
· conf 1.00
[SEC087] JS: weak Math.random for crypto: Math.random() is not cryptographically secure; using it for tokens/keys/nonces is predictable. Ported from gosec G404 / eslint detect-pseudoRandomBytes conce…SEC087
JS: weak Math.random for crypto
js/src/human-puppeteer/keyboard.ts:59
· conf 1.00
[SEC087] JS: weak Math.random for crypto: Math.random() is not cryptographically secure; using it for tokens/keys/nonces is predictable. Ported from gosec G404 / eslint detect-pseudoRandomBytes conce…SEC136
AI-typical over-broad exception handler swallowing all errors
cloakbrowser/human/scroll_async.py:24
· conf 1.00
[SEC136] AI-typical over-broad exception handler swallowing all errors: Catch-all exception block that silently returns success or no-ops. AI agents reach for this pattern when a flaky test or an unf…SEC136
AI-typical over-broad exception handler swallowing all errors
cloakbrowser/human/scroll.py:27
· conf 1.00
[SEC136] AI-typical over-broad exception handler swallowing all errors: Catch-all exception block that silently returns success or no-ops. AI agents reach for this pattern when a flaky test or an unf…AIC003
Duplicated implementation block across source files
cloakbrowser/human/actionability_async.py:33
· conf 0.86
Duplicated implementation block across source filesAIC003
Duplicated implementation block across source files
cloakbrowser/human/mouse_async.py:18
· conf 0.86
Duplicated implementation block across source filesAIC003
Duplicated implementation block across source files
cloakbrowser/human/scroll_async.py:65
· conf 0.86
Duplicated implementation block across source filesAIC003
Duplicated implementation block across source files
js/src/human/elementhandle.ts:63
· conf 0.86
Duplicated implementation block across source filesAIC003
Duplicated implementation block across source files
js/src/human/index.ts:41
· conf 0.86
Duplicated implementation block across source filesAIC003
Duplicated implementation block across source files
js/src/human/keyboard.ts:4
· conf 0.86
Duplicated implementation block across source filesAIC003
Duplicated implementation block across source files
js/src/human/scroll.ts:4
· conf 0.86
Duplicated implementation block across source filesCOMP001
[COMP001] High cognitive complexity: Function `load_yfinance_data` has cognitive complexity 9 (SonarSource scale). Cognitive complexity measures how hard the function is for a human to understand — nested branches, boolean chains, and recursion all weigh in. Breakdown: except=1, for=1, if=2, nested_bonus=3, or=2.
cloakbrowser/config.py:159
· conf 0.95
[COMP001] High cognitive complexity: Function `get_effective_version` has cognitive complexity 13 (SonarSource scale). Cognitive complexity measures how hard the function is for a human to understand…COMP001
[COMP001] High cognitive complexity: Function `load_yfinance_data` has cognitive complexity 9 (SonarSource scale). Cognitive complexity measures how hard the function is for a human to understand — nested branches, boolean chains, and recursion all weigh in. Breakdown: except=1, for=1, if=2, nested_bonus=3, or=2.
cloakbrowser/geoip.py:64
· conf 0.95
[COMP001] High cognitive complexity: Function `resolve_proxy_geo_with_ip` has cognitive complexity 8 (SonarSource scale). Cognitive complexity measures how hard the function is for a human to underst…COMP001
[COMP001] High cognitive complexity: Function `load_yfinance_data` has cognitive complexity 9 (SonarSource scale). Cognitive complexity measures how hard the function is for a human to understand — nested branches, boolean chains, and recursion all weigh in. Breakdown: except=1, for=1, if=2, nested_bonus=3, or=2.
cloakbrowser/geoip.py:209
· conf 0.95
[COMP001] High cognitive complexity: Function `_resolve_exit_ip` has cognitive complexity 11 (SonarSource scale). Cognitive complexity measures how hard the function is for a human to understand — ne…COMP001
[COMP001] High cognitive complexity: Function `load_yfinance_data` has cognitive complexity 9 (SonarSource scale). Cognitive complexity measures how hard the function is for a human to understand — nested branches, boolean chains, and recursion all weigh in. Breakdown: except=1, for=1, if=2, nested_bonus=3, or=2.
[COMP001] High cognitive complexity (and 10 more): Same pattern found in 10 additional files. Review if needed.MINED044
Js Console Log Prod
CWE-532
[MINED044] Js Console Log Prod (and 6 more): Same pattern found in 6 additional files. Review if needed.MINED044
Js Console Log Prod
CWE-532
js/examples/basic-playwright.ts:14
· conf 1.00
[MINED044] Js Console Log Prod: console.log left in code. Should be replaced with logger or removed.MINED044
Js Console Log Prod
CWE-532
js/examples/basic-puppeteer.ts:14
· conf 1.00
[MINED044] Js Console Log Prod: console.log left in code. Should be replaced with logger or removed.MINED044
Js Console Log Prod
CWE-532
js/examples/persistent-context.ts:13
· conf 1.00
[MINED044] Js Console Log Prod: console.log left in code. Should be replaced with logger or removed.MINED045
Ts Non Null Assertion
CWE-476
js/examples/stealth-test.ts:52
· conf 1.00
[MINED045] Ts Non Null Assertion: x! asserts not null - bypasses null checks - TypeError if wrong.MINED045
Ts Non Null Assertion
CWE-476
js/src/playwright.ts:81
· conf 1.00
[MINED045] Ts Non Null Assertion: x! asserts not null - bypasses null checks - TypeError if wrong.MINED045
Ts Non Null Assertion
CWE-476
js/src/puppeteer.ts:22
· conf 1.00
[MINED045] Ts Non Null Assertion: x! asserts not null - bypasses null checks - TypeError if wrong.MINED050
Stub Only Function
CWE-1188
cloakbrowser/config.py:178
· conf 1.00
[MINED050] Stub Only Function: Function declared but body is just pass, return None, raise NotImplementedError, or TODO comment.MINED050
Stub Only Function
CWE-1188
cloakbrowser/geoip.py:129
· conf 1.00
[MINED050] Stub Only Function: Function declared but body is just pass, return None, raise NotImplementedError, or TODO comment.MINED052
Ts Any Typed
CWE-704
js/src/human/actionability.ts:236
· conf 1.00
[MINED052] Ts Any Typed: : any used as type annotation. Defeats TypeScript type safety.MINED052
Ts Any Typed
CWE-704
js/src/human/mouse.ts:13
· conf 1.00
[MINED052] Ts Any Typed: : any used as type annotation. Defeats TypeScript type safety.MINED054
Ts As Any
CWE-704
js/src/human/actionability.ts:246
· conf 1.00
[MINED054] Ts As Any: Casting to any (as any) bypasses type checking entirely.MINED054
Ts As Any
CWE-704
js/src/playwright.ts:19
· conf 1.00
[MINED054] Ts As Any: Casting to any (as any) bypasses type checking entirely.MINED055
Npm Install No Lockfile
CWE-1357
cloakbrowser/geoip.py:4
· conf 1.00
[MINED055] Npm Install No Lockfile: Production image runs npm install (resolves new versions on every build) instead of npm ci.MINED055
Npm Install No Lockfile
CWE-1357
examples/integrations/selenium_example.py:8
· conf 1.00
[MINED055] Npm Install No Lockfile: Production image runs npm install (resolves new versions on every build) instead of npm ci.MINED062
Python Dataclass No Fields
cloakbrowser/human/config.py:71
· conf 1.00
[MINED062] Python Dataclass No Fields: @dataclass over an empty class — unfinished model.Reading from rp.scan + rp.finding + rp.rule (unified schema, R78 series). Legacy data path unchanged. Compare with /scan/efda4189-83a6-40d4-9858-3ed2e14aae56/.