<< Back to security report
Repositoryaffaan-m/everything-claude-code →
Commit1e8c7e7 →
VerdictFAIL
Score0
DateMay 20, 2026
| Severity | Rule | Message | File:Line |
|---|---|---|---|
| MEDIUM | generic_error_disclosure | Error messages with stack traces may expose sensitive information about the application. | affaan-m/everything-claude-code/eval-harness-b2b949f5/.codebuddy/install.js:0 → |
| MEDIUM | generic_error_disclosure | Error messages with stack traces may expose sensitive information about the application. | affaan-m/everything-claude-code/eval-harness-b2b949f5/scripts/hooks/pre-bash-commit-quality.js:0 → |
| MEDIUM | generic_error_disclosure | Error messages with stack traces may expose sensitive information about the application. | affaan-m/everything-claude-code/eval-harness-b2b949f5/tests/hooks/gateguard-fact-force.test.js:0 → |
| MEDIUM | generic_error_disclosure | Error messages with stack traces may expose sensitive information about the application. | affaan-m/everything-claude-code/eval-harness-b2b949f5/tests/hooks/gateguard-fact-force.test.js:0 → |
| MEDIUM | generic_error_disclosure | Error messages with stack traces may expose sensitive information about the application. | affaan-m/everything-claude-code/eval-harness-b2b949f5/tests/hooks/observe-subdirectory-detection.test.js:0 → |
| MEDIUM | join_resolve_path_traversal | Path constructed with user input can result in Path Traversal. Ensure that user input does not reach `join()` or `resolve()`. | affaan-m/everything-claude-code/eval-harness-b2b949f5/scripts/lib/install-targets/claude-home.js:0 → |
| MEDIUM | join_resolve_path_traversal | Path constructed with user input can result in Path Traversal. Ensure that user input does not reach `join()` or `resolve()`. | affaan-m/everything-claude-code/eval-harness-b2b949f5/scripts/lib/install-targets/claude-home.js:0 → |
| MEDIUM | join_resolve_path_traversal | Path constructed with user input can result in Path Traversal. Ensure that user input does not reach `join()` or `resolve()`. | affaan-m/everything-claude-code/eval-harness-b2b949f5/scripts/lib/install-targets/claude-home.js:0 → |
| MEDIUM | join_resolve_path_traversal | Path constructed with user input can result in Path Traversal. Ensure that user input does not reach `join()` or `resolve()`. | affaan-m/everything-claude-code/eval-harness-b2b949f5/scripts/lib/install-targets/claude-home.js:0 → |
| MEDIUM | join_resolve_path_traversal | Path constructed with user input can result in Path Traversal. Ensure that user input does not reach `join()` or `resolve()`. | affaan-m/everything-claude-code/eval-harness-b2b949f5/scripts/lib/install-targets/claude-home.js:0 → |
| MEDIUM | join_resolve_path_traversal | Path constructed with user input can result in Path Traversal. Ensure that user input does not reach `join()` or `resolve()`. | affaan-m/everything-claude-code/eval-harness-b2b949f5/scripts/lib/install-targets/claude-project.js:0 → |
| MEDIUM | join_resolve_path_traversal | Path constructed with user input can result in Path Traversal. Ensure that user input does not reach `join()` or `resolve()`. | affaan-m/everything-claude-code/eval-harness-b2b949f5/scripts/lib/install-targets/claude-project.js:0 → |
| MEDIUM | join_resolve_path_traversal | Path constructed with user input can result in Path Traversal. Ensure that user input does not reach `join()` or `resolve()`. | affaan-m/everything-claude-code/eval-harness-b2b949f5/scripts/lib/install-targets/claude-project.js:0 → |
| MEDIUM | join_resolve_path_traversal | Path constructed with user input can result in Path Traversal. Ensure that user input does not reach `join()` or `resolve()`. | affaan-m/everything-claude-code/eval-harness-b2b949f5/scripts/lib/install-targets/claude-project.js:0 → |
| MEDIUM | join_resolve_path_traversal | Path constructed with user input can result in Path Traversal. Ensure that user input does not reach `join()` or `resolve()`. | affaan-m/everything-claude-code/eval-harness-b2b949f5/scripts/lib/install-targets/claude-project.js:0 → |
| MEDIUM | join_resolve_path_traversal | Path constructed with user input can result in Path Traversal. Ensure that user input does not reach `join()` or `resolve()`. | affaan-m/everything-claude-code/eval-harness-b2b949f5/scripts/lib/install-targets/helpers.js:0 → |
| MEDIUM | join_resolve_path_traversal | Path constructed with user input can result in Path Traversal. Ensure that user input does not reach `join()` or `resolve()`. | affaan-m/everything-claude-code/eval-harness-b2b949f5/scripts/lib/install-targets/helpers.js:0 → |
| MEDIUM | join_resolve_path_traversal | Path constructed with user input can result in Path Traversal. Ensure that user input does not reach `join()` or `resolve()`. | affaan-m/everything-claude-code/eval-harness-b2b949f5/scripts/lib/session-adapters/canonical-session.js:0 → |
| MEDIUM | node_insecure_random_generator | crypto.pseudoRandomBytes()/Math.random() is a cryptographically weak random number generator. | affaan-m/everything-claude-code/eval-harness-b2b949f5/scripts/lib/skill-improvement/observations.js:0 → |
| MEDIUM | node_insecure_random_generator | crypto.pseudoRandomBytes()/Math.random() is a cryptographically weak random number generator. | affaan-m/everything-claude-code/eval-harness-b2b949f5/scripts/loop-status.js:0 → |
| MEDIUM | node_insecure_random_generator | crypto.pseudoRandomBytes()/Math.random() is a cryptographically weak random number generator. | affaan-m/everything-claude-code/eval-harness-b2b949f5/tests/ci/no-personal-paths.test.js:0 → |
| MEDIUM | node_insecure_random_generator | crypto.pseudoRandomBytes()/Math.random() is a cryptographically weak random number generator. | affaan-m/everything-claude-code/eval-harness-b2b949f5/tests/ci/validators.test.js:0 → |
| MEDIUM | node_insecure_random_generator | crypto.pseudoRandomBytes()/Math.random() is a cryptographically weak random number generator. | affaan-m/everything-claude-code/eval-harness-b2b949f5/tests/ci/validators.test.js:0 → |
| HIGH | node_secret | A hardcoded secret is identified. Store it properly in an environment variable. | affaan-m/everything-claude-code/eval-harness-b2b949f5/tests/hooks/governance-capture.test.js:0 → |
| HIGH | node_secret | A hardcoded secret is identified. Store it properly in an environment variable. | affaan-m/everything-claude-code/eval-harness-b2b949f5/tests/hooks/session-activity-tracker.test.js:0 → |
| HIGH | node_secret | A hardcoded secret is identified. Store it properly in an environment variable. | affaan-m/everything-claude-code/eval-harness-b2b949f5/tests/lib/utils.test.js:0 → |
| HIGH | node_secret | A hardcoded secret is identified. Store it properly in an environment variable. | affaan-m/everything-claude-code/eval-harness-b2b949f5/tests/lib/utils.test.js:0 → |
| HIGH | node_secret | A hardcoded secret is identified. Store it properly in an environment variable. | affaan-m/everything-claude-code/eval-harness-b2b949f5/tests/lib/utils.test.js:0 → |
| HIGH | node_secret | A hardcoded secret is identified. Store it properly in an environment variable. | affaan-m/everything-claude-code/eval-harness-b2b949f5/tests/scripts/trae-install.test.js:0 → |
| HIGH | node_secret | A hardcoded secret is identified. Store it properly in an environment variable. | affaan-m/everything-claude-code/eval-harness-b2b949f5/tests/scripts/trae-install.test.js:0 → |
| HIGH | node_secret | A hardcoded secret is identified. Store it properly in an environment variable. | affaan-m/everything-claude-code/eval-harness-b2b949f5/tests/scripts/trae-install.test.js:0 → |
| MEDIUM | node_sha1 | SHA1 is a a weak hash which is known to have collision. Use a strong hashing function. | affaan-m/everything-claude-code/eval-harness-b2b949f5/scripts/hooks/post-edit-accumulator.js:0 → |
| MEDIUM | node_sha1 | SHA1 is a a weak hash which is known to have collision. Use a strong hashing function. | affaan-m/everything-claude-code/eval-harness-b2b949f5/scripts/hooks/stop-format-typecheck.js:0 → |
| MEDIUM | node_timing_attack | String comparisons using '===', '!==', '!=' and '==' is vulnerable to timing attacks. A timing attack allows the attacker to learn potentially sensitive information by, for example, measuring how long it takes for the application to respond to a request. More info: https://nodejs.org/en/learn/getting-started/security-best-practices#information-exposure-through-timing-attacks-cwe-208 | affaan-m/everything-claude-code/eval-harness-b2b949f5/scripts/hooks/pre-bash-dev-server-block.js:0 → |
| MEDIUM | regex_dos | Ensure that the regex used to compare with user supplied input is safe from regular expression denial of service. | affaan-m/everything-claude-code/eval-harness-b2b949f5/scripts/ci/catalog.js:0 → |
| MEDIUM | regex_dos | Ensure that the regex used to compare with user supplied input is safe from regular expression denial of service. | affaan-m/everything-claude-code/eval-harness-b2b949f5/scripts/ci/scan-supply-chain-iocs.js:0 → |
| MEDIUM | regex_dos | Ensure that the regex used to compare with user supplied input is safe from regular expression denial of service. | affaan-m/everything-claude-code/eval-harness-b2b949f5/scripts/ci/scan-supply-chain-iocs.js:0 → |
| MEDIUM | regex_dos | Ensure that the regex used to compare with user supplied input is safe from regular expression denial of service. | affaan-m/everything-claude-code/eval-harness-b2b949f5/scripts/ci/scan-supply-chain-iocs.js:0 → |
| MEDIUM | regex_dos | Ensure that the regex used to compare with user supplied input is safe from regular expression denial of service. | affaan-m/everything-claude-code/eval-harness-b2b949f5/scripts/ci/scan-supply-chain-iocs.js:0 → |
| MEDIUM | regex_dos | Ensure that the regex used to compare with user supplied input is safe from regular expression denial of service. | affaan-m/everything-claude-code/eval-harness-b2b949f5/scripts/consult.js:0 → |
| MEDIUM | regex_dos | Ensure that the regex used to compare with user supplied input is safe from regular expression denial of service. | affaan-m/everything-claude-code/eval-harness-b2b949f5/scripts/hooks/block-no-verify.js:0 → |
| MEDIUM | regex_dos | Ensure that the regex used to compare with user supplied input is safe from regular expression denial of service. | affaan-m/everything-claude-code/eval-harness-b2b949f5/scripts/hooks/post-edit-console-warn.js:0 → |
| MEDIUM | regex_dos | Ensure that the regex used to compare with user supplied input is safe from regular expression denial of service. | affaan-m/everything-claude-code/eval-harness-b2b949f5/scripts/hooks/pre-bash-commit-quality.js:0 → |
| MEDIUM | regex_dos | Ensure that the regex used to compare with user supplied input is safe from regular expression denial of service. | affaan-m/everything-claude-code/eval-harness-b2b949f5/scripts/hooks/pre-bash-commit-quality.js:0 → |
| MEDIUM | regex_dos | Ensure that the regex used to compare with user supplied input is safe from regular expression denial of service. | affaan-m/everything-claude-code/eval-harness-b2b949f5/scripts/hooks/pre-bash-commit-quality.js:0 → |
| MEDIUM | regex_dos | Ensure that the regex used to compare with user supplied input is safe from regular expression denial of service. | affaan-m/everything-claude-code/eval-harness-b2b949f5/scripts/hooks/pre-bash-dev-server-block.js:0 → |
| MEDIUM | regex_dos | Ensure that the regex used to compare with user supplied input is safe from regular expression denial of service. | affaan-m/everything-claude-code/eval-harness-b2b949f5/scripts/lib/harness-adapter-compliance.js:0 → |
| MEDIUM | regex_dos | Ensure that the regex used to compare with user supplied input is safe from regular expression denial of service. | affaan-m/everything-claude-code/eval-harness-b2b949f5/scripts/lib/harness-adapter-compliance.js:0 → |
| MEDIUM | regex_dos | Ensure that the regex used to compare with user supplied input is safe from regular expression denial of service. | affaan-m/everything-claude-code/eval-harness-b2b949f5/scripts/lib/package-manager.js:0 → |
| MEDIUM | regex_dos | Ensure that the regex used to compare with user supplied input is safe from regular expression denial of service. | affaan-m/everything-claude-code/eval-harness-b2b949f5/scripts/lib/package-manager.js:0 → |
| MEDIUM | regex_dos | Ensure that the regex used to compare with user supplied input is safe from regular expression denial of service. | affaan-m/everything-claude-code/eval-harness-b2b949f5/scripts/lib/session-aliases.js:0 → |
| MEDIUM | regex_dos | Ensure that the regex used to compare with user supplied input is safe from regular expression denial of service. | affaan-m/everything-claude-code/eval-harness-b2b949f5/scripts/lib/utils.js:0 → |
| MEDIUM | regex_dos | Ensure that the regex used to compare with user supplied input is safe from regular expression denial of service. | affaan-m/everything-claude-code/eval-harness-b2b949f5/scripts/lib/utils.js:0 → |