Scanned by vskill platform — 52 built-in patterns + 3 external SAST tools (semgrep, njsscan, trufflehog). Dependencies enriched with Socket.dev supply chain scores. Public Snyk and Socket.dev reports linked where available.