data_exfiltration
Data exfiltration attempt
Line 983Snippets
app.post('/forgot-password', async (req, res) => {app.post('/forgot-password', passwordResetLimiter, async (req, res) => {app.post('/forgot-password', async (req, res) => {app.post('/forgot-password', passwordResetLimiter, async (req, res) => {network_call
Outbound network call
Outbound network call
Line 1193Snippets
app.post('/fetch-url', async (req, res) => { const response = await fetch(req.body.url); // SSRF vulnerability!app.post('/fetch-url', async (req, res) => { const response = await fetch(url, {| Index Scan | Index lookup + heap fetch | Good |env_access
Environment variable access
Environment variable access
Line 228Snippets
secret: process.env.JWT_SECRET, // Must be from env, never hardcoded const accessToken = jwt.sign(payload, process.env.JWT_SECRET!, { process.env.JWT_REFRESH_SECRET!, const payload = jwt.verify(token, process.env.JWT_SECRET!) as TokenPayload; const endpointSecret = process.env.STRIPE_WEBHOOK_SECRET!;Trust Score
Mis a jour la semaine dernière
Analyse le
31 mars 2026, 15:57
+ 2 previous scans
Compatible avec
Skill details
Mis a jour la semaine dernière
Analyse le 31 mars 2026, 15:57
Description
Designs and implements backend systems including REST APIs, microservices, database architectures, authentication flows, and security hardening. Use when the user asks to "design REST APIs", "optimize database queries", "implement authentication", "build microservices", "review backend code", "set up GraphQL", "handle database m...
Scans recents
31 mars 2026, 15:57
Latest analysis
31 mars 2026, 15:12
Run 2
27 mars 2026, 15:47
Run 1