Kordant/piolium/attack-surface/candidates.jsonl

{"slug":"secret-literal","description":"Hardcoded secret-like literal.","noise":"precise","filePath":"web/src/server/api/routers/billing.test.ts","line":220,"snippet":"clientSecret: \"cs_123_secret\",","matchedPattern":"secret assignment","score":122,"source":"builtin"}
{"slug":"secret-literal","description":"Hardcoded secret-like literal.","noise":"precise","filePath":"web/src/routes/(auth)/login.tsx","line":30,"snippet":"if (!password()) errs.password = \"Password is required\";","matchedPattern":"secret assignment","score":106,"source":"builtin"}
{"slug":"secret-literal","description":"Hardcoded secret-like literal.","noise":"precise","filePath":"web/src/routes/(auth)/reset-password.tsx","line":27,"snippet":"if (!password()) errs.password = \"Password is required\";","matchedPattern":"secret assignment","score":106,"source":"builtin"}
{"slug":"secret-literal","description":"Hardcoded secret-like literal.","noise":"precise","filePath":"web/src/routes/(auth)/reset-password.tsx","line":29,"snippet":"errs.password = \"Password must be at least 8 characters\";","matchedPattern":"secret assignment","score":106,"source":"builtin"}
{"slug":"secret-literal","description":"Hardcoded secret-like literal.","noise":"precise","filePath":"web/src/routes/(auth)/signup.tsx","line":66,"snippet":"if (!password()) errs.password = \"Password is required\";","matchedPattern":"secret assignment","score":106,"source":"builtin"}
{"slug":"secret-literal","description":"Hardcoded secret-like literal.","noise":"precise","filePath":"web/src/routes/(auth)/signup.tsx","line":68,"snippet":"errs.password = \"Password must be at least 8 characters\";","matchedPattern":"secret assignment","score":106,"source":"builtin"}
{"slug":"secret-literal","description":"Hardcoded secret-like literal.","noise":"precise","filePath":"web/src/server/services/billing.service.test.ts","line":140,"snippet":"client_secret: \"cs_123_secret\",","matchedPattern":"secret assignment","score":98,"source":"builtin"}
{"slug":"secret-literal","description":"Hardcoded secret-like literal.","noise":"precise","filePath":"web/src/server/services/billing.service.test.ts","line":178,"snippet":"client_secret: \"cs_trial_secret\",","matchedPattern":"secret assignment","score":98,"source":"builtin"}
{"slug":"secret-literal","description":"Hardcoded secret-like literal.","noise":"precise","filePath":"web/src/server/services/billing.service.test.ts","line":216,"snippet":"client_secret: \"cs_upgrade_secret\",","matchedPattern":"secret assignment","score":98,"source":"builtin"}
{"slug":"dynamic-code-execution","description":"Dynamic code execution, expression evaluation, or runtime compilation.","noise":"precise","filePath":"honker/packages/honker-bun/examples/atomic.ts","line":21,"snippet":"db.raw.exec(","matchedPattern":"python eval","score":90,"source":"builtin"}
{"slug":"dynamic-code-execution","description":"Dynamic code execution, expression evaluation, or runtime compilation.","noise":"precise","filePath":"honker/packages/honker-bun/src/index.ts","line":343,"snippet":"this.raw.exec(\"BEGIN IMMEDIATE\");","matchedPattern":"python eval","score":90,"source":"builtin"}
{"slug":"dynamic-code-execution","description":"Dynamic code execution, expression evaluation, or runtime compilation.","noise":"precise","filePath":"honker/packages/honker-bun/src/index.ts","line":422,"snippet":"raw.exec(\"PRAGMA busy_timeout = 5000;\");","matchedPattern":"python eval","score":90,"source":"builtin"}
{"slug":"dynamic-code-execution","description":"Dynamic code execution, expression evaluation, or runtime compilation.","noise":"precise","filePath":"honker/packages/honker-bun/src/index.ts","line":424,"snippet":"raw.exec(DEFAULT_PRAGMAS);","matchedPattern":"python eval","score":90,"source":"builtin"}
{"slug":"dynamic-code-execution","description":"Dynamic code execution, expression evaluation, or runtime compilation.","noise":"precise","filePath":"honker/packages/honker-bun/src/index.ts","line":425,"snippet":"raw.exec(\"SELECT honker_bootstrap()\");","matchedPattern":"python eval","score":90,"source":"builtin"}
{"slug":"dynamic-code-execution","description":"Dynamic code execution, expression evaluation, or runtime compilation.","noise":"precise","filePath":"honker/packages/honker-bun/src/index.ts","line":441,"snippet":"held.raw.exec(\"ROLLBACK\");","matchedPattern":"python eval","score":90,"source":"builtin"}
{"slug":"dynamic-code-execution","description":"Dynamic code execution, expression evaluation, or runtime compilation.","noise":"precise","filePath":"honker/packages/honker-bun/src/index.ts","line":480,"snippet":"this.raw.exec(\"COMMIT\");","matchedPattern":"python eval","score":90,"source":"builtin"}
{"slug":"dynamic-code-execution","description":"Dynamic code execution, expression evaluation, or runtime compilation.","noise":"precise","filePath":"honker/packages/honker-bun/src/index.ts","line":489,"snippet":"this.raw.exec(\"ROLLBACK\");","matchedPattern":"python eval","score":90,"source":"builtin"}
{"slug":"dynamic-code-execution","description":"Dynamic code execution, expression evaluation, or runtime compilation.","noise":"precise","filePath":"honker/packages/honker-bun/test/parity.test.ts","line":68,"snippet":"db.raw.exec(\"CREATE TABLE kv (k TEXT PRIMARY KEY, v TEXT)\");","matchedPattern":"python eval","score":90,"source":"builtin"}
{"slug":"dynamic-code-execution","description":"Dynamic code execution, expression evaluation, or runtime compilation.","noise":"precise","filePath":"honker/packages/honker-bun/test/parity.test.ts","line":82,"snippet":"db.raw.exec(\"CREATE TABLE kv (k TEXT)\");","matchedPattern":"python eval","score":90,"source":"builtin"}
{"slug":"dynamic-code-execution","description":"Dynamic code execution, expression evaluation, or runtime compilation.","noise":"precise","filePath":"honker/packages/honker-bun/test/parity.test.ts","line":94,"snippet":"db.raw.exec(\"CREATE TABLE orders (id INTEGER PRIMARY KEY, amount INTEGER)\");","matchedPattern":"python eval","score":90,"source":"builtin"}
{"slug":"command-execution","description":"Potential command execution or shell invocation with variable input.","noise":"precise","filePath":"honker/packages/honker-go/python_interop_test.go","line":24,"snippet":"cmd := exec.Command(p, \"-c\", pythonProbeScript)","matchedPattern":"go command","score":90,"source":"builtin"}
{"slug":"command-execution","description":"Potential command execution or shell invocation with variable input.","noise":"precise","filePath":"honker/packages/honker-go/python_interop_test.go","line":38,"snippet":"cmd := exec.Command(p, \"-c\", pythonProbeScript)","matchedPattern":"go command","score":90,"source":"builtin"}
{"slug":"command-execution","description":"Potential command execution or shell invocation with variable input.","noise":"precise","filePath":"honker/packages/honker-go/python_interop_test.go","line":86,"snippet":"cmd := exec.Command(python, \"-c\", script)","matchedPattern":"go command","score":90,"source":"builtin"}
{"slug":"command-execution","description":"Potential command execution or shell invocation with variable input.","noise":"precise","filePath":"honker/packages/honker-go/watcher_backends_queue_test.go","line":119,"snippet":"cmd := exec.Command(os.Args[0], \"-test.v\", \"-test.run\", \"^TestWatcherBackendQueueHelper$\")","matchedPattern":"go command","score":90,"source":"builtin"}
{"slug":"command-execution","description":"Potential command execution or shell invocation with variable input.","noise":"precise","filePath":"honker/packages/honker-go/watcher_backends_queue_test.go","line":194,"snippet":"cmd := exec.Command(os.Args[0], \"-test.run\", \"^TestWatcherBackendQueueHelper$\")","matchedPattern":"go command","score":90,"source":"builtin"}
{"slug":"command-execution","description":"Potential command execution or shell invocation with variable input.","noise":"precise","filePath":"honker/packages/honker-go/watcher_backends_queue_test.go","line":226,"snippet":"cmd := exec.Command(os.Args[0], \"-test.run\", \"^TestWatcherBackendQueueHelper$\")","matchedPattern":"go command","score":90,"source":"builtin"}
{"slug":"dynamic-code-execution","description":"Dynamic code execution, expression evaluation, or runtime compilation.","noise":"precise","filePath":"honker/scripts/test_sqlite_versions.py","line":103,"snippet":"assert rc == SQLITE_OK, f\"exec({sql!r}) failed: {rc}\"","matchedPattern":"python eval","score":90,"source":"builtin"}
{"slug":"dynamic-code-execution","description":"Dynamic code execution, expression evaluation, or runtime compilation.","noise":"precise","filePath":"ml/spam-classifier/train.py","line":216,"snippet":"model.eval()","matchedPattern":"eval","score":90,"source":"builtin"}
{"slug":"dynamic-code-execution","description":"Dynamic code execution, expression evaluation, or runtime compilation.","noise":"precise","filePath":"ml/spam-classifier/train.py","line":216,"snippet":"model.eval()","matchedPattern":"python eval","score":90,"source":"builtin"}
{"slug":"dynamic-code-execution","description":"Dynamic code execution, expression evaluation, or runtime compilation.","noise":"precise","filePath":"ml/spam-classifier/train.py","line":216,"snippet":"model.eval()","matchedPattern":"ruby eval","score":90,"source":"builtin"}
{"slug":"dynamic-code-execution","description":"Dynamic code execution, expression evaluation, or runtime compilation.","noise":"precise","filePath":"ml/spam-classifier/train.py","line":280,"snippet":"model.eval()","matchedPattern":"eval","score":90,"source":"builtin"}
{"slug":"dynamic-code-execution","description":"Dynamic code execution, expression evaluation, or runtime compilation.","noise":"precise","filePath":"ml/spam-classifier/train.py","line":280,"snippet":"model.eval()","matchedPattern":"python eval","score":90,"source":"builtin"}
{"slug":"dynamic-code-execution","description":"Dynamic code execution, expression evaluation, or runtime compilation.","noise":"precise","filePath":"ml/spam-classifier/train.py","line":280,"snippet":"model.eval()","matchedPattern":"ruby eval","score":90,"source":"builtin"}
{"slug":"secret-literal","description":"Hardcoded secret-like literal.","noise":"precise","filePath":"web/src/server/services/darkwatch/hibp.client.test.ts","line":65,"snippet":"const apiKey = \"test-api-key\";","matchedPattern":"secret assignment","score":90,"source":"builtin"}
{"slug":"secret-literal","description":"Hardcoded secret-like literal.","noise":"precise","filePath":"web/src/server/services/darkwatch/shodan.client.test.ts","line":13,"snippet":"const apiKey = \"test-shodan-key\";","matchedPattern":"secret assignment","score":90,"source":"builtin"}
{"slug":"secret-literal","description":"Hardcoded secret-like literal.","noise":"precise","filePath":"web/src/server/services/hometitle/attom.client.test.ts","line":170,"snippet":"const apiKey = \"test-attom-api-key\";","matchedPattern":"secret assignment","score":90,"source":"builtin"}
{"slug":"dynamic-code-execution","description":"Dynamic code execution, expression evaluation, or runtime compilation.","noise":"precise","filePath":"web/src/server/services/hometitle/county-scrapers/unified-parser.ts","line":101,"snippet":"while ((tableMatch = tableRegex.exec(html)) !== null) {","matchedPattern":"python eval","score":90,"source":"builtin"}
{"slug":"dynamic-code-execution","description":"Dynamic code execution, expression evaluation, or runtime compilation.","noise":"precise","filePath":"web/src/server/services/hometitle/county-scrapers/unified-parser.ts","line":127,"snippet":"while ((rowMatch = rowRegex.exec(tableHtml)) !== null) {","matchedPattern":"python eval","score":90,"source":"builtin"}
{"slug":"dynamic-code-execution","description":"Dynamic code execution, expression evaluation, or runtime compilation.","noise":"precise","filePath":"web/src/server/services/hometitle/county-scrapers/unified-parser.ts","line":153,"snippet":"while ((match = cellRegex.exec(headerRowHtml)) !== null) {","matchedPattern":"python eval","score":90,"source":"builtin"}
{"slug":"dynamic-code-execution","description":"Dynamic code execution, expression evaluation, or runtime compilation.","noise":"precise","filePath":"web/src/server/services/hometitle/county-scrapers/unified-parser.ts","line":160,"snippet":"while ((match = tdRegex.exec(headerRowHtml)) !== null) {","matchedPattern":"python eval","score":90,"source":"builtin"}
{"slug":"dynamic-code-execution","description":"Dynamic code execution, expression evaluation, or runtime compilation.","noise":"precise","filePath":"web/src/server/services/hometitle/county-scrapers/unified-parser.ts","line":199,"snippet":"while ((match = cellRegex.exec(rowHtml)) !== null) {","matchedPattern":"python eval","score":90,"source":"builtin"}
{"slug":"dynamic-code-execution","description":"Dynamic code execution, expression evaluation, or runtime compilation.","noise":"precise","filePath":"web/src/server/services/hometitle/county-scrapers/unified-parser.ts","line":294,"snippet":"while ((match = labelSpanPattern.exec(html)) !== null) {","matchedPattern":"python eval","score":90,"source":"builtin"}
{"slug":"dynamic-code-execution","description":"Dynamic code execution, expression evaluation, or runtime compilation.","noise":"precise","filePath":"web/src/server/services/hometitle/county-scrapers/unified-parser.ts","line":302,"snippet":"while ((match = thTdPattern.exec(html)) !== null) {","matchedPattern":"python eval","score":90,"source":"builtin"}
{"slug":"dynamic-code-execution","description":"Dynamic code execution, expression evaluation, or runtime compilation.","noise":"precise","filePath":"web/src/server/services/hometitle/county-scrapers/unified-parser.ts","line":310,"snippet":"while ((match = divFieldPattern.exec(html)) !== null) {","matchedPattern":"python eval","score":90,"source":"builtin"}
{"slug":"dynamic-code-execution","description":"Dynamic code execution, expression evaluation, or runtime compilation.","noise":"precise","filePath":"web/src/server/services/hometitle/county-scrapers/unified-parser.ts","line":318,"snippet":"while ((match = plainLabelPattern.exec(html)) !== null) {","matchedPattern":"python eval","score":90,"source":"builtin"}
{"slug":"secret-literal","description":"Hardcoded secret-like literal.","noise":"precise","filePath":"web/src/server/services/notification.service.test.ts","line":220,"snippet":"token: \"existing-token\",","matchedPattern":"secret assignment","score":90,"source":"builtin"}
{"slug":"secret-literal","description":"Hardcoded secret-like literal.","noise":"precise","filePath":"web/src/server/services/notification.service.test.ts","line":256,"snippet":"token: \"other-user-token\",","matchedPattern":"secret assignment","score":90,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"web/src/server/api/routers/admin.ts","line":40,"snippet":"stats: adminProcedure.query(async ({ ctx }) => {","matchedPattern":"query call","score":87,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"web/src/server/api/routers/admin.ts","line":58,"snippet":"blogList: adminProcedure.query(async ({ ctx }) => {","matchedPattern":"query call","score":87,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"web/src/server/api/routers/admin.ts","line":64,"snippet":".query(async ({ ctx, input }) => {","matchedPattern":"query call","score":87,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"web/src/server/api/routers/admin.ts","line":137,"snippet":"userList: adminProcedure.query(async ({ ctx }) => {","matchedPattern":"query call","score":87,"source":"builtin"}
{"slug":"hidden-control-channel","description":"Request header or framework/proxy context read that may influence auth, routing, tenant, runtime, debug, or middleware behavior.","noise":"normal","filePath":"web/src/server/api/routers/billing.test.ts","line":95,"snippet":"const isAuthed = t.middleware(({ ctx, next }) => {","matchedPattern":"identity or internal control header","score":87,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"web/src/server/api/routers/billing.test.ts","line":102,"snippet":".query(async () => {","matchedPattern":"query call","score":87,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"web/src/server/api/routers/billing.test.ts","line":168,"snippet":".query(async ({ ctx, input }) => {","matchedPattern":"query call","score":87,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"web/src/server/api/routers/billing.ts","line":43,"snippet":"getSubscription: protectedProcedure.query(async ({ ctx }) => {","matchedPattern":"query call","score":87,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"web/src/server/api/routers/billing.ts","line":304,"snippet":".query(async ({ ctx, input }) => {","matchedPattern":"query call","score":87,"source":"builtin"}
{"slug":"open-redirect","description":"Redirect sink that may accept user-controlled URLs.","noise":"normal","filePath":"web/src/routes/(admin)/blog/index.tsx","line":32,"snippet":"if (redirect()) return <Navigate href=\"/admin/blog/new\" />;","matchedPattern":"redirect call","score":81,"source":"builtin"}
{"slug":"command-execution","description":"Potential command execution or shell invocation with variable input.","noise":"precise","filePath":"honker/bench/real_bench.py","line":180,"snippet":"def spawn(script: str) -> subprocess.Popen:","matchedPattern":"node child_process","score":80,"source":"builtin"}
{"slug":"command-execution","description":"Potential command execution or shell invocation with variable input.","noise":"precise","filePath":"honker/bench/real_bench.py","line":181,"snippet":"return subprocess.Popen(","matchedPattern":"python process","score":80,"source":"builtin"}
{"slug":"command-execution","description":"Potential command execution or shell invocation with variable input.","noise":"precise","filePath":"honker/bench/real_bench.py","line":212,"snippet":"spawn(","matchedPattern":"node child_process","score":80,"source":"builtin"}
{"slug":"command-execution","description":"Potential command execution or shell invocation with variable input.","noise":"precise","filePath":"honker/bench/real_bench.py","line":224,"snippet":"spawn(enqueuer_script(db_path, queue_name, rate_per_enqueuer))","matchedPattern":"node child_process","score":80,"source":"builtin"}
{"slug":"command-execution","description":"Potential command execution or shell invocation with variable input.","noise":"precise","filePath":"honker/bench/wake_latency_bench.py","line":83,"snippet":"proc = subprocess.Popen(","matchedPattern":"python process","score":80,"source":"builtin"}
{"slug":"command-execution","description":"Potential command execution or shell invocation with variable input.","noise":"precise","filePath":"honker/packages/honker-bun/examples/atomic.ts","line":21,"snippet":"db.raw.exec(","matchedPattern":"node child_process","score":80,"source":"builtin"}
{"slug":"command-execution","description":"Potential command execution or shell invocation with variable input.","noise":"precise","filePath":"honker/packages/honker-bun/src/index.ts","line":343,"snippet":"this.raw.exec(\"BEGIN IMMEDIATE\");","matchedPattern":"node child_process","score":80,"source":"builtin"}
{"slug":"command-execution","description":"Potential command execution or shell invocation with variable input.","noise":"precise","filePath":"honker/packages/honker-bun/src/index.ts","line":422,"snippet":"raw.exec(\"PRAGMA busy_timeout = 5000;\");","matchedPattern":"node child_process","score":80,"source":"builtin"}
{"slug":"command-execution","description":"Potential command execution or shell invocation with variable input.","noise":"precise","filePath":"honker/packages/honker-bun/src/index.ts","line":424,"snippet":"raw.exec(DEFAULT_PRAGMAS);","matchedPattern":"node child_process","score":80,"source":"builtin"}
{"slug":"command-execution","description":"Potential command execution or shell invocation with variable input.","noise":"precise","filePath":"honker/packages/honker-bun/src/index.ts","line":425,"snippet":"raw.exec(\"SELECT honker_bootstrap()\");","matchedPattern":"node child_process","score":80,"source":"builtin"}
{"slug":"command-execution","description":"Potential command execution or shell invocation with variable input.","noise":"precise","filePath":"honker/packages/honker-bun/src/index.ts","line":441,"snippet":"held.raw.exec(\"ROLLBACK\");","matchedPattern":"node child_process","score":80,"source":"builtin"}
{"slug":"command-execution","description":"Potential command execution or shell invocation with variable input.","noise":"precise","filePath":"honker/packages/honker-bun/src/index.ts","line":480,"snippet":"this.raw.exec(\"COMMIT\");","matchedPattern":"node child_process","score":80,"source":"builtin"}
{"slug":"command-execution","description":"Potential command execution or shell invocation with variable input.","noise":"precise","filePath":"honker/packages/honker-bun/src/index.ts","line":489,"snippet":"this.raw.exec(\"ROLLBACK\");","matchedPattern":"node child_process","score":80,"source":"builtin"}
{"slug":"command-execution","description":"Potential command execution or shell invocation with variable input.","noise":"precise","filePath":"honker/packages/honker-bun/test/parity.test.ts","line":68,"snippet":"db.raw.exec(\"CREATE TABLE kv (k TEXT PRIMARY KEY, v TEXT)\");","matchedPattern":"node child_process","score":80,"source":"builtin"}
{"slug":"command-execution","description":"Potential command execution or shell invocation with variable input.","noise":"precise","filePath":"honker/packages/honker-bun/test/parity.test.ts","line":82,"snippet":"db.raw.exec(\"CREATE TABLE kv (k TEXT)\");","matchedPattern":"node child_process","score":80,"source":"builtin"}
{"slug":"command-execution","description":"Potential command execution or shell invocation with variable input.","noise":"precise","filePath":"honker/packages/honker-bun/test/parity.test.ts","line":94,"snippet":"db.raw.exec(\"CREATE TABLE orders (id INTEGER PRIMARY KEY, amount INTEGER)\");","matchedPattern":"node child_process","score":80,"source":"builtin"}
{"slug":"command-execution","description":"Potential command execution or shell invocation with variable input.","noise":"precise","filePath":"honker/packages/honker-bun/test/python_interop.test.ts","line":38,"snippet":"const probe = spawnSync(python, [\"-c\", probeScript], {","matchedPattern":"node child_process","score":80,"source":"builtin"}
{"slug":"command-execution","description":"Potential command execution or shell invocation with variable input.","noise":"precise","filePath":"honker/packages/honker-bun/test/python_interop.test.ts","line":61,"snippet":"const out = spawnSync(python, [\"-c\", script], {","matchedPattern":"node child_process","score":80,"source":"builtin"}
{"slug":"command-execution","description":"Potential command execution or shell invocation with variable input.","noise":"precise","filePath":"honker/packages/honker-bun/test/watcher_backends_queue_e2e.test.ts","line":116,"snippet":"const proc = spawn(process.execPath, [\"-e\", workerScript(dbPath, extPath, workerId, backend)], {","matchedPattern":"node child_process","score":80,"source":"builtin"}
{"slug":"command-execution","description":"Potential command execution or shell invocation with variable input.","noise":"precise","filePath":"honker/packages/honker-bun/test/watcher_backends_queue_e2e.test.ts","line":152,"snippet":"const res = spawnSync(process.execPath, [\"-e\", script], {","matchedPattern":"node child_process","score":80,"source":"builtin"}
{"slug":"command-execution","description":"Potential command execution or shell invocation with variable input.","noise":"precise","filePath":"honker/packages/honker-node/index.js","line":56,"snippet":"return require('child_process').execSync('ldd --version', { encoding: 'utf8' }).includes('musl')","matchedPattern":"node child_process","score":80,"source":"builtin"}
{"slug":"command-execution","description":"Potential command execution or shell invocation with variable input.","noise":"precise","filePath":"honker/packages/honker-node/native.js","line":56,"snippet":"return require('child_process').execSync('ldd --version', { encoding: 'utf8' }).includes('musl')","matchedPattern":"node child_process","score":80,"source":"builtin"}
{"slug":"command-execution","description":"Potential command execution or shell invocation with variable input.","noise":"precise","filePath":"honker/packages/honker-node/test/cross_lang_shared.js","line":28,"snippet":"return spawn(PYTHON, ['-c', script], { stdio });","matchedPattern":"node child_process","score":80,"source":"builtin"}
{"slug":"command-execution","description":"Potential command execution or shell invocation with variable input.","noise":"precise","filePath":"honker/packages/honker-node/test/watcher_backends_e2e.js","line":29,"snippet":"return spawn(process.execPath, ['-e', script], {","matchedPattern":"node child_process","score":80,"source":"builtin"}
{"slug":"command-execution","description":"Potential command execution or shell invocation with variable input.","noise":"precise","filePath":"honker/packages/honker-node/test/watcher_backends_queue_e2e.js","line":38,"snippet":"return spawn(process.execPath, ['-e', script], {","matchedPattern":"node child_process","score":80,"source":"builtin"}
{"slug":"command-execution","description":"Potential command execution or shell invocation with variable input.","noise":"precise","filePath":"honker/packages/honker-node/test/watcher_backends_queue_e2e.js","line":155,"snippet":"const res = spawnSync(process.execPath, ['-e', script], {","matchedPattern":"node child_process","score":80,"source":"builtin"}
{"slug":"command-execution","description":"Potential command execution or shell invocation with variable input.","noise":"precise","filePath":"honker/packages/honker-ruby/ext/honker/extconf.rb","line":24,"snippet":"cargo_found = system(\"cargo\", \"--version\", out: File::NULL, err: File::NULL)","matchedPattern":"php process","score":80,"source":"builtin"}
{"slug":"command-execution","description":"Potential command execution or shell invocation with variable input.","noise":"precise","filePath":"honker/packages/honker-ruby/ext/honker/extconf.rb","line":48,"snippet":"system(","matchedPattern":"php process","score":80,"source":"builtin"}
{"slug":"command-execution","description":"Potential command execution or shell invocation with variable input.","noise":"precise","filePath":"honker/packages/honker-ruby/spec/honker_spec.rb","line":176,"snippet":"pid = Process.spawn(","matchedPattern":"node child_process","score":80,"source":"builtin"}
{"slug":"command-execution","description":"Potential command execution or shell invocation with variable input.","noise":"precise","filePath":"honker/packages/honker-ruby/spec/honker_spec.rb","line":191,"snippet":"Process.spawn(","matchedPattern":"node child_process","score":80,"source":"builtin"}
{"slug":"command-execution","description":"Potential command execution or shell invocation with variable input.","noise":"precise","filePath":"honker/packages/honker-ruby/spec/railtie_spec.rb","line":36,"snippet":"out = IO.popen([RbConfig.ruby, \"-e\", script], &:read)","matchedPattern":"php process","score":80,"source":"builtin"}
{"slug":"command-execution","description":"Potential command execution or shell invocation with variable input.","noise":"precise","filePath":"honker/scripts/test_sqlite_versions.py","line":44,"snippet":"out = subprocess.check_output([\"otool\", \"-L\", mod_path], text=True)","matchedPattern":"python process","score":80,"source":"builtin"}
{"slug":"command-execution","description":"Potential command execution or shell invocation with variable input.","noise":"precise","filePath":"honker/scripts/test_sqlite_versions.py","line":103,"snippet":"assert rc == SQLITE_OK, f\"exec({sql!r}) failed: {rc}\"","matchedPattern":"node child_process","score":80,"source":"builtin"}
{"slug":"command-execution","description":"Potential command execution or shell invocation with variable input.","noise":"precise","filePath":"honker/tests/test_crash_recovery.py","line":54,"snippet":"return subprocess.Popen(","matchedPattern":"python process","score":80,"source":"builtin"}
{"slug":"command-execution","description":"Potential command execution or shell invocation with variable input.","noise":"precise","filePath":"honker/tests/test_cross_process_wake_latency.py","line":72,"snippet":"proc = subprocess.Popen(","matchedPattern":"python process","score":80,"source":"builtin"}
{"slug":"command-execution","description":"Potential command execution or shell invocation with variable input.","noise":"precise","filePath":"honker/tests/test_fault_injection.py","line":112,"snippet":"subprocess.run(","matchedPattern":"python process","score":80,"source":"builtin"}
{"slug":"command-execution","description":"Potential command execution or shell invocation with variable input.","noise":"precise","filePath":"honker/tests/test_fault_injection.py","line":143,"snippet":"subprocess.run([\"umount\", str(mount_dir)], check=False)","matchedPattern":"python process","score":80,"source":"builtin"}
{"slug":"command-execution","description":"Potential command execution or shell invocation with variable input.","noise":"precise","filePath":"honker/tests/test_joblite.py","line":79,"snippet":"return subprocess.Popen(","matchedPattern":"python process","score":80,"source":"builtin"}
{"slug":"command-execution","description":"Potential command execution or shell invocation with variable input.","noise":"precise","filePath":"honker/tests/test_multiprocess.py","line":63,"snippet":"return subprocess.run(","matchedPattern":"python process","score":80,"source":"builtin"}
{"slug":"command-execution","description":"Potential command execution or shell invocation with variable input.","noise":"precise","filePath":"honker/tests/test_multiprocess.py","line":219,"snippet":"return subprocess.run(","matchedPattern":"python process","score":80,"source":"builtin"}
{"slug":"command-execution","description":"Potential command execution or shell invocation with variable input.","noise":"precise","filePath":"honker/tests/test_multiprocess.py","line":277,"snippet":"return subprocess.run(","matchedPattern":"python process","score":80,"source":"builtin"}
{"slug":"command-execution","description":"Potential command execution or shell invocation with variable input.","noise":"precise","filePath":"honker/tests/test_real_e2e_scenarios.py","line":270,"snippet":"return subprocess.Popen(","matchedPattern":"python process","score":80,"source":"builtin"}
{"slug":"command-execution","description":"Potential command execution or shell invocation with variable input.","noise":"precise","filePath":"honker/tests/test_real_e2e_scenarios.py","line":279,"snippet":"return subprocess.run(","matchedPattern":"python process","score":80,"source":"builtin"}
{"slug":"command-execution","description":"Potential command execution or shell invocation with variable input.","noise":"precise","filePath":"honker/tests/test_ruby_python_interop.py","line":43,"snippet":"probe = subprocess.run(","matchedPattern":"python process","score":80,"source":"builtin"}
{"slug":"command-execution","description":"Potential command execution or shell invocation with variable input.","noise":"precise","filePath":"honker/tests/test_ruby_python_interop.py","line":75,"snippet":"proc = subprocess.run(","matchedPattern":"python process","score":80,"source":"builtin"}
{"slug":"command-execution","description":"Potential command execution or shell invocation with variable input.","noise":"precise","filePath":"honker/tests/test_time_triggers_e2e.py","line":140,"snippet":"return subprocess.Popen(","matchedPattern":"python process","score":80,"source":"builtin"}
{"slug":"command-execution","description":"Potential command execution or shell invocation with variable input.","noise":"precise","filePath":"honker/tests/test_watcher_backends_e2e.py","line":98,"snippet":"proc = subprocess.Popen(","matchedPattern":"python process","score":80,"source":"builtin"}
{"slug":"command-execution","description":"Potential command execution or shell invocation with variable input.","noise":"precise","filePath":"honker/tests/test_watcher_backends_queue_e2e.py","line":116,"snippet":"proc = subprocess.Popen(","matchedPattern":"python process","score":80,"source":"builtin"}
{"slug":"command-execution","description":"Potential command execution or shell invocation with variable input.","noise":"precise","filePath":"honker/tests/test_watcher_backends_queue_e2e.py","line":181,"snippet":"res = subprocess.run(","matchedPattern":"python process","score":80,"source":"builtin"}
{"slug":"command-execution","description":"Potential command execution or shell invocation with variable input.","noise":"precise","filePath":"web/src/server/services/hometitle/county-scrapers/scrapers/county-data.ts","line":536,"snippet":"notes: \"Massachusetts Land Records system (Middlesex County).\",","matchedPattern":"php process","score":80,"source":"builtin"}
{"slug":"command-execution","description":"Potential command execution or shell invocation with variable input.","noise":"precise","filePath":"web/src/server/services/hometitle/county-scrapers/unified-parser.ts","line":101,"snippet":"while ((tableMatch = tableRegex.exec(html)) !== null) {","matchedPattern":"node child_process","score":80,"source":"builtin"}
{"slug":"command-execution","description":"Potential command execution or shell invocation with variable input.","noise":"precise","filePath":"web/src/server/services/hometitle/county-scrapers/unified-parser.ts","line":127,"snippet":"while ((rowMatch = rowRegex.exec(tableHtml)) !== null) {","matchedPattern":"node child_process","score":80,"source":"builtin"}
{"slug":"command-execution","description":"Potential command execution or shell invocation with variable input.","noise":"precise","filePath":"web/src/server/services/hometitle/county-scrapers/unified-parser.ts","line":153,"snippet":"while ((match = cellRegex.exec(headerRowHtml)) !== null) {","matchedPattern":"node child_process","score":80,"source":"builtin"}
{"slug":"command-execution","description":"Potential command execution or shell invocation with variable input.","noise":"precise","filePath":"web/src/server/services/hometitle/county-scrapers/unified-parser.ts","line":160,"snippet":"while ((match = tdRegex.exec(headerRowHtml)) !== null) {","matchedPattern":"node child_process","score":80,"source":"builtin"}
{"slug":"command-execution","description":"Potential command execution or shell invocation with variable input.","noise":"precise","filePath":"web/src/server/services/hometitle/county-scrapers/unified-parser.ts","line":199,"snippet":"while ((match = cellRegex.exec(rowHtml)) !== null) {","matchedPattern":"node child_process","score":80,"source":"builtin"}
{"slug":"command-execution","description":"Potential command execution or shell invocation with variable input.","noise":"precise","filePath":"web/src/server/services/hometitle/county-scrapers/unified-parser.ts","line":294,"snippet":"while ((match = labelSpanPattern.exec(html)) !== null) {","matchedPattern":"node child_process","score":80,"source":"builtin"}
{"slug":"command-execution","description":"Potential command execution or shell invocation with variable input.","noise":"precise","filePath":"web/src/server/services/hometitle/county-scrapers/unified-parser.ts","line":302,"snippet":"while ((match = thTdPattern.exec(html)) !== null) {","matchedPattern":"node child_process","score":80,"source":"builtin"}
{"slug":"command-execution","description":"Potential command execution or shell invocation with variable input.","noise":"precise","filePath":"web/src/server/services/hometitle/county-scrapers/unified-parser.ts","line":310,"snippet":"while ((match = divFieldPattern.exec(html)) !== null) {","matchedPattern":"node child_process","score":80,"source":"builtin"}
{"slug":"command-execution","description":"Potential command execution or shell invocation with variable input.","noise":"precise","filePath":"web/src/server/services/hometitle/county-scrapers/unified-parser.ts","line":318,"snippet":"while ((match = plainLabelPattern.exec(html)) !== null) {","matchedPattern":"node child_process","score":80,"source":"builtin"}
{"slug":"webhook-without-obvious-signature","description":"Webhook handler path that should be checked for signature verification.","noise":"normal","filePath":"web/src/routes/api/stripe/webhook.test.ts","line":4,"snippet":"vi.mock(\"~/server/stripe\", () => ({","matchedPattern":"webhook route","score":79,"source":"builtin"}
{"slug":"webhook-without-obvious-signature","description":"Webhook handler path that should be checked for signature verification.","noise":"normal","filePath":"web/src/routes/api/stripe/webhook.test.ts","line":5,"snippet":"stripe: {","matchedPattern":"webhook route","score":79,"source":"builtin"}
{"slug":"webhook-without-obvious-signature","description":"Webhook handler path that should be checked for signature verification.","noise":"normal","filePath":"web/src/routes/api/stripe/webhook.test.ts","line":44,"snippet":"describe(\"Webhook handler\", () => {","matchedPattern":"webhook route","score":79,"source":"builtin"}
{"slug":"webhook-without-obvious-signature","description":"Webhook handler path that should be checked for signature verification.","noise":"normal","filePath":"web/src/routes/api/stripe/webhook.test.ts","line":50,"snippet":"const { POST } = await import(\"./webhook\");","matchedPattern":"webhook route","score":79,"source":"builtin"}
{"slug":"webhook-without-obvious-signature","description":"Webhook handler path that should be checked for signature verification.","noise":"normal","filePath":"web/src/routes/api/stripe/webhook.test.ts","line":56,"snippet":"const { POST } = await import(\"./webhook\");","matchedPattern":"webhook route","score":79,"source":"builtin"}
{"slug":"webhook-without-obvious-signature","description":"Webhook handler path that should be checked for signature verification.","noise":"normal","filePath":"web/src/routes/api/stripe/webhook.test.ts","line":67,"snippet":"url: \"http://localhost/api/stripe/webhook\",","matchedPattern":"webhook route","score":79,"source":"builtin"}
{"slug":"webhook-without-obvious-signature","description":"Webhook handler path that should be checked for signature verification.","noise":"normal","filePath":"web/src/routes/api/stripe/webhook.test.ts","line":67,"snippet":"url: \"http://localhost/api/stripe/webhook\",","matchedPattern":"webhook route","score":79,"source":"builtin"}
{"slug":"webhook-without-obvious-signature","description":"Webhook handler path that should be checked for signature verification.","noise":"normal","filePath":"web/src/routes/api/stripe/webhook.test.ts","line":75,"snippet":"const { stripe } = await import(\"~/server/stripe\");","matchedPattern":"webhook route","score":79,"source":"builtin"}
{"slug":"webhook-without-obvious-signature","description":"Webhook handler path that should be checked for signature verification.","noise":"normal","filePath":"web/src/routes/api/stripe/webhook.test.ts","line":75,"snippet":"const { stripe } = await import(\"~/server/stripe\");","matchedPattern":"webhook route","score":79,"source":"builtin"}
{"slug":"webhook-without-obvious-signature","description":"Webhook handler path that should be checked for signature verification.","noise":"normal","filePath":"web/src/routes/api/stripe/webhook.test.ts","line":81,"snippet":"vi.mocked(stripe.webhooks.constructEvent).mockReturnValue(mockEvent as any);","matchedPattern":"webhook route","score":79,"source":"builtin"}
{"slug":"webhook-without-obvious-signature","description":"Webhook handler path that should be checked for signature verification.","noise":"normal","filePath":"web/src/routes/api/stripe/webhook.test.ts","line":83,"snippet":"expect(stripe.webhooks.constructEvent).toBeDefined();","matchedPattern":"webhook route","score":79,"source":"builtin"}
{"slug":"webhook-without-obvious-signature","description":"Webhook handler path that should be checked for signature verification.","noise":"normal","filePath":"web/src/routes/api/stripe/webhook.test.ts","line":89,"snippet":"\"~/server/db/schema/webhook-events\"","matchedPattern":"webhook route","score":79,"source":"builtin"}
{"slug":"webhook-without-obvious-signature","description":"Webhook handler path that should be checked for signature verification.","noise":"normal","filePath":"web/src/routes/api/stripe/webhook.test.ts","line":99,"snippet":"it(\"should clean up old webhook events\", async () => {","matchedPattern":"webhook route","score":79,"source":"builtin"}
{"slug":"webhook-without-obvious-signature","description":"Webhook handler path that should be checked for signature verification.","noise":"normal","filePath":"web/src/routes/api/stripe/webhook.test.ts","line":102,"snippet":"\"~/server/db/schema/webhook-events\"","matchedPattern":"webhook route","score":79,"source":"builtin"}
{"slug":"webhook-without-obvious-signature","description":"Webhook handler path that should be checked for signature verification.","noise":"normal","filePath":"web/src/routes/api/stripe/webhook.test.ts","line":113,"snippet":"const { cleanupWebhookEvents } = await import(\"./webhook\");","matchedPattern":"webhook route","score":79,"source":"builtin"}
{"slug":"webhook-without-obvious-signature","description":"Webhook handler path that should be checked for signature verification.","noise":"normal","filePath":"web/src/routes/api/stripe/webhook.test.ts","line":119,"snippet":"describe(\"Webhook deduplication\", () => {","matchedPattern":"webhook route","score":79,"source":"builtin"}
{"slug":"webhook-without-obvious-signature","description":"Webhook handler path that should be checked for signature verification.","noise":"normal","filePath":"web/src/routes/api/stripe/webhook.test.ts","line":142,"snippet":"describe(\"Webhook idempotency\", () => {","matchedPattern":"webhook route","score":79,"source":"builtin"}
{"slug":"webhook-without-obvious-signature","description":"Webhook handler path that should be checked for signature verification.","noise":"normal","filePath":"web/src/routes/api/stripe/webhook.test.ts","line":154,"snippet":"it(\"should handle all critical Stripe event types\", async () => {","matchedPattern":"webhook route","score":79,"source":"builtin"}
{"slug":"webhook-without-obvious-signature","description":"Webhook handler path that should be checked for signature verification.","noise":"normal","filePath":"web/src/routes/api/stripe/webhook.ts","line":4,"snippet":"import { stripe } from \"~/server/stripe\";","matchedPattern":"webhook route","score":79,"source":"builtin"}
{"slug":"webhook-without-obvious-signature","description":"Webhook handler path that should be checked for signature verification.","noise":"normal","filePath":"web/src/routes/api/stripe/webhook.ts","line":4,"snippet":"import { stripe } from \"~/server/stripe\";","matchedPattern":"webhook route","score":79,"source":"builtin"}
{"slug":"webhook-without-obvious-signature","description":"Webhook handler path that should be checked for signature verification.","noise":"normal","filePath":"web/src/routes/api/stripe/webhook.ts","line":6,"snippet":"import { stripeWebhookEvents } from \"~/server/db/schema/webhook-events\";","matchedPattern":"webhook route","score":79,"source":"builtin"}
{"slug":"webhook-without-obvious-signature","description":"Webhook handler path that should be checked for signature verification.","noise":"normal","filePath":"web/src/routes/api/stripe/webhook.ts","line":9,"snippet":"* Cleans up webhook event records older than 30 days to prevent unbounded table growth.","matchedPattern":"webhook route","score":79,"source":"builtin"}
{"slug":"webhook-without-obvious-signature","description":"Webhook handler path that should be checked for signature verification.","noise":"normal","filePath":"web/src/routes/api/stripe/webhook.ts","line":17,"snippet":"console.log(\"[webhook] Cleaned up old webhook event records (30+ days)\");","matchedPattern":"webhook route","score":79,"source":"builtin"}
{"slug":"webhook-without-obvious-signature","description":"Webhook handler path that should be checked for signature verification.","noise":"normal","filePath":"web/src/routes/api/stripe/webhook.ts","line":17,"snippet":"console.log(\"[webhook] Cleaned up old webhook event records (30+ days)\");","matchedPattern":"webhook route","score":79,"source":"builtin"}
{"slug":"webhook-without-obvious-signature","description":"Webhook handler path that should be checked for signature verification.","noise":"normal","filePath":"web/src/routes/api/stripe/webhook.ts","line":19,"snippet":"console.error(\"[webhook] Failed to clean up old webhook events:\", err);","matchedPattern":"webhook route","score":79,"source":"builtin"}
{"slug":"webhook-without-obvious-signature","description":"Webhook handler path that should be checked for signature verification.","noise":"normal","filePath":"web/src/routes/api/stripe/webhook.ts","line":19,"snippet":"console.error(\"[webhook] Failed to clean up old webhook events:\", err);","matchedPattern":"webhook route","score":79,"source":"builtin"}
{"slug":"webhook-without-obvious-signature","description":"Webhook handler path that should be checked for signature verification.","noise":"normal","filePath":"web/src/routes/api/stripe/webhook.ts","line":25,"snippet":"const signature = event.request.headers.get(\"stripe-signature\");","matchedPattern":"webhook route","score":79,"source":"builtin"}
{"slug":"hidden-control-channel","description":"Request header or framework/proxy context read that may influence auth, routing, tenant, runtime, debug, or middleware behavior.","noise":"normal","filePath":"web/src/routes/api/stripe/webhook.ts","line":25,"snippet":"const signature = event.request.headers.get(\"stripe-signature\");","matchedPattern":"request header read","score":79,"source":"builtin"}
{"slug":"webhook-without-obvious-signature","description":"Webhook handler path that should be checked for signature verification.","noise":"normal","filePath":"web/src/routes/api/stripe/webhook.ts","line":28,"snippet":"return new Response(\"Missing stripe-signature header\", { status: 400 });","matchedPattern":"webhook route","score":79,"source":"builtin"}
{"slug":"webhook-without-obvious-signature","description":"Webhook handler path that should be checked for signature verification.","noise":"normal","filePath":"web/src/routes/api/stripe/webhook.ts","line":32,"snippet":"const webhookEvent = stripe.webhooks.constructEvent(","matchedPattern":"webhook route","score":79,"source":"builtin"}
{"slug":"webhook-without-obvious-signature","description":"Webhook handler path that should be checked for signature verification.","noise":"normal","filePath":"web/src/routes/api/stripe/webhook.ts","line":38,"snippet":"// Check for duplicate event ID (webhook replay protection)","matchedPattern":"webhook route","score":79,"source":"builtin"}
{"slug":"webhook-without-obvious-signature","description":"Webhook handler path that should be checked for signature verification.","noise":"normal","filePath":"web/src/routes/api/stripe/webhook.ts","line":47,"snippet":"`[webhook] Duplicate event ${webhookEvent.id} (${webhookEvent.type}) — skipping`,","matchedPattern":"webhook route","score":79,"source":"builtin"}
{"slug":"webhook-without-obvious-signature","description":"Webhook handler path that should be checked for signature verification.","noise":"normal","filePath":"web/src/routes/api/stripe/webhook.ts","line":65,"snippet":"const message = err instanceof Error ? err.message : \"Webhook error\";","matchedPattern":"webhook route","score":79,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"web/src/server/api/routers/api.ts","line":7,"snippet":"hello: publicProcedure.query(() => {","matchedPattern":"query call","score":79,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"web/src/server/api/routers/blog.ts","line":18,"snippet":".query(async ({ ctx, input }) => {","matchedPattern":"query call","score":79,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"web/src/server/api/routers/blog.ts","line":46,"snippet":".query(async ({ ctx, input }) => {","matchedPattern":"query call","score":79,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"web/src/server/api/routers/blog.ts","line":77,"snippet":"tags: publicProcedure.query(async ({ ctx }) => {","matchedPattern":"query call","score":79,"source":"builtin"}
{"slug":"hidden-control-channel","description":"Request header or framework/proxy context read that may influence auth, routing, tenant, runtime, debug, or middleware behavior.","noise":"normal","filePath":"web/src/server/api/routers/correlation.test.ts","line":51,"snippet":"const isAuthed = t.middleware(({ ctx, next }) => {","matchedPattern":"identity or internal control header","score":79,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"web/src/server/api/routers/correlation.test.ts","line":59,"snippet":".query(async ({ ctx, input }) => {","matchedPattern":"query call","score":79,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"web/src/server/api/routers/correlation.test.ts","line":64,"snippet":".query(async ({ ctx, input }) => {","matchedPattern":"query call","score":79,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"web/src/server/api/routers/correlation.test.ts","line":69,"snippet":".query(async ({ ctx, input }) => {","matchedPattern":"query call","score":79,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"web/src/server/api/routers/correlation.test.ts","line":74,"snippet":".query(async ({ ctx, input }) => {","matchedPattern":"query call","score":79,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"web/src/server/api/routers/correlation.test.ts","line":82,"snippet":"getStats: t.procedure.use(isAuthed).query(async ({ ctx }) => {","matchedPattern":"query call","score":79,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"web/src/server/api/routers/correlation.test.ts","line":85,"snippet":"getThreatScore: t.procedure.use(isAuthed).query(async ({ ctx }) => {","matchedPattern":"query call","score":79,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"web/src/server/api/routers/correlation.test.ts","line":88,"snippet":"getThreatScoreTrend: t.procedure.use(isAuthed).query(async ({ ctx }) => {","matchedPattern":"query call","score":79,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"web/src/server/api/routers/correlation.test.ts","line":91,"snippet":"getRecommendations: t.procedure.use(isAuthed).query(async ({ ctx }) => {","matchedPattern":"query call","score":79,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"web/src/server/api/routers/correlation.test.ts","line":96,"snippet":".query(async ({ ctx, input }) => {","matchedPattern":"query call","score":79,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"web/src/server/api/routers/correlation.ts","line":17,"snippet":".query(async ({ ctx, input }) => {","matchedPattern":"query call","score":79,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"web/src/server/api/routers/correlation.ts","line":24,"snippet":".query(async ({ ctx, input }) => {","matchedPattern":"query call","score":79,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"web/src/server/api/routers/correlation.ts","line":31,"snippet":".query(async ({ ctx, input }) => {","matchedPattern":"query call","score":79,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"web/src/server/api/routers/correlation.ts","line":38,"snippet":".query(async ({ ctx, input }) => {","matchedPattern":"query call","score":79,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"web/src/server/api/routers/correlation.ts","line":50,"snippet":"getStats: protectedProcedure.query(async ({ ctx }) => {","matchedPattern":"query call","score":79,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"web/src/server/api/routers/correlation.ts","line":55,"snippet":"getThreatScore: protectedProcedure.query(async ({ ctx }) => {","matchedPattern":"query call","score":79,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"web/src/server/api/routers/correlation.ts","line":60,"snippet":"getThreatScoreTrend: protectedProcedure.query(async ({ ctx }) => {","matchedPattern":"query call","score":79,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"web/src/server/api/routers/correlation.ts","line":65,"snippet":"getRecommendations: protectedProcedure.query(async ({ ctx }) => {","matchedPattern":"query call","score":79,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"web/src/server/api/routers/correlation.ts","line":72,"snippet":".query(async ({ ctx, input }) => {","matchedPattern":"query call","score":79,"source":"builtin"}
{"slug":"hidden-control-channel","description":"Request header or framework/proxy context read that may influence auth, routing, tenant, runtime, debug, or middleware behavior.","noise":"normal","filePath":"web/src/server/api/routers/darkwatch.test.ts","line":45,"snippet":"const isAuthed = t.middleware(({ ctx, next }) => {","matchedPattern":"identity or internal control header","score":79,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"web/src/server/api/routers/darkwatch.test.ts","line":51,"snippet":"getWatchlist: t.procedure.use(isAuthed).query(async ({ ctx }) => {","matchedPattern":"query call","score":79,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"web/src/server/api/routers/darkwatch.test.ts","line":66,"snippet":".query(async ({ ctx, input }) => {","matchedPattern":"query call","score":79,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"web/src/server/api/routers/darkwatch.test.ts","line":71,"snippet":".query(async ({ ctx, input }) => {","matchedPattern":"query call","score":79,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"web/src/server/api/routers/darkwatch.test.ts","line":79,"snippet":"getScanStatus: t.procedure.use(isAuthed).query(async ({ ctx }) => {","matchedPattern":"query call","score":79,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"web/src/server/api/routers/darkwatch.test.ts","line":84,"snippet":".query(async ({ ctx, input }) => {","matchedPattern":"query call","score":79,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"web/src/server/api/routers/darkwatch.ts","line":14,"snippet":"getWatchlist: protectedProcedure.query(async ({ ctx }) => {","matchedPattern":"query call","score":79,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"web/src/server/api/routers/darkwatch.ts","line":32,"snippet":".query(async ({ ctx, input }) => {","matchedPattern":"query call","score":79,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"web/src/server/api/routers/darkwatch.ts","line":38,"snippet":".query(async ({ ctx, input }) => {","matchedPattern":"query call","score":79,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"web/src/server/api/routers/darkwatch.ts","line":48,"snippet":"getScanStatus: protectedProcedure.query(async ({ ctx }) => {","matchedPattern":"query call","score":79,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"web/src/server/api/routers/darkwatch.ts","line":54,"snippet":".query(async ({ ctx, input }) => {","matchedPattern":"query call","score":79,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"web/src/server/api/routers/example.ts","line":8,"snippet":".query(({ input }) => {","matchedPattern":"query call","score":79,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"web/src/server/api/routers/extension.ts","line":10,"snippet":"getAuthStatus: publicProcedure.input(wrap(GetAuthStatusSchema)).query(async ({ ctx }) => {","matchedPattern":"query call","score":79,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"web/src/server/api/routers/family.ts","line":48,"snippet":"getGroup: protectedProcedure.query(async ({ ctx }) => {","matchedPattern":"query call","score":79,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"web/src/server/api/routers/family.ts","line":90,"snippet":"getDashboard: protectedProcedure.query(async ({ ctx }) => {","matchedPattern":"query call","score":79,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"web/src/server/api/routers/family.ts","line":100,"snippet":".query(async ({ ctx, input }) => {","matchedPattern":"query call","score":79,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"web/src/server/api/routers/family.ts","line":165,"snippet":"listInvitations: protectedProcedure.query(async ({ ctx }) => {","matchedPattern":"query call","score":79,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"web/src/server/api/routers/family.ts","line":241,"snippet":".query(async ({ ctx, input }) => {","matchedPattern":"query call","score":79,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"web/src/server/api/routers/family.ts","line":263,"snippet":"getAlertRouting: protectedProcedure.query(async ({ ctx }) => {","matchedPattern":"query call","score":79,"source":"builtin"}
{"slug":"hidden-control-channel","description":"Request header or framework/proxy context read that may influence auth, routing, tenant, runtime, debug, or middleware behavior.","noise":"normal","filePath":"web/src/server/api/routers/hometitle.test.ts","line":42,"snippet":"const isAuthed = t.middleware(({ ctx, next }) => {","matchedPattern":"identity or internal control header","score":79,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"web/src/server/api/routers/hometitle.test.ts","line":48,"snippet":"getProperties: t.procedure.use(isAuthed).query(async ({ ctx }) => {","matchedPattern":"query call","score":79,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"web/src/server/api/routers/hometitle.test.ts","line":63,"snippet":".query(async ({ ctx, input }) => {","matchedPattern":"query call","score":79,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"web/src/server/api/routers/hometitle.test.ts","line":68,"snippet":".query(async ({ ctx, input }) => {","matchedPattern":"query call","score":79,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"web/src/server/api/routers/hometitle.test.ts","line":79,"snippet":"getAlerts: t.procedure.use(isAuthed).query(async ({ ctx }) => {","matchedPattern":"query call","score":79,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"web/src/server/api/routers/hometitle.ts","line":13,"snippet":"getProperties: protectedProcedure.query(async ({ ctx }) => {","matchedPattern":"query call","score":79,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"web/src/server/api/routers/hometitle.ts","line":31,"snippet":".query(async ({ ctx, input }) => {","matchedPattern":"query call","score":79,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"web/src/server/api/routers/hometitle.ts","line":37,"snippet":".query(async ({ ctx, input }) => {","matchedPattern":"query call","score":79,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"web/src/server/api/routers/hometitle.ts","line":50,"snippet":"getAlerts: protectedProcedure.query(async ({ ctx }) => {","matchedPattern":"query call","score":79,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"web/src/server/api/routers/notification.ts","line":87,"snippet":"listDevices: protectedProcedure.query(async ({ ctx }) => {","matchedPattern":"query call","score":79,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"web/src/server/api/routers/notification.ts","line":91,"snippet":"getPreferences: protectedProcedure.query(async ({ ctx }) => {","matchedPattern":"query call","score":79,"source":"builtin"}
{"slug":"hidden-control-channel","description":"Request header or framework/proxy context read that may influence auth, routing, tenant, runtime, debug, or middleware behavior.","noise":"normal","filePath":"web/src/server/api/routers/removebrokers.test.ts","line":42,"snippet":"const isAuthed = t.middleware(({ ctx, next }) => {","matchedPattern":"identity or internal control header","score":79,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"web/src/server/api/routers/removebrokers.test.ts","line":48,"snippet":"getBrokerRegistry: t.procedure.use(isAuthed).query(async () => {","matchedPattern":"query call","score":79,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"web/src/server/api/routers/removebrokers.test.ts","line":53,"snippet":".query(async ({ input }) => {","matchedPattern":"query call","score":79,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"web/src/server/api/routers/removebrokers.test.ts","line":63,"snippet":".query(async ({ input }) => {","matchedPattern":"query call","score":79,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"web/src/server/api/routers/removebrokers.test.ts","line":68,"snippet":".query(async ({ input }) => {","matchedPattern":"query call","score":79,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"web/src/server/api/routers/removebrokers.test.ts","line":76,"snippet":"getStats: t.procedure.use(isAuthed).query(async () => {","matchedPattern":"query call","score":79,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"web/src/server/api/routers/removebrokers.ts","line":15,"snippet":"getBrokerRegistry: protectedProcedure.query(async () => {","matchedPattern":"query call","score":79,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"web/src/server/api/routers/removebrokers.ts","line":21,"snippet":".query(async ({ ctx, input }) => {","matchedPattern":"query call","score":79,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"web/src/server/api/routers/removebrokers.ts","line":33,"snippet":".query(async ({ ctx, input }) => {","matchedPattern":"query call","score":79,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"web/src/server/api/routers/removebrokers.ts","line":39,"snippet":".query(async ({ ctx, input }) => {","matchedPattern":"query call","score":79,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"web/src/server/api/routers/removebrokers.ts","line":49,"snippet":"getStats: protectedProcedure.query(async ({ ctx }) => {","matchedPattern":"query call","score":79,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"web/src/server/api/routers/removebrokers.ts","line":54,"snippet":"getEnhancedStats: protectedProcedure.query(async ({ ctx }) => {","matchedPattern":"query call","score":79,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"web/src/server/api/routers/removebrokers.ts","line":59,"snippet":"getCaptchaSolverStatus: protectedProcedure.query(async () => {","matchedPattern":"query call","score":79,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"web/src/server/api/routers/removebrokers.ts","line":73,"snippet":"getReListingStats: protectedProcedure.query(async () => {","matchedPattern":"query call","score":79,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"web/src/server/api/routers/removebrokers.ts","line":78,"snippet":"getAdapterSystemHealth: protectedProcedure.query(async () => {","matchedPattern":"query call","score":79,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"web/src/server/api/routers/removebrokers.ts","line":82,"snippet":"getBrokenAdapters: protectedProcedure.query(async () => {","matchedPattern":"query call","score":79,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"web/src/server/api/routers/removebrokers.ts","line":92,"snippet":"getAllAdapterHealth: protectedProcedure.query(async () => {","matchedPattern":"query call","score":79,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"web/src/server/api/routers/removebrokers.ts","line":97,"snippet":"getMonthlyCosts: protectedProcedure.query(async () => {","matchedPattern":"query call","score":79,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"web/src/server/api/routers/removebrokers.ts","line":101,"snippet":"getCostPerUser: protectedProcedure.query(async () => {","matchedPattern":"query call","score":79,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"web/src/server/api/routers/removebrokers.ts","line":105,"snippet":"getCostHistory: protectedProcedure.query(async () => {","matchedPattern":"query call","score":79,"source":"builtin"}
{"slug":"hidden-control-channel","description":"Request header or framework/proxy context read that may influence auth, routing, tenant, runtime, debug, or middleware behavior.","noise":"normal","filePath":"web/src/server/api/routers/reports.test.ts","line":40,"snippet":"const isAuthed = t.middleware(({ ctx, next }) => {","matchedPattern":"identity or internal control header","score":79,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"web/src/server/api/routers/reports.test.ts","line":48,"snippet":".query(async ({ ctx, input }) => {","matchedPattern":"query call","score":79,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"web/src/server/api/routers/reports.test.ts","line":58,"snippet":".query(async ({ ctx, input }) => {","matchedPattern":"query call","score":79,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"web/src/server/api/routers/reports.test.ts","line":67,"snippet":".query(async ({ ctx }) => {","matchedPattern":"query call","score":79,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"web/src/server/api/routers/reports.ts","line":15,"snippet":".query(async ({ ctx, input }) => {","matchedPattern":"query call","score":79,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"web/src/server/api/routers/reports.ts","line":27,"snippet":".query(async ({ ctx, input }) => {","matchedPattern":"query call","score":79,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"web/src/server/api/routers/reports.ts","line":37,"snippet":"getScheduledReports: protectedProcedure.query(async ({ ctx }) => {","matchedPattern":"query call","score":79,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"web/src/server/api/routers/scheduler.ts","line":10,"snippet":"getCronOverview: adminProcedure.query(async () => {","matchedPattern":"query call","score":79,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"web/src/server/api/routers/scheduler.ts","line":20,"snippet":"throw new Error(`Invalid job type: ${type}. Must be one of: ${JOB_TYPES.join(\", \")}`);","matchedPattern":"path join","score":79,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"web/src/server/api/routers/scheduler.ts","line":30,"snippet":".query(async ({ input }) => {","matchedPattern":"query call","score":79,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"web/src/server/api/routers/scheduler.ts","line":49,"snippet":".query(async () => {","matchedPattern":"query call","score":79,"source":"builtin"}
{"slug":"hidden-control-channel","description":"Request header or framework/proxy context read that may influence auth, routing, tenant, runtime, debug, or middleware behavior.","noise":"normal","filePath":"web/src/server/api/routers/spamshield.test.ts","line":53,"snippet":"const isAuthed = t.middleware(({ ctx, next }) => {","matchedPattern":"identity or internal control header","score":79,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"web/src/server/api/routers/spamshield.test.ts","line":61,"snippet":".query(async ({ input }) => {","matchedPattern":"query call","score":79,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"web/src/server/api/routers/spamshield.test.ts","line":66,"snippet":".query(async ({ input }) => {","matchedPattern":"query call","score":79,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"web/src/server/api/routers/spamshield.test.ts","line":71,"snippet":".query(async ({ input }) => {","matchedPattern":"query call","score":79,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"web/src/server/api/routers/spamshield.test.ts","line":74,"snippet":"getRules: t.procedure.use(isAuthed).query(async ({ ctx }) => {","matchedPattern":"query call","score":79,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"web/src/server/api/routers/spamshield.test.ts","line":94,"snippet":".query(async ({ ctx, input }) => {","matchedPattern":"query call","score":79,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"web/src/server/api/routers/spamshield.ts","line":18,"snippet":".query(async ({ input }) => {","matchedPattern":"query call","score":79,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"web/src/server/api/routers/spamshield.ts","line":24,"snippet":".query(async ({ input, ctx }) => {","matchedPattern":"query call","score":79,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"web/src/server/api/routers/spamshield.ts","line":30,"snippet":".query(async ({ input, ctx }) => {","matchedPattern":"query call","score":79,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"web/src/server/api/routers/spamshield.ts","line":39,"snippet":"getRules: protectedProcedure.query(async ({ ctx }) => {","matchedPattern":"query call","score":79,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"web/src/server/api/routers/spamshield.ts","line":74,"snippet":".query(async ({ ctx, input }) => {","matchedPattern":"query call","score":79,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"web/src/server/api/routers/spamshield.ts","line":78,"snippet":"modelInfo: publicProcedure.query(async () => {","matchedPattern":"query call","score":79,"source":"builtin"}
{"slug":"hidden-control-channel","description":"Request header or framework/proxy context read that may influence auth, routing, tenant, runtime, debug, or middleware behavior.","noise":"normal","filePath":"web/src/server/api/routers/user.test.ts","line":40,"snippet":"const isAuthed = t.middleware(({ ctx, next }) => {","matchedPattern":"identity or internal control header","score":79,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"web/src/server/api/routers/user.test.ts","line":46,"snippet":"me: t.procedure.use(isAuthed).query(async ({ ctx }) => {","matchedPattern":"query call","score":79,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"web/src/server/api/routers/user.test.ts","line":60,"snippet":".query(async ({ ctx }) => {","matchedPattern":"query call","score":79,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"web/src/server/api/routers/user.ts","line":46,"snippet":"me: protectedProcedure.query(async ({ ctx }) => {","matchedPattern":"query call","score":79,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"web/src/server/api/routers/user.ts","line":63,"snippet":"listFamilyMembers: protectedProcedure.query(async ({ ctx }) => {","matchedPattern":"query call","score":79,"source":"builtin"}
{"slug":"hidden-control-channel","description":"Request header or framework/proxy context read that may influence auth, routing, tenant, runtime, debug, or middleware behavior.","noise":"normal","filePath":"web/src/server/api/routers/voiceprint.test.ts","line":51,"snippet":"const isAuthed = t.middleware(({ ctx, next }) => {","matchedPattern":"identity or internal control header","score":79,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"web/src/server/api/routers/voiceprint.test.ts","line":57,"snippet":"getEnrollments: t.procedure.use(isAuthed).query(async ({ ctx }) => {","matchedPattern":"query call","score":79,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"web/src/server/api/routers/voiceprint.test.ts","line":90,"snippet":".query(async ({ ctx, input }) => {","matchedPattern":"query call","score":79,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"web/src/server/api/routers/voiceprint.test.ts","line":95,"snippet":".query(async ({ ctx, input }) => {","matchedPattern":"query call","score":79,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"web/src/server/api/routers/voiceprint.test.ts","line":100,"snippet":".query(async ({ ctx, input }) => {","matchedPattern":"query call","score":79,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"web/src/server/api/routers/voiceprint.test.ts","line":103,"snippet":"getUsageStats: t.procedure.use(isAuthed).query(async ({ ctx }) => {","matchedPattern":"query call","score":79,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"web/src/server/api/routers/voiceprint.ts","line":22,"snippet":"getEnrollments: protectedProcedure.query(async ({ ctx }) => {","matchedPattern":"query call","score":79,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"web/src/server/api/routers/voiceprint.ts","line":65,"snippet":".query(async ({ ctx, input }) => {","matchedPattern":"query call","score":79,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"web/src/server/api/routers/voiceprint.ts","line":71,"snippet":".query(async ({ ctx, input }) => {","matchedPattern":"query call","score":79,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"web/src/server/api/routers/voiceprint.ts","line":77,"snippet":".query(async ({ ctx, input }) => {","matchedPattern":"query call","score":79,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"web/src/server/api/routers/voiceprint.ts","line":81,"snippet":"getUsageStats: protectedProcedure.query(async ({ ctx }) => {","matchedPattern":"query call","score":79,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"web/src/server/api/routers/voiceprint.ts","line":109,"snippet":".query(async ({ ctx, input }) => {","matchedPattern":"query call","score":79,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"web/src/server/api/routers/voiceprint.ts","line":122,"snippet":".query(async ({ ctx, input }) => {","matchedPattern":"query call","score":79,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"web/src/server/api/routers/voiceprint.ts","line":129,"snippet":"getCallAnalysisSettings: protectedProcedure.query(async ({ ctx }) => {","matchedPattern":"query call","score":79,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"web/src/routes/(admin)/blog/[slug].tsx","line":25,"snippet":"api.admin.blogGet.query({ id: params.slug }).then(data => {","matchedPattern":"query call","score":71,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"web/src/routes/(admin)/blog/[slug].tsx","line":55,"snippet":"tags: tags().join(\",\"),","matchedPattern":"path join","score":71,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"web/src/routes/(admin)/blog/[slug].tsx","line":122,"snippet":"].join(\" \")}","matchedPattern":"path join","score":71,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"web/src/routes/(admin)/blog/index.tsx","line":12,"snippet":"api.admin.blogList.query().then(setPosts).finally(() => setLoading(false));","matchedPattern":"query call","score":71,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"web/src/routes/(admin)/blog/index.tsx","line":85,"snippet":"].join(\" \")}>","matchedPattern":"path join","score":71,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"web/src/routes/(admin)/blog/new.tsx","line":47,"snippet":"tags: tags().join(\",\"),","matchedPattern":"path join","score":71,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"web/src/routes/(admin)/blog/new.tsx","line":147,"snippet":"].join(\" \")}","matchedPattern":"path join","score":71,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"web/src/routes/(admin)/index.tsx","line":23,"snippet":"api.admin.stats.query().then(setStats).finally(() => setLoading(false));","matchedPattern":"query call","score":71,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"web/src/routes/(admin)/layout.tsx","line":44,"snippet":"].join(\" \")}","matchedPattern":"path join","score":71,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"web/src/routes/(admin)/users.tsx","line":9,"snippet":"api.admin.userList.query().then(setUsers).finally(() => setLoading(false));","matchedPattern":"query call","score":71,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"web/src/routes/(admin)/users.tsx","line":13,"snippet":"api.admin.userList.query().then(setUsers);","matchedPattern":"query call","score":71,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"web/src/routes/(admin)/users.tsx","line":60,"snippet":"].join(\" \")}>","matchedPattern":"path join","score":71,"source":"builtin"}
{"slug":"unsafe-html-or-template","description":"HTML injection sink or template escape bypass.","noise":"normal","filePath":"web/src/routes/(auth)/auth-pages.test.tsx","line":37,"snippet":"document.body.innerHTML = \"\";","matchedPattern":"dangerous html","score":71,"source":"builtin"}
{"slug":"unsafe-html-or-template","description":"HTML injection sink or template escape bypass.","noise":"normal","filePath":"web/src/routes/(auth)/auth-pages.test.tsx","line":52,"snippet":"document.body.innerHTML = \"\";","matchedPattern":"dangerous html","score":71,"source":"builtin"}
{"slug":"hidden-control-channel","description":"Request header or framework/proxy context read that may influence auth, routing, tenant, runtime, debug, or middleware behavior.","noise":"normal","filePath":"web/src/routes/(auth)/login.tsx","line":68,"snippet":"redirectUrl: window.location.origin + \"/auth/callback\",","matchedPattern":"proxy or original request header","score":71,"source":"builtin"}
{"slug":"hidden-control-channel","description":"Request header or framework/proxy context read that may influence auth, routing, tenant, runtime, debug, or middleware behavior.","noise":"normal","filePath":"web/src/routes/(auth)/login.tsx","line":69,"snippet":"redirectUrlComplete: window.location.origin + \"/dashboard\",","matchedPattern":"proxy or original request header","score":71,"source":"builtin"}
{"slug":"hidden-control-channel","description":"Request header or framework/proxy context read that may influence auth, routing, tenant, runtime, debug, or middleware behavior.","noise":"normal","filePath":"web/src/routes/(auth)/signup.tsx","line":112,"snippet":"redirectUrl: window.location.origin + \"/auth/callback\",","matchedPattern":"proxy or original request header","score":71,"source":"builtin"}
{"slug":"hidden-control-channel","description":"Request header or framework/proxy context read that may influence auth, routing, tenant, runtime, debug, or middleware behavior.","noise":"normal","filePath":"web/src/routes/(auth)/signup.tsx","line":113,"snippet":"redirectUrlComplete: window.location.origin + \"/onboarding\",","matchedPattern":"proxy or original request header","score":71,"source":"builtin"}
{"slug":"hidden-control-channel","description":"Request header or framework/proxy context read that may influence auth, routing, tenant, runtime, debug, or middleware behavior.","noise":"normal","filePath":"web/src/routes/billing/checkout.tsx","line":33,"snippet":"const returnUrl = `${window.location.origin}/billing/return`;","matchedPattern":"proxy or original request header","score":71,"source":"builtin"}
{"slug":"ssrf-capable-request","description":"Outbound HTTP request site that may be attacker-controlled.","noise":"normal","filePath":"web/src/routes/billing/return.tsx","line":23,"snippet":"const response = await fetch(`/api/stripe/session-status?session_id=${sessionId}`);","matchedPattern":"fetch/http client","score":71,"source":"builtin"}
{"slug":"webhook-without-obvious-signature","description":"Webhook handler path that should be checked for signature verification.","noise":"normal","filePath":"web/src/server/api/schemas/webhook.test.ts","line":7,"snippet":"} from \"./webhook\";","matchedPattern":"webhook route","score":71,"source":"builtin"}
{"slug":"webhook-without-obvious-signature","description":"Webhook handler path that should be checked for signature verification.","noise":"normal","filePath":"web/src/server/api/schemas/webhook.test.ts","line":168,"snippet":"describe(\"Webhook data validation - malformed payloads\", () => {","matchedPattern":"webhook route","score":71,"source":"builtin"}
{"slug":"webhook-without-obvious-signature","description":"Webhook handler path that should be checked for signature verification.","noise":"normal","filePath":"web/src/server/api/schemas/webhook.ts","line":4,"snippet":"* Validates a Stripe Checkout Session object from webhook data.","matchedPattern":"webhook route","score":71,"source":"builtin"}
{"slug":"webhook-without-obvious-signature","description":"Webhook handler path that should be checked for signature verification.","noise":"normal","filePath":"web/src/server/api/schemas/webhook.ts","line":4,"snippet":"* Validates a Stripe Checkout Session object from webhook data.","matchedPattern":"webhook route","score":71,"source":"builtin"}
{"slug":"webhook-without-obvious-signature","description":"Webhook handler path that should be checked for signature verification.","noise":"normal","filePath":"web/src/server/api/schemas/webhook.ts","line":17,"snippet":"* Price item inside a Stripe Subscription.","matchedPattern":"webhook route","score":71,"source":"builtin"}
{"slug":"webhook-without-obvious-signature","description":"Webhook handler path that should be checked for signature verification.","noise":"normal","filePath":"web/src/server/api/schemas/webhook.ts","line":28,"snippet":"* Validates a Stripe Subscription object from webhook data.","matchedPattern":"webhook route","score":71,"source":"builtin"}
{"slug":"webhook-without-obvious-signature","description":"Webhook handler path that should be checked for signature verification.","noise":"normal","filePath":"web/src/server/api/schemas/webhook.ts","line":28,"snippet":"* Validates a Stripe Subscription object from webhook data.","matchedPattern":"webhook route","score":71,"source":"builtin"}
{"slug":"webhook-without-obvious-signature","description":"Webhook handler path that should be checked for signature verification.","noise":"normal","filePath":"web/src/server/api/schemas/webhook.ts","line":50,"snippet":"* Validates a Stripe Invoice object from webhook data.","matchedPattern":"webhook route","score":71,"source":"builtin"}
{"slug":"webhook-without-obvious-signature","description":"Webhook handler path that should be checked for signature verification.","noise":"normal","filePath":"web/src/server/api/schemas/webhook.ts","line":50,"snippet":"* Validates a Stripe Invoice object from webhook data.","matchedPattern":"webhook route","score":71,"source":"builtin"}
{"slug":"open-redirect","description":"Redirect sink that may accept user-controlled URLs.","noise":"normal","filePath":"web/src/app.tsx","line":40,"snippet":"<Show when={redirect()} keyed>","matchedPattern":"redirect call","score":65,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"browser-ext/tests/api-client.test.ts","line":55,"snippet":"const result = await client.spamshield.checkNumber.query({","matchedPattern":"query call","score":63,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"browser-ext/tests/api-client.test.ts","line":64,"snippet":"const result = await client.spamshield.classifySMS.query({","matchedPattern":"query call","score":63,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"browser-ext/tests/api-client.test.ts","line":72,"snippet":"const result = await client.extension.getAuthStatus.query();","matchedPattern":"query call","score":63,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/packages/honker-node/api.js","line":40,"snippet":"if (signal.aborted) return Promise.resolve();","matchedPattern":"path join","score":63,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"honker/packages/honker-node/api.js","line":72,"snippet":"raw() {","matchedPattern":"query call","score":63,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"honker/packages/honker-node/api.js","line":76,"snippet":"execute(sql, params) {","matchedPattern":"query call","score":63,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"honker/packages/honker-node/api.js","line":77,"snippet":"return this._tx.execute(sql, params);","matchedPattern":"query call","score":63,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"honker/packages/honker-node/api.js","line":80,"snippet":"query(sql, params) {","matchedPattern":"query call","score":63,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"honker/packages/honker-node/api.js","line":81,"snippet":"return this._tx.query(sql, params);","matchedPattern":"query call","score":63,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"honker/packages/honker-node/api.js","line":103,"snippet":"raw() {","matchedPattern":"query call","score":63,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"honker/packages/honker-node/api.js","line":234,"snippet":"unwrapTx(tx).query('SELECT honker_enqueue(?, ?, ?, ?, ?, ?, ?) AS id', [","matchedPattern":"query call","score":63,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"honker/packages/honker-node/api.js","line":496,"snippet":"unwrapTx(tx).query('SELECT honker_stream_publish(?, NULL, ?)', [","matchedPattern":"query call","score":63,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"honker/packages/honker-node/api.js","line":529,"snippet":"unwrapTx(tx).query('SELECT honker_stream_save_offset(?, ?, ?)', [","matchedPattern":"query call","score":63,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"honker/packages/honker-node/api.js","line":559,"snippet":"this._lastSeen = scalar(db.query('SELECT COALESCE(MAX(id), 0) FROM _honker_notifications')) ?? 0;","matchedPattern":"query call","score":63,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"honker/packages/honker-node/api.js","line":567,"snippet":"const rows = this._db.query(","matchedPattern":"query call","score":63,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"honker/packages/honker-node/api.js","line":713,"snippet":"raw() {","matchedPattern":"query call","score":63,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"honker/packages/honker-node/api.js","line":721,"snippet":"query(sql, params) {","matchedPattern":"query call","score":63,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"honker/packages/honker-node/api.js","line":722,"snippet":"return this._db.query(sql, params);","matchedPattern":"query call","score":63,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"honker/packages/honker-node/api.js","line":728,"snippet":"const rows = tx.query(sql, params);","matchedPattern":"query call","score":63,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/packages/honker-node/api.js","line":828,"snippet":"function open(path, maxReaders, watcherBackend) {","matchedPattern":"python file open","score":63,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/packages/honker-node/api.js","line":829,"snippet":"return new Database(nativeBinding.open(path, maxReaders, watcherBackend));","matchedPattern":"python file open","score":63,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"honker/tests/test_python_api.py","line":39,"snippet":"def execute(self, sql, params):","matchedPattern":"query call","score":63,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/tests/test_python_api.py","line":57,"snippet":"db = honker.open(str(tmp_path / \"tuple-params.db\"))","matchedPattern":"python file open","score":63,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"honker/tests/test_python_api.py","line":60,"snippet":"tx.execute(\"CREATE TABLE emails (id INTEGER PRIMARY KEY, object_id TEXT)\")","matchedPattern":"query call","score":63,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"honker/tests/test_python_api.py","line":61,"snippet":"tx.execute(\"INSERT INTO emails (object_id) VALUES (?)\", (\"msg-1\",))","matchedPattern":"query call","score":63,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"honker/tests/test_python_api.py","line":62,"snippet":"rows = tx.query(\"SELECT id FROM emails WHERE object_id = ?\", (\"msg-1\",))","matchedPattern":"query call","score":63,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/tests/test_python_api.py","line":68,"snippet":"db = honker.open(str(tmp_path / \"dict-params.db\"))","matchedPattern":"python file open","score":63,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"honker/tests/test_python_api.py","line":71,"snippet":"db.query(\"SELECT ?\", {\"value\": 1})","matchedPattern":"query call","score":63,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"honker/tests/test_python_api.py","line":86,"snippet":"conn.execute(\"SELECT honker_bootstrap()\")","matchedPattern":"query call","score":63,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"honker/tests/test_python_api.py","line":100,"snippet":"conn.execute(\"SELECT honker_bootstrap()\")","matchedPattern":"query call","score":63,"source":"builtin"}
{"slug":"unsafe-html-or-template","description":"HTML injection sink or template escape bypass.","noise":"normal","filePath":"web/src/components/auth/auth.test.tsx","line":18,"snippet":"document.body.innerHTML = \"\";","matchedPattern":"dangerous html","score":63,"source":"builtin"}
{"slug":"unsafe-html-or-template","description":"HTML injection sink or template escape bypass.","noise":"normal","filePath":"web/src/components/auth/auth.test.tsx","line":28,"snippet":"document.body.innerHTML = \"\";","matchedPattern":"dangerous html","score":63,"source":"builtin"}
{"slug":"weak-token-or-crypto","description":"Token, JWT, randomness, or crypto usage that deserves review.","noise":"normal","filePath":"web/src/components/auth/PasswordInput.tsx","line":25,"snippet":"Math.random().toString(36).slice(2, 10);","matchedPattern":"weak random","score":63,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"web/src/hooks/useAuth.ts","line":7,"snippet":"return await api.user.me.query();","matchedPattern":"query call","score":63,"source":"builtin"}
{"slug":"hidden-control-channel","description":"Request header or framework/proxy context read that may influence auth, routing, tenant, runtime, debug, or middleware behavior.","noise":"normal","filePath":"web/src/middleware.test.ts","line":4,"snippet":"* Mirrors the isValidCorsOrigin function from middleware.ts","matchedPattern":"identity or internal control header","score":63,"source":"builtin"}
{"slug":"hidden-control-channel","description":"Request header or framework/proxy context read that may influence auth, routing, tenant, runtime, debug, or middleware behavior.","noise":"normal","filePath":"web/src/middleware.test.ts","line":6,"snippet":"function isValidCorsOrigin(origin: string): boolean {","matchedPattern":"proxy or original request header","score":63,"source":"builtin"}
{"slug":"hidden-control-channel","description":"Request header or framework/proxy context read that may influence auth, routing, tenant, runtime, debug, or middleware behavior.","noise":"normal","filePath":"web/src/middleware.test.ts","line":7,"snippet":"if (!origin || !origin.trim()) return false;","matchedPattern":"proxy or original request header","score":63,"source":"builtin"}
{"slug":"hidden-control-channel","description":"Request header or framework/proxy context read that may influence auth, routing, tenant, runtime, debug, or middleware behavior.","noise":"normal","filePath":"web/src/middleware.test.ts","line":7,"snippet":"if (!origin || !origin.trim()) return false;","matchedPattern":"proxy or original request header","score":63,"source":"builtin"}
{"slug":"hidden-control-channel","description":"Request header or framework/proxy context read that may influence auth, routing, tenant, runtime, debug, or middleware behavior.","noise":"normal","filePath":"web/src/middleware.test.ts","line":8,"snippet":"if (origin === \"*\") return false;","matchedPattern":"proxy or original request header","score":63,"source":"builtin"}
{"slug":"hidden-control-channel","description":"Request header or framework/proxy context read that may influence auth, routing, tenant, runtime, debug, or middleware behavior.","noise":"normal","filePath":"web/src/middleware.test.ts","line":11,"snippet":"const parsed = new URL(origin);","matchedPattern":"proxy or original request header","score":63,"source":"builtin"}
{"slug":"hidden-control-channel","description":"Request header or framework/proxy context read that may influence auth, routing, tenant, runtime, debug, or middleware behavior.","noise":"normal","filePath":"web/src/middleware.ts","line":1,"snippet":"import { createMiddleware, type RequestMiddleware } from \"@solidjs/start/middleware\";","matchedPattern":"identity or internal control header","score":63,"source":"builtin"}
{"slug":"hidden-control-channel","description":"Request header or framework/proxy context read that may influence auth, routing, tenant, runtime, debug, or middleware behavior.","noise":"normal","filePath":"web/src/middleware.ts","line":12,"snippet":"h.set(\"Referrer-Policy\", \"strict-origin-when-cross-origin\");","matchedPattern":"proxy or original request header","score":63,"source":"builtin"}
{"slug":"hidden-control-channel","description":"Request header or framework/proxy context read that may influence auth, routing, tenant, runtime, debug, or middleware behavior.","noise":"normal","filePath":"web/src/middleware.ts","line":12,"snippet":"h.set(\"Referrer-Policy\", \"strict-origin-when-cross-origin\");","matchedPattern":"proxy or original request header","score":63,"source":"builtin"}
{"slug":"hidden-control-channel","description":"Request header or framework/proxy context read that may influence auth, routing, tenant, runtime, debug, or middleware behavior.","noise":"normal","filePath":"web/src/middleware.ts","line":22,"snippet":"* Validates that an origin string is a well-formed HTTP(S) origin.","matchedPattern":"proxy or original request header","score":63,"source":"builtin"}
{"slug":"hidden-control-channel","description":"Request header or framework/proxy context read that may influence auth, routing, tenant, runtime, debug, or middleware behavior.","noise":"normal","filePath":"web/src/middleware.ts","line":22,"snippet":"* Validates that an origin string is a well-formed HTTP(S) origin.","matchedPattern":"proxy or original request header","score":63,"source":"builtin"}
{"slug":"hidden-control-channel","description":"Request header or framework/proxy context read that may influence auth, routing, tenant, runtime, debug, or middleware behavior.","noise":"normal","filePath":"web/src/middleware.ts","line":25,"snippet":"function isValidCorsOrigin(origin: string): boolean {","matchedPattern":"proxy or original request header","score":63,"source":"builtin"}
{"slug":"hidden-control-channel","description":"Request header or framework/proxy context read that may influence auth, routing, tenant, runtime, debug, or middleware behavior.","noise":"normal","filePath":"web/src/middleware.ts","line":26,"snippet":"if (!origin || !origin.trim()) return false;","matchedPattern":"proxy or original request header","score":63,"source":"builtin"}
{"slug":"hidden-control-channel","description":"Request header or framework/proxy context read that may influence auth, routing, tenant, runtime, debug, or middleware behavior.","noise":"normal","filePath":"web/src/middleware.ts","line":26,"snippet":"if (!origin || !origin.trim()) return false;","matchedPattern":"proxy or original request header","score":63,"source":"builtin"}
{"slug":"hidden-control-channel","description":"Request header or framework/proxy context read that may influence auth, routing, tenant, runtime, debug, or middleware behavior.","noise":"normal","filePath":"web/src/middleware.ts","line":27,"snippet":"if (origin === \"*\") return false;","matchedPattern":"proxy or original request header","score":63,"source":"builtin"}
{"slug":"hidden-control-channel","description":"Request header or framework/proxy context read that may influence auth, routing, tenant, runtime, debug, or middleware behavior.","noise":"normal","filePath":"web/src/middleware.ts","line":30,"snippet":"const parsed = new URL(origin);","matchedPattern":"proxy or original request header","score":63,"source":"builtin"}
{"slug":"hidden-control-channel","description":"Request header or framework/proxy context read that may influence auth, routing, tenant, runtime, debug, or middleware behavior.","noise":"normal","filePath":"web/src/middleware.ts","line":42,"snippet":"const origin = event.request.headers.get(\"origin\");","matchedPattern":"request header read","score":63,"source":"builtin"}
{"slug":"hidden-control-channel","description":"Request header or framework/proxy context read that may influence auth, routing, tenant, runtime, debug, or middleware behavior.","noise":"normal","filePath":"web/src/middleware.ts","line":42,"snippet":"const origin = event.request.headers.get(\"origin\");","matchedPattern":"proxy or original request header","score":63,"source":"builtin"}
{"slug":"hidden-control-channel","description":"Request header or framework/proxy context read that may influence auth, routing, tenant, runtime, debug, or middleware behavior.","noise":"normal","filePath":"web/src/middleware.ts","line":42,"snippet":"const origin = event.request.headers.get(\"origin\");","matchedPattern":"proxy or original request header","score":63,"source":"builtin"}
{"slug":"hidden-control-channel","description":"Request header or framework/proxy context read that may influence auth, routing, tenant, runtime, debug, or middleware behavior.","noise":"normal","filePath":"web/src/middleware.ts","line":48,"snippet":"// Validate APP_URL before trusting it as a CORS origin","matchedPattern":"proxy or original request header","score":63,"source":"builtin"}
{"slug":"hidden-control-channel","description":"Request header or framework/proxy context read that may influence auth, routing, tenant, runtime, debug, or middleware behavior.","noise":"normal","filePath":"web/src/middleware.ts","line":54,"snippet":"console.warn(`[cors] APP_URL \"${appUrl}\" is not a valid HTTP(S) origin and will be excluded from CORS allowlist`);","matchedPattern":"proxy or original request header","score":63,"source":"builtin"}
{"slug":"hidden-control-channel","description":"Request header or framework/proxy context read that may influence auth, routing, tenant, runtime, debug, or middleware behavior.","noise":"normal","filePath":"web/src/middleware.ts","line":58,"snippet":"if (origin && allowedOrigins.includes(origin)) {","matchedPattern":"proxy or original request header","score":63,"source":"builtin"}
{"slug":"hidden-control-channel","description":"Request header or framework/proxy context read that may influence auth, routing, tenant, runtime, debug, or middleware behavior.","noise":"normal","filePath":"web/src/middleware.ts","line":58,"snippet":"if (origin && allowedOrigins.includes(origin)) {","matchedPattern":"proxy or original request header","score":63,"source":"builtin"}
{"slug":"hidden-control-channel","description":"Request header or framework/proxy context read that may influence auth, routing, tenant, runtime, debug, or middleware behavior.","noise":"normal","filePath":"web/src/middleware.ts","line":59,"snippet":"event.response.headers.set(\"Access-Control-Allow-Origin\", origin);","matchedPattern":"proxy or original request header","score":63,"source":"builtin"}
{"slug":"hidden-control-channel","description":"Request header or framework/proxy context read that may influence auth, routing, tenant, runtime, debug, or middleware behavior.","noise":"normal","filePath":"web/src/middleware.ts","line":59,"snippet":"event.response.headers.set(\"Access-Control-Allow-Origin\", origin);","matchedPattern":"proxy or original request header","score":63,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"web/src/routes/(webapp)/darkwatch.tsx","line":21,"snippet":"() => api.darkwatch.getWatchlist.query(),","matchedPattern":"query call","score":63,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"web/src/routes/(webapp)/darkwatch.tsx","line":25,"snippet":"() => api.darkwatch.getExposures.query({ page: 1, limit: 20 }),","matchedPattern":"query call","score":63,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"web/src/routes/(webapp)/hometitle.tsx","line":21,"snippet":"() => api.hometitle.getProperties.query(),","matchedPattern":"query call","score":63,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"web/src/routes/(webapp)/removebrokers.tsx","line":51,"snippet":"() => api.removebrokers.getBrokerRegistry.query(),","matchedPattern":"query call","score":63,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"web/src/routes/(webapp)/removebrokers.tsx","line":55,"snippet":"() => api.removebrokers.getRemovalRequests.query({ page: 1, limit: 20 }),","matchedPattern":"query call","score":63,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"web/src/routes/(webapp)/removebrokers.tsx","line":58,"snippet":"() => api.removebrokers.getEnhancedStats.query(),","matchedPattern":"query call","score":63,"source":"builtin"}
{"slug":"hidden-control-channel","description":"Request header or framework/proxy context read that may influence auth, routing, tenant, runtime, debug, or middleware behavior.","noise":"normal","filePath":"web/src/routes/(webapp)/settings.tsx","line":31,"snippet":"returnUrl: `${window.location.origin}/settings`,","matchedPattern":"proxy or original request header","score":63,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"web/src/routes/(webapp)/spamshield.tsx","line":21,"snippet":"() => api.spamshield.getRules.query(),","matchedPattern":"query call","score":63,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"web/src/routes/(webapp)/spamshield.tsx","line":33,"snippet":"const result = await api.spamshield.checkNumber.query({ phoneNumber: phoneNumber() });","matchedPattern":"query call","score":63,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"web/src/routes/(webapp)/voiceprint.tsx","line":21,"snippet":"() => api.voiceprint.getEnrollments.query(),","matchedPattern":"query call","score":63,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"web/src/routes/blog.tsx","line":22,"snippet":"const [allPostsResult] = createResource(() => api.blog.list.query({ limit: \"100\" }));","matchedPattern":"query call","score":63,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"web/src/routes/blog.tsx","line":26,"snippet":"const [tagListResult] = createResource(() => api.blog.tags.query());","matchedPattern":"query call","score":63,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"web/src/routes/blog/[slug].tsx","line":51,"snippet":"const [dataResult] = createResource(() => api.blog.bySlug.query({ slug: params.slug }));","matchedPattern":"query call","score":63,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"web/src/routes/blog/[slug].tsx","line":104,"snippet":"{(p().authorName || \"K\").split(\" \").map((n: string) => n[0]).join(\"\")}","matchedPattern":"path join","score":63,"source":"builtin"}
{"slug":"unsafe-html-or-template","description":"HTML injection sink or template escape bypass.","noise":"normal","filePath":"web/src/routes/blog/[slug].tsx","line":122,"snippet":"<div class=\"prose-custom\" innerHTML={sanitizeHtml(contentHtml())} />","matchedPattern":"dangerous html","score":63,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"web/src/routes/blog/[slug].tsx","line":128,"snippet":"{(p().authorName || \"K\").split(\" \").map((n: string) => n[0]).join(\"\")}","matchedPattern":"path join","score":63,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"web/src/routes/blog/[slug].tsx","line":143,"snippet":"onClick={() => window.open(`https://twitter.com/intent/tweet?text=${encodeURIComponent(p().title)}&url=${encodeURIComponent(window.location.href)}`, \"_blank\")}","matchedPattern":"python file open","score":63,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"web/src/routes/blog/[slug].tsx","line":151,"snippet":"onClick={() => window.open(`https://linkedin.com/sharing/share-offsite/?url=${encodeURIComponent(window.location.href)}`, \"_blank\")}","matchedPattern":"python file open","score":63,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"web/src/routes/migrated-pages.test.tsx","line":96,"snippet":"Promise.resolve({","matchedPattern":"path join","score":63,"source":"builtin"}
{"slug":"unsafe-html-or-template","description":"HTML injection sink or template escape bypass.","noise":"normal","filePath":"web/src/routes/migrated-pages.test.tsx","line":329,"snippet":"document.body.innerHTML = \"\";","matchedPattern":"dangerous html","score":63,"source":"builtin"}
{"slug":"unsafe-html-or-template","description":"HTML injection sink or template escape bypass.","noise":"normal","filePath":"web/src/routes/migrated-pages.test.tsx","line":333,"snippet":"document.body.innerHTML = \"\";","matchedPattern":"dangerous html","score":63,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"web/src/routes/sitemap.xml.ts","line":26,"snippet":".join(\"\\n\")}","matchedPattern":"path join","score":63,"source":"builtin"}
{"slug":"hidden-control-channel","description":"Request header or framework/proxy context read that may influence auth, routing, tenant, runtime, debug, or middleware behavior.","noise":"normal","filePath":"web/src/server/api/trpc.test.ts","line":33,"snippet":"describe(\"tRPC middleware\", () => {","matchedPattern":"identity or internal control header","score":63,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"web/src/server/api/trpc.test.ts","line":40,"snippet":"test: publicProcedure.query(() => \"ok\"),","matchedPattern":"query call","score":63,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"web/src/server/api/trpc.test.ts","line":51,"snippet":"test: protectedProcedure.query(() => \"ok\"),","matchedPattern":"query call","score":63,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"web/src/server/api/trpc.test.ts","line":61,"snippet":"test: protectedProcedure.query(({ ctx }) => ctx.user?.id),","matchedPattern":"query call","score":63,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"web/src/server/api/trpc.test.ts","line":75,"snippet":"test: adminProcedure.query(() => \"ok\"),","matchedPattern":"query call","score":63,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"web/src/server/api/trpc.test.ts","line":87,"snippet":"test: adminProcedure.query(() => \"ok\"),","matchedPattern":"query call","score":63,"source":"builtin"}
{"slug":"hidden-control-channel","description":"Request header or framework/proxy context read that may influence auth, routing, tenant, runtime, debug, or middleware behavior.","noise":"normal","filePath":"web/src/server/api/trpc.ts","line":15,"snippet":"const cookieHeader = req.headers.get(\"cookie\") ?? \"\";","matchedPattern":"request header read","score":63,"source":"builtin"}
{"slug":"hidden-control-channel","description":"Request header or framework/proxy context read that may influence auth, routing, tenant, runtime, debug, or middleware behavior.","noise":"normal","filePath":"web/src/server/api/trpc.ts","line":52,"snippet":"const authHeader = req.headers.get(\"authorization\");","matchedPattern":"request header read","score":63,"source":"builtin"}
{"slug":"hidden-control-channel","description":"Request header or framework/proxy context read that may influence auth, routing, tenant, runtime, debug, or middleware behavior.","noise":"normal","filePath":"web/src/server/api/trpc.ts","line":65,"snippet":"apiKey = req.headers.get(\"x-api-key\") ?? null;","matchedPattern":"request header read","score":63,"source":"builtin"}
{"slug":"hidden-control-channel","description":"Request header or framework/proxy context read that may influence auth, routing, tenant, runtime, debug, or middleware behavior.","noise":"normal","filePath":"web/src/server/api/utils.ts","line":10,"snippet":"const isAuthed = t.middleware(({ ctx, next }) => {","matchedPattern":"identity or internal control header","score":63,"source":"builtin"}
{"slug":"hidden-control-channel","description":"Request header or framework/proxy context read that may influence auth, routing, tenant, runtime, debug, or middleware behavior.","noise":"normal","filePath":"web/src/server/api/utils.ts","line":21,"snippet":"const isAdmin = t.middleware(({ ctx, next }) => {","matchedPattern":"identity or internal control header","score":63,"source":"builtin"}
{"slug":"hidden-control-channel","description":"Request header or framework/proxy context read that may influence auth, routing, tenant, runtime, debug, or middleware behavior.","noise":"normal","filePath":"web/src/server/api/utils.ts","line":35,"snippet":"const isRateLimited = t.middleware(async ({ ctx, next, path }) => {","matchedPattern":"identity or internal control header","score":63,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"web/src/server/jobs/handlers/darkwatch.scan.test.ts","line":8,"snippet":"then: vi.fn().mockImplementation((fn: Function) => Promise.resolve(fn(result))),","matchedPattern":"path join","score":63,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"web/src/server/jobs/handlers/removebrokers.process.ts","line":167,"snippet":".join(\", \");","matchedPattern":"path join","score":63,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"web/src/server/services/billing.service.ts","line":304,"snippet":"`[billing:webhook] Failed to parse subscription data: ${result.issues?.map((i) => i.message).join(\", \")}`,","matchedPattern":"path join","score":63,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"web/src/server/services/billing.service.ts","line":315,"snippet":"`[billing:webhook] Failed to parse checkout session data: ${result.issues?.map((i) => i.message).join(\", \")}`,","matchedPattern":"path join","score":63,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"web/src/server/services/billing.service.ts","line":326,"snippet":"`[billing:webhook] Failed to parse invoice data: ${result.issues?.map((i) => i.message).join(\", \")}`,","matchedPattern":"path join","score":63,"source":"builtin"}
{"slug":"weak-token-or-crypto","description":"Token, JWT, randomness, or crypto usage that deserves review.","noise":"normal","filePath":"web/src/server/services/removebrokers/proxy.ts","line":131,"snippet":"return Math.random().toString(36).substring(2, 15);","matchedPattern":"weak random","score":63,"source":"builtin"}
{"slug":"hidden-control-channel","description":"Request header or framework/proxy context read that may influence auth, routing, tenant, runtime, debug, or middleware behavior.","noise":"normal","filePath":"android/app/src/main/java/com/kordant/android/ui/components/ShieldCard.kt","line":50,"snippet":"header()","matchedPattern":"request header read","score":55,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"browser-ext/src/background/index.ts","line":51,"snippet":"const result = await client.spamshield.checkNumber.query({ phoneNumber });","matchedPattern":"query call","score":55,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"browser-ext/src/background/index.ts","line":68,"snippet":"const result = await client.spamshield.classifySMS.query({ text });","matchedPattern":"query call","score":55,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"browser-ext/src/background/index.ts","line":93,"snippet":".then((client) => client.extension.getAuthStatus.query())","matchedPattern":"query call","score":55,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"browser-ext/src/lib/phishing-detector.ts","line":8,"snippet":"/update[.-]?[a-z]+\\.(com|org|net)/i,","matchedPattern":"string concat sql","score":55,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"browser-ext/src/options/options.ts","line":38,"snippet":"const status = await client.extension.getAuthStatus.query();","matchedPattern":"query call","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"browser-ext/src/popup/popup.ts","line":40,"snippet":"detectionsEl.innerHTML = detections.map(showDetection).join(\"\");","matchedPattern":"path join","score":55,"source":"builtin"}
{"slug":"unsafe-html-or-template","description":"HTML injection sink or template escape bypass.","noise":"normal","filePath":"browser-ext/src/popup/popup.ts","line":40,"snippet":"detectionsEl.innerHTML = detections.map(showDetection).join(\"\");","matchedPattern":"dangerous html","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"browser-ext/tests/setup.ts","line":21,"snippet":"return Promise.resolve({ [keys]: mockStorage[keys] ?? null });","matchedPattern":"path join","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"browser-ext/tests/setup.ts","line":26,"snippet":"return Promise.resolve(result);","matchedPattern":"path join","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"browser-ext/tests/setup.ts","line":28,"snippet":"return Promise.resolve({});","matchedPattern":"path join","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"browser-ext/tests/setup.ts","line":32,"snippet":"return Promise.resolve();","matchedPattern":"path join","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"browser-ext/vite.config.ts","line":13,"snippet":"background: resolve(__dirname, \"src/background/index.ts\"),","matchedPattern":"path join","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"browser-ext/vite.config.ts","line":14,"snippet":"content: resolve(__dirname, \"src/content/index.ts\"),","matchedPattern":"path join","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"browser-ext/vite.config.ts","line":15,"snippet":"popup: resolve(__dirname, \"src/popup/popup.html\"),","matchedPattern":"path join","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"browser-ext/vite.config.ts","line":16,"snippet":"options: resolve(__dirname, \"src/options/options.html\"),","matchedPattern":"path join","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/bench/ext_bench.py","line":20,"snippet":"EXT = os.path.join(","matchedPattern":"path join","score":55,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"honker/bench/ext_bench.py","line":32,"snippet":"conn.execute(\"PRAGMA journal_mode=WAL\")","matchedPattern":"query call","score":55,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"honker/bench/ext_bench.py","line":33,"snippet":"conn.execute(\"PRAGMA synchronous=NORMAL\")","matchedPattern":"query call","score":55,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"honker/bench/ext_bench.py","line":34,"snippet":"conn.execute(\"PRAGMA cache_size=-32000\")","matchedPattern":"query call","score":55,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"honker/bench/ext_bench.py","line":35,"snippet":"conn.execute(\"PRAGMA temp_store=MEMORY\")","matchedPattern":"query call","score":55,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"honker/bench/ext_bench.py","line":36,"snippet":"conn.execute(\"PRAGMA wal_autocheckpoint=10000\")","matchedPattern":"query call","score":55,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"honker/bench/ext_bench.py","line":37,"snippet":"conn.execute(\"SELECT honker_bootstrap()\")","matchedPattern":"query call","score":55,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"honker/bench/ext_bench.py","line":39,"snippet":"conn.execute(","matchedPattern":"query call","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/bench/ext_bench.py","line":48,"snippet":"conn = setup(os.path.join(d, \"t.db\"), n)","matchedPattern":"path join","score":55,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"honker/bench/ext_bench.py","line":52,"snippet":"row = conn.execute(","matchedPattern":"query call","score":55,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"honker/bench/ext_bench.py","line":59,"snippet":"conn.execute(\"SELECT honker_ack_batch(?, 'w')\", (ids_json,)).fetchone()","matchedPattern":"query call","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/bench/ext_bench.py","line":67,"snippet":"conn = setup(os.path.join(d, \"t.db\"), n)","matchedPattern":"path join","score":55,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"honker/bench/ext_bench.py","line":71,"snippet":"row = conn.execute(","matchedPattern":"query call","score":55,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"honker/bench/ext_bench.py","line":79,"snippet":"conn.execute(\"SELECT honker_ack_batch(?, 'w')\", (ids_json,)).fetchone()","matchedPattern":"query call","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/bench/honker_bench.py","line":20,"snippet":"sys.path.insert(0, os.path.join(os.path.dirname(os.path.dirname(os.path.abspath(__file__))), \"packages\"))","matchedPattern":"path join","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/bench/honker_bench.py","line":121,"snippet":"path = os.path.join(d, \"bench.db\")","matchedPattern":"path join","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/bench/honker_bench.py","line":122,"snippet":"db = honker.open(path)","matchedPattern":"python file open","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/bench/real_bench.py","line":39,"snippet":"PACKAGES_ROOT = os.path.join(REPO_ROOT, \"packages\")","matchedPattern":"path join","score":55,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"honker/bench/real_bench.py","line":51,"snippet":"conn.execute(\"BEGIN\")","matchedPattern":"query call","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/bench/real_bench.py","line":75,"snippet":"db = honker.open(db_path)","matchedPattern":"python file open","score":55,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"honker/bench/real_bench.py","line":83,"snippet":"conn.execute(\"BEGIN\")","matchedPattern":"query call","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/bench/real_bench.py","line":118,"snippet":"db = honker.open({db_path!r})","matchedPattern":"python file open","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/bench/real_bench.py","line":123,"snippet":"with open({lat_file!r}, \"ab\", buffering=0) as f:","matchedPattern":"python file open","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/bench/real_bench.py","line":157,"snippet":"db = honker.open({db_path!r})","matchedPattern":"python file open","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/bench/real_bench.py","line":203,"snippet":"os.path.join(db_dir, f\"lat-{i}.bin\") for i in range(n_workers)","matchedPattern":"path join","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/bench/real_bench.py","line":259,"snippet":"with open(lf, \"rb\") as f:","matchedPattern":"python file open","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/bench/real_bench.py","line":349,"snippet":"sys.path.insert(0, os.path.join(REPO_ROOT, \"packages\"))","matchedPattern":"path join","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/bench/real_bench.py","line":359,"snippet":"db_path = os.path.join(d, \"bench.db\")","matchedPattern":"path join","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/bench/stream_bench.py","line":11,"snippet":"sys.path.insert(0, os.path.join(os.path.dirname(os.path.dirname(os.path.abspath(__file__))), \"packages\"))","matchedPattern":"path join","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/bench/stream_bench.py","line":21,"snippet":"db = honker.open(os.path.join(d, \"stream.db\"))","matchedPattern":"path join","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/bench/stream_bench.py","line":21,"snippet":"db = honker.open(os.path.join(d, \"stream.db\"))","matchedPattern":"python file open","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/bench/wake_latency_bench.py","line":41,"snippet":"PACKAGES_ROOT = os.path.join(REPO_ROOT, \"packages\")","matchedPattern":"path join","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/bench/wake_latency_bench.py","line":57,"snippet":"db = honker.open({db_path!r})","matchedPattern":"python file open","score":55,"source":"builtin"}
{"slug":"hidden-control-channel","description":"Request header or framework/proxy context read that may influence auth, routing, tenant, runtime, debug, or middleware behavior.","noise":"normal","filePath":"honker/bench/wake_latency_bench.py","line":69,"snippet":"# clocks may differ in origin. The parent's own \"round-trip\"","matchedPattern":"proxy or original request header","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/bench/wake_latency_bench.py","line":99,"snippet":"db = honker.open(db_path)","matchedPattern":"python file open","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/bench/wake_latency_bench.py","line":130,"snippet":"db_path = os.path.join(d, \"wake.db\")","matchedPattern":"path join","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/bench/wake_latency_bench.py","line":134,"snippet":"db = honker.open(db_path)","matchedPattern":"python file open","score":55,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"honker/bench/wake_latency_bench.py","line":136,"snippet":"tx.execute(\"CREATE TABLE _warmup (i INTEGER)\")","matchedPattern":"query call","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/examples/demo.py","line":12,"snippet":"db = honker.open(\"app.db\")","matchedPattern":"python file open","score":55,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"honker/examples/demo.py","line":16,"snippet":"tx.execute(","matchedPattern":"query call","score":55,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"honker/examples/demo.py","line":22,"snippet":"tx.execute(\"INSERT INTO orders (user_id, amount) VALUES (?, ?)\", [42, 19.99])","matchedPattern":"query call","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/packages/honker-bun/examples/atomic.ts","line":17,"snippet":"const dir = mkdtempSync(join(tmpdir(), \"honker-\"));","matchedPattern":"path join","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/packages/honker-bun/examples/atomic.ts","line":18,"snippet":"const db = open(join(dir, \"app.db\"), EXT_PATH);","matchedPattern":"path join","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/packages/honker-bun/examples/atomic.ts","line":18,"snippet":"const db = open(join(dir, \"app.db\"), EXT_PATH);","matchedPattern":"python file open","score":55,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"honker/packages/honker-bun/examples/atomic.ts","line":43,"snippet":"console.log(`committed: ${count(\"SELECT COUNT(*) AS c FROM orders\")} order(s), ` +","matchedPattern":"sql keyword string","score":55,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"honker/packages/honker-bun/examples/atomic.ts","line":43,"snippet":"console.log(`committed: ${count(\"SELECT COUNT(*) AS c FROM orders\")} order(s), ` +","matchedPattern":"string concat sql","score":55,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"honker/packages/honker-bun/examples/atomic.ts","line":67,"snippet":"console.log(`after rollback: ${count(\"SELECT COUNT(*) AS c FROM orders\")} order(s), ` +","matchedPattern":"sql keyword string","score":55,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"honker/packages/honker-bun/examples/atomic.ts","line":67,"snippet":"console.log(`after rollback: ${count(\"SELECT COUNT(*) AS c FROM orders\")} order(s), ` +","matchedPattern":"string concat sql","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/packages/honker-bun/examples/basic.ts","line":11,"snippet":"const db = open(\"demo.db\", EXT_PATH);","matchedPattern":"python file open","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/packages/honker-bun/src/index.ts","line":46,"snippet":"\"`open(path, extPath, { sqliteLibPath: '/path/to/libsqlite3.dylib' })`.\",","matchedPattern":"python file open","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/packages/honker-bun/src/index.ts","line":415,"snippet":"export function open(","matchedPattern":"python file open","score":55,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"honker/packages/honker-bun/src/index.ts","line":463,"snippet":"execute(sql: string, params: unknown[] = []): void {","matchedPattern":"query call","score":55,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"honker/packages/honker-bun/src/index.ts","line":464,"snippet":"const stmt = this.raw.query(sql);","matchedPattern":"query call","score":55,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"honker/packages/honker-bun/src/index.ts","line":1040,"snippet":"\"SELECT id, channel, payload FROM _honker_notifications \" +","matchedPattern":"string concat sql","score":55,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"honker/packages/honker-bun/src/index.ts","line":1253,"snippet":".query(\"SELECT honker_lock_release(?, ?)\")","matchedPattern":"query call","score":55,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"honker/packages/honker-bun/src/index.ts","line":1314,"snippet":"\"UPDATE _honker_locks SET expires_at = unixepoch() + ? \" +","matchedPattern":"string concat sql","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/packages/honker-bun/src/index.ts","line":1348,"snippet":"resolve();","matchedPattern":"path join","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/packages/honker-bun/src/index.ts","line":1363,"snippet":"resolve();","matchedPattern":"path join","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/packages/honker-bun/src/index.ts","line":1368,"snippet":"resolve();","matchedPattern":"path join","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/packages/honker-bun/src/index.ts","line":1372,"snippet":"resolve();","matchedPattern":"path join","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/packages/honker-bun/src/index.ts","line":1380,"snippet":"if (signal.aborted) return Promise.resolve();","matchedPattern":"path join","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/packages/honker-bun/src/index.ts","line":1382,"snippet":"signal.addEventListener(\"abort\", () => resolve(), { once: true });","matchedPattern":"path join","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/packages/honker-bun/test/basic.test.ts","line":9,"snippet":"const REPO_ROOT = resolve(import.meta.dir, \"..\", \"..\", \"..\");","matchedPattern":"path join","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/packages/honker-bun/test/basic.test.ts","line":21,"snippet":"const p = join(REPO_ROOT, rel);","matchedPattern":"path join","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/packages/honker-bun/test/basic.test.ts","line":46,"snippet":"const dir = mkdtempSync(join(tmpdir(), \"honker-bun-watchers-\"));","matchedPattern":"path join","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/packages/honker-bun/test/basic.test.ts","line":47,"snippet":"const dbPath = join(dir, \"t.db\");","matchedPattern":"path join","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/packages/honker-bun/test/basic.test.ts","line":52,"snippet":"db = open(dbPath, extPath, { watcherBackend });","matchedPattern":"python file open","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/packages/honker-bun/test/basic.test.ts","line":65,"snippet":"writer = open(dbPath, extPath);","matchedPattern":"python file open","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/packages/honker-bun/test/basic.test.ts","line":88,"snippet":"open(\"/tmp/honker-bun-missing.db\", extPath ?? \"/missing/libhonker_ext.so\", {","matchedPattern":"python file open","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/packages/honker-bun/test/basic.test.ts","line":98,"snippet":"const dir = mkdtempSync(join(tmpdir(), \"honker-bun-\"));","matchedPattern":"path join","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/packages/honker-bun/test/basic.test.ts","line":99,"snippet":"const dbPath = join(dir, \"t.db\");","matchedPattern":"path join","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/packages/honker-bun/test/basic.test.ts","line":100,"snippet":"const db = open(dbPath, extPath, { watcherBackend });","matchedPattern":"python file open","score":55,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"honker/packages/honker-bun/test/basic.test.ts","line":102,"snippet":"expect(db.raw.query(\"SELECT 1 AS v\").get()).toEqual({ v: 1 });","matchedPattern":"query call","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/packages/honker-bun/test/basic.test.ts","line":116,"snippet":"dir = mkdtempSync(join(tmpdir(), \"honker-bun-\"));","matchedPattern":"path join","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/packages/honker-bun/test/basic.test.ts","line":117,"snippet":"dbPath = join(dir, \"t.db\");","matchedPattern":"path join","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/packages/honker-bun/test/basic.test.ts","line":125,"snippet":"const db = open(dbPath, extPath!);","matchedPattern":"python file open","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/packages/honker-bun/test/basic.test.ts","line":147,"snippet":"const db = open(dbPath, extPath!);","matchedPattern":"python file open","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/packages/honker-bun/test/basic.test.ts","line":175,"snippet":"const db = open(dbPath, extPath!);","matchedPattern":"python file open","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/packages/honker-bun/test/parity.test.ts","line":8,"snippet":"const REPO_ROOT = resolve(import.meta.dir, \"..\", \"..\", \"..\");","matchedPattern":"path join","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/packages/honker-bun/test/parity.test.ts","line":20,"snippet":"const p = join(REPO_ROOT, rel);","matchedPattern":"path join","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/packages/honker-bun/test/parity.test.ts","line":35,"snippet":"const dir = mkdtempSync(join(tmpdir(), \"honker-bun-parity-\"));","matchedPattern":"path join","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/packages/honker-bun/test/parity.test.ts","line":36,"snippet":"const dbPath = join(dir, \"t.db\");","matchedPattern":"path join","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/packages/honker-bun/test/parity.test.ts","line":37,"snippet":"const db = open(dbPath, extPath!);","matchedPattern":"python file open","score":55,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"honker/packages/honker-bun/test/parity.test.ts","line":52,"snippet":"tx.execute(","matchedPattern":"query call","score":55,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"honker/packages/honker-bun/test/parity.test.ts","line":55,"snippet":"tx.execute(\"INSERT INTO kv VALUES (?, ?)\", [\"a\", \"1\"]);","matchedPattern":"query call","score":55,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"honker/packages/honker-bun/test/parity.test.ts","line":70,"snippet":"tx.execute(\"INSERT INTO kv VALUES (?, ?)\", [\"a\", \"1\"]);","matchedPattern":"query call","score":55,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"honker/packages/honker-bun/test/parity.test.ts","line":84,"snippet":"tx.execute(\"INSERT INTO kv VALUES (?)\", [\"x\"]);","matchedPattern":"query call","score":55,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"honker/packages/honker-bun/test/parity.test.ts","line":97,"snippet":"tx.execute(\"INSERT INTO orders VALUES (?, ?)\", [1, 100]);","matchedPattern":"query call","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/packages/honker-bun/test/parity.test.ts","line":535,"snippet":"new Promise<null>((resolve) => setTimeout(() => resolve(null), 8000)),","matchedPattern":"path join","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/packages/honker-bun/test/phase_mantle.test.ts","line":10,"snippet":"const REPO_ROOT = resolve(import.meta.dir, \"..\", \"..\", \"..\");","matchedPattern":"path join","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/packages/honker-bun/test/phase_mantle.test.ts","line":21,"snippet":"const p = join(REPO_ROOT, rel);","matchedPattern":"path join","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/packages/honker-bun/test/phase_mantle.test.ts","line":35,"snippet":"const dir = mkdtempSync(join(tmpdir(), \"honker-bun-mantle-\"));","matchedPattern":"path join","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/packages/honker-bun/test/phase_mantle.test.ts","line":36,"snippet":"const dbPath = join(dir, \"t.db\");","matchedPattern":"path join","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/packages/honker-bun/test/phase_mantle.test.ts","line":37,"snippet":"const db = open(dbPath, extPath!);","matchedPattern":"python file open","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/packages/honker-bun/test/phase_mantle.test.ts","line":128,"snippet":"const dir = mkdtempSync(join(tmpdir(), \"honker-bun-mantle-\"));","matchedPattern":"path join","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/packages/honker-bun/test/phase_mantle.test.ts","line":129,"snippet":"const dbPath = join(dir, \"t.db\");","matchedPattern":"path join","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/packages/honker-bun/test/phase_mantle.test.ts","line":130,"snippet":"const db = open(dbPath, extPath!);","matchedPattern":"python file open","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/packages/honker-bun/test/python_interop.test.ts","line":9,"snippet":"const REPO_ROOT = resolve(import.meta.dir, \"..\", \"..\", \"..\");","matchedPattern":"path join","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/packages/honker-bun/test/python_interop.test.ts","line":11,"snippet":"join(REPO_ROOT, \"packages\", \"honker\", \"python\"),","matchedPattern":"path join","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/packages/honker-bun/test/python_interop.test.ts","line":12,"snippet":"join(REPO_ROOT, \"packages\"),","matchedPattern":"path join","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/packages/honker-bun/test/python_interop.test.ts","line":13,"snippet":"].join(delimiter);","matchedPattern":"path join","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/packages/honker-bun/test/python_interop.test.ts","line":22,"snippet":"db = honker.open(p)","matchedPattern":"python file open","score":55,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"honker/packages/honker-bun/test/python_interop.test.ts","line":23,"snippet":"db.query(\"SELECT 1\")","matchedPattern":"query call","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/packages/honker-bun/test/python_interop.test.ts","line":32,"snippet":"join(REPO_ROOT, \".venv\", process.platform === \"win32\" ? \"Scripts/python.exe\" : \"bin/python\"),","matchedPattern":"path join","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/packages/honker-bun/test/python_interop.test.ts","line":54,"snippet":"join(REPO_ROOT, \"target/release/libhonker_ext.dylib\"),","matchedPattern":"path join","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/packages/honker-bun/test/python_interop.test.ts","line":55,"snippet":"join(REPO_ROOT, \"target/release/libhonker_ext.so\"),","matchedPattern":"path join","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/packages/honker-bun/test/python_interop.test.ts","line":77,"snippet":"const dir = mkdtempSync(join(tmpdir(), \"honker-bun-python-\"));","matchedPattern":"path join","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/packages/honker-bun/test/python_interop.test.ts","line":78,"snippet":"const dbPath = join(dir, \"bun-python.db\");","matchedPattern":"path join","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/packages/honker-bun/test/python_interop.test.ts","line":79,"snippet":"const db = open(dbPath, extPath);","matchedPattern":"python file open","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/packages/honker-bun/test/python_interop.test.ts","line":93,"snippet":"db = honker.open(os.environ[\"DB_PATH\"])","matchedPattern":"python file open","score":55,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"honker/packages/honker-bun/test/python_interop.test.ts","line":98,"snippet":"note = db.query(","matchedPattern":"query call","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/packages/honker-bun/test/watcher_backends_queue_e2e.test.ts","line":10,"snippet":"const REPO_ROOT = resolve(import.meta.dir, \"..\", \"..\", \"..\");","matchedPattern":"path join","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/packages/honker-bun/test/watcher_backends_queue_e2e.test.ts","line":18,"snippet":"const MODULE_PATH = resolve(import.meta.dir, \"../src/index.ts\");","matchedPattern":"path join","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/packages/honker-bun/test/watcher_backends_queue_e2e.test.ts","line":24,"snippet":"const p = join(REPO_ROOT, rel);","matchedPattern":"path join","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/packages/honker-bun/test/watcher_backends_queue_e2e.test.ts","line":32,"snippet":"return open(dbPath, extPath, { watcherBackend: backend });","matchedPattern":"python file open","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/packages/honker-bun/test/watcher_backends_queue_e2e.test.ts","line":68,"snippet":"finish(() => resolve(line));","matchedPattern":"path join","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/packages/honker-bun/test/watcher_backends_queue_e2e.test.ts","line":76,"snippet":"finish(() => resolve(line));","matchedPattern":"path join","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/packages/honker-bun/test/watcher_backends_queue_e2e.test.ts","line":90,"snippet":"const db = open(${JSON.stringify(dbPath)}, ${JSON.stringify(extPath)}, { watcherBackend: ${JSON.stringify(backend)} });","matchedPattern":"python file open","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/packages/honker-bun/test/watcher_backends_queue_e2e.test.ts","line":100,"snippet":"new Promise((resolve) => setTimeout(() => resolve({ timeout: true }), 2000)),","matchedPattern":"path join","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/packages/honker-bun/test/watcher_backends_queue_e2e.test.ts","line":129,"snippet":"new Promise((resolve) => proc.once(\"exit\", (exitCode) => resolve(exitCode))),","matchedPattern":"path join","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/packages/honker-bun/test/watcher_backends_queue_e2e.test.ts","line":130,"snippet":"new Promise((resolve) => setTimeout(() => resolve(undefined), 1000)),","matchedPattern":"path join","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/packages/honker-bun/test/watcher_backends_queue_e2e.test.ts","line":134,"snippet":"throw new Error(`worker ${workerId} exited ${code}: ${stderr.join(\"\")}`);","matchedPattern":"path join","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/packages/honker-bun/test/watcher_backends_queue_e2e.test.ts","line":142,"snippet":"const db = open(${JSON.stringify(dbPath)}, ${JSON.stringify(extPath)});","matchedPattern":"python file open","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/packages/honker-bun/test/watcher_backends_queue_e2e.test.ts","line":173,"snippet":"const dir = mkdtempSync(join(tmpdir(), \"honker-bun-queue-watchers-\"));","matchedPattern":"path join","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/packages/honker-bun/test/watcher_backends_queue_e2e.test.ts","line":174,"snippet":"const dbPath = join(dir, \"q.db\");","matchedPattern":"path join","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/packages/honker-bun/test/watcher_backends_queue_e2e.test.ts","line":193,"snippet":"const dir = mkdtempSync(join(tmpdir(), \"honker-bun-queue-watchers-\"));","matchedPattern":"path join","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/packages/honker-bun/test/watcher_backends_queue_e2e.test.ts","line":194,"snippet":"const dbPath = join(dir, \"q.db\");","matchedPattern":"path join","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/packages/honker-bun/test/watcher_backends_queue_e2e.test.ts","line":219,"snippet":"const dir = mkdtempSync(join(tmpdir(), \"honker-bun-queue-watchers-\"));","matchedPattern":"path join","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/packages/honker-bun/test/watcher_backends_queue_e2e.test.ts","line":220,"snippet":"const dbPath = join(dir, \"q.db\");","matchedPattern":"path join","score":55,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"honker/packages/honker-go/examples/atomic/main.go","line":5,"snippet":"// we drop to raw SQL + database/sql's *sql.Tx, which pins a single","matchedPattern":"string concat sql","score":55,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"honker/packages/honker-go/examples/atomic/main.go","line":63,"snippet":"// Success path — INSERT + enqueue in one tx.","matchedPattern":"string concat sql","score":55,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"honker/packages/honker-go/honker.go","line":1438,"snippet":"\"UPDATE _honker_locks SET expires_at = unixepoch() + ? WHERE name = ? AND owner = ?\",","matchedPattern":"string concat sql","score":55,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"honker/packages/honker-go/phase_mantle_test.go","line":10,"snippet":"// Phase Mantle: Scheduler lifecycle (pause/resume/list/update) +","matchedPattern":"string concat sql","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/packages/honker-go/python_interop_test.go","line":57,"snippet":"db = honker.open(p)","matchedPattern":"python file open","score":55,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"honker/packages/honker-go/python_interop_test.go","line":58,"snippet":"db.query(\"SELECT 1\")","matchedPattern":"query call","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/packages/honker-go/python_interop_test.go","line":128,"snippet":"db = honker.open(os.environ[\"DB_PATH\"])","matchedPattern":"python file open","score":55,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"honker/packages/honker-go/python_interop_test.go","line":137,"snippet":"go_note = db.query(","matchedPattern":"query call","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/packages/honker-jvm/src/main/java/dev/honker/CronSchedule.java","line":37,"snippet":"Path ext = NativeLoader.resolve(OpenOptions.defaults());","matchedPattern":"path join","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/packages/honker-jvm/src/main/java/dev/honker/Database.java","line":37,"snippet":"static Database open(Path path, OpenOptions options) {","matchedPattern":"python file open","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/packages/honker-jvm/src/main/java/dev/honker/Database.java","line":41,"snippet":"Path extension = NativeLoader.resolve(options);","matchedPattern":"path join","score":55,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"honker/packages/honker-jvm/src/main/java/dev/honker/Database.java","line":94,"snippet":"boolean acquired = transaction(tx -> tx.query(","matchedPattern":"query call","score":55,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"honker/packages/honker-jvm/src/main/java/dev/honker/Database.java","line":108,"snippet":"return transaction(tx -> tx.query(","matchedPattern":"query call","score":55,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"honker/packages/honker-jvm/src/main/java/dev/honker/Database.java","line":119,"snippet":"return transaction(tx -> tx.query(","matchedPattern":"query call","score":55,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"honker/packages/honker-jvm/src/main/java/dev/honker/Database.java","line":138,"snippet":"long maxId = query(\"SELECT COALESCE(MAX(id), 0) AS m FROM _honker_notifications\")","matchedPattern":"query call","score":55,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"honker/packages/honker-jvm/src/main/java/dev/honker/Database.java","line":149,"snippet":"return transaction(tx -> tx.query(","matchedPattern":"query call","score":55,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"honker/packages/honker-jvm/src/main/java/dev/honker/Database.java","line":150,"snippet":"\"DELETE FROM _honker_notifications WHERE \" + String.join(\" OR \", conditions) + \" RETURNING id\",","matchedPattern":"string concat sql","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/packages/honker-jvm/src/main/java/dev/honker/Database.java","line":150,"snippet":"\"DELETE FROM _honker_notifications WHERE \" + String.join(\" OR \", conditions) + \" RETURNING id\",","matchedPattern":"path join","score":55,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"honker/packages/honker-jvm/src/main/java/dev/honker/Database.java","line":211,"snippet":"public List<Row> query(String sql) {","matchedPattern":"query call","score":55,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"honker/packages/honker-jvm/src/main/java/dev/honker/Database.java","line":212,"snippet":"return query(sql, List.of());","matchedPattern":"query call","score":55,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"honker/packages/honker-jvm/src/main/java/dev/honker/Database.java","line":215,"snippet":"public List<Row> query(String sql, List<?> params) {","matchedPattern":"query call","score":55,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"honker/packages/honker-jvm/src/main/java/dev/honker/Database.java","line":325,"snippet":"stmt.execute(sql);","matchedPattern":"query call","score":55,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"honker/packages/honker-jvm/src/main/java/dev/honker/Database.java","line":333,"snippet":"stmt.execute(\"ROLLBACK\");","matchedPattern":"query call","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/packages/honker-jvm/src/main/java/dev/honker/Honker.java","line":9,"snippet":"public static Database open(String path) {","matchedPattern":"python file open","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/packages/honker-jvm/src/main/java/dev/honker/Honker.java","line":10,"snippet":"return open(Path.of(path), OpenOptions.defaults());","matchedPattern":"python file open","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/packages/honker-jvm/src/main/java/dev/honker/Honker.java","line":13,"snippet":"public static Database open(String path, OpenOptions options) {","matchedPattern":"python file open","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/packages/honker-jvm/src/main/java/dev/honker/Honker.java","line":14,"snippet":"return open(Path.of(path), options);","matchedPattern":"python file open","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/packages/honker-jvm/src/main/java/dev/honker/Honker.java","line":17,"snippet":"public static Database open(Path path) {","matchedPattern":"python file open","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/packages/honker-jvm/src/main/java/dev/honker/Honker.java","line":18,"snippet":"return open(path, OpenOptions.defaults());","matchedPattern":"python file open","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/packages/honker-jvm/src/main/java/dev/honker/Honker.java","line":21,"snippet":"public static Database open(Path path, OpenOptions options) {","matchedPattern":"python file open","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/packages/honker-jvm/src/main/java/dev/honker/Honker.java","line":22,"snippet":"return Database.open(path, options);","matchedPattern":"python file open","score":55,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"honker/packages/honker-jvm/src/main/java/dev/honker/Listener.java","line":22,"snippet":"List<Row> rows = db.query(","matchedPattern":"query call","score":55,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"honker/packages/honker-jvm/src/main/java/dev/honker/Listener.java","line":35,"snippet":"List<Row> rows = db.query(","matchedPattern":"query call","score":55,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"honker/packages/honker-jvm/src/main/java/dev/honker/ListenHandle.java","line":30,"snippet":"executor.execute(loop);","matchedPattern":"query call","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/packages/honker-jvm/src/main/java/dev/honker/ListenHandle.java","line":87,"snippet":"ownedThread.join(1_000);","matchedPattern":"path join","score":55,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"honker/packages/honker-jvm/src/main/java/dev/honker/LockHandle.java","line":31,"snippet":"db.transaction(tx -> tx.query(\"SELECT honker_lock_release(?, ?)\", Params.of(name, owner)));","matchedPattern":"query call","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/packages/honker-jvm/src/main/java/dev/honker/NativeLoader.java","line":15,"snippet":"static Path resolve(OpenOptions options) {","matchedPattern":"path join","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/packages/honker-jvm/src/main/java/dev/honker/NativeLoader.java","line":62,"snippet":"Path out = dir.resolve(libraryName());","matchedPattern":"path join","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/packages/honker-jvm/src/main/java/dev/honker/NativeLoader.java","line":76,"snippet":"out.add(p.resolve(\"target/debug\").resolve(libraryName()));","matchedPattern":"path join","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/packages/honker-jvm/src/main/java/dev/honker/NativeLoader.java","line":76,"snippet":"out.add(p.resolve(\"target/debug\").resolve(libraryName()));","matchedPattern":"path join","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/packages/honker-jvm/src/main/java/dev/honker/NativeLoader.java","line":77,"snippet":"out.add(p.resolve(\"target/release\").resolve(libraryName()));","matchedPattern":"path join","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/packages/honker-jvm/src/main/java/dev/honker/NativeLoader.java","line":77,"snippet":"out.add(p.resolve(\"target/release\").resolve(libraryName()));","matchedPattern":"path join","score":55,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"honker/packages/honker-jvm/src/main/java/dev/honker/Queue.java","line":45,"snippet":"return tx.query(","matchedPattern":"query call","score":55,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"honker/packages/honker-jvm/src/main/java/dev/honker/Queue.java","line":60,"snippet":"String rowsJson = db.transaction(tx -> tx.query(","matchedPattern":"query call","score":55,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"honker/packages/honker-jvm/src/main/java/dev/honker/Queue.java","line":72,"snippet":"return db.transaction(tx -> tx.query(","matchedPattern":"query call","score":55,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"honker/packages/honker-jvm/src/main/java/dev/honker/Queue.java","line":86,"snippet":"return db.transaction(tx -> tx.query(","matchedPattern":"query call","score":55,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"honker/packages/honker-jvm/src/main/java/dev/honker/Queue.java","line":93,"snippet":"return db.transaction(tx -> tx.query(","matchedPattern":"query call","score":55,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"honker/packages/honker-jvm/src/main/java/dev/honker/Queue.java","line":109,"snippet":"tx.query(\"SELECT honker_result_save(?, ?, ?)\", Params.of(jobId, valueJson, ttl));","matchedPattern":"query call","score":55,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"honker/packages/honker-jvm/src/main/java/dev/honker/Queue.java","line":113,"snippet":"String raw = db.transaction(tx -> tx.query(","matchedPattern":"query call","score":55,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"honker/packages/honker-jvm/src/main/java/dev/honker/Queue.java","line":152,"snippet":"return db.transaction(tx -> tx.query(\"SELECT honker_result_sweep() AS n\").get(0).getInt(\"n\"));","matchedPattern":"query call","score":55,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"honker/packages/honker-jvm/src/main/java/dev/honker/Queue.java","line":156,"snippet":"return db.transaction(tx -> tx.query(","matchedPattern":"query call","score":55,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"honker/packages/honker-jvm/src/main/java/dev/honker/Queue.java","line":163,"snippet":"return db.transaction(tx -> tx.query(","matchedPattern":"query call","score":55,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"honker/packages/honker-jvm/src/main/java/dev/honker/Queue.java","line":170,"snippet":"return db.transaction(tx -> tx.query(","matchedPattern":"query call","score":55,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"honker/packages/honker-jvm/src/main/java/dev/honker/Queue.java","line":181,"snippet":"return db.transaction(tx -> tx.query(","matchedPattern":"query call","score":55,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"honker/packages/honker-jvm/src/main/java/dev/honker/Scheduler.java","line":19,"snippet":"db.transaction(tx -> tx.query(","matchedPattern":"query call","score":55,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"honker/packages/honker-jvm/src/main/java/dev/honker/Scheduler.java","line":26,"snippet":"return db.transaction(tx -> tx.query(","matchedPattern":"query call","score":55,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"honker/packages/honker-jvm/src/main/java/dev/honker/Scheduler.java","line":33,"snippet":"String rows = db.transaction(tx -> tx.query(","matchedPattern":"query call","score":55,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"honker/packages/honker-jvm/src/main/java/dev/honker/Scheduler.java","line":41,"snippet":"long t = db.transaction(tx -> tx.query(\"SELECT honker_scheduler_soonest() AS t\").get(0).getLong(\"t\"));","matchedPattern":"query call","score":55,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"honker/packages/honker-jvm/src/main/java/dev/honker/SchedulerHandle.java","line":39,"snippet":"executor.execute(loop);","matchedPattern":"query call","score":55,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"honker/packages/honker-jvm/src/main/java/dev/honker/SchedulerHandle.java","line":102,"snippet":"db.transactionVoid(tx -> tx.execute(","matchedPattern":"query call","score":55,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"honker/packages/honker-jvm/src/main/java/dev/honker/SchedulerHandle.java","line":103,"snippet":"\"UPDATE _honker_locks SET expires_at = unixepoch() + ? WHERE name = ? AND owner = ?\",","matchedPattern":"string concat sql","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/packages/honker-jvm/src/main/java/dev/honker/SchedulerHandle.java","line":119,"snippet":"ownedThread.join(1_000);","matchedPattern":"path join","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/packages/honker-jvm/src/main/java/dev/honker/SharedUpdateWatcher.java","line":110,"snippet":"thread.join(1_000);","matchedPattern":"path join","score":55,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"honker/packages/honker-jvm/src/main/java/dev/honker/SharedUpdateWatcher.java","line":151,"snippet":"throw new HonkerException(\"database file replaced while update watcher was active: \" + path);","matchedPattern":"string concat sql","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/packages/honker-jvm/src/main/java/dev/honker/SharedUpdateWatcher.java","line":270,"snippet":"this.channel = FileChannel.open(shmPath(dbPath), StandardOpenOption.READ);","matchedPattern":"python file open","score":55,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"honker/packages/honker-jvm/src/main/java/dev/honker/Stream.java","line":29,"snippet":"tx.query(\"SELECT honker_stream_publish(?, ?, ?)\", Params.of(name, key, payloadJson));","matchedPattern":"query call","score":55,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"honker/packages/honker-jvm/src/main/java/dev/honker/Stream.java","line":33,"snippet":"String rowsJson = db.transaction(tx -> tx.query(","matchedPattern":"query call","score":55,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"honker/packages/honker-jvm/src/main/java/dev/honker/Stream.java","line":51,"snippet":"db.transactionVoid(tx -> tx.query(","matchedPattern":"query call","score":55,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"honker/packages/honker-jvm/src/main/java/dev/honker/Stream.java","line":58,"snippet":"return db.transaction(tx -> tx.query(","matchedPattern":"query call","score":55,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"honker/packages/honker-jvm/src/main/java/dev/honker/StreamHandle.java","line":33,"snippet":"executor.execute(loop);","matchedPattern":"query call","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/packages/honker-jvm/src/main/java/dev/honker/StreamHandle.java","line":123,"snippet":"ownedThread.join(1_000);","matchedPattern":"path join","score":55,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"honker/packages/honker-jvm/src/main/java/dev/honker/TaskWorkerHandle.java","line":29,"snippet":"job.fail(\"raw (non-task) payload on a task queue\");","matchedPattern":"query call","score":55,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"honker/packages/honker-jvm/src/main/java/dev/honker/Transaction.java","line":19,"snippet":"public void execute(String sql) {","matchedPattern":"query call","score":55,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"honker/packages/honker-jvm/src/main/java/dev/honker/Transaction.java","line":20,"snippet":"execute(sql, List.of());","matchedPattern":"query call","score":55,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"honker/packages/honker-jvm/src/main/java/dev/honker/Transaction.java","line":23,"snippet":"public void execute(String sql, List<?> params) {","matchedPattern":"query call","score":55,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"honker/packages/honker-jvm/src/main/java/dev/honker/Transaction.java","line":33,"snippet":"public List<Row> query(String sql) {","matchedPattern":"query call","score":55,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"honker/packages/honker-jvm/src/main/java/dev/honker/Transaction.java","line":34,"snippet":"return query(sql, List.of());","matchedPattern":"query call","score":55,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"honker/packages/honker-jvm/src/main/java/dev/honker/Transaction.java","line":37,"snippet":"public List<Row> query(String sql, List<?> params) {","matchedPattern":"query call","score":55,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"honker/packages/honker-jvm/src/main/java/dev/honker/Transaction.java","line":44,"snippet":"return query(\"SELECT notify(?, ?) AS id\", List.of(channel, payloadJson)).get(0).getLong(\"id\");","matchedPattern":"query call","score":55,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"honker/packages/honker-jvm/src/main/java/dev/honker/TypedJob.java","line":14,"snippet":"public Job raw() {","matchedPattern":"query call","score":55,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"honker/packages/honker-jvm/src/main/java/dev/honker/TypedQueue.java","line":15,"snippet":"public Queue raw() {","matchedPattern":"query call","score":55,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"honker/packages/honker-jvm/src/main/java/dev/honker/TypedTaskHandle.java","line":12,"snippet":"public TaskHandle raw() {","matchedPattern":"query call","score":55,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"honker/packages/honker-jvm/src/main/java/dev/honker/TypedTaskResult.java","line":16,"snippet":"public TaskResult raw() {","matchedPattern":"query call","score":55,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"honker/packages/honker-jvm/src/main/java/dev/honker/WorkerHandle.java","line":38,"snippet":"executor.execute(loop);","matchedPattern":"query call","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/packages/honker-jvm/src/main/java/dev/honker/WorkerHandle.java","line":129,"snippet":"thread.join(1_000);","matchedPattern":"path join","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/packages/honker-jvm/src/test/java/dev/honker/HonkerJvmChild.java","line":40,"snippet":"try (Database db = Honker.open(dbPath, OpenOptions.builder()","matchedPattern":"python file open","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/packages/honker-jvm/src/test/java/dev/honker/HonkerJvmChild.java","line":61,"snippet":"try (Database db = Honker.open(dbPath, OpenOptions.builder()","matchedPattern":"python file open","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/packages/honker-jvm/src/test/java/dev/honker/HonkerJvmChild.java","line":79,"snippet":"try (Database db = Honker.open(dbPath, OpenOptions.builder()","matchedPattern":"python file open","score":55,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"honker/packages/honker-jvm/src/test/java/dev/honker/HonkerJvmTest.java","line":66,"snippet":"assertEquals(\"hello\", job.raw().payload(quoted));","matchedPattern":"query call","score":55,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"honker/packages/honker-jvm/src/test/java/dev/honker/HonkerJvmTest.java","line":200,"snippet":"db.transactionVoid(tx -> tx.execute(\"UPDATE _honker_notifications SET created_at = unixepoch() - 120 WHERE channel='callback'\"));","matchedPattern":"query call","score":55,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"honker/packages/honker-jvm/src/test/java/dev/honker/HonkerJvmTest.java","line":415,"snippet":"db.transactionVoid(tx -> tx.execute(\"UPDATE _honker_rate_limits SET window_start = 1 WHERE name='api'\"));","matchedPattern":"query call","score":55,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"honker/packages/honker-jvm/src/test/java/dev/honker/HonkerJvmTest.java","line":543,"snippet":"List<Row> dead = db.query(\"SELECT last_error FROM _honker_dead WHERE queue='tasks' ORDER BY id\");","matchedPattern":"query call","score":55,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"honker/packages/honker-jvm/src/test/java/dev/honker/HonkerJvmTest.java","line":585,"snippet":"assertEquals(0, count(db, \"SELECT COUNT(*) AS n FROM _honker_live WHERE id=\" + noStoreResult.id()));","matchedPattern":"string concat sql","score":55,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"honker/packages/honker-jvm/src/test/java/dev/honker/HonkerJvmTest.java","line":586,"snippet":"assertEquals(0, count(db, \"SELECT COUNT(*) AS n FROM _honker_dead WHERE id=\" + noStoreResult.id()));","matchedPattern":"string concat sql","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/packages/honker-jvm/src/test/java/dev/honker/HonkerJvmTest.java","line":636,"snippet":"Path dbPath = tmp.resolve(\"multiprocess.db\");","matchedPattern":"path join","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/packages/honker-jvm/src/test/java/dev/honker/HonkerJvmTest.java","line":637,"snippet":"Path extension = NativeLoader.resolve(OpenOptions.defaults());","matchedPattern":"path join","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/packages/honker-jvm/src/test/java/dev/honker/HonkerJvmTest.java","line":638,"snippet":"Path ready = tmp.resolve(\"child.ready\");","matchedPattern":"path join","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/packages/honker-jvm/src/test/java/dev/honker/HonkerJvmTest.java","line":639,"snippet":"Path done = tmp.resolve(\"child.done\");","matchedPattern":"path join","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/packages/honker-jvm/src/test/java/dev/honker/HonkerJvmTest.java","line":671,"snippet":"publisher.join();","matchedPattern":"path join","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/packages/honker-jvm/src/test/java/dev/honker/HonkerJvmTest.java","line":722,"snippet":"saver.join();","matchedPattern":"path join","score":55,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"honker/packages/honker-jvm/src/test/java/dev/honker/HonkerJvmTest.java","line":758,"snippet":"db.query(\"PRAGMA wal_checkpoint(TRUNCATE)\");","matchedPattern":"query call","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/packages/honker-jvm/src/test/java/dev/honker/HonkerJvmTest.java","line":841,"snippet":"enqueuer.join();","matchedPattern":"path join","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/packages/honker-jvm/src/test/java/dev/honker/HonkerJvmTest.java","line":890,"snippet":"Path dbPath = tmp.resolve(\"listener-latency.db\");","matchedPattern":"path join","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/packages/honker-jvm/src/test/java/dev/honker/HonkerJvmTest.java","line":891,"snippet":"Path extension = NativeLoader.resolve(OpenOptions.defaults());","matchedPattern":"path join","score":55,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"honker/packages/honker-jvm/src/test/java/dev/honker/HonkerJvmTest.java","line":893,"snippet":"db.transactionVoid(tx -> tx.execute(\"CREATE TABLE IF NOT EXISTS _warmup (i INTEGER)\"));","matchedPattern":"query call","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/packages/honker-jvm/src/test/java/dev/honker/HonkerJvmTest.java","line":898,"snippet":"Path ready = tmp.resolve(\"listener-\" + i + \".ready\");","matchedPattern":"path join","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/packages/honker-jvm/src/test/java/dev/honker/HonkerJvmTest.java","line":899,"snippet":"Path done = tmp.resolve(\"listener-\" + i + \".done\");","matchedPattern":"path join","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/packages/honker-jvm/src/test/java/dev/honker/HonkerJvmTest.java","line":925,"snippet":"Path dbPath = tmp.resolve(\"stream-multiprocess.db\");","matchedPattern":"path join","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/packages/honker-jvm/src/test/java/dev/honker/HonkerJvmTest.java","line":926,"snippet":"Path extension = NativeLoader.resolve(OpenOptions.defaults());","matchedPattern":"path join","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/packages/honker-jvm/src/test/java/dev/honker/HonkerJvmTest.java","line":927,"snippet":"Path ready = tmp.resolve(\"stream-child.ready\");","matchedPattern":"path join","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/packages/honker-jvm/src/test/java/dev/honker/HonkerJvmTest.java","line":928,"snippet":"Path done = tmp.resolve(\"stream-child.done\");","matchedPattern":"path join","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/packages/honker-jvm/src/test/java/dev/honker/HonkerJvmTest.java","line":948,"snippet":"Path dbPath = tmp.resolve(\"mmap-listener-multiprocess.db\");","matchedPattern":"path join","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/packages/honker-jvm/src/test/java/dev/honker/HonkerJvmTest.java","line":949,"snippet":"Path extension = NativeLoader.resolve(OpenOptions.defaults());","matchedPattern":"path join","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/packages/honker-jvm/src/test/java/dev/honker/HonkerJvmTest.java","line":950,"snippet":"Path ready = tmp.resolve(\"mmap-listener-child.ready\");","matchedPattern":"path join","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/packages/honker-jvm/src/test/java/dev/honker/HonkerJvmTest.java","line":951,"snippet":"Path done = tmp.resolve(\"mmap-listener-child.done\");","matchedPattern":"path join","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/packages/honker-jvm/src/test/java/dev/honker/HonkerJvmTest.java","line":971,"snippet":"Path dbPath = tmp.resolve(\"kernel-listener-multiprocess.db\");","matchedPattern":"path join","score":55,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"honker/packages/honker-jvm/src/test/java/dev/honker/HonkerJvmTest.java","line":1004,"snippet":"con.execute(\"SELECT load_extension(?, ?)\", (ext, \"sqlite3_honkerext_init\"))","matchedPattern":"query call","score":55,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"honker/packages/honker-jvm/src/test/java/dev/honker/HonkerJvmTest.java","line":1005,"snippet":"con.execute(\"SELECT honker_bootstrap()\")","matchedPattern":"query call","score":55,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"honker/packages/honker-jvm/src/test/java/dev/honker/HonkerJvmTest.java","line":1006,"snippet":"con.execute(\"SELECT honker_enqueue('interop', '{\\\\\"from\\\\\":\\\\\"python\\\\\"}', NULL, NULL, 0, 3, NULL)\")","matchedPattern":"query call","score":55,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"honker/packages/honker-jvm/src/test/java/dev/honker/HonkerJvmTest.java","line":1022,"snippet":"con.execute(\"SELECT load_extension(?, ?)\", (ext, \"sqlite3_honkerext_init\"))","matchedPattern":"query call","score":55,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"honker/packages/honker-jvm/src/test/java/dev/honker/HonkerJvmTest.java","line":1023,"snippet":"con.execute(\"SELECT honker_bootstrap()\")","matchedPattern":"query call","score":55,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"honker/packages/honker-jvm/src/test/java/dev/honker/HonkerJvmTest.java","line":1024,"snippet":"row = con.execute(\"SELECT honker_claim_batch('interop', 'python', 1, 300)\").fetchone()[0]","matchedPattern":"query call","score":55,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"honker/packages/honker-jvm/src/test/java/dev/honker/HonkerJvmTest.java","line":1027,"snippet":"con.execute(\"SELECT honker_ack(?, 'python')\", (jobs[0][\"id\"],))","matchedPattern":"query call","score":55,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"honker/packages/honker-jvm/src/test/java/dev/honker/HonkerJvmTest.java","line":1121,"snippet":"return db.query(sql).get(0).getLong(\"n\");","matchedPattern":"query call","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/packages/honker-node/examples/atomic.js","line":15,"snippet":"const dir = fs.mkdtempSync(path.join(os.tmpdir(), 'honker-'));","matchedPattern":"path join","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/packages/honker-node/examples/atomic.js","line":16,"snippet":"const db = lit.open(path.join(dir, 'app.db'));","matchedPattern":"path join","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/packages/honker-node/examples/atomic.js","line":16,"snippet":"const db = lit.open(path.join(dir, 'app.db'));","matchedPattern":"python file open","score":55,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"honker/packages/honker-node/examples/atomic.js","line":22,"snippet":"tx.query(\"SELECT honker_bootstrap()\");","matchedPattern":"query call","score":55,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"honker/packages/honker-node/examples/atomic.js","line":23,"snippet":"tx.execute(","matchedPattern":"query call","score":55,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"honker/packages/honker-node/examples/atomic.js","line":32,"snippet":"tx.execute(","matchedPattern":"query call","score":55,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"honker/packages/honker-node/examples/atomic.js","line":36,"snippet":"tx.query(","matchedPattern":"query call","score":55,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"honker/packages/honker-node/examples/atomic.js","line":45,"snippet":"const orders = db.query(\"SELECT id FROM orders\");","matchedPattern":"query call","score":55,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"honker/packages/honker-node/examples/atomic.js","line":45,"snippet":"const orders = db.query(\"SELECT id FROM orders\");","matchedPattern":"sql keyword string","score":55,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"honker/packages/honker-node/examples/atomic.js","line":46,"snippet":"const queued = db.query(\"SELECT payload FROM _honker_live WHERE queue='emails'\");","matchedPattern":"query call","score":55,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"honker/packages/honker-node/examples/atomic.js","line":55,"snippet":"tx.execute(","matchedPattern":"query call","score":55,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"honker/packages/honker-node/examples/atomic.js","line":59,"snippet":"tx.query(","matchedPattern":"query call","score":55,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"honker/packages/honker-node/examples/atomic.js","line":73,"snippet":"const orders = db.query(\"SELECT id FROM orders\");","matchedPattern":"query call","score":55,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"honker/packages/honker-node/examples/atomic.js","line":73,"snippet":"const orders = db.query(\"SELECT id FROM orders\");","matchedPattern":"sql keyword string","score":55,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"honker/packages/honker-node/examples/atomic.js","line":74,"snippet":"const queued = db.query(\"SELECT payload FROM _honker_live WHERE queue='emails'\");","matchedPattern":"query call","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/packages/honker-node/examples/basic.js","line":13,"snippet":"const dir = fs.mkdtempSync(path.join(os.tmpdir(), 'honker-'));","matchedPattern":"path join","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/packages/honker-node/examples/basic.js","line":14,"snippet":"const db = lit.open(path.join(dir, 'app.db'));","matchedPattern":"path join","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/packages/honker-node/examples/basic.js","line":14,"snippet":"const db = lit.open(path.join(dir, 'app.db'));","matchedPattern":"python file open","score":55,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"honker/packages/honker-node/examples/basic.js","line":22,"snippet":"tx.query(\"SELECT honker_bootstrap()\");","matchedPattern":"query call","score":55,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"honker/packages/honker-node/examples/basic.js","line":29,"snippet":"const id = tx.query(","matchedPattern":"query call","score":55,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"honker/packages/honker-node/examples/basic.js","line":42,"snippet":"const rowsJson = tx.query(","matchedPattern":"query call","score":55,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"honker/packages/honker-node/examples/basic.js","line":54,"snippet":"const n = tx.query(","matchedPattern":"query call","score":55,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"honker/packages/honker-node/examples/basic.js","line":55,"snippet":"\"SELECT honker_ack_batch(?, ?) AS n\",","matchedPattern":"sql keyword string","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/packages/honker-node/examples/notify_listen.js","line":14,"snippet":"const dir = fs.mkdtempSync(path.join(os.tmpdir(), 'honker-'));","matchedPattern":"path join","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/packages/honker-node/examples/notify_listen.js","line":15,"snippet":"const db = lit.open(path.join(dir, 'app.db'));","matchedPattern":"path join","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/packages/honker-node/examples/notify_listen.js","line":15,"snippet":"const db = lit.open(path.join(dir, 'app.db'));","matchedPattern":"python file open","score":55,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"honker/packages/honker-node/examples/notify_listen.js","line":23,"snippet":"let lastSeen = db.query(","matchedPattern":"query call","score":55,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"honker/packages/honker-node/examples/notify_listen.js","line":30,"snippet":"const rows = db.query(","matchedPattern":"query call","score":55,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"honker/packages/honker-node/index.d.ts","line":10,"snippet":"query(sql: string, params?: Array<JsonValue> | undefined | null): Array<Record<string, any>>","matchedPattern":"query call","score":55,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"honker/packages/honker-node/index.d.ts","line":27,"snippet":"* any further `transaction()` / `query()` / `updateEvents()` /","matchedPattern":"query call","score":55,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"honker/packages/honker-node/index.d.ts","line":47,"snippet":"execute(sql: string, params?: Array<JsonValue> | undefined | null): number","matchedPattern":"query call","score":55,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"honker/packages/honker-node/index.d.ts","line":48,"snippet":"query(sql: string, params?: Array<JsonValue> | undefined | null): Array<Record<string, any>>","matchedPattern":"query call","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/packages/honker-node/index.d.ts","line":80,"snippet":"export declare function open(path: string, maxReaders?: number | undefined | null, watcherBackend?: string | undefined | null): Database","matchedPattern":"python file open","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/packages/honker-node/index.js","line":28,"snippet":"return readFileSync('/usr/bin/ldd', 'utf-8').includes('musl')","matchedPattern":"file read/write","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/packages/honker-node/native.js","line":28,"snippet":"return readFileSync('/usr/bin/ldd', 'utf-8').includes('musl')","matchedPattern":"file read/write","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/packages/honker-node/test/basic.js","line":22,"snippet":"db = open(dbPath);","matchedPattern":"python file open","score":55,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"honker/packages/honker-node/test/basic.js","line":24,"snippet":"tx.execute('CREATE TABLE t (id INTEGER PRIMARY KEY, payload TEXT)');","matchedPattern":"query call","score":55,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"honker/packages/honker-node/test/basic.js","line":25,"snippet":"tx.execute('INSERT INTO t (payload) VALUES (?)', ['hello']);","matchedPattern":"query call","score":55,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"honker/packages/honker-node/test/basic.js","line":27,"snippet":"const rows = db.query('SELECT id, payload FROM t ORDER BY id');","matchedPattern":"query call","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/packages/honker-node/test/basic.js","line":40,"snippet":"db = open(dbPath);","matchedPattern":"python file open","score":55,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"honker/packages/honker-node/test/basic.js","line":43,"snippet":"tx.execute('CREATE TABLE t (v INTEGER)');","matchedPattern":"query call","score":55,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"honker/packages/honker-node/test/basic.js","line":48,"snippet":"tx.execute('INSERT INTO t (v) VALUES (1)');","matchedPattern":"query call","score":55,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"honker/packages/honker-node/test/basic.js","line":51,"snippet":"const rows = db.query('SELECT COUNT(*) AS c FROM t');","matchedPattern":"query call","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/packages/honker-node/test/basic.js","line":63,"snippet":"db = open(dbPath);","matchedPattern":"python file open","score":55,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"honker/packages/honker-node/test/basic.js","line":79,"snippet":"const rows = db.query(","matchedPattern":"query call","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/packages/honker-node/test/basic.js","line":95,"snippet":"db = open(dbPath);","matchedPattern":"python file open","score":55,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"honker/packages/honker-node/test/basic.js","line":110,"snippet":"const rows = db.query(","matchedPattern":"query call","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/packages/honker-node/test/basic.js","line":125,"snippet":"db = open(dbPath);","matchedPattern":"python file open","score":55,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"honker/packages/honker-node/test/basic.js","line":129,"snippet":"tx.execute('CREATE TABLE t (n INTEGER)');","matchedPattern":"query call","score":55,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"honker/packages/honker-node/test/basic.js","line":136,"snippet":"tx.execute('INSERT INTO t (n) VALUES (1)');","matchedPattern":"query call","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/packages/honker-node/test/basic.js","line":158,"snippet":"db = open(dbPath);","matchedPattern":"python file open","score":55,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"honker/packages/honker-node/test/basic.js","line":162,"snippet":"tx.execute('CREATE TABLE t (n INTEGER)');","matchedPattern":"query call","score":55,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"honker/packages/honker-node/test/basic.js","line":181,"snippet":"tx.execute('INSERT INTO t (n) VALUES (1)');","matchedPattern":"query call","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/packages/honker-node/test/basic.js","line":199,"snippet":"db = open(dbPath);","matchedPattern":"python file open","score":55,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"honker/packages/honker-node/test/basic.js","line":205,"snippet":"const before = db.query('SELECT COUNT(*) AS c FROM _honker_notifications');","matchedPattern":"query call","score":55,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"honker/packages/honker-node/test/basic.js","line":209,"snippet":"const after = db.query('SELECT COUNT(*) AS c FROM _honker_notifications');","matchedPattern":"query call","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/packages/honker-node/test/cross_lang_node_to_python.js","line":25,"snippet":"db = open(dbPath);","matchedPattern":"python file open","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/packages/honker-node/test/cross_lang_node_to_python.js","line":33,"snippet":"db = honker.open(${JSON.stringify(dbPath)})","matchedPattern":"python file open","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/packages/honker-node/test/cross_lang_python_to_node.js","line":34,"snippet":"db = open(dbPath);","matchedPattern":"python file open","score":55,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"honker/packages/honker-node/test/cross_lang_python_to_node.js","line":37,"snippet":"const initial = db.query(","matchedPattern":"query call","score":55,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"honker/packages/honker-node/test/cross_lang_python_to_node.js","line":38,"snippet":"'SELECT COALESCE(MAX(id), 0) AS m FROM _honker_notifications',","matchedPattern":"sql keyword string","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/packages/honker-node/test/cross_lang_python_to_node.js","line":47,"snippet":"db = honker.open(${JSON.stringify(dbPath)})","matchedPattern":"python file open","score":55,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"honker/packages/honker-node/test/cross_lang_python_to_node.js","line":62,"snippet":"const rows = db.query(","matchedPattern":"query call","score":55,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"honker/packages/honker-node/test/cross_lang_python_to_node.js","line":63,"snippet":"\"SELECT id, payload FROM _honker_notifications \" +","matchedPattern":"string concat sql","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/packages/honker-node/test/cross_lang_python_to_node.js","line":96,"snippet":"db = open(dbPath);","matchedPattern":"python file open","score":55,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"honker/packages/honker-node/test/cross_lang_python_to_node.js","line":99,"snippet":"const initial = db.query(","matchedPattern":"query call","score":55,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"honker/packages/honker-node/test/cross_lang_python_to_node.js","line":100,"snippet":"'SELECT COALESCE(MAX(id), 0) AS m FROM _honker_notifications',","matchedPattern":"sql keyword string","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/packages/honker-node/test/cross_lang_python_to_node.js","line":109,"snippet":"db = honker.open(${JSON.stringify(dbPath)})","matchedPattern":"python file open","score":55,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"honker/packages/honker-node/test/cross_lang_python_to_node.js","line":118,"snippet":"const rows = db.query(","matchedPattern":"query call","score":55,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"honker/packages/honker-node/test/cross_lang_python_to_node.js","line":119,"snippet":"\"SELECT id, payload FROM _honker_notifications \" +","matchedPattern":"string concat sql","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/packages/honker-node/test/cross_lang_queue_stream_notify.js","line":17,"snippet":"db = open(dbPath);","matchedPattern":"python file open","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/packages/honker-node/test/cross_lang_queue_stream_notify.js","line":34,"snippet":"db = honker.open(${JSON.stringify(dbPath)})","matchedPattern":"python file open","score":55,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"honker/packages/honker-node/test/cross_lang_queue_stream_notify.js","line":38,"snippet":"note = db.query(","matchedPattern":"query call","score":55,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"honker/packages/honker-node/test/cross_lang_queue_stream_notify.js","line":84,"snippet":"const note = db.query(","matchedPattern":"query call","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/packages/honker-node/test/cross_lang_shared.js","line":6,"snippet":"const REPO = path.resolve(__dirname, '..', '..', '..');","matchedPattern":"path join","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/packages/honker-node/test/cross_lang_shared.js","line":7,"snippet":"const PACKAGES = path.resolve(__dirname, '..', '..');","matchedPattern":"path join","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/packages/honker-node/test/cross_lang_shared.js","line":8,"snippet":"const PYTHON = path.join(","matchedPattern":"path join","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/packages/honker-node/test/cross_lang_shared.js","line":16,"snippet":"return Promise.resolve(proc?.exitCode);","matchedPattern":"path join","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/packages/honker-node/test/cross_lang_shared.js","line":64,"snippet":"return resolve(line);","matchedPattern":"path join","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/packages/honker-node/test/cross_lang_shared.js","line":70,"snippet":"resolve(line);","matchedPattern":"path join","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/packages/honker-node/test/cross_lang_supporting.js","line":20,"snippet":"db = open(dbPath);","matchedPattern":"python file open","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/packages/honker-node/test/cross_lang_supporting.js","line":36,"snippet":"db = honker.open(${JSON.stringify(dbPath)})","matchedPattern":"python file open","score":55,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"honker/packages/honker-node/test/cross_lang_supporting.js","line":37,"snippet":"rows = db.query(","matchedPattern":"query call","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/packages/honker-node/test/cross_lang_supporting.js","line":55,"snippet":"resolve(JSON.parse(line.slice('RESULT '.length)));","matchedPattern":"path join","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/packages/honker-node/test/cross_lang_supporting.js","line":85,"snippet":"db = honker.open(${JSON.stringify(dbPath)})","matchedPattern":"python file open","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/packages/honker-node/test/cross_lang_supporting.js","line":95,"snippet":"? resolve()","matchedPattern":"path join","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/packages/honker-node/test/cross_lang_supporting.js","line":100,"snippet":"db = open(dbPath);","matchedPattern":"python file open","score":55,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"honker/packages/honker-node/test/cross_lang_supporting.js","line":101,"snippet":"const rows = db.query(","matchedPattern":"query call","score":55,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"honker/packages/honker-node/test/cross_lang_supporting.js","line":102,"snippet":"\"SELECT id, queue, payload FROM _honker_live \" +","matchedPattern":"string concat sql","score":55,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"honker/packages/honker-node/test/cross_lang_supporting.js","line":115,"snippet":".query(\"SELECT name FROM sqlite_master WHERE type='table' ORDER BY name\")","matchedPattern":"query call","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/packages/honker-node/test/helpers.js","line":98,"snippet":"const dir = fs.mkdtempSync(path.join(os.tmpdir(), prefix));","matchedPattern":"path join","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/packages/honker-node/test/helpers.js","line":101,"snippet":"path: path.join(dir, 't.db'),","matchedPattern":"path join","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/packages/honker-node/test/parity.test.js","line":43,"snippet":"const dir = fs.mkdtempSync(path.join(os.tmpdir(), 'honker-parity-'));","matchedPattern":"path join","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/packages/honker-node/test/parity.test.js","line":44,"snippet":"const dbPath = path.join(dir, 't.db');","matchedPattern":"path join","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/packages/honker-node/test/parity.test.js","line":69,"snippet":"const db = honker.open(p);","matchedPattern":"python file open","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/packages/honker-node/test/parity.test.js","line":89,"snippet":"const db = honker.open(p);","matchedPattern":"python file open","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/packages/honker-node/test/parity.test.js","line":107,"snippet":"const db = honker.open(p);","matchedPattern":"python file open","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/packages/honker-node/test/parity.test.js","line":135,"snippet":"const db = honker.open(p);","matchedPattern":"python file open","score":55,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"honker/packages/honker-node/test/parity.test.js","line":148,"snippet":"const dead = db.query('SELECT COUNT(*) AS c FROM _honker_dead');","matchedPattern":"query call","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/packages/honker-node/test/parity.test.js","line":158,"snippet":"const db = honker.open(p);","matchedPattern":"python file open","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/packages/honker-node/test/parity.test.js","line":172,"snippet":"const db = honker.open(p);","matchedPattern":"python file open","score":55,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"honker/packages/honker-node/test/parity.test.js","line":176,"snippet":"tx.execute('CREATE TABLE orders (id INTEGER PRIMARY KEY)');","matchedPattern":"query call","score":55,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"honker/packages/honker-node/test/parity.test.js","line":180,"snippet":"tx.execute('INSERT INTO orders (id) VALUES (?)', [42]);","matchedPattern":"query call","score":55,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"honker/packages/honker-node/test/parity.test.js","line":183,"snippet":"const orders = db.query('SELECT id FROM orders');","matchedPattern":"query call","score":55,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"honker/packages/honker-node/test/parity.test.js","line":185,"snippet":"const jobs = db.query(\"SELECT id FROM _honker_live WHERE queue='atomic'\");","matchedPattern":"query call","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/packages/honker-node/test/parity.test.js","line":195,"snippet":"const db = honker.open(p);","matchedPattern":"python file open","score":55,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"honker/packages/honker-node/test/parity.test.js","line":199,"snippet":"tx.execute('CREATE TABLE orders (id INTEGER PRIMARY KEY)');","matchedPattern":"query call","score":55,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"honker/packages/honker-node/test/parity.test.js","line":203,"snippet":"tx.execute('INSERT INTO orders (id) VALUES (?)', [42]);","matchedPattern":"query call","score":55,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"honker/packages/honker-node/test/parity.test.js","line":206,"snippet":"const orders = db.query('SELECT id FROM orders');","matchedPattern":"query call","score":55,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"honker/packages/honker-node/test/parity.test.js","line":208,"snippet":"const jobs = db.query(\"SELECT id FROM _honker_live WHERE queue='rollback'\");","matchedPattern":"query call","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/packages/honker-node/test/parity.test.js","line":218,"snippet":"const db = honker.open(p);","matchedPattern":"python file open","score":55,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"honker/packages/honker-node/test/parity.test.js","line":224,"snippet":"db.query(\"SELECT COUNT(*) AS c FROM _honker_live WHERE queue='tx-opt'\")[0].c,","matchedPattern":"query call","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/packages/honker-node/test/parity.test.js","line":235,"snippet":"const db = honker.open(p);","matchedPattern":"python file open","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/packages/honker-node/test/parity.test.js","line":252,"snippet":"const db = honker.open(p);","matchedPattern":"python file open","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/packages/honker-node/test/parity.test.js","line":270,"snippet":"const db = honker.open(p);","matchedPattern":"python file open","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/packages/honker-node/test/parity.test.js","line":283,"snippet":"const db = honker.open(p);","matchedPattern":"python file open","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/packages/honker-node/test/parity.test.js","line":300,"snippet":"const db = honker.open(p);","matchedPattern":"python file open","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/packages/honker-node/test/parity.test.js","line":316,"snippet":"const db = honker.open(p);","matchedPattern":"python file open","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/packages/honker-node/test/parity.test.js","line":334,"snippet":"const db = honker.open(p);","matchedPattern":"python file open","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/packages/honker-node/test/parity.test.js","line":348,"snippet":"setTimeout(() => resolve({ done: true, value: null }), 2000),","matchedPattern":"path join","score":55,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"honker/packages/honker-node/test/parity.test.js","line":367,"snippet":"const rows = db.query(","matchedPattern":"query call","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/packages/honker-node/test/parity.test.js","line":582,"snippet":"new Promise((resolve) => setTimeout(() => resolve(null), 3000)),","matchedPattern":"path join","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/packages/honker-node/test/parity.test.js","line":624,"snippet":"new Promise((resolve) => setTimeout(() => resolve(null), 5000)),","matchedPattern":"path join","score":55,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"honker/packages/honker-node/test/parity.test.js","line":689,"snippet":"tx.execute('CREATE TABLE t (v INTEGER)');","matchedPattern":"query call","score":55,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"honker/packages/honker-node/test/parity.test.js","line":707,"snippet":"const rows = db.query(","matchedPattern":"query call","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/packages/honker-node/test/phase_mantle.js","line":22,"snippet":"db = open(dbPath);","matchedPattern":"python file open","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/packages/honker-node/test/phase_mantle.js","line":44,"snippet":"db = open(dbPath);","matchedPattern":"python file open","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/packages/honker-node/test/phase_mantle.js","line":69,"snippet":"db = open(dbPath);","matchedPattern":"python file open","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/packages/honker-node/test/phase_mantle.js","line":84,"snippet":"db = open(dbPath);","matchedPattern":"python file open","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/packages/honker-node/test/phase_mantle.js","line":105,"snippet":"db = open(dbPath);","matchedPattern":"python file open","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/packages/honker-node/test/phase_mantle.js","line":132,"snippet":"db = open(dbPath);","matchedPattern":"python file open","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/packages/honker-node/test/phase_mantle.js","line":158,"snippet":"db = open(dbPath);","matchedPattern":"python file open","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/packages/honker-node/test/phase_mantle.js","line":180,"snippet":"db = open(dbPath);","matchedPattern":"python file open","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/packages/honker-node/test/phase_mantle.js","line":204,"snippet":"db = open(dbPath);","matchedPattern":"python file open","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/packages/honker-node/test/watcher_backends_e2e.js","line":36,"snippet":"return open(dbPath, undefined, backend);","matchedPattern":"python file open","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/packages/honker-node/test/watcher_backends_e2e.js","line":48,"snippet":"return Promise.resolve(proc?.exitCode);","matchedPattern":"path join","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/packages/honker-node/test/watcher_backends_e2e.js","line":101,"snippet":"return resolve(line);","matchedPattern":"path join","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/packages/honker-node/test/watcher_backends_e2e.js","line":107,"snippet":"resolve(line);","matchedPattern":"path join","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/packages/honker-node/test/watcher_backends_e2e.js","line":118,"snippet":"const REQUIRE_HONKER = path.resolve(__dirname, '..');","matchedPattern":"path join","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/packages/honker-node/test/watcher_backends_e2e.js","line":134,"snippet":"const db = honker.open(${JSON.stringify(dbPath)});","matchedPattern":"python file open","score":55,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"honker/packages/honker-node/test/watcher_backends_e2e.js","line":175,"snippet":"const rows = db.query(","matchedPattern":"query call","score":55,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"honker/packages/honker-node/test/watcher_backends_e2e.js","line":176,"snippet":"'SELECT id, payload FROM _honker_notifications ' +","matchedPattern":"string concat sql","score":55,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"honker/packages/honker-node/test/watcher_backends_e2e.js","line":214,"snippet":"tx.execute('CREATE TABLE _warm (i INTEGER)');","matchedPattern":"query call","score":55,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"honker/packages/honker-node/test/watcher_backends_e2e.js","line":259,"snippet":"tx.execute('CREATE TABLE _warm (i INTEGER)');","matchedPattern":"query call","score":55,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"honker/packages/honker-node/test/watcher_backends_e2e.js","line":285,"snippet":"const persisted = db.query(","matchedPattern":"query call","score":55,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"honker/packages/honker-node/test/watcher_backends_e2e.js","line":310,"snippet":"tx.execute('CREATE TABLE _warm (i INTEGER)');","matchedPattern":"query call","score":55,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"honker/packages/honker-node/test/watcher_backends_e2e.js","line":365,"snippet":"const persisted = db.query(","matchedPattern":"query call","score":55,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"honker/packages/honker-node/test/watcher_backends_e2e.js","line":406,"snippet":"tx.execute('CREATE TABLE _warm (i INTEGER)');","matchedPattern":"query call","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/packages/honker-node/test/watcher_backends_e2e.js","line":413,"snippet":"fs.writeFileSync(replacement, '');","matchedPattern":"file read/write","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/packages/honker-node/test/watcher_backends_queue_e2e.js","line":19,"snippet":"const REQUIRE_HONKER = path.resolve(__dirname, '..');","matchedPattern":"path join","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/packages/honker-node/test/watcher_backends_queue_e2e.js","line":27,"snippet":"return open(dbPath, undefined, backend);","matchedPattern":"python file open","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/packages/honker-node/test/watcher_backends_queue_e2e.js","line":54,"snippet":"resolve(line);","matchedPattern":"path join","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/packages/honker-node/test/watcher_backends_queue_e2e.js","line":76,"snippet":"resolve(existing);","matchedPattern":"path join","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/packages/honker-node/test/watcher_backends_queue_e2e.js","line":92,"snippet":"new Promise((resolve) => proc.once('exit', (code) => resolve(code))),","matchedPattern":"path join","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/packages/honker-node/test/watcher_backends_queue_e2e.js","line":93,"snippet":"new Promise((resolve) => setTimeout(() => resolve(undefined), 1000)),","matchedPattern":"path join","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/packages/honker-node/test/watcher_backends_queue_e2e.js","line":100,"snippet":"throw new Error(`worker ${workerId} exited ${exited}: ${stderr.join('')}`);","matchedPattern":"path join","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/packages/honker-node/test/watcher_backends_queue_e2e.js","line":109,"snippet":"const db = honker.open(${JSON.stringify(dbPath)}, undefined, ${JSON.stringify(backend)});","matchedPattern":"python file open","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/packages/honker-node/test/watcher_backends_queue_e2e.js","line":120,"snippet":"new Promise((resolve) => setTimeout(() => resolve({ timeout: true }), ${idleExitMs})),","matchedPattern":"path join","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/packages/honker-node/test/watcher_backends_queue_e2e.js","line":148,"snippet":"const db = honker.open(${JSON.stringify(dbPath)});","matchedPattern":"python file open","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/packages/honker-node/test/watcher_backends.js","line":25,"snippet":"return open(dbPath, undefined, backend);","matchedPattern":"python file open","score":55,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"honker/packages/honker-node/test/watcher_backends.js","line":40,"snippet":"tx.execute('CREATE TABLE IF NOT EXISTS t (x INTEGER)');","matchedPattern":"query call","score":55,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"honker/packages/honker-node/test/watcher_backends.js","line":74,"snippet":"tx.execute('INSERT INTO t (x) VALUES (?)', [i]);","matchedPattern":"query call","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/packages/honker-node/test/watcher_backends.js","line":119,"snippet":"() => lit.open(dbPath, undefined, backend),","matchedPattern":"python file open","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/packages/honker-node/test/watcher_backends.js","line":132,"snippet":"const db = lit.open(dbPath, undefined, backend);","matchedPattern":"python file open","score":55,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"honker/packages/honker-node/wrapper.d.ts","line":50,"snippet":"raw(): any","matchedPattern":"query call","score":55,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"honker/packages/honker-node/wrapper.d.ts","line":51,"snippet":"execute(sql: string, params?: JsonValue[] | null): number","matchedPattern":"query call","score":55,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"honker/packages/honker-node/wrapper.d.ts","line":52,"snippet":"query(sql: string, params?: JsonValue[] | null): Array<Record<string, any>>","matchedPattern":"query call","score":55,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"honker/packages/honker-node/wrapper.d.ts","line":59,"snippet":"raw(): any","matchedPattern":"query call","score":55,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"honker/packages/honker-node/wrapper.d.ts","line":155,"snippet":"raw(): any","matchedPattern":"query call","score":55,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"honker/packages/honker-node/wrapper.d.ts","line":157,"snippet":"query(sql: string, params?: JsonValue[] | null): Array<Record<string, any>>","matchedPattern":"query call","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/packages/honker-node/wrapper.d.ts","line":176,"snippet":"export function open(path: string, maxReaders?: number | null, watcherBackend?: string | null): Database","matchedPattern":"python file open","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/packages/honker-ruby/examples/atomic.rb","line":22,"snippet":"db = Honker::Database.new(File.join(dir, \"app.db\"))","matchedPattern":"path join","score":55,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"honker/packages/honker-ruby/examples/atomic.rb","line":25,"snippet":"raw.execute(","matchedPattern":"query call","score":55,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"honker/packages/honker-ruby/examples/atomic.rb","line":31,"snippet":"raw.execute(\"INSERT INTO orders (user_id, total) VALUES (?, ?)\", [42, 9900])","matchedPattern":"query call","score":55,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"honker/packages/honker-ruby/examples/atomic.rb","line":32,"snippet":"raw.execute(","matchedPattern":"query call","score":55,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"honker/packages/honker-ruby/examples/atomic.rb","line":47,"snippet":"raw.execute(\"INSERT INTO orders (user_id, total) VALUES (?, ?)\", [43, 5000])","matchedPattern":"query call","score":55,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"honker/packages/honker-ruby/examples/atomic.rb","line":48,"snippet":"raw.execute(","matchedPattern":"query call","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/packages/honker-ruby/ext/honker/extconf.rb","line":16,"snippet":"File.join(ext_dir, \"honker-extension\", \"Cargo.toml\"), # vendored in the gem","matchedPattern":"path join","score":55,"source":"builtin"}
{"slug":"ssrf-capable-request","description":"Outbound HTTP request site that may be attacker-controlled.","noise":"normal","filePath":"honker/packages/honker-ruby/ext/honker/extconf.rb","line":39,"snippet":"case RbConfig::CONFIG.fetch(\"host_os\")","matchedPattern":"fetch/http client","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/packages/honker-ruby/ext/honker/extconf.rb","line":45,"snippet":"target_dir = File.join(ext_dir, \"target\")","matchedPattern":"path join","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/packages/honker-ruby/ext/honker/extconf.rb","line":54,"snippet":"artifact = File.join(target_dir, \"release\", ext_name)","matchedPattern":"path join","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/packages/honker-ruby/ext/honker/extconf.rb","line":59,"snippet":"FileUtils.cp(artifact, File.join(dest_dir, ext_name))","matchedPattern":"path join","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/packages/honker-ruby/ext/honker/extconf.rb","line":65,"snippet":"File.write(File.join(ext_dir, \"Makefile\"), <<~MAKEFILE)","matchedPattern":"path join","score":55,"source":"builtin"}
{"slug":"ssrf-capable-request","description":"Outbound HTTP request site that may be attacker-controlled.","noise":"normal","filePath":"honker/packages/honker-ruby/lib/honker.rb","line":40,"snippet":"def initialize(env: ENV.fetch(\"HONKER_EXTENSION_PATH\", nil), bundled: nil)","matchedPattern":"fetch/http client","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/packages/honker-ruby/lib/honker.rb","line":49,"snippet":"def resolve(extension_path = nil)","matchedPattern":"path join","score":55,"source":"builtin"}
{"slug":"ssrf-capable-request","description":"Outbound HTTP request site that may be attacker-controlled.","noise":"normal","filePath":"honker/packages/honker-ruby/lib/honker.rb","line":71,"snippet":"case RbConfig::CONFIG.fetch(\"host_os\")","matchedPattern":"fetch/http client","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/packages/honker-ruby/lib/honker.rb","line":82,"snippet":"ExtensionResolver.new.resolve(override)","matchedPattern":"path join","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/packages/honker-ruby/lib/honker.rb","line":89,"snippet":"resolved = ExtensionResolver.new.resolve(extension_path)","matchedPattern":"path join","score":55,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"honker/packages/honker-ruby/lib/honker.rb","line":100,"snippet":"sqlite_conn.execute(\"SELECT honker_bootstrap()\")","matchedPattern":"query call","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/packages/honker-ruby/lib/honker.rb","line":179,"snippet":"resolved_extension = extension_resolver.resolve(extension_path)","matchedPattern":"path join","score":55,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"honker/packages/honker-ruby/lib/honker.rb","line":183,"snippet":"@db.execute(\"PRAGMA mmap_size = 0\")","matchedPattern":"query call","score":55,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"honker/packages/honker-ruby/lib/honker.rb","line":188,"snippet":"@db.execute(\"SELECT honker_bootstrap()\")","matchedPattern":"query call","score":55,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"honker/packages/honker-ruby/lib/honker.rb","line":266,"snippet":"# tx.execute(\"INSERT INTO orders ...\")","matchedPattern":"query call","score":55,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"honker/packages/honker-ruby/lib/honker.rb","line":339,"snippet":"@db.execute(","matchedPattern":"query call","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/packages/honker-ruby/lib/honker.rb","line":499,"snippet":"raise \"outbox retry failed for job #{job.id}\" unless job.retry(delay_s: delay_s, error: \"#{e}\\n#{e.backtrace&.join(\"\\n\")}\")","matchedPattern":"path join","score":55,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"honker/packages/honker-ruby/lib/honker/transaction.rb","line":28,"snippet":"def execute(sql, params = [])","matchedPattern":"query call","score":55,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"honker/packages/honker-ruby/lib/honker/transaction.rb","line":29,"snippet":"@conn.execute(sql, params)","matchedPattern":"query call","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/packages/honker-ruby/spec/extension_resolution_spec.rb","line":18,"snippet":"resolver.resolve(\"/somewhere/libhonker_ext.so\"),","matchedPattern":"path join","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/packages/honker-ruby/spec/extension_resolution_spec.rb","line":26,"snippet":"resolver.resolve(\"/explicit/libhonker_ext.so\"),","matchedPattern":"path join","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/packages/honker-ruby/spec/extension_resolution_spec.rb","line":32,"snippet":"ext = File.join(dir, \"libhonker_ext.so\")","matchedPattern":"path join","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/packages/honker-ruby/spec/extension_resolution_spec.rb","line":47,"snippet":"ext = File.join(dir, \"libhonker_ext.so\")","matchedPattern":"path join","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/packages/honker-ruby/spec/extension_resolution_spec.rb","line":56,"snippet":"ext = File.join(dir, \"libhonker_ext.so\")","matchedPattern":"path join","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/packages/honker-ruby/spec/extension_resolution_spec.rb","line":76,"snippet":"Honker::Database.new(File.join(dir, \"app.db\"), extension_resolver: resolver)","matchedPattern":"path join","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/packages/honker-ruby/spec/honker_spec.rb","line":20,"snippet":"p = File.join(REPO_ROOT, rel)","matchedPattern":"path join","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/packages/honker-ruby/spec/honker_spec.rb","line":61,"snippet":"File.write(result_path, processed.join(\"\\n\"))","matchedPattern":"path join","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/packages/honker-ruby/spec/honker_spec.rb","line":93,"snippet":"path = File.join(dir, \"t.db\")","matchedPattern":"path join","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/packages/honker-ruby/spec/honker_spec.rb","line":117,"snippet":"File.join(Dir.tmpdir, \"honker-ruby-missing.db\"),","matchedPattern":"path join","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/packages/honker-ruby/spec/honker_spec.rb","line":135,"snippet":"File.join(Dir.tmpdir, \"honker-ruby-missing.db\"),","matchedPattern":"path join","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/packages/honker-ruby/spec/honker_spec.rb","line":174,"snippet":"ready_path = File.join(dir, \"#{worker_id}.ready\")","matchedPattern":"path join","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/packages/honker-ruby/spec/honker_spec.rb","line":175,"snippet":"result_path = File.join(dir, \"#{worker_id}.result\")","matchedPattern":"path join","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/packages/honker-ruby/spec/honker_spec.rb","line":255,"snippet":"path = File.join(dir, \"q.db\")","matchedPattern":"path join","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/packages/honker-ruby/spec/honker_spec.rb","line":313,"snippet":"@db_path = File.join(@tmpdir, \"t.db\")","matchedPattern":"path join","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/packages/honker-ruby/spec/parity_spec.rb","line":20,"snippet":"p = File.join(REPO_ROOT, rel)","matchedPattern":"path join","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/packages/honker-ruby/spec/parity_spec.rb","line":42,"snippet":"@db_path = File.join(@tmpdir, \"t.db\")","matchedPattern":"path join","score":55,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"honker/packages/honker-ruby/spec/parity_spec.rb","line":56,"snippet":"@db.db.execute(\"CREATE TABLE orders (id INTEGER PRIMARY KEY, total INTEGER)\")","matchedPattern":"query call","score":55,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"honker/packages/honker-ruby/spec/parity_spec.rb","line":60,"snippet":"tx.execute(\"INSERT INTO orders (id, total) VALUES (?, ?)\", [1, 100])","matchedPattern":"query call","score":55,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"honker/packages/honker-ruby/spec/parity_spec.rb","line":70,"snippet":"@db.db.execute(\"CREATE TABLE orders (id INTEGER PRIMARY KEY, total INTEGER)\")","matchedPattern":"query call","score":55,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"honker/packages/honker-ruby/spec/parity_spec.rb","line":75,"snippet":"tx.execute(\"INSERT INTO orders (id, total) VALUES (?, ?)\", [2, 200])","matchedPattern":"query call","score":55,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"honker/packages/honker-ruby/spec/parity_spec.rb","line":86,"snippet":"@db.db.execute(\"CREATE TABLE orders (id INTEGER PRIMARY KEY, total INTEGER)\")","matchedPattern":"query call","score":55,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"honker/packages/honker-ruby/spec/parity_spec.rb","line":90,"snippet":"tx.execute(\"INSERT INTO orders (id, total) VALUES (?, ?)\", [3, 300])","matchedPattern":"query call","score":55,"source":"builtin"}
{"slug":"hidden-control-channel","description":"Request header or framework/proxy context read that may influence auth, routing, tenant, runtime, debug, or middleware behavior.","noise":"normal","filePath":"honker/packages/honker-ruby/spec/parity_spec.rb","line":248,"snippet":"t = Thread.new { sch.run(owner: \"host-1\", stop: stopper) }","matchedPattern":"proxy or original request header","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/packages/honker-ruby/spec/parity_spec.rb","line":252,"snippet":"t.join(5)","matchedPattern":"path join","score":55,"source":"builtin"}
{"slug":"hidden-control-channel","description":"Request header or framework/proxy context read that may influence auth, routing, tenant, runtime, debug, or middleware behavior.","noise":"normal","filePath":"honker/packages/honker-ruby/spec/parity_spec.rb","line":268,"snippet":"t = Thread.new { sch.run(owner: \"host-fast\", stop: stopper) }","matchedPattern":"proxy or original request header","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/packages/honker-ruby/spec/parity_spec.rb","line":283,"snippet":"t.join(5)","matchedPattern":"path join","score":55,"source":"builtin"}
{"slug":"hidden-control-channel","description":"Request header or framework/proxy context read that may influence auth, routing, tenant, runtime, debug, or middleware behavior.","noise":"normal","filePath":"honker/packages/honker-ruby/spec/parity_spec.rb","line":297,"snippet":"t = Thread.new { sch.run(owner: \"host-wake\", stop: stopper) }","matchedPattern":"proxy or original request header","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/packages/honker-ruby/spec/parity_spec.rb","line":315,"snippet":"t.join(5)","matchedPattern":"path join","score":55,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"honker/packages/honker-ruby/spec/phase_mantle_spec.rb","line":3,"snippet":"# Phase Mantle: Scheduler#pause/resume/list/update + Queue#cancel/get_job.","matchedPattern":"string concat sql","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/packages/honker-ruby/spec/phase_mantle_spec.rb","line":19,"snippet":"p = File.join(REPO_ROOT, rel)","matchedPattern":"path join","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/packages/honker-ruby/spec/phase_mantle_spec.rb","line":32,"snippet":"@db_path = File.join(@tmpdir, \"t.db\")","matchedPattern":"path join","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/packages/honker-ruby/spec/setup_helpers_spec.rb","line":25,"snippet":"p = File.join(REPO_ROOT, rel)","matchedPattern":"path join","score":55,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"honker/packages/honker-ruby/spec/setup_helpers_spec.rb","line":62,"snippet":"def execute(sql)","matchedPattern":"query call","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/packages/honker-ruby/spec/setup_helpers_spec.rb","line":180,"snippet":"conn = SQLite3::Database.new(File.join(dir, \"real.db\"))","matchedPattern":"path join","score":55,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"honker/packages/honker-ruby/spec/setup_helpers_spec.rb","line":182,"snippet":"rows = conn.execute(","matchedPattern":"query call","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/packages/honker-ruby/spec/smoke_spec.rb","line":21,"snippet":"p = File.join(REPO_ROOT, rel)","matchedPattern":"path join","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/packages/honker-ruby/spec/smoke_spec.rb","line":33,"snippet":"@db_path = File.join(@tmpdir, \"t.db\")","matchedPattern":"path join","score":55,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"honker/packages/honker-ruby/spec/smoke_spec.rb","line":76,"snippet":"@db.db.execute(\"CREATE TABLE orders (id INTEGER PRIMARY KEY, total INTEGER)\")","matchedPattern":"query call","score":55,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"honker/packages/honker-ruby/spec/smoke_spec.rb","line":81,"snippet":"tx.execute(\"INSERT INTO orders (id, total) VALUES (?, ?)\", [1, 100])","matchedPattern":"query call","score":55,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"honker/packages/honker-ruby/spec/smoke_spec.rb","line":82,"snippet":"tx.execute(","matchedPattern":"query call","score":55,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"honker/packages/honker-ruby/spec/smoke_spec.rb","line":93,"snippet":"tx.execute(\"INSERT INTO orders (id, total) VALUES (?, ?)\", [2, 200])","matchedPattern":"query call","score":55,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"honker/packages/honker-ruby/spec/smoke_spec.rb","line":94,"snippet":"tx.execute(","matchedPattern":"query call","score":55,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"honker/packages/honker-ruby/spec/smoke_spec.rb","line":130,"snippet":"@db.db.execute(","matchedPattern":"query call","score":55,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"honker/packages/honker-ruby/spec/smoke_spec.rb","line":151,"snippet":"@db.db.execute(","matchedPattern":"query call","score":55,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"honker/packages/honker-ruby/spec/smoke_spec.rb","line":178,"snippet":"@db.db.execute(","matchedPattern":"query call","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/packages/honker/examples/atomic.py","line":18,"snippet":"db = honker.open(os.path.join(d, \"app.db\"))","matchedPattern":"path join","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/packages/honker/examples/atomic.py","line":18,"snippet":"db = honker.open(os.path.join(d, \"app.db\"))","matchedPattern":"python file open","score":55,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"honker/packages/honker/examples/atomic.py","line":22,"snippet":"tx.execute(","matchedPattern":"query call","score":55,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"honker/packages/honker/examples/atomic.py","line":30,"snippet":"tx.execute(","matchedPattern":"query call","score":55,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"honker/packages/honker/examples/atomic.py","line":36,"snippet":"orders = db.query(\"SELECT id, user_id, total FROM orders\")","matchedPattern":"query call","score":55,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"honker/packages/honker/examples/atomic.py","line":37,"snippet":"queued = db.query(\"SELECT payload FROM _honker_live WHERE queue='emails'\")","matchedPattern":"query call","score":55,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"honker/packages/honker/examples/atomic.py","line":44,"snippet":"tx.execute(","matchedPattern":"query call","score":55,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"honker/packages/honker/examples/atomic.py","line":53,"snippet":"orders = db.query(\"SELECT id FROM orders\")","matchedPattern":"query call","score":55,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"honker/packages/honker/examples/atomic.py","line":54,"snippet":"queued = db.query(\"SELECT payload FROM _honker_live WHERE queue='emails'\")","matchedPattern":"query call","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/packages/honker/examples/notify_listen.py","line":28,"snippet":"db = honker.open(os.path.join(d, \"app.db\"))","matchedPattern":"path join","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/packages/honker/examples/notify_listen.py","line":28,"snippet":"db = honker.open(os.path.join(d, \"app.db\"))","matchedPattern":"python file open","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/packages/honker/examples/real_app.py","line":82,"snippet":"db = honker.open(db_path)","matchedPattern":"python file open","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/packages/honker/examples/real_app.py","line":146,"snippet":"db = honker.open(db_path)","matchedPattern":"python file open","score":55,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"honker/packages/honker/examples/real_app.py","line":152,"snippet":"tx.execute(","matchedPattern":"query call","score":55,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"honker/packages/honker/examples/real_app.py","line":161,"snippet":"tx.execute(","matchedPattern":"query call","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/packages/honker/examples/real_app.py","line":222,"snippet":"proof = await run(os.path.join(d, \"app.db\"))","matchedPattern":"path join","score":55,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"honker/packages/honker/examples/scheduler.py","line":39,"snippet":"rows = db.query(","matchedPattern":"query call","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/packages/honker/examples/scheduler.py","line":53,"snippet":"db = honker.open(os.path.join(d, \"app.db\"))","matchedPattern":"path join","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/packages/honker/examples/scheduler.py","line":53,"snippet":"db = honker.open(os.path.join(d, \"app.db\"))","matchedPattern":"python file open","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/packages/honker/examples/stream.py","line":43,"snippet":"db = honker.open(os.path.join(d, \"app.db\"))","matchedPattern":"path join","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/packages/honker/examples/stream.py","line":43,"snippet":"db = honker.open(os.path.join(d, \"app.db\"))","matchedPattern":"python file open","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/packages/honker/examples/tasks.py","line":23,"snippet":"db = honker.open(os.path.join(_tmp, \"app.db\"))","matchedPattern":"path join","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/packages/honker/examples/tasks.py","line":23,"snippet":"db = honker.open(os.path.join(_tmp, \"app.db\"))","matchedPattern":"python file open","score":55,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"honker/packages/honker/examples/tasks.py","line":72,"snippet":"rows = db.query(\"SELECT COUNT(*) AS c FROM _honker_dead WHERE queue='demo'\")","matchedPattern":"query call","score":55,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"honker/packages/honker/examples/tasks.py","line":77,"snippet":"dead = db.query(\"SELECT last_error FROM _honker_dead WHERE queue='demo'\")","matchedPattern":"query call","score":55,"source":"builtin"}
{"slug":"weak-token-or-crypto","description":"Token, JWT, randomness, or crypto usage that deserves review.","noise":"normal","filePath":"honker/packages/honker/examples/worker.py","line":24,"snippet":"if random.random() < 0.2:","matchedPattern":"weak random","score":55,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"honker/packages/honker/examples/worker.py","line":42,"snippet":"remaining = db.query(","matchedPattern":"query call","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/packages/honker/examples/worker.py","line":52,"snippet":"db = honker.open(os.path.join(d, \"app.db\"))","matchedPattern":"path join","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/packages/honker/examples/worker.py","line":52,"snippet":"db = honker.open(os.path.join(d, \"app.db\"))","matchedPattern":"python file open","score":55,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"honker/packages/honker/examples/worker.py","line":61,"snippet":"dead = db.query(","matchedPattern":"query call","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/packages/honker/python/honker/__init__.py","line":46,"snippet":"package_dir = Path(__file__).resolve().parent","matchedPattern":"path join","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/packages/honker/python/honker/__init__.py","line":59,"snippet":"SQLAlchemy, or other SQLite connection instead of using honker.open().","matchedPattern":"python file open","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/packages/honker/python/honker/__init__.py","line":73,"snippet":"searched = \", \".join(str(p) for p in _extension_candidates())","matchedPattern":"path join","score":55,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"honker/packages/honker/python/honker/__init__.py","line":86,"snippet":"conn.execute(\"SELECT load_extension(?, ?)\", (path, entrypoint))","matchedPattern":"query call","score":55,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"honker/packages/honker/python/honker/__init__.py","line":91,"snippet":"conn.execute(\"SELECT load_extension(?, ?)\", (path, entrypoint))","matchedPattern":"query call","score":55,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"honker/packages/honker/python/honker/_honker.py","line":88,"snippet":"rows = db.query(","matchedPattern":"query call","score":55,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"honker/packages/honker/python/honker/_honker.py","line":102,"snippet":"rows = self.db.query(","matchedPattern":"query call","score":55,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"honker/packages/honker/python/honker/_honker.py","line":217,"snippet":"tx.execute(\"DROP VIEW IF EXISTS _honker_jobs\")","matchedPattern":"query call","score":55,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"honker/packages/honker/python/honker/_honker.py","line":218,"snippet":"tx.execute(","matchedPattern":"query call","score":55,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"honker/packages/honker/python/honker/_honker.py","line":233,"snippet":"tx.execute(\"DROP INDEX IF EXISTS _honker_jobs_claim\")","matchedPattern":"query call","score":55,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"honker/packages/honker/python/honker/_honker.py","line":234,"snippet":"tx.execute(\"DROP INDEX IF EXISTS _honker_jobs_claim_v2\")","matchedPattern":"query call","score":55,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"honker/packages/honker/python/honker/_honker.py","line":235,"snippet":"tx.execute(\"DROP INDEX IF EXISTS _honker_pending_claim\")","matchedPattern":"query call","score":55,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"honker/packages/honker/python/honker/_honker.py","line":236,"snippet":"tx.execute(\"DROP INDEX IF EXISTS _honker_processing_reclaim\")","matchedPattern":"query call","score":55,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"honker/packages/honker/python/honker/_honker.py","line":237,"snippet":"tx.execute(\"DROP TABLE IF EXISTS _honker_pending\")","matchedPattern":"query call","score":55,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"honker/packages/honker/python/honker/_honker.py","line":238,"snippet":"tx.execute(\"DROP TABLE IF EXISTS _honker_processing\")","matchedPattern":"query call","score":55,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"honker/packages/honker/python/honker/_honker.py","line":284,"snippet":"rows = tx.query(sql, params)","matchedPattern":"query call","score":55,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"honker/packages/honker/python/honker/_honker.py","line":287,"snippet":"rows = own_tx.query(sql, params)","matchedPattern":"query call","score":55,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"honker/packages/honker/python/honker/_honker.py","line":303,"snippet":"rows = tx.query(","matchedPattern":"query call","score":55,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"honker/packages/honker/python/honker/_honker.py","line":315,"snippet":"rows = tx.query(","matchedPattern":"query call","score":55,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"honker/packages/honker/python/honker/_honker.py","line":328,"snippet":"rows = tx.query(","matchedPattern":"query call","score":55,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"honker/packages/honker/python/honker/_honker.py","line":360,"snippet":"rows = tx.query(","matchedPattern":"query call","score":55,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"honker/packages/honker/python/honker/_honker.py","line":389,"snippet":"tx.query(\"SELECT honker_result_save(?, ?, ?)\", params)","matchedPattern":"query call","score":55,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"honker/packages/honker/python/honker/_honker.py","line":392,"snippet":"own_tx.query(\"SELECT honker_result_save(?, ?, ?)\", params)","matchedPattern":"query call","score":55,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"honker/packages/honker/python/honker/_honker.py","line":408,"snippet":"rows = tx.query(","matchedPattern":"query call","score":55,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"honker/packages/honker/python/honker/_honker.py","line":467,"snippet":"rows = tx.query(\"SELECT honker_result_sweep() AS n\")","matchedPattern":"query call","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/packages/honker/python/honker/_honker.py","line":1117,"snippet":"+ \" OR \".join(conditions)","matchedPattern":"path join","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/packages/honker/python/honker/_honker.py","line":1198,"snippet":"db = honker.open(\"app.db\")","matchedPattern":"python file open","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/packages/honker/python/honker/_honker.py","line":1213,"snippet":"def open(","matchedPattern":"python file open","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/packages/honker/python/honker/_scheduler.py","line":30,"snippet":"db = honker.open(\"app.db\")","matchedPattern":"python file open","score":55,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"honker/packages/honker/python/honker/_scheduler.py","line":174,"snippet":"tx.query(","matchedPattern":"query call","score":55,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"honker/packages/honker/python/honker/_scheduler.py","line":190,"snippet":"rows = tx.query(","matchedPattern":"query call","score":55,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"honker/packages/honker/python/honker/_scheduler.py","line":207,"snippet":"rows = tx.query(","matchedPattern":"query call","score":55,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"honker/packages/honker/python/honker/_scheduler.py","line":216,"snippet":"rows = tx.query(","matchedPattern":"query call","score":55,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"honker/packages/honker/python/honker/_scheduler.py","line":227,"snippet":"rows = tx.query(\"SELECT honker_scheduler_list() AS j\")","matchedPattern":"query call","score":55,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"honker/packages/honker/python/honker/_scheduler.py","line":255,"snippet":"rows = tx.query(","matchedPattern":"query call","score":55,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"honker/packages/honker/python/honker/_scheduler.py","line":291,"snippet":"rows = self.db.query(","matchedPattern":"query call","score":55,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"honker/packages/honker/python/honker/_scheduler.py","line":326,"snippet":"tx.execute(","matchedPattern":"query call","score":55,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"honker/packages/honker/python/honker/_scheduler.py","line":350,"snippet":"tx.query(\"SELECT honker_scheduler_tick(?)\", [now])","matchedPattern":"query call","score":55,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"honker/packages/honker/python/honker/_scheduler.py","line":351,"snippet":"rows = tx.query(","matchedPattern":"query call","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/packages/honker/python/honker/_tasks.py","line":5,"snippet":"db = honker.open(\"app.db\")","matchedPattern":"python file open","score":55,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"honker/packages/honker/python/honker/_tasks.py","line":455,"snippet":"job.fail(error=\"raw (non-decorated) payload on a decorated-task queue\")","matchedPattern":"query call","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/packages/honker/test_basic.py","line":10,"snippet":"db = honker.open(\"test.db\")","matchedPattern":"python file open","score":55,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"honker/packages/honker/test_basic.py","line":13,"snippet":"tx.execute(\"CREATE TABLE orders (id INTEGER PRIMARY KEY, total REAL)\")","matchedPattern":"query call","score":55,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"honker/packages/honker/test_basic.py","line":29,"snippet":"tx.execute(\"INSERT INTO orders (id, total) VALUES (1, 99.99)\")","matchedPattern":"query call","score":55,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"honker/packages/honker/test_basic.py","line":33,"snippet":"tx.execute(\"INSERT INTO orders (id, total) VALUES (2, 14.50)\")","matchedPattern":"query call","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/scripts/proof_fcntl_vs_pragma.py","line":128,"snippet":"db = os.path.join(tmp, \"test.db\")","matchedPattern":"path join","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/scripts/proof/ruby-gem-smoke.rb","line":13,"snippet":"db = Honker::Database.new(File.join(dir, \"app.db\"))","matchedPattern":"path join","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/scripts/test_sqlite_versions.py","line":122,"snippet":"db = os.path.join(tmp, \"test.db\")","matchedPattern":"path join","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/tests/conftest.py","line":11,"snippet":"_PACKAGES_ROOT = os.path.join(_REPO_ROOT, \"packages\")","matchedPattern":"path join","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/tests/conftest.py","line":12,"snippet":"_HONKER_PYTHON_ROOT = os.path.join(_PACKAGES_ROOT, \"honker\", \"python\")","matchedPattern":"path join","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/tests/conftest.py","line":21,"snippet":"yield os.path.join(d, \"t.db\")","matchedPattern":"path join","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/tests/conftest.py","line":23,"snippet":"# so the test's `db = honker.open(path)` reference can outlive","matchedPattern":"python file open","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/tests/test_crash_recovery.py","line":50,"snippet":"PACKAGES_ROOT = os.path.join(REPO_ROOT, \"packages\")","matchedPattern":"path join","score":55,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"honker/tests/test_crash_recovery.py","line":98,"snippet":"row = conn.execute(\"PRAGMA integrity_check\").fetchone()","matchedPattern":"query call","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/tests/test_crash_recovery.py","line":114,"snippet":"seed = honker.open(db_path)","matchedPattern":"python file open","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/tests/test_crash_recovery.py","line":124,"snippet":"db = honker.open({db_path!r})","matchedPattern":"python file open","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/tests/test_crash_recovery.py","line":147,"snippet":"db = honker.open(db_path)","matchedPattern":"python file open","score":55,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"honker/tests/test_crash_recovery.py","line":149,"snippet":"existing = db.query(\"SELECT COUNT(*) AS c FROM _honker_jobs\")","matchedPattern":"query call","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/tests/test_crash_recovery.py","line":170,"snippet":"seed = honker.open(db_path)","matchedPattern":"python file open","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/tests/test_crash_recovery.py","line":180,"snippet":"db = honker.open({db_path!r})","matchedPattern":"python file open","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/tests/test_crash_recovery.py","line":198,"snippet":"db = honker.open(db_path)","matchedPattern":"python file open","score":55,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"honker/tests/test_crash_recovery.py","line":210,"snippet":"rows = db.query(\"SELECT COUNT(*) AS c FROM _honker_jobs\")","matchedPattern":"query call","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/tests/test_crash_recovery.py","line":230,"snippet":"seed = honker.open(db_path)","matchedPattern":"python file open","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/tests/test_crash_recovery.py","line":239,"snippet":"db = honker.open({db_path!r})","matchedPattern":"python file open","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/tests/test_crash_recovery.py","line":259,"snippet":"db = honker.open(db_path)","matchedPattern":"python file open","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/tests/test_crash_recovery.py","line":299,"snippet":"db = honker.open(db_path)","matchedPattern":"python file open","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/tests/test_crash_recovery.py","line":308,"snippet":"db = honker.open({db_path!r})","matchedPattern":"python file open","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/tests/test_cross_process_wake_latency.py","line":38,"snippet":"PACKAGES_ROOT = os.path.join(REPO_ROOT, \"packages\")","matchedPattern":"path join","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/tests/test_cross_process_wake_latency.py","line":50,"snippet":"db = honker.open({db_path!r})","matchedPattern":"python file open","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/tests/test_cross_process_wake_latency.py","line":82,"snippet":"db = honker.open(db_path)","matchedPattern":"python file open","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/tests/test_cross_process_wake_latency.py","line":104,"snippet":"db = honker.open(db_path)","matchedPattern":"python file open","score":55,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"honker/tests/test_cross_process_wake_latency.py","line":106,"snippet":"tx.execute(\"CREATE TABLE _warmup (i INTEGER)\")","matchedPattern":"query call","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/tests/test_extension_interop.py","line":23,"snippet":"os.path.join(REPO_ROOT, \"target\", \"release\", \"libhonker_ext.dylib\"),","matchedPattern":"path join","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/tests/test_extension_interop.py","line":24,"snippet":"os.path.join(REPO_ROOT, \"target\", \"release\", \"libhonker_ext.so\"),","matchedPattern":"path join","score":55,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"honker/tests/test_extension_interop.py","line":64,"snippet":"mode = conn.execute(\"PRAGMA journal_mode=DELETE\").fetchone()[0]","matchedPattern":"query call","score":55,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"honker/tests/test_extension_interop.py","line":70,"snippet":"conn.execute(\"SELECT honker_bootstrap()\")","matchedPattern":"query call","score":55,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"honker/tests/test_extension_interop.py","line":82,"snippet":"conn.execute(\"PRAGMA journal_mode=WAL\")","matchedPattern":"query call","score":55,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"honker/tests/test_extension_interop.py","line":83,"snippet":"conn.execute(\"SELECT honker_bootstrap()\")","matchedPattern":"query call","score":55,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"honker/tests/test_extension_interop.py","line":85,"snippet":"conn.execute(\"SELECT honker_bootstrap()\")","matchedPattern":"query call","score":55,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"honker/tests/test_extension_interop.py","line":86,"snippet":"rows = conn.execute(","matchedPattern":"query call","score":55,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"honker/tests/test_extension_interop.py","line":107,"snippet":"conn.execute(\"PRAGMA journal_mode=WAL\")","matchedPattern":"query call","score":55,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"honker/tests/test_extension_interop.py","line":108,"snippet":"conn.execute(\"SELECT honker_bootstrap()\")","matchedPattern":"query call","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/tests/test_extension_interop.py","line":113,"snippet":"db = honker.open(ext_db_path)","matchedPattern":"python file open","score":55,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"honker/tests/test_extension_interop.py","line":125,"snippet":"dead = db.query(","matchedPattern":"query call","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/tests/test_extension_interop.py","line":142,"snippet":"db = honker.open(ext_db_path)","matchedPattern":"python file open","score":55,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"honker/tests/test_extension_interop.py","line":153,"snippet":"rows_json = conn.execute(","matchedPattern":"query call","score":55,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"honker/tests/test_extension_interop.py","line":161,"snippet":"acked = conn.execute(","matchedPattern":"query call","score":55,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"honker/tests/test_extension_interop.py","line":169,"snippet":"remaining = db.query(","matchedPattern":"query call","score":55,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"honker/tests/test_extension_interop.py","line":188,"snippet":"conn.execute(\"BEGIN IMMEDIATE\")","matchedPattern":"query call","score":55,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"honker/tests/test_extension_interop.py","line":189,"snippet":"row = conn.execute(\"SELECT notify('orders', 'hello')\").fetchone()","matchedPattern":"query call","score":55,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"honker/tests/test_extension_interop.py","line":191,"snippet":"conn.execute(\"COMMIT\")","matchedPattern":"query call","score":55,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"honker/tests/test_extension_interop.py","line":193,"snippet":"count = conn.execute(","matchedPattern":"query call","score":55,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"honker/tests/test_extension_interop.py","line":211,"snippet":"conn.execute(\"PRAGMA journal_mode=WAL\")","matchedPattern":"query call","score":55,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"honker/tests/test_extension_interop.py","line":212,"snippet":"conn.execute(\"SELECT honker_bootstrap()\")","matchedPattern":"query call","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/tests/test_extension_interop.py","line":228,"snippet":"db = honker.open(ext_db_path)","matchedPattern":"python file open","score":55,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"honker/tests/test_extension_interop.py","line":236,"snippet":"moved = conn.execute(","matchedPattern":"query call","score":55,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"honker/tests/test_extension_interop.py","line":244,"snippet":"live = db.query(","matchedPattern":"query call","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/tests/test_extension_interop.py","line":258,"snippet":"db = honker.open(ext_db_path)","matchedPattern":"python file open","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/tests/test_extension_interop.py","line":326,"snippet":"db = honker.open(ext_db_path)","matchedPattern":"python file open","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/tests/test_extension_interop.py","line":373,"snippet":"db = honker.open(ext_db_path)","matchedPattern":"python file open","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/tests/test_extension_interop.py","line":424,"snippet":"# honker.open() is called; for a pure-ext session we call the","matchedPattern":"python file open","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/tests/test_extension_interop.py","line":477,"snippet":"db = honker.open(ext_db_path)","matchedPattern":"python file open","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/tests/test_extension_interop.py","line":601,"snippet":"db = honker.open(ext_db_path)","matchedPattern":"python file open","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/tests/test_extension_interop.py","line":843,"snippet":"db = honker.open(ext_db_path)","matchedPattern":"python file open","score":55,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"honker/tests/test_fault_injection.py","line":25,"snippet":"behave like an empty DB. The first query (or first operation","matchedPattern":"query call","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/tests/test_fault_injection.py","line":40,"snippet":"db = honker.open(str(path))","matchedPattern":"python file open","score":55,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"honker/tests/test_fault_injection.py","line":41,"snippet":"db.query(\"SELECT 1\")","matchedPattern":"query call","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/tests/test_fault_injection.py","line":58,"snippet":"honker.open(path)","matchedPattern":"python file open","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/tests/test_fault_injection.py","line":69,"snippet":"db = honker.open(str(path))","matchedPattern":"python file open","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/tests/test_fault_injection.py","line":79,"snippet":"db2 = honker.open(str(path))","matchedPattern":"python file open","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/tests/test_fault_injection.py","line":91,"snippet":"honker.open(path)","matchedPattern":"python file open","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/tests/test_fault_injection.py","line":121,"snippet":"db = honker.open(path)","matchedPattern":"python file open","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/tests/test_joblite.py","line":22,"snippet":"PACKAGES_ROOT = os.path.join(REPO_ROOT, \"packages\")","matchedPattern":"path join","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/tests/test_joblite.py","line":23,"snippet":"HONKER_PYTHON_ROOT = os.path.join(PACKAGES_ROOT, \"honker\", \"python\")","matchedPattern":"path join","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/tests/test_joblite.py","line":35,"snippet":"db = honker.open({db_path!r})","matchedPattern":"python file open","score":55,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"honker/tests/test_joblite.py","line":116,"snippet":"rows = db.query(\"SELECT id, state, attempts FROM _honker_jobs ORDER BY id\")","matchedPattern":"query call","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/tests/test_joblite.py","line":121,"snippet":"db = honker.open(db_path)","matchedPattern":"python file open","score":55,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"honker/tests/test_joblite.py","line":132,"snippet":"rows = db.query(\"SELECT state FROM _honker_jobs WHERE id=?\", [job.id])","matchedPattern":"query call","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/tests/test_joblite.py","line":138,"snippet":"db = honker.open(db_path)","matchedPattern":"python file open","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/tests/test_joblite.py","line":155,"snippet":"t.join()","matchedPattern":"path join","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/tests/test_joblite.py","line":163,"snippet":"db = honker.open(db_path)","matchedPattern":"python file open","score":55,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"honker/tests/test_joblite.py","line":171,"snippet":"tx.execute(","matchedPattern":"query call","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/tests/test_joblite.py","line":191,"snippet":"db = honker.open(db_path)","matchedPattern":"python file open","score":55,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"honker/tests/test_joblite.py","line":201,"snippet":"before = db.query(","matchedPattern":"query call","score":55,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"honker/tests/test_joblite.py","line":206,"snippet":"after = db.query(","matchedPattern":"query call","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/tests/test_joblite.py","line":214,"snippet":"db = honker.open(db_path, max_readers=4)","matchedPattern":"python file open","score":55,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"honker/tests/test_joblite.py","line":220,"snippet":"_ = db.query(\"SELECT COUNT(*) AS c FROM _honker_jobs\")","matchedPattern":"query call","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/tests/test_joblite.py","line":232,"snippet":"t.join(timeout=5.0)","matchedPattern":"path join","score":55,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"honker/tests/test_joblite.py","line":234,"snippet":"rows = db.query(\"SELECT COUNT(*) AS c FROM _honker_jobs\")","matchedPattern":"query call","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/tests/test_joblite.py","line":240,"snippet":"db = honker.open(db_path)","matchedPattern":"python file open","score":55,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"honker/tests/test_joblite.py","line":245,"snippet":"tx.execute(\"CREATE TABLE orders (id INTEGER)\")","matchedPattern":"query call","score":55,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"honker/tests/test_joblite.py","line":246,"snippet":"tx.execute(\"INSERT INTO orders (id) VALUES (?)\", [1])","matchedPattern":"query call","score":55,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"honker/tests/test_joblite.py","line":252,"snippet":"db.query(\"SELECT * FROM orders\")","matchedPattern":"query call","score":55,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"honker/tests/test_joblite.py","line":255,"snippet":"rows = db.query(\"SELECT COUNT(*) AS c FROM _honker_jobs\")","matchedPattern":"query call","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/tests/test_joblite.py","line":260,"snippet":"db = honker.open(db_path)","matchedPattern":"python file open","score":55,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"honker/tests/test_joblite.py","line":263,"snippet":"tx.execute(\"CREATE TABLE orders (id INTEGER)\")","matchedPattern":"query call","score":55,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"honker/tests/test_joblite.py","line":264,"snippet":"tx.execute(\"INSERT INTO orders (id) VALUES (?)\", [1])","matchedPattern":"query call","score":55,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"honker/tests/test_joblite.py","line":266,"snippet":"orders = db.query(\"SELECT id FROM orders\")","matchedPattern":"query call","score":55,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"honker/tests/test_joblite.py","line":268,"snippet":"jobs = db.query(\"SELECT payload FROM _honker_jobs\")","matchedPattern":"query call","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/tests/test_joblite.py","line":273,"snippet":"db = honker.open(db_path)","matchedPattern":"python file open","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/tests/test_joblite.py","line":287,"snippet":"db = honker.open(db_path)","matchedPattern":"python file open","score":55,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"honker/tests/test_joblite.py","line":296,"snippet":"tx.execute(","matchedPattern":"query call","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/tests/test_joblite.py","line":306,"snippet":"db = honker.open(db_path)","matchedPattern":"python file open","score":55,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"honker/tests/test_joblite.py","line":317,"snippet":"tx.execute(\"UPDATE _honker_live SET run_at=unixepoch() - 1\")","matchedPattern":"query call","score":55,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"honker/tests/test_joblite.py","line":324,"snippet":"rows = db.query(\"SELECT state, last_error FROM _honker_jobs\")","matchedPattern":"query call","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/tests/test_joblite.py","line":330,"snippet":"db = honker.open(db_path)","matchedPattern":"python file open","score":55,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"honker/tests/test_joblite.py","line":335,"snippet":"rows = db.query(\"SELECT state FROM _honker_jobs\")","matchedPattern":"query call","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/tests/test_joblite.py","line":343,"snippet":"db = honker.open(db_path)","matchedPattern":"python file open","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/tests/test_joblite.py","line":370,"snippet":"db = honker.open(db_path)","matchedPattern":"python file open","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/tests/test_joblite.py","line":396,"snippet":"db = honker.open(db_path)","matchedPattern":"python file open","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/tests/test_joblite.py","line":425,"snippet":"db = honker.open(db_path)","matchedPattern":"python file open","score":55,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"honker/tests/test_joblite.py","line":432,"snippet":"tx.execute(","matchedPattern":"query call","score":55,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"honker/tests/test_litenotify.py","line":21,"snippet":"tx.execute(","matchedPattern":"query call","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/tests/test_litenotify.py","line":30,"snippet":"db = honker.open(db_path)","matchedPattern":"python file open","score":55,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"honker/tests/test_litenotify.py","line":33,"snippet":"tx.execute(","matchedPattern":"query call","score":55,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"honker/tests/test_litenotify.py","line":37,"snippet":"tx.execute(","matchedPattern":"query call","score":55,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"honker/tests/test_litenotify.py","line":41,"snippet":"rows = db.query(\"SELECT i, f, s, b, n, flag FROM t ORDER BY id\")","matchedPattern":"query call","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/tests/test_litenotify.py","line":52,"snippet":"db = honker.open(db_path)","matchedPattern":"python file open","score":55,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"honker/tests/test_litenotify.py","line":54,"snippet":"tx.execute(\"CREATE TABLE t (id INTEGER PRIMARY KEY, ts INTEGER)\")","matchedPattern":"query call","score":55,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"honker/tests/test_litenotify.py","line":56,"snippet":"tx.execute(\"INSERT INTO t (ts) VALUES (?)\", [ts])","matchedPattern":"query call","score":55,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"honker/tests/test_litenotify.py","line":57,"snippet":"rows = db.query(\"SELECT ts FROM t WHERE ts < ? ORDER BY ts\", [50])","matchedPattern":"query call","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/tests/test_litenotify.py","line":62,"snippet":"db = honker.open(db_path)","matchedPattern":"python file open","score":55,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"honker/tests/test_litenotify.py","line":66,"snippet":"tx.execute(\"INSERT INTO t (i) VALUES (?)\", [object()])","matchedPattern":"query call","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/tests/test_litenotify.py","line":70,"snippet":"db = honker.open(db_path)","matchedPattern":"python file open","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/tests/test_litenotify.py","line":98,"snippet":"db = honker.open(db_path)","matchedPattern":"python file open","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/tests/test_litenotify.py","line":123,"snippet":"db = honker.open(db_path)","matchedPattern":"python file open","score":55,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"honker/tests/test_litenotify.py","line":139,"snippet":"tx.execute(\"CREATE TABLE x (id INTEGER)\")","matchedPattern":"query call","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/tests/test_litenotify.py","line":158,"snippet":"db = honker.open(db_path)","matchedPattern":"python file open","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/tests/test_litenotify.py","line":188,"snippet":"db = honker.open(db_path)","matchedPattern":"python file open","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/tests/test_litenotify.py","line":214,"snippet":"db = honker.open(db_path)","matchedPattern":"python file open","score":55,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"honker/tests/test_litenotify.py","line":221,"snippet":"before = db.query(","matchedPattern":"query call","score":55,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"honker/tests/test_litenotify.py","line":232,"snippet":"after = db.query(","matchedPattern":"query call","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/tests/test_litenotify.py","line":239,"snippet":"db = honker.open(db_path)","matchedPattern":"python file open","score":55,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"honker/tests/test_litenotify.py","line":243,"snippet":"tx.execute(","matchedPattern":"query call","score":55,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"honker/tests/test_litenotify.py","line":247,"snippet":"tx.execute(","matchedPattern":"query call","score":55,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"honker/tests/test_litenotify.py","line":257,"snippet":"rows = db.query(","matchedPattern":"query call","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/tests/test_litenotify.py","line":268,"snippet":"db = honker.open(db_path)","matchedPattern":"python file open","score":55,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"honker/tests/test_litenotify.py","line":272,"snippet":"rows = db.query(\"SELECT COUNT(*) AS c FROM _honker_notifications\")","matchedPattern":"query call","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/tests/test_litenotify.py","line":278,"snippet":"db = honker.open(db_path)","matchedPattern":"python file open","score":55,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"honker/tests/test_litenotify.py","line":282,"snippet":"tx.execute(\"INSERT INTO t (i) VALUES (?)\", [i])","matchedPattern":"query call","score":55,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"honker/tests/test_litenotify.py","line":283,"snippet":"rows = db.query(\"SELECT COUNT(*) AS c FROM t\")","matchedPattern":"query call","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/tests/test_litenotify.py","line":289,"snippet":"db = honker.open(db_path)","matchedPattern":"python file open","score":55,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"honker/tests/test_litenotify.py","line":294,"snippet":"tx.execute(\"INSERT INTO t (i) VALUES (?)\", [1])","matchedPattern":"query call","score":55,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"honker/tests/test_litenotify.py","line":298,"snippet":"tx.execute(\"INSERT INTO t (i) VALUES (?)\", [99])","matchedPattern":"query call","score":55,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"honker/tests/test_litenotify.py","line":299,"snippet":"rows = db.query(\"SELECT i FROM t\")","matchedPattern":"query call","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/tests/test_litenotify.py","line":305,"snippet":"db = honker.open(db_path)","matchedPattern":"python file open","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/tests/test_litenotify.py","line":334,"snippet":"db = honker.open(db_path)","matchedPattern":"python file open","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/tests/test_litenotify.py","line":359,"snippet":"db = honker.open(db_path)","matchedPattern":"python file open","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/tests/test_litenotify.py","line":378,"snippet":"t.join()","matchedPattern":"path join","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/tests/test_litenotify.py","line":387,"snippet":"db = honker.open(db_path, max_readers=4)","matchedPattern":"python file open","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/tests/test_litenotify.py","line":408,"snippet":"rt.join(timeout=5.0)","matchedPattern":"path join","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/tests/test_litenotify.py","line":414,"snippet":"db = honker.open(db_path)","matchedPattern":"python file open","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/tests/test_multiprocess.py","line":29,"snippet":"sys.path.insert(0, {os.path.join(os.path.dirname(os.path.dirname(os.path.abspath(__file__))), \"packages\")!r})","matchedPattern":"path join","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/tests/test_multiprocess.py","line":34,"snippet":"db = honker.open({db_path!r})","matchedPattern":"python file open","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/tests/test_multiprocess.py","line":79,"snippet":"db = honker.open(db_path)","matchedPattern":"python file open","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/tests/test_multiprocess.py","line":119,"snippet":"db = honker.open(db_path)","matchedPattern":"python file open","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/tests/test_multiprocess.py","line":139,"snippet":"db = honker.open(db_path)","matchedPattern":"python file open","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/tests/test_multiprocess.py","line":148,"snippet":"sys.path.insert(0, {os.path.join(os.path.dirname(os.path.dirname(os.path.abspath(__file__))), \"packages\")!r})","matchedPattern":"path join","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/tests/test_multiprocess.py","line":150,"snippet":"db = honker.open({db_path!r})","matchedPattern":"python file open","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/tests/test_multiprocess.py","line":200,"snippet":"sys.path.insert(0, {os.path.join(os.path.dirname(os.path.dirname(os.path.abspath(__file__))), \"packages\")!r})","matchedPattern":"path join","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/tests/test_multiprocess.py","line":203,"snippet":"db = honker.open({db_path!r})","matchedPattern":"python file open","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/tests/test_multiprocess.py","line":239,"snippet":"sys.path.insert(0, {os.path.join(os.path.dirname(os.path.dirname(os.path.abspath(__file__))), \"packages\")!r})","matchedPattern":"path join","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/tests/test_multiprocess.py","line":242,"snippet":"db = honker.open({db_path!r})","matchedPattern":"python file open","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/tests/test_multiprocess.py","line":309,"snippet":"db = honker.open(db_path)","matchedPattern":"python file open","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/tests/test_multiprocess.py","line":356,"snippet":"db = honker.open(db_path)","matchedPattern":"python file open","score":55,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"honker/tests/test_multiprocess.py","line":357,"snippet":"live = db.query(\"SELECT COUNT(*) AS c FROM _honker_live WHERE queue='pressure'\")","matchedPattern":"query call","score":55,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"honker/tests/test_multiprocess.py","line":358,"snippet":"dead = db.query(\"SELECT COUNT(*) AS c FROM _honker_dead WHERE queue='pressure'\")","matchedPattern":"query call","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/tests/test_outbox.py","line":11,"snippet":"db = honker.open(db_path)","matchedPattern":"python file open","score":55,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"honker/tests/test_outbox.py","line":33,"snippet":"rows = db.query(","matchedPattern":"query call","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/tests/test_outbox.py","line":40,"snippet":"db = honker.open(db_path)","matchedPattern":"python file open","score":55,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"honker/tests/test_outbox.py","line":65,"snippet":"tx.execute(","matchedPattern":"query call","score":55,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"honker/tests/test_outbox.py","line":75,"snippet":"rows = db.query(","matchedPattern":"query call","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/tests/test_outbox.py","line":82,"snippet":"db = honker.open(db_path)","matchedPattern":"python file open","score":55,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"honker/tests/test_outbox.py","line":92,"snippet":"tx.execute(\"CREATE TABLE orders (id INTEGER)\")","matchedPattern":"query call","score":55,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"honker/tests/test_outbox.py","line":93,"snippet":"tx.execute(\"INSERT INTO orders (id) VALUES (?)\", [1])","matchedPattern":"query call","score":55,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"honker/tests/test_outbox.py","line":97,"snippet":"rows = db.query(","matchedPattern":"query call","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/tests/test_outbox.py","line":104,"snippet":"db = honker.open(db_path)","matchedPattern":"python file open","score":55,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"honker/tests/test_outbox.py","line":112,"snippet":"tx.execute(\"CREATE TABLE orders (id INTEGER)\")","matchedPattern":"query call","score":55,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"honker/tests/test_outbox.py","line":113,"snippet":"tx.execute(\"INSERT INTO orders (id) VALUES (?)\", [1])","matchedPattern":"query call","score":55,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"honker/tests/test_outbox.py","line":127,"snippet":"assert db.query(\"SELECT COUNT(*) AS c FROM orders\")[0][\"c\"] == 1","matchedPattern":"query call","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/tests/test_outbox.py","line":131,"snippet":"db = honker.open(db_path)","matchedPattern":"python file open","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/tests/test_outbox.py","line":143,"snippet":"db = honker.open(db_path)","matchedPattern":"python file open","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/tests/test_outbox.py","line":151,"snippet":"db = honker.open(db_path)","matchedPattern":"python file open","score":55,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"honker/tests/test_outbox.py","line":166,"snippet":"state = db.query(","matchedPattern":"query call","score":55,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"honker/tests/test_outbox.py","line":175,"snippet":"tx.execute(","matchedPattern":"query call","score":55,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"honker/tests/test_outbox.py","line":184,"snippet":"rows = db.query(","matchedPattern":"query call","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/tests/test_outbox.py","line":196,"snippet":"db = honker.open(db_path)","matchedPattern":"python file open","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/tests/test_outbox.py","line":222,"snippet":"db = honker.open(db_path)","matchedPattern":"python file open","score":55,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"honker/tests/test_outbox.py","line":291,"snippet":"rows = db.query(","matchedPattern":"query call","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/tests/test_outbox.py","line":300,"snippet":"db = honker.open(db_path)","matchedPattern":"python file open","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/tests/test_outbox.py","line":339,"snippet":"db = honker.open(db_path)","matchedPattern":"python file open","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/tests/test_performance_floors.py","line":31,"snippet":"db = honker.open(db_path)","matchedPattern":"python file open","score":55,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"honker/tests/test_performance_floors.py","line":43,"snippet":"rows = db.query(","matchedPattern":"query call","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/tests/test_performance_floors.py","line":55,"snippet":"db = honker.open(db_path)","matchedPattern":"python file open","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/tests/test_performance_floors.py","line":82,"snippet":"db = honker.open(db_path)","matchedPattern":"python file open","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/tests/test_phase_mantle.py","line":18,"snippet":"db = honker.open(str(tmp_path / \"t.db\"))","matchedPattern":"python file open","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/tests/test_phase_mantle.py","line":34,"snippet":"db = honker.open(str(tmp_path / \"t.db\"))","matchedPattern":"python file open","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/tests/test_phase_mantle.py","line":53,"snippet":"db = honker.open(str(tmp_path / \"t.db\"))","matchedPattern":"python file open","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/tests/test_phase_mantle.py","line":76,"snippet":"db = honker.open(str(tmp_path / \"t.db\"))","matchedPattern":"python file open","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/tests/test_phase_mantle.py","line":94,"snippet":"db = honker.open(str(tmp_path / \"t.db\"))","matchedPattern":"python file open","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/tests/test_phase_mantle.py","line":106,"snippet":"db = honker.open(str(tmp_path / \"t.db\"))","matchedPattern":"python file open","score":55,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"honker/tests/test_phase_mantle.py","line":116,"snippet":"rows = tx.query(\"SELECT honker_scheduler_tick(?) AS j\", [int(time.time()) + 5])","matchedPattern":"query call","score":55,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"honker/tests/test_phase_mantle.py","line":116,"snippet":"rows = tx.query(\"SELECT honker_scheduler_tick(?) AS j\", [int(time.time()) + 5])","matchedPattern":"string concat sql","score":55,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"honker/tests/test_phase_mantle.py","line":123,"snippet":"rows = tx.query(\"SELECT honker_scheduler_tick(?) AS j\", [int(time.time()) + 5])","matchedPattern":"query call","score":55,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"honker/tests/test_phase_mantle.py","line":123,"snippet":"rows = tx.query(\"SELECT honker_scheduler_tick(?) AS j\", [int(time.time()) + 5])","matchedPattern":"string concat sql","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/tests/test_phase_mantle.py","line":132,"snippet":"db = honker.open(str(tmp_path / \"t.db\"))","matchedPattern":"python file open","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/tests/test_phase_mantle.py","line":146,"snippet":"db = honker.open(str(tmp_path / \"t.db\"))","matchedPattern":"python file open","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/tests/test_phase_mantle.py","line":156,"snippet":"db = honker.open(str(tmp_path / \"t.db\"))","matchedPattern":"python file open","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/tests/test_phase_mantle.py","line":169,"snippet":"db = honker.open(str(tmp_path / \"t.db\"))","matchedPattern":"python file open","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/tests/test_rate_limit.py","line":15,"snippet":"db = honker.open(db_path)","matchedPattern":"python file open","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/tests/test_rate_limit.py","line":23,"snippet":"db = honker.open(db_path)","matchedPattern":"python file open","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/tests/test_rate_limit.py","line":38,"snippet":"db = honker.open(db_path)","matchedPattern":"python file open","score":55,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"honker/tests/test_rate_limit.py","line":45,"snippet":"rows = db.query(\"SELECT count FROM _honker_rate_limits WHERE name='api'\")","matchedPattern":"query call","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/tests/test_rate_limit.py","line":50,"snippet":"db = honker.open(db_path)","matchedPattern":"python file open","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/tests/test_rate_limit.py","line":62,"snippet":"db = honker.open(db_path)","matchedPattern":"python file open","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/tests/test_rate_limit.py","line":79,"snippet":"db = honker.open(db_path)","matchedPattern":"python file open","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/tests/test_rate_limit.py","line":93,"snippet":"db = honker.open(db_path)","matchedPattern":"python file open","score":55,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"honker/tests/test_rate_limit.py","line":97,"snippet":"tx.execute(","matchedPattern":"query call","score":55,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"honker/tests/test_rate_limit.py","line":108,"snippet":"remaining = db.query(","matchedPattern":"query call","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/tests/test_real_e2e_scenarios.py","line":27,"snippet":"PACKAGES_ROOT = os.path.join(REPO_ROOT, \"packages\")","matchedPattern":"path join","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/tests/test_real_e2e_scenarios.py","line":28,"snippet":"HONKER_PYTHON_ROOT = os.path.join(PACKAGES_ROOT, \"honker\", \"python\")","matchedPattern":"path join","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/tests/test_real_e2e_scenarios.py","line":32,"snippet":"os.path.join(REPO_ROOT, \"target\", \"release\", \"libhonker_ext.dylib\"),","matchedPattern":"path join","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/tests/test_real_e2e_scenarios.py","line":33,"snippet":"os.path.join(REPO_ROOT, \"target\", \"release\", \"libhonker_ext.so\"),","matchedPattern":"path join","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/tests/test_real_e2e_scenarios.py","line":34,"snippet":"os.path.join(REPO_ROOT, \"target\", \"release\", \"honker_ext.dll\"),","matchedPattern":"path join","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/tests/test_real_e2e_scenarios.py","line":62,"snippet":"db = honker.open(db_path)","matchedPattern":"python file open","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/tests/test_real_e2e_scenarios.py","line":82,"snippet":"db = honker.open(db_path)","matchedPattern":"python file open","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/tests/test_real_e2e_scenarios.py","line":91,"snippet":"db = honker.open(db_path)","matchedPattern":"python file open","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/tests/test_real_e2e_scenarios.py","line":109,"snippet":"db = honker.open(db_path)","matchedPattern":"python file open","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/tests/test_real_e2e_scenarios.py","line":125,"snippet":"db = honker.open(db_path)","matchedPattern":"python file open","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/tests/test_real_e2e_scenarios.py","line":138,"snippet":"db = honker.open(db_path)","matchedPattern":"python file open","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/tests/test_real_e2e_scenarios.py","line":147,"snippet":"db = honker.open(db_path)","matchedPattern":"python file open","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/tests/test_real_e2e_scenarios.py","line":155,"snippet":"db = honker.open(db_path)","matchedPattern":"python file open","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/tests/test_real_e2e_scenarios.py","line":171,"snippet":"db = honker.open(db_path)","matchedPattern":"python file open","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/tests/test_real_e2e_scenarios.py","line":194,"snippet":"db = honker.open(db_path)","matchedPattern":"python file open","score":55,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"honker/tests/test_real_e2e_scenarios.py","line":213,"snippet":"conn.execute(\"PRAGMA journal_mode=WAL\")","matchedPattern":"query call","score":55,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"honker/tests/test_real_e2e_scenarios.py","line":214,"snippet":"conn.execute(\"SELECT honker_bootstrap()\")","matchedPattern":"query call","score":55,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"honker/tests/test_real_e2e_scenarios.py","line":215,"snippet":"conn.execute(\"CREATE TABLE IF NOT EXISTS orders (id INTEGER PRIMARY KEY, email TEXT)\")","matchedPattern":"query call","score":55,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"honker/tests/test_real_e2e_scenarios.py","line":218,"snippet":"conn.execute(\"BEGIN IMMEDIATE\")","matchedPattern":"query call","score":55,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"honker/tests/test_real_e2e_scenarios.py","line":219,"snippet":"conn.execute(\"INSERT INTO orders (id, email) VALUES (?, ?)\", (order_id, email))","matchedPattern":"query call","score":55,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"honker/tests/test_real_e2e_scenarios.py","line":220,"snippet":"conn.execute(","matchedPattern":"query call","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/tests/test_real_e2e_scenarios.py","line":338,"snippet":"db = honker.open(db_path)","matchedPattern":"python file open","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/tests/test_real_e2e_scenarios.py","line":356,"snippet":"db = honker.open(db_path)","matchedPattern":"python file open","score":55,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"honker/tests/test_real_e2e_scenarios.py","line":364,"snippet":"rows = db.query(","matchedPattern":"query call","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/tests/test_real_e2e_scenarios.py","line":382,"snippet":"db = honker.open(db_path)","matchedPattern":"python file open","score":55,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"honker/tests/test_real_e2e_scenarios.py","line":395,"snippet":"db.query(\"SELECT run_at FROM _honker_jobs WHERE queue='retry'\")[0][\"run_at\"]","matchedPattern":"query call","score":55,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"honker/tests/test_real_e2e_scenarios.py","line":409,"snippet":"rows = db.query(","matchedPattern":"query call","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/tests/test_real_e2e_scenarios.py","line":422,"snippet":"db = honker.open(db_path)","matchedPattern":"python file open","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/tests/test_real_e2e_scenarios.py","line":444,"snippet":"honker.open(db_path).try_rate_limit(\"warmup\", limit=1, per=60)","matchedPattern":"python file open","score":55,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"honker/tests/test_real_e2e_scenarios.py","line":566,"snippet":"rows = db.query(\"SELECT COUNT(*) AS c FROM orders\")","matchedPattern":"query call","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/tests/test_resource_bounds.py","line":31,"snippet":"db = honker.open(db_path)","matchedPattern":"python file open","score":55,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"honker/tests/test_resource_bounds.py","line":52,"snippet":"# Give Drop handlers + exiting threads a moment.","matchedPattern":"string concat sql","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/tests/test_resource_bounds.py","line":75,"snippet":"db = honker.open(db_path)","matchedPattern":"python file open","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/tests/test_resource_bounds.py","line":130,"snippet":"db = honker.open(db_path)","matchedPattern":"python file open","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/tests/test_ruby_python_interop.py","line":19,"snippet":"REPO_ROOT = Path(__file__).resolve().parents[1]","matchedPattern":"path join","score":55,"source":"builtin"}
{"slug":"ssrf-capable-request","description":"Outbound HTTP request site that may be attacker-controlled.","noise":"normal","filePath":"honker/tests/test_ruby_python_interop.py","line":96,"snippet":"ENV.fetch(\"DB_PATH\"),","matchedPattern":"fetch/http client","score":55,"source":"builtin"}
{"slug":"ssrf-capable-request","description":"Outbound HTTP request site that may be attacker-controlled.","noise":"normal","filePath":"honker/tests/test_ruby_python_interop.py","line":97,"snippet":"extension_path: ENV.fetch(\"HONKER_EXTENSION_PATH\"),","matchedPattern":"fetch/http client","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/tests/test_ruby_python_interop.py","line":110,"snippet":"py_db = honker.open(str(db_path))","matchedPattern":"python file open","score":55,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"honker/tests/test_ruby_python_interop.py","line":123,"snippet":"ruby_notification = py_db.query(","matchedPattern":"query call","score":55,"source":"builtin"}
{"slug":"ssrf-capable-request","description":"Outbound HTTP request site that may be attacker-controlled.","noise":"normal","filePath":"honker/tests/test_ruby_python_interop.py","line":146,"snippet":"ENV.fetch(\"DB_PATH\"),","matchedPattern":"fetch/http client","score":55,"source":"builtin"}
{"slug":"ssrf-capable-request","description":"Outbound HTTP request site that may be attacker-controlled.","noise":"normal","filePath":"honker/tests/test_ruby_python_interop.py","line":147,"snippet":"extension_path: ENV.fetch(\"HONKER_EXTENSION_PATH\"),","matchedPattern":"fetch/http client","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/tests/test_scheduler_boundaries.py","line":43,"snippet":"db = honker.open(db_path)","matchedPattern":"python file open","score":55,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"honker/tests/test_scheduler_boundaries.py","line":53,"snippet":"row = db.query(","matchedPattern":"query call","score":55,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"honker/tests/test_scheduler_boundaries.py","line":91,"snippet":"rows = db.query(","matchedPattern":"query call","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/tests/test_scheduler_boundaries.py","line":111,"snippet":"db = honker.open(db_path)","matchedPattern":"python file open","score":55,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"honker/tests/test_scheduler_boundaries.py","line":145,"snippet":"rows = db.query(","matchedPattern":"query call","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/tests/test_scheduler_boundaries.py","line":171,"snippet":"db = honker.open(db_path)","matchedPattern":"python file open","score":55,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"honker/tests/test_scheduler_boundaries.py","line":183,"snippet":"row_before = db.query(","matchedPattern":"query call","score":55,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"honker/tests/test_scheduler_boundaries.py","line":196,"snippet":"row_after = db.query(","matchedPattern":"query call","score":55,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"honker/tests/test_scheduler_boundaries.py","line":206,"snippet":"rows = db.query(","matchedPattern":"query call","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/tests/test_scheduler.py","line":106,"snippet":"db = honker.open(db_path)","matchedPattern":"python file open","score":55,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"honker/tests/test_scheduler.py","line":114,"snippet":"rows = db.query(","matchedPattern":"query call","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/tests/test_scheduler.py","line":125,"snippet":"db = honker.open(db_path)","matchedPattern":"python file open","score":55,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"honker/tests/test_scheduler.py","line":132,"snippet":"rows = db.query(","matchedPattern":"query call","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/tests/test_scheduler.py","line":142,"snippet":"db = honker.open(db_path)","matchedPattern":"python file open","score":55,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"honker/tests/test_scheduler.py","line":146,"snippet":"rows = db.query(","matchedPattern":"query call","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/tests/test_scheduler.py","line":156,"snippet":"db = honker.open(db_path)","matchedPattern":"python file open","score":55,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"honker/tests/test_scheduler.py","line":168,"snippet":"row = db.query(","matchedPattern":"query call","score":55,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"honker/tests/test_scheduler.py","line":173,"snippet":"result = tx.query(","matchedPattern":"query call","score":55,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"honker/tests/test_scheduler.py","line":182,"snippet":"rows = db.query(","matchedPattern":"query call","score":55,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"honker/tests/test_scheduler.py","line":187,"snippet":"row = db.query(","matchedPattern":"query call","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/tests/test_scheduler.py","line":198,"snippet":"db = honker.open(db_path)","matchedPattern":"python file open","score":55,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"honker/tests/test_scheduler.py","line":206,"snippet":"row = db.query(","matchedPattern":"query call","score":55,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"honker/tests/test_scheduler.py","line":211,"snippet":"result_a = tx.query(","matchedPattern":"query call","score":55,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"honker/tests/test_scheduler.py","line":215,"snippet":"result_b = tx.query(","matchedPattern":"query call","score":55,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"honker/tests/test_scheduler.py","line":220,"snippet":"rows = db.query(\"SELECT COUNT(*) AS c FROM _honker_live WHERE queue='no-dup'\")","matchedPattern":"query call","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/tests/test_scheduler.py","line":230,"snippet":"db = honker.open(db_path)","matchedPattern":"python file open","score":55,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"honker/tests/test_scheduler.py","line":241,"snippet":"row = db.query(","matchedPattern":"query call","score":55,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"honker/tests/test_scheduler.py","line":247,"snippet":"tx.execute(","matchedPattern":"query call","score":55,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"honker/tests/test_scheduler.py","line":255,"snippet":"result = tx.query(\"SELECT honker_scheduler_tick(?) AS j\", [now])","matchedPattern":"query call","score":55,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"honker/tests/test_scheduler.py","line":259,"snippet":"row = db.query(","matchedPattern":"query call","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/tests/test_scheduler.py","line":285,"snippet":"db = honker.open(db_path)","matchedPattern":"python file open","score":55,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"honker/tests/test_scheduler.py","line":294,"snippet":"row = db.query(","matchedPattern":"query call","score":55,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"honker/tests/test_scheduler.py","line":299,"snippet":"tx.execute(","matchedPattern":"query call","score":55,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"honker/tests/test_scheduler.py","line":316,"snippet":"rows = tx.query(\"SELECT honker_scheduler_tick(?) AS j\", [now])","matchedPattern":"query call","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/tests/test_scheduler.py","line":326,"snippet":"t.join(timeout=10)","matchedPattern":"path join","score":55,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"honker/tests/test_scheduler.py","line":335,"snippet":"rows = db.query(","matchedPattern":"query call","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/tests/test_scheduler.py","line":347,"snippet":"db = honker.open(db_path)","matchedPattern":"python file open","score":55,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"honker/tests/test_scheduler.py","line":369,"snippet":"rows = db.query(","matchedPattern":"query call","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/tests/test_scheduler.py","line":379,"snippet":"db = honker.open(db_path)","matchedPattern":"python file open","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/tests/test_scheduler.py","line":402,"snippet":"db = honker.open(db_path)","matchedPattern":"python file open","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/tests/test_scheduler.py","line":424,"snippet":"db = honker.open(db_path)","matchedPattern":"python file open","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/tests/test_scheduler.py","line":472,"snippet":"db = honker.open(db_path)","matchedPattern":"python file open","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/tests/test_schema_migration.py","line":71,"snippet":"db = honker.open(db_path)","matchedPattern":"python file open","score":55,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"honker/tests/test_schema_migration.py","line":76,"snippet":"leftover = check.execute(","matchedPattern":"query call","score":55,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"honker/tests/test_schema_migration.py","line":88,"snippet":"for r in check.execute(\"PRAGMA table_info(_honker_live)\").fetchall()","matchedPattern":"query call","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/tests/test_schema_migration.py","line":126,"snippet":"db = honker.open(db_path)","matchedPattern":"python file open","score":55,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"honker/tests/test_schema_migration.py","line":132,"snippet":"rows = db.query(","matchedPattern":"query call","score":55,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"honker/tests/test_schema_migration.py","line":139,"snippet":"old = check.execute(","matchedPattern":"query call","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/tests/test_schema_migration.py","line":151,"snippet":"db = honker.open(db_path)","matchedPattern":"python file open","score":55,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"honker/tests/test_schema_migration.py","line":157,"snippet":"for r in check.execute(","matchedPattern":"query call","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/tests/test_soak.py","line":50,"snippet":"db = honker.open(db_path)","matchedPattern":"python file open","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/tests/test_soak.py","line":130,"snippet":"db = honker.open(db_path)","matchedPattern":"python file open","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/tests/test_stream.py","line":11,"snippet":"db = honker.open(db_path)","matchedPattern":"python file open","score":55,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"honker/tests/test_stream.py","line":15,"snippet":"rows = db.query(","matchedPattern":"query call","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/tests/test_stream.py","line":24,"snippet":"db = honker.open(db_path)","matchedPattern":"python file open","score":55,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"honker/tests/test_stream.py","line":27,"snippet":"tx.execute(\"CREATE TABLE users (id INTEGER PRIMARY KEY)\")","matchedPattern":"query call","score":55,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"honker/tests/test_stream.py","line":28,"snippet":"tx.execute(\"INSERT INTO users (id) VALUES (?)\", [1])","matchedPattern":"query call","score":55,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"honker/tests/test_stream.py","line":30,"snippet":"assert db.query(\"SELECT COUNT(*) AS c FROM users\")[0][\"c\"] == 1","matchedPattern":"query call","score":55,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"honker/tests/test_stream.py","line":31,"snippet":"assert db.query(\"SELECT COUNT(*) AS c FROM _honker_stream\")[0][\"c\"] == 1","matchedPattern":"query call","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/tests/test_stream.py","line":35,"snippet":"db = honker.open(db_path)","matchedPattern":"python file open","score":55,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"honker/tests/test_stream.py","line":39,"snippet":"tx.execute(\"CREATE TABLE x (id INTEGER)\")","matchedPattern":"query call","score":55,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"honker/tests/test_stream.py","line":42,"snippet":"rows = db.query(\"SELECT COUNT(*) AS c FROM _honker_stream\")","matchedPattern":"query call","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/tests/test_stream.py","line":47,"snippet":"db = honker.open(db_path)","matchedPattern":"python file open","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/tests/test_stream.py","line":56,"snippet":"db = honker.open(db_path)","matchedPattern":"python file open","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/tests/test_stream.py","line":81,"snippet":"db = honker.open(db_path)","matchedPattern":"python file open","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/tests/test_stream.py","line":101,"snippet":"db = honker.open(db_path)","matchedPattern":"python file open","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/tests/test_stream.py","line":126,"snippet":"db = honker.open(db_path)","matchedPattern":"python file open","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/tests/test_stream.py","line":155,"snippet":"db = honker.open(db_path)","matchedPattern":"python file open","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/tests/test_stream.py","line":185,"snippet":"db = honker.open(db_path)","matchedPattern":"python file open","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/tests/test_stream.py","line":210,"snippet":"db = honker.open(db_path)","matchedPattern":"python file open","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/tests/test_stream.py","line":248,"snippet":"db = honker.open(db_path)","matchedPattern":"python file open","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/tests/test_stream.py","line":267,"snippet":"db = honker.open(db_path)","matchedPattern":"python file open","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/tests/test_stream.py","line":276,"snippet":"db = honker.open(db_path)","matchedPattern":"python file open","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/tests/test_stream.py","line":303,"snippet":"db = honker.open(db_path)","matchedPattern":"python file open","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/tests/test_stream.py","line":325,"snippet":"db = honker.open(db_path)","matchedPattern":"python file open","score":55,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"honker/tests/test_stream.py","line":332,"snippet":"rows = db.query(","matchedPattern":"query call","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/tests/test_stream.py","line":348,"snippet":"db = honker.open(db_path)","matchedPattern":"python file open","score":55,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"honker/tests/test_stream.py","line":365,"snippet":"assert db.query(\"SELECT COUNT(*) AS c FROM _honker_stream\")[0][\"c\"] == 0","matchedPattern":"query call","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/tests/test_stream.py","line":374,"snippet":"db = honker.open(db_path)","matchedPattern":"python file open","score":55,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"honker/tests/test_stream.py","line":382,"snippet":"rows = db.query(\"SELECT payload FROM _honker_stream\")","matchedPattern":"query call","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/tests/test_stream.py","line":389,"snippet":"db = honker.open(db_path)","matchedPattern":"python file open","score":55,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"honker/tests/test_stream.py","line":393,"snippet":"rows = db.query(","matchedPattern":"query call","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/tests/test_subscribe_race.py","line":35,"snippet":"db = honker.open(db_path)","matchedPattern":"python file open","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/tests/test_subscribe_race.py","line":44,"snippet":"db = honker.open(db_path)","matchedPattern":"python file open","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/tests/test_subscribe_race.py","line":69,"snippet":"db = honker.open(db_path)","matchedPattern":"python file open","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/tests/test_subscribe_race.py","line":86,"snippet":"t.join()","matchedPattern":"path join","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/tests/test_subscribe_race.py","line":102,"snippet":"db = honker.open(db_path)","matchedPattern":"python file open","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/tests/test_subscribe_race.py","line":116,"snippet":"t.join()","matchedPattern":"path join","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/tests/test_subscribe_race.py","line":139,"snippet":"db = honker.open(db_path)","matchedPattern":"python file open","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/tests/test_subscribe_race.py","line":153,"snippet":"t.join()","matchedPattern":"path join","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/tests/test_subscribe_race.py","line":177,"snippet":"db = honker.open(db_path)","matchedPattern":"python file open","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/tests/test_subscribe_race.py","line":199,"snippet":"t.join()","matchedPattern":"path join","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/tests/test_task_expiration.py","line":14,"snippet":"db = honker.open(db_path)","matchedPattern":"python file open","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/tests/test_task_expiration.py","line":25,"snippet":"db = honker.open(db_path)","matchedPattern":"python file open","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/tests/test_task_expiration.py","line":36,"snippet":"db = honker.open(db_path)","matchedPattern":"python file open","score":55,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"honker/tests/test_task_expiration.py","line":40,"snippet":"rows = db.query(","matchedPattern":"query call","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/tests/test_task_expiration.py","line":50,"snippet":"db = honker.open(db_path)","matchedPattern":"python file open","score":55,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"honker/tests/test_task_expiration.py","line":62,"snippet":"live = db.query(","matchedPattern":"query call","score":55,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"honker/tests/test_task_expiration.py","line":67,"snippet":"dead = db.query(","matchedPattern":"query call","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/tests/test_task_expiration.py","line":76,"snippet":"db = honker.open(db_path)","matchedPattern":"python file open","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/tests/test_task_expiration.py","line":86,"snippet":"db = honker.open(db_path)","matchedPattern":"python file open","score":55,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"honker/tests/test_task_expiration.py","line":92,"snippet":"rows = db.query(\"SELECT expires_at FROM _honker_live WHERE queue='exp-tx'\")","matchedPattern":"query call","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/tests/test_task_expiration.py","line":101,"snippet":"db = honker.open(db_path)","matchedPattern":"python file open","score":55,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"honker/tests/test_task_expiration.py","line":108,"snippet":"rows = db.query(","matchedPattern":"query call","score":55,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"honker/tests/test_task_expiration.py","line":115,"snippet":"rows = db.query(","matchedPattern":"query call","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/tests/test_task_locking.py","line":15,"snippet":"db = honker.open(db_path)","matchedPattern":"python file open","score":55,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"honker/tests/test_task_locking.py","line":19,"snippet":"rows = db.query(\"SELECT name, owner FROM _honker_locks\")","matchedPattern":"query call","score":55,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"honker/tests/test_task_locking.py","line":24,"snippet":"rows = db.query(\"SELECT COUNT(*) AS c FROM _honker_locks\")","matchedPattern":"query call","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/tests/test_task_locking.py","line":29,"snippet":"db = honker.open(db_path)","matchedPattern":"python file open","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/tests/test_task_locking.py","line":38,"snippet":"db = honker.open(db_path)","matchedPattern":"python file open","score":55,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"honker/tests/test_task_locking.py","line":42,"snippet":"rows = db.query(\"SELECT COUNT(*) AS c FROM _honker_locks\")","matchedPattern":"query call","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/tests/test_task_locking.py","line":47,"snippet":"db = honker.open(db_path)","matchedPattern":"python file open","score":55,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"honker/tests/test_task_locking.py","line":54,"snippet":"rows = db.query(\"SELECT COUNT(*) AS c FROM _honker_locks\")","matchedPattern":"query call","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/tests/test_task_locking.py","line":62,"snippet":"db = honker.open(db_path)","matchedPattern":"python file open","score":55,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"honker/tests/test_task_locking.py","line":67,"snippet":"tx.execute(","matchedPattern":"query call","score":55,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"honker/tests/test_task_locking.py","line":74,"snippet":"rows = db.query(\"SELECT owner FROM _honker_locks WHERE name='stale'\")","matchedPattern":"query call","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/tests/test_task_locking.py","line":82,"snippet":"db = honker.open(db_path)","matchedPattern":"python file open","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/tests/test_task_locking.py","line":95,"snippet":"db = honker.open(db_path)","matchedPattern":"python file open","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/tests/test_task_results.py","line":21,"snippet":"db = honker.open(db_path)","matchedPattern":"python file open","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/tests/test_task_results.py","line":30,"snippet":"db = honker.open(db_path)","matchedPattern":"python file open","score":55,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"honker/tests/test_task_results.py","line":36,"snippet":"rows = db.query(","matchedPattern":"query call","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/tests/test_task_results.py","line":46,"snippet":"db = honker.open(db_path)","matchedPattern":"python file open","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/tests/test_task_results.py","line":56,"snippet":"db = honker.open(db_path)","matchedPattern":"python file open","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/tests/test_task_results.py","line":68,"snippet":"db = honker.open(db_path)","matchedPattern":"python file open","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/tests/test_task_results.py","line":79,"snippet":"db = honker.open(db_path)","matchedPattern":"python file open","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/tests/test_task_results.py","line":88,"snippet":"db = honker.open(db_path)","matchedPattern":"python file open","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/tests/test_task_results.py","line":98,"snippet":"db = honker.open(db_path)","matchedPattern":"python file open","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/tests/test_task_results.py","line":111,"snippet":"db = honker.open(db_path)","matchedPattern":"python file open","score":55,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"honker/tests/test_task_results.py","line":115,"snippet":"tx.execute(","matchedPattern":"query call","score":55,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"honker/tests/test_task_results.py","line":125,"snippet":"rows = db.query(\"SELECT COUNT(*) AS c FROM _honker_results\")","matchedPattern":"query call","score":55,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"honker/tests/test_task_results.py","line":128,"snippet":"rows = db.query(\"SELECT COUNT(*) AS c FROM _honker_results\")","matchedPattern":"query call","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/tests/test_task_results.py","line":135,"snippet":"db = honker.open(db_path)","matchedPattern":"python file open","score":55,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"honker/tests/test_task_results.py","line":138,"snippet":"tx.execute(","matchedPattern":"query call","score":55,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"honker/tests/test_task_results.py","line":142,"snippet":"tx.execute(","matchedPattern":"query call","score":55,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"honker/tests/test_task_results.py","line":146,"snippet":"tx.execute(","matchedPattern":"query call","score":55,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"honker/tests/test_task_results.py","line":151,"snippet":"rows = db.query(","matchedPattern":"query call","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/tests/test_task_results.py","line":163,"snippet":"db = honker.open(db_path)","matchedPattern":"python file open","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/tests/test_task_results.py","line":174,"snippet":"db = honker.open(db_path)","matchedPattern":"python file open","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/tests/test_task_results.py","line":190,"snippet":"db = honker.open(db_path)","matchedPattern":"python file open","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/tests/test_task_results.py","line":204,"snippet":"db = honker.open(db_path)","matchedPattern":"python file open","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/tests/test_task_results.py","line":224,"snippet":"db = honker.open(db_path)","matchedPattern":"python file open","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/tests/test_task_results.py","line":242,"snippet":"db = honker.open(db_path)","matchedPattern":"python file open","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/tests/test_task_results.py","line":264,"snippet":"db = honker.open(db_path)","matchedPattern":"python file open","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/tests/test_tasks.py","line":28,"snippet":"db = honker.open(db_path)","matchedPattern":"python file open","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/tests/test_tasks.py","line":43,"snippet":"db = honker.open(db_path)","matchedPattern":"python file open","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/tests/test_tasks.py","line":56,"snippet":"db = honker.open(db_path)","matchedPattern":"python file open","score":55,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"honker/tests/test_tasks.py","line":71,"snippet":"rows = db.query(","matchedPattern":"query call","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/tests/test_tasks.py","line":83,"snippet":"db = honker.open(db_path)","matchedPattern":"python file open","score":55,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"honker/tests/test_tasks.py","line":92,"snippet":"rows = db.query(\"SELECT COUNT(*) AS c FROM _honker_live WHERE queue='default'\")","matchedPattern":"query call","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/tests/test_tasks.py","line":100,"snippet":"db = honker.open(db_path)","matchedPattern":"python file open","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/tests/test_tasks.py","line":123,"snippet":"db = honker.open(db_path)","matchedPattern":"python file open","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/tests/test_tasks.py","line":145,"snippet":"db = honker.open(db_path)","matchedPattern":"python file open","score":55,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"honker/tests/test_tasks.py","line":165,"snippet":"rows = db.query(","matchedPattern":"query call","score":55,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"honker/tests/test_tasks.py","line":171,"snippet":"live = db.query(","matchedPattern":"query call","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/tests/test_tasks.py","line":178,"snippet":"db = honker.open(db_path)","matchedPattern":"python file open","score":55,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"honker/tests/test_tasks.py","line":195,"snippet":"rows = db.query(","matchedPattern":"query call","score":55,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"honker/tests/test_tasks.py","line":205,"snippet":"dead = db.query(","matchedPattern":"query call","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/tests/test_tasks.py","line":216,"snippet":"db = honker.open(db_path)","matchedPattern":"python file open","score":55,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"honker/tests/test_tasks.py","line":240,"snippet":"rows = db.query(\"SELECT COUNT(*) AS c FROM _honker_dead\")","matchedPattern":"query call","score":55,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"honker/tests/test_tasks.py","line":248,"snippet":"dead = db.query(\"SELECT last_error FROM _honker_dead\")","matchedPattern":"query call","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/tests/test_tasks.py","line":256,"snippet":"db = honker.open(db_path)","matchedPattern":"python file open","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/tests/test_tasks.py","line":273,"snippet":"db = honker.open(db_path)","matchedPattern":"python file open","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/tests/test_tasks.py","line":292,"snippet":"db = honker.open(db_path)","matchedPattern":"python file open","score":55,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"honker/tests/test_tasks.py","line":309,"snippet":"rows = db.query(","matchedPattern":"query call","score":55,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"honker/tests/test_tasks.py","line":319,"snippet":"rows = db.query(\"SELECT last_error FROM _honker_dead WHERE id=?\", [r.id])","matchedPattern":"query call","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/tests/test_tasks.py","line":330,"snippet":"db = honker.open(db_path)","matchedPattern":"python file open","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/tests/test_tasks.py","line":376,"snippet":"db = honker.open(db_path)","matchedPattern":"python file open","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/tests/test_tasks.py","line":395,"snippet":"db = honker.open(db_path)","matchedPattern":"python file open","score":55,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"honker/tests/test_tasks.py","line":408,"snippet":"rows = db.query(","matchedPattern":"query call","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/tests/test_tasks.py","line":431,"snippet":"db = honker.open(db_path)","matchedPattern":"python file open","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/tests/test_time_triggers_e2e.py","line":35,"snippet":"PACKAGES_ROOT = os.path.join(REPO_ROOT, \"packages\")","matchedPattern":"path join","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/tests/test_time_triggers_e2e.py","line":36,"snippet":"HONKER_PYTHON_ROOT = os.path.join(PACKAGES_ROOT, \"honker\", \"python\")","matchedPattern":"path join","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/tests/test_time_triggers_e2e.py","line":48,"snippet":"db = honker.open({db_path!r})","matchedPattern":"python file open","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/tests/test_time_triggers_e2e.py","line":79,"snippet":"db = honker.open({db_path!r})","matchedPattern":"python file open","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/tests/test_time_triggers_e2e.py","line":92,"snippet":"log = open({log_path!r}, \"a\", buffering=1)","matchedPattern":"python file open","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/tests/test_time_triggers_e2e.py","line":194,"snippet":"with open(path) as f:","matchedPattern":"python file open","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/tests/test_time_triggers_e2e.py","line":215,"snippet":"db = honker.open(db_path)","matchedPattern":"python file open","score":55,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"honker/tests/test_time_triggers_e2e.py","line":234,"snippet":"due_rows = db.query(","matchedPattern":"query call","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/tests/test_time_triggers_e2e.py","line":325,"snippet":"db = honker.open(db_path)","matchedPattern":"python file open","score":55,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"honker/tests/test_time_triggers_e2e.py","line":334,"snippet":"tx.execute(","matchedPattern":"query call","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/tests/test_watcher_backends_e2e.py","line":43,"snippet":"PACKAGES_ROOT = os.path.join(REPO_ROOT, \"packages\")","matchedPattern":"path join","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/tests/test_watcher_backends_e2e.py","line":61,"snippet":"return honker.open(db_path, watcher_backend=backend)","matchedPattern":"python file open","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/tests/test_watcher_backends_e2e.py","line":75,"snippet":"db = honker.open({db_path!r})","matchedPattern":"python file open","score":55,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"honker/tests/test_watcher_backends_e2e.py","line":170,"snippet":"tx.execute(\"CREATE TABLE _warm (i INTEGER)\")","matchedPattern":"query call","score":55,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"honker/tests/test_watcher_backends_e2e.py","line":214,"snippet":"tx.execute(\"CREATE TABLE _warm (i INTEGER)\")","matchedPattern":"query call","score":55,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"honker/tests/test_watcher_backends_e2e.py","line":243,"snippet":"persisted_rows = db.query(","matchedPattern":"query call","score":55,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"honker/tests/test_watcher_backends_e2e.py","line":282,"snippet":"tx.execute(\"CREATE TABLE _warm (i INTEGER)\")","matchedPattern":"query call","score":55,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"honker/tests/test_watcher_backends_e2e.py","line":323,"snippet":"persisted = db.query(","matchedPattern":"query call","score":55,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"honker/tests/test_watcher_backends_e2e.py","line":363,"snippet":"tx.execute(\"CREATE TABLE _warm (i INTEGER)\")","matchedPattern":"query call","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/tests/test_watcher_backends_queue_e2e.py","line":41,"snippet":"PACKAGES_ROOT = os.path.join(REPO_ROOT, \"packages\")","matchedPattern":"path join","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/tests/test_watcher_backends_queue_e2e.py","line":48,"snippet":"db = honker.open(db_path, watcher_backend=backend)","matchedPattern":"python file open","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/tests/test_watcher_backends_queue_e2e.py","line":79,"snippet":"db = honker.open(db_path, watcher_backend=backend)","matchedPattern":"python file open","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/tests/test_watcher_backends_queue_e2e.py","line":169,"snippet":"db = honker.open({db_path!r})","matchedPattern":"python file open","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/tests/test_watcher_backends.py","line":31,"snippet":"return honker.open(db_path, watcher_backend=backend)","matchedPattern":"python file open","score":55,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"honker/tests/test_watcher_backends.py","line":58,"snippet":"tx.execute(\"CREATE TABLE IF NOT EXISTS t (x INT)\")","matchedPattern":"query call","score":55,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"honker/tests/test_watcher_backends.py","line":63,"snippet":"tx.execute(\"INSERT INTO t VALUES (?)\", [i])","matchedPattern":"query call","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/tests/test_watcher_backends.py","line":113,"snippet":"honker.open(db_path, watcher_backend=\"bogus\")","matchedPattern":"python file open","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/tests/test_watcher_backends.py","line":115,"snippet":"honker.open(db_path, watcher_backend=\"KERNEL\")","matchedPattern":"python file open","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/tests/test_watcher_backends.py","line":117,"snippet":"honker.open(db_path, watcher_backend=\" polling \")","matchedPattern":"python file open","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/tests/test_watcher_backends.py","line":122,"snippet":"db = honker.open(db_path, watcher_backend=backend)","matchedPattern":"python file open","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/tests/test_watcher_backends.py","line":127,"snippet":"\"\"\"Sanity: the probe at honker.open() time succeeds for a normal db","matchedPattern":"python file open","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/tests/test_worker_task_options.py","line":25,"snippet":"db = honker.open(db_path)","matchedPattern":"python file open","score":55,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"honker/tests/test_worker_task_options.py","line":37,"snippet":"remaining = db.query(\"SELECT COUNT(*) AS c FROM _honker_live\")[0][\"c\"]","matchedPattern":"query call","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/tests/test_worker_task_options.py","line":45,"snippet":"db = honker.open(db_path)","matchedPattern":"python file open","score":55,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"honker/tests/test_worker_task_options.py","line":59,"snippet":"rows = db.query(","matchedPattern":"query call","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/tests/test_worker_task_options.py","line":72,"snippet":"db = honker.open(db_path)","matchedPattern":"python file open","score":55,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"honker/tests/test_worker_task_options.py","line":81,"snippet":"rows = db.query(\"SELECT state, attempts FROM _honker_live\")","matchedPattern":"query call","score":55,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"honker/tests/test_worker_task_options.py","line":86,"snippet":"rows = db.query(\"SELECT state, attempts FROM _honker_live\")","matchedPattern":"query call","score":55,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"honker/tests/test_worker_task_options.py","line":91,"snippet":"live = db.query(\"SELECT COUNT(*) AS c FROM _honker_live\")[0][\"c\"]","matchedPattern":"query call","score":55,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"honker/tests/test_worker_task_options.py","line":92,"snippet":"dead = db.query(\"SELECT COUNT(*) AS c FROM _honker_dead\")[0][\"c\"]","matchedPattern":"query call","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/tests/test_worker_task_options.py","line":116,"snippet":"db = honker.open(db_path)","matchedPattern":"python file open","score":55,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"honker/tests/test_worker_task_options.py","line":125,"snippet":"rows = db.query(","matchedPattern":"query call","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"honker/tests/test_worker_task_options.py","line":139,"snippet":"db = honker.open(db_path)","matchedPattern":"python file open","score":55,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"honker/tests/test_worker_task_options.py","line":144,"snippet":"row = db.query(\"SELECT run_at FROM _honker_live\")[0]","matchedPattern":"query call","score":55,"source":"builtin"}
{"slug":"weak-token-or-crypto","description":"Token, JWT, randomness, or crypto usage that deserves review.","noise":"normal","filePath":"ml/spam-classifier/train.py","line":118,"snippet":"if random.random() < 0.5:","matchedPattern":"weak random","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"ml/spam-classifier/train.py","line":352,"snippet":"with open(metadata_path, \"w\") as f:","matchedPattern":"python file open","score":55,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"web/src/components/dashboard/AlertFeedWidget.tsx","line":95,"snippet":"api.correlation.getAlerts.query({ limit: 10 }),","matchedPattern":"query call","score":55,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"web/src/components/dashboard/AlertFeedWidget.tsx","line":100,"snippet":"api.correlation.getGroups.query({ status: \"ACTIVE\", limit: 5 }),","matchedPattern":"query call","score":55,"source":"builtin"}
{"slug":"unsafe-html-or-template","description":"HTML injection sink or template escape bypass.","noise":"normal","filePath":"web/src/components/dashboard/dashboard.test.tsx","line":81,"snippet":"document.body.innerHTML = \"\";","matchedPattern":"dangerous html","score":55,"source":"builtin"}
{"slug":"unsafe-html-or-template","description":"HTML injection sink or template escape bypass.","noise":"normal","filePath":"web/src/components/dashboard/dashboard.test.tsx","line":86,"snippet":"document.body.innerHTML = \"\";","matchedPattern":"dangerous html","score":55,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"web/src/components/dashboard/ExposureWidget.tsx","line":47,"snippet":"api.darkwatch.getExposures.query({ limit: 1 }),","matchedPattern":"query call","score":55,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"web/src/components/dashboard/HomeTitleWidget.tsx","line":37,"snippet":"api.hometitle.getProperties.query(),","matchedPattern":"query call","score":55,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"web/src/components/dashboard/HomeTitleWidget.tsx","line":41,"snippet":"api.hometitle.getAlerts.query(),","matchedPattern":"query call","score":55,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"web/src/components/dashboard/RemoveBrokersWidget.tsx","line":20,"snippet":"api.removebrokers.getEnhancedStats.query(),","matchedPattern":"query call","score":55,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"web/src/components/dashboard/RemoveBrokersWidget.tsx","line":24,"snippet":"api.removebrokers.getBrokerRegistry.query(),","matchedPattern":"query call","score":55,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"web/src/components/dashboard/SpamShieldWidget.tsx","line":21,"snippet":"api.spamshield.getStats.query({ period: \"week\" }),","matchedPattern":"query call","score":55,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"web/src/components/dashboard/SpamShieldWidget.tsx","line":25,"snippet":"api.spamshield.getRules.query(),","matchedPattern":"query call","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"web/src/components/dashboard/ThreatScoreWidget.tsx","line":47,"snippet":".join(\" \");","matchedPattern":"path join","score":55,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"web/src/components/dashboard/ThreatScoreWidget.tsx","line":80,"snippet":"const [stats] = createResource(tick, () => api.correlation.getStats.query());","matchedPattern":"query call","score":55,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"web/src/components/dashboard/ThreatScoreWidget.tsx","line":83,"snippet":"const [trendData] = createResource(() => api.correlation.getThreatScoreTrend.query());","matchedPattern":"query call","score":55,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"web/src/components/dashboard/ThreatScoreWidget.tsx","line":86,"snippet":"const [recommendations] = createResource(() => api.correlation.getRecommendations.query());","matchedPattern":"query call","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"web/src/components/dashboard/TopBar.tsx","line":20,"snippet":".join(\"\")","matchedPattern":"path join","score":55,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"web/src/components/dashboard/VoicePrintWidget.tsx","line":21,"snippet":"api.voiceprint.getEnrollments.query(),","matchedPattern":"query call","score":55,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"web/src/components/dashboard/VoicePrintWidget.tsx","line":25,"snippet":"api.voiceprint.getAnalyses.query({ limit: 10 }),","matchedPattern":"query call","score":55,"source":"builtin"}
{"slug":"unsafe-html-or-template","description":"HTML injection sink or template escape bypass.","noise":"normal","filePath":"web/src/components/landing/background.test.tsx","line":19,"snippet":"document.body.innerHTML = \"\";","matchedPattern":"dangerous html","score":55,"source":"builtin"}
{"slug":"unsafe-html-or-template","description":"HTML injection sink or template escape bypass.","noise":"normal","filePath":"web/src/components/landing/background.test.tsx","line":38,"snippet":"document.body.innerHTML = \"\";","matchedPattern":"dangerous html","score":55,"source":"builtin"}
{"slug":"unsafe-html-or-template","description":"HTML injection sink or template escape bypass.","noise":"normal","filePath":"web/src/components/layout/layout.test.tsx","line":15,"snippet":"document.body.innerHTML = \"\";","matchedPattern":"dangerous html","score":55,"source":"builtin"}
{"slug":"unsafe-html-or-template","description":"HTML injection sink or template escape bypass.","noise":"normal","filePath":"web/src/components/layout/layout.test.tsx","line":19,"snippet":"document.body.innerHTML = \"\";","matchedPattern":"dangerous html","score":55,"source":"builtin"}
{"slug":"weak-token-or-crypto","description":"Token, JWT, randomness, or crypto usage that deserves review.","noise":"normal","filePath":"web/src/components/ui/Input.tsx","line":24,"snippet":"Math.random().toString(36).slice(2, 10);","matchedPattern":"weak random","score":55,"source":"builtin"}
{"slug":"weak-token-or-crypto","description":"Token, JWT, randomness, or crypto usage that deserves review.","noise":"normal","filePath":"web/src/components/ui/Skeleton.tsx","line":87,"snippet":"style={{ width: i() === 0 ? \"30%\" : `${15 + Math.random() * 20}%` }}","matchedPattern":"weak random","score":55,"source":"builtin"}
{"slug":"weak-token-or-crypto","description":"Token, JWT, randomness, or crypto usage that deserves review.","noise":"normal","filePath":"web/src/components/ui/Toast.tsx","line":50,"snippet":"Math.random().toString(36).slice(2, 10);","matchedPattern":"weak random","score":55,"source":"builtin"}
{"slug":"unsafe-html-or-template","description":"HTML injection sink or template escape bypass.","noise":"normal","filePath":"web/src/components/ui/ui.test.tsx","line":29,"snippet":"document.body.innerHTML = \"\";","matchedPattern":"dangerous html","score":55,"source":"builtin"}
{"slug":"unsafe-html-or-template","description":"HTML injection sink or template escape bypass.","noise":"normal","filePath":"web/src/components/ui/ui.test.tsx","line":39,"snippet":"document.body.innerHTML = \"\";","matchedPattern":"dangerous html","score":55,"source":"builtin"}
{"slug":"unsafe-html-or-template","description":"HTML injection sink or template escape bypass.","noise":"normal","filePath":"web/src/entry-server.tsx","line":13,"snippet":"innerHTML={`(function(){var t=localStorage.getItem('kordant-theme');if(t==='light')return;if(t==='dark'){document.documentElement.classList.add('dark');return}if(window.matchMedia('(prefers-color-scheme:dark)').matches)d","matchedPattern":"dangerous html","score":55,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"web/src/hooks/useNotifications.ts","line":6,"snippet":"() => api.correlation.getAlerts.query({ status: \"ACTIVE\", page: 1, limit: 50 }),","matchedPattern":"query call","score":55,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"web/src/hooks/useSubscription.ts","line":16,"snippet":"api.billing.getSubscription.query(),","matchedPattern":"query call","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"web/src/lib/utils.ts","line":2,"snippet":"return classes.filter(Boolean).join(\" \");","matchedPattern":"path join","score":55,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"web/src/server/health.ts","line":17,"snippet":"await client.execute({ sql: \"SELECT 1\" });","matchedPattern":"query call","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"web/src/server/jobs/scheduler.test.ts","line":15,"snippet":"then: vi.fn().mockImplementation((fn: Function) => Promise.resolve(fn(result))),","matchedPattern":"path join","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"web/src/server/jobs/scheduler.ts","line":50,"snippet":"return Object.values(CRON_OVERVIEW).join(\"\\n\");","matchedPattern":"path join","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"web/src/server/lib/env.ts","line":69,"snippet":"console.error(\"Missing required variables:\", missingKeys.join(\", \"));","matchedPattern":"path join","score":55,"source":"builtin"}
{"slug":"hidden-control-channel","description":"Request header or framework/proxy context read that may influence auth, routing, tenant, runtime, debug, or middleware behavior.","noise":"normal","filePath":"web/src/server/lib/logger.ts","line":22,"snippet":"\"req.headers.authorization\",","matchedPattern":"request header read","score":55,"source":"builtin"}
{"slug":"hidden-control-channel","description":"Request header or framework/proxy context read that may influence auth, routing, tenant, runtime, debug, or middleware behavior.","noise":"normal","filePath":"web/src/server/lib/logger.ts","line":23,"snippet":"\"req.headers.cookie\",","matchedPattern":"request header read","score":55,"source":"builtin"}
{"slug":"hidden-control-channel","description":"Request header or framework/proxy context read that may influence auth, routing, tenant, runtime, debug, or middleware behavior.","noise":"normal","filePath":"web/src/server/lib/logger.ts","line":24,"snippet":"\"req.headers.x-api-key\",","matchedPattern":"request header read","score":55,"source":"builtin"}
{"slug":"hidden-control-channel","description":"Request header or framework/proxy context read that may influence auth, routing, tenant, runtime, debug, or middleware behavior.","noise":"normal","filePath":"web/src/server/lib/request-logger.ts","line":1,"snippet":"import { type RequestMiddleware } from \"@solidjs/start/middleware\";","matchedPattern":"identity or internal control header","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"web/src/server/services/correlation.service.ts","line":190,"snippet":"? (existingNarrative ? existingNarrative + \" \" : \"\") + scoreResult.narratives.join(\" \")","matchedPattern":"path join","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"web/src/server/services/correlation/engine.ts","line":83,"snippet":"narrative = result.narratives.join(\" \");","matchedPattern":"path join","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"web/src/server/services/darkwatch/alert.cooldown.test.ts","line":8,"snippet":"then: vi.fn().mockImplementation((fn: Function) => Promise.resolve(fn(result))),","matchedPattern":"path join","score":55,"source":"builtin"}
{"slug":"hidden-control-channel","description":"Request header or framework/proxy context read that may influence auth, routing, tenant, runtime, debug, or middleware behavior.","noise":"normal","filePath":"web/src/server/services/darkwatch/censys.client.test.ts","line":71,"snippet":"it(\"returns parsed host search results\", async () => {","matchedPattern":"proxy or original request header","score":55,"source":"builtin"}
{"slug":"hidden-control-channel","description":"Request header or framework/proxy context read that may influence auth, routing, tenant, runtime, debug, or middleware behavior.","noise":"normal","filePath":"web/src/server/services/darkwatch/censys.client.test.ts","line":133,"snippet":"it(\"returns detailed host info\", async () => {","matchedPattern":"proxy or original request header","score":55,"source":"builtin"}
{"slug":"hidden-control-channel","description":"Request header or framework/proxy context read that may influence auth, routing, tenant, runtime, debug, or middleware behavior.","noise":"normal","filePath":"web/src/server/services/darkwatch/censys.client.test.ts","line":233,"snippet":"const host = {","matchedPattern":"proxy or original request header","score":55,"source":"builtin"}
{"slug":"hidden-control-channel","description":"Request header or framework/proxy context read that may influence auth, routing, tenant, runtime, debug, or middleware behavior.","noise":"normal","filePath":"web/src/server/services/darkwatch/censys.client.test.ts","line":238,"snippet":"const exposures = client.analyzeHostExposures(host);","matchedPattern":"proxy or original request header","score":55,"source":"builtin"}
{"slug":"hidden-control-channel","description":"Request header or framework/proxy context read that may influence auth, routing, tenant, runtime, debug, or middleware behavior.","noise":"normal","filePath":"web/src/server/services/darkwatch/censys.client.test.ts","line":246,"snippet":"const host = {","matchedPattern":"proxy or original request header","score":55,"source":"builtin"}
{"slug":"hidden-control-channel","description":"Request header or framework/proxy context read that may influence auth, routing, tenant, runtime, debug, or middleware behavior.","noise":"normal","filePath":"web/src/server/services/darkwatch/censys.client.test.ts","line":251,"snippet":"const exposures = client.analyzeHostExposures(host);","matchedPattern":"proxy or original request header","score":55,"source":"builtin"}
{"slug":"hidden-control-channel","description":"Request header or framework/proxy context read that may influence auth, routing, tenant, runtime, debug, or middleware behavior.","noise":"normal","filePath":"web/src/server/services/darkwatch/censys.client.test.ts","line":258,"snippet":"const host = {","matchedPattern":"proxy or original request header","score":55,"source":"builtin"}
{"slug":"hidden-control-channel","description":"Request header or framework/proxy context read that may influence auth, routing, tenant, runtime, debug, or middleware behavior.","noise":"normal","filePath":"web/src/server/services/darkwatch/censys.client.test.ts","line":263,"snippet":"const exposures = client.analyzeHostExposures(host);","matchedPattern":"proxy or original request header","score":55,"source":"builtin"}
{"slug":"hidden-control-channel","description":"Request header or framework/proxy context read that may influence auth, routing, tenant, runtime, debug, or middleware behavior.","noise":"normal","filePath":"web/src/server/services/darkwatch/censys.client.test.ts","line":270,"snippet":"const host = {","matchedPattern":"proxy or original request header","score":55,"source":"builtin"}
{"slug":"hidden-control-channel","description":"Request header or framework/proxy context read that may influence auth, routing, tenant, runtime, debug, or middleware behavior.","noise":"normal","filePath":"web/src/server/services/darkwatch/censys.client.test.ts","line":275,"snippet":"const exposures = client.analyzeHostExposures(host);","matchedPattern":"proxy or original request header","score":55,"source":"builtin"}
{"slug":"hidden-control-channel","description":"Request header or framework/proxy context read that may influence auth, routing, tenant, runtime, debug, or middleware behavior.","noise":"normal","filePath":"web/src/server/services/darkwatch/censys.client.test.ts","line":280,"snippet":"it(\"returns no exposures for clean host\", () => {","matchedPattern":"proxy or original request header","score":55,"source":"builtin"}
{"slug":"hidden-control-channel","description":"Request header or framework/proxy context read that may influence auth, routing, tenant, runtime, debug, or middleware behavior.","noise":"normal","filePath":"web/src/server/services/darkwatch/censys.client.test.ts","line":281,"snippet":"const host = {","matchedPattern":"proxy or original request header","score":55,"source":"builtin"}
{"slug":"hidden-control-channel","description":"Request header or framework/proxy context read that may influence auth, routing, tenant, runtime, debug, or middleware behavior.","noise":"normal","filePath":"web/src/server/services/darkwatch/censys.client.test.ts","line":286,"snippet":"const exposures = client.analyzeHostExposures(host);","matchedPattern":"proxy or original request header","score":55,"source":"builtin"}
{"slug":"ssrf-capable-request","description":"Outbound HTTP request site that may be attacker-controlled.","noise":"normal","filePath":"web/src/server/services/darkwatch/censys.client.ts","line":250,"snippet":"const res = await fetch(url, {","matchedPattern":"fetch/http client","score":55,"source":"builtin"}
{"slug":"hidden-control-channel","description":"Request header or framework/proxy context read that may influence auth, routing, tenant, runtime, debug, or middleware behavior.","noise":"normal","filePath":"web/src/server/services/darkwatch/censys.client.ts","line":309,"snippet":"// viewHost — detailed host fingerprinting by IP","matchedPattern":"proxy or original request header","score":55,"source":"builtin"}
{"slug":"hidden-control-channel","description":"Request header or framework/proxy context read that may influence auth, routing, tenant, runtime, debug, or middleware behavior.","noise":"normal","filePath":"web/src/server/services/darkwatch/censys.client.ts","line":313,"snippet":"const cacheKey = `host:${createHash(\"sha256\").update(ip.toLowerCase()).digest(\"hex\").slice(0, 16)}`;","matchedPattern":"proxy or original request header","score":55,"source":"builtin"}
{"slug":"hidden-control-channel","description":"Request header or framework/proxy context read that may influence auth, routing, tenant, runtime, debug, or middleware behavior.","noise":"normal","filePath":"web/src/server/services/darkwatch/censys.client.ts","line":322,"snippet":"const host: CensysHost = {","matchedPattern":"proxy or original request header","score":55,"source":"builtin"}
{"slug":"hidden-control-channel","description":"Request header or framework/proxy context read that may influence auth, routing, tenant, runtime, debug, or middleware behavior.","noise":"normal","filePath":"web/src/server/services/darkwatch/censys.client.ts","line":335,"snippet":"set(cacheKey, host, { prefix: CACHE_PREFIX, ttl: HOST_CACHE_TTL }).catch(() => {});","matchedPattern":"proxy or original request header","score":55,"source":"builtin"}
{"slug":"hidden-control-channel","description":"Request header or framework/proxy context read that may influence auth, routing, tenant, runtime, debug, or middleware behavior.","noise":"normal","filePath":"web/src/server/services/darkwatch/censys.client.ts","line":336,"snippet":"return host;","matchedPattern":"proxy or original request header","score":55,"source":"builtin"}
{"slug":"hidden-control-channel","description":"Request header or framework/proxy context read that may influence auth, routing, tenant, runtime, debug, or middleware behavior.","noise":"normal","filePath":"web/src/server/services/darkwatch/censys.client.ts","line":372,"snippet":"analyzeHostExposures(host: CensysHost): CensysExposure[] {","matchedPattern":"proxy or original request header","score":55,"source":"builtin"}
{"slug":"hidden-control-channel","description":"Request header or framework/proxy context read that may influence auth, routing, tenant, runtime, debug, or middleware behavior.","noise":"normal","filePath":"web/src/server/services/darkwatch/censys.client.ts","line":396,"snippet":"for (const service of host.services) {","matchedPattern":"proxy or original request header","score":55,"source":"builtin"}
{"slug":"hidden-control-channel","description":"Request header or framework/proxy context read that may influence auth, routing, tenant, runtime, debug, or middleware behavior.","noise":"normal","filePath":"web/src/server/services/darkwatch/censys.client.ts","line":403,"snippet":"ip: host.ip,","matchedPattern":"proxy or original request header","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"web/src/server/services/darkwatch/censys.client.ts","line":458,"snippet":"detail: `Certificate has known vulnerabilities: ${cert.vulnerabilities.join(\", \")}`,","matchedPattern":"path join","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"web/src/server/services/darkwatch/digest.service.ts","line":269,"snippet":".join(\"\");","matchedPattern":"path join","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"web/src/server/services/darkwatch/digest.service.ts","line":283,"snippet":"${sections.join(\"\")}","matchedPattern":"path join","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"web/src/server/services/darkwatch/digest.service.ts","line":307,"snippet":"return lines.join(\"\\n\");","matchedPattern":"path join","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"web/src/server/services/darkwatch/hibp.client.test.ts","line":243,"snippet":"Promise.resolve(","matchedPattern":"path join","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"web/src/server/services/darkwatch/hibp.client.test.ts","line":263,"snippet":"Promise.resolve(","matchedPattern":"path join","score":55,"source":"builtin"}
{"slug":"ssrf-capable-request","description":"Outbound HTTP request site that may be attacker-controlled.","noise":"normal","filePath":"web/src/server/services/darkwatch/hibp.client.ts","line":177,"snippet":"res = await fetch(url, {","matchedPattern":"fetch/http client","score":55,"source":"builtin"}
{"slug":"ssrf-capable-request","description":"Outbound HTTP request site that may be attacker-controlled.","noise":"normal","filePath":"web/src/server/services/darkwatch/hibp.client.ts","line":254,"snippet":"res = await fetch(","matchedPattern":"fetch/http client","score":55,"source":"builtin"}
{"slug":"ssrf-capable-request","description":"Outbound HTTP request site that may be attacker-controlled.","noise":"normal","filePath":"web/src/server/services/darkwatch/hibp.client.ts","line":308,"snippet":"res = await fetch(`${this.baseUrl}/breaches`, {","matchedPattern":"fetch/http client","score":55,"source":"builtin"}
{"slug":"hidden-control-channel","description":"Request header or framework/proxy context read that may influence auth, routing, tenant, runtime, debug, or middleware behavior.","noise":"normal","filePath":"web/src/server/services/darkwatch/scan.engine.test.ts","line":362,"snippet":"// Mock host search","matchedPattern":"proxy or original request header","score":55,"source":"builtin"}
{"slug":"hidden-control-channel","description":"Request header or framework/proxy context read that may influence auth, routing, tenant, runtime, debug, or middleware behavior.","noise":"normal","filePath":"web/src/server/services/darkwatch/scan.engine.test.ts","line":459,"snippet":"// Mock host lookup","matchedPattern":"proxy or original request header","score":55,"source":"builtin"}
{"slug":"hidden-control-channel","description":"Request header or framework/proxy context read that may influence auth, routing, tenant, runtime, debug, or middleware behavior.","noise":"normal","filePath":"web/src/server/services/darkwatch/scan.engine.ts","line":321,"snippet":"// Censys scan — host search + certificate analysis","matchedPattern":"proxy or original request header","score":55,"source":"builtin"}
{"slug":"hidden-control-channel","description":"Request header or framework/proxy context read that may influence auth, routing, tenant, runtime, debug, or middleware behavior.","noise":"normal","filePath":"web/src/server/services/darkwatch/scan.engine.ts","line":350,"snippet":"for (const host of hostResults.hosts) {","matchedPattern":"proxy or original request header","score":55,"source":"builtin"}
{"slug":"hidden-control-channel","description":"Request header or framework/proxy context read that may influence auth, routing, tenant, runtime, debug, or middleware behavior.","noise":"normal","filePath":"web/src/server/services/darkwatch/scan.engine.ts","line":351,"snippet":"// Analyze host for exposures","matchedPattern":"proxy or original request header","score":55,"source":"builtin"}
{"slug":"hidden-control-channel","description":"Request header or framework/proxy context read that may influence auth, routing, tenant, runtime, debug, or middleware behavior.","noise":"normal","filePath":"web/src/server/services/darkwatch/scan.engine.ts","line":352,"snippet":"const exposures = censys.analyzeHostExposures(host);","matchedPattern":"proxy or original request header","score":55,"source":"builtin"}
{"slug":"hidden-control-channel","description":"Request header or framework/proxy context read that may influence auth, routing, tenant, runtime, debug, or middleware behavior.","noise":"normal","filePath":"web/src/server/services/darkwatch/scan.engine.ts","line":425,"snippet":"const host = await shodan.host(identifier);","matchedPattern":"proxy or original request header","score":55,"source":"builtin"}
{"slug":"hidden-control-channel","description":"Request header or framework/proxy context read that may influence auth, routing, tenant, runtime, debug, or middleware behavior.","noise":"normal","filePath":"web/src/server/services/darkwatch/scan.engine.ts","line":425,"snippet":"const host = await shodan.host(identifier);","matchedPattern":"proxy or original request header","score":55,"source":"builtin"}
{"slug":"hidden-control-channel","description":"Request header or framework/proxy context read that may influence auth, routing, tenant, runtime, debug, or middleware behavior.","noise":"normal","filePath":"web/src/server/services/darkwatch/scan.engine.ts","line":427,"snippet":"if (host) {","matchedPattern":"proxy or original request header","score":55,"source":"builtin"}
{"slug":"hidden-control-channel","description":"Request header or framework/proxy context read that may influence auth, routing, tenant, runtime, debug, or middleware behavior.","noise":"normal","filePath":"web/src/server/services/darkwatch/scan.engine.ts","line":428,"snippet":"const exposures = shodan.analyzeHostExposures(host);","matchedPattern":"proxy or original request header","score":55,"source":"builtin"}
{"slug":"hidden-control-channel","description":"Request header or framework/proxy context read that may influence auth, routing, tenant, runtime, debug, or middleware behavior.","noise":"normal","filePath":"web/src/server/services/darkwatch/scan.engine.ts","line":442,"snippet":"for (const host of searchResult.matches) {","matchedPattern":"proxy or original request header","score":55,"source":"builtin"}
{"slug":"hidden-control-channel","description":"Request header or framework/proxy context read that may influence auth, routing, tenant, runtime, debug, or middleware behavior.","noise":"normal","filePath":"web/src/server/services/darkwatch/scan.engine.ts","line":443,"snippet":"const exposures = shodan.analyzeHostExposures(host);","matchedPattern":"proxy or original request header","score":55,"source":"builtin"}
{"slug":"hidden-control-channel","description":"Request header or framework/proxy context read that may influence auth, routing, tenant, runtime, debug, or middleware behavior.","noise":"normal","filePath":"web/src/server/services/darkwatch/scan.engine.ts","line":445,"snippet":"results.push(processScanResult(\"shodan\", exp, host.ip_str ?? identifier));","matchedPattern":"proxy or original request header","score":55,"source":"builtin"}
{"slug":"ssrf-capable-request","description":"Outbound HTTP request site that may be attacker-controlled.","noise":"normal","filePath":"web/src/server/services/darkwatch/securitytrails.client.ts","line":196,"snippet":"const res = await fetch(url, {","matchedPattern":"fetch/http client","score":55,"source":"builtin"}
{"slug":"hidden-control-channel","description":"Request header or framework/proxy context read that may influence auth, routing, tenant, runtime, debug, or middleware behavior.","noise":"normal","filePath":"web/src/server/services/darkwatch/shodan.client.test.ts","line":119,"snippet":"// host","matchedPattern":"proxy or original request header","score":55,"source":"builtin"}
{"slug":"hidden-control-channel","description":"Request header or framework/proxy context read that may influence auth, routing, tenant, runtime, debug, or middleware behavior.","noise":"normal","filePath":"web/src/server/services/darkwatch/shodan.client.test.ts","line":122,"snippet":"describe(\"host\", () => {","matchedPattern":"proxy or original request header","score":55,"source":"builtin"}
{"slug":"hidden-control-channel","description":"Request header or framework/proxy context read that may influence auth, routing, tenant, runtime, debug, or middleware behavior.","noise":"normal","filePath":"web/src/server/services/darkwatch/shodan.client.test.ts","line":123,"snippet":"it(\"returns detailed host info\", async () => {","matchedPattern":"proxy or original request header","score":55,"source":"builtin"}
{"slug":"hidden-control-channel","description":"Request header or framework/proxy context read that may influence auth, routing, tenant, runtime, debug, or middleware behavior.","noise":"normal","filePath":"web/src/server/services/darkwatch/shodan.client.test.ts","line":157,"snippet":"const result = await client.host(\"93.184.216.34\");","matchedPattern":"proxy or original request header","score":55,"source":"builtin"}
{"slug":"hidden-control-channel","description":"Request header or framework/proxy context read that may influence auth, routing, tenant, runtime, debug, or middleware behavior.","noise":"normal","filePath":"web/src/server/services/darkwatch/shodan.client.test.ts","line":168,"snippet":"const result = await client.host(\"1.2.3.4\");","matchedPattern":"proxy or original request header","score":55,"source":"builtin"}
{"slug":"hidden-control-channel","description":"Request header or framework/proxy context read that may influence auth, routing, tenant, runtime, debug, or middleware behavior.","noise":"normal","filePath":"web/src/server/services/darkwatch/shodan.client.test.ts","line":200,"snippet":"expect.stringContaining(\"/host/count\"),","matchedPattern":"proxy or original request header","score":55,"source":"builtin"}
{"slug":"hidden-control-channel","description":"Request header or framework/proxy context read that may influence auth, routing, tenant, runtime, debug, or middleware behavior.","noise":"normal","filePath":"web/src/server/services/darkwatch/shodan.client.test.ts","line":212,"snippet":"const host = {","matchedPattern":"proxy or original request header","score":55,"source":"builtin"}
{"slug":"hidden-control-channel","description":"Request header or framework/proxy context read that may influence auth, routing, tenant, runtime, debug, or middleware behavior.","noise":"normal","filePath":"web/src/server/services/darkwatch/shodan.client.test.ts","line":220,"snippet":"const exposures = client.analyzeHostExposures(host);","matchedPattern":"proxy or original request header","score":55,"source":"builtin"}
{"slug":"hidden-control-channel","description":"Request header or framework/proxy context read that may influence auth, routing, tenant, runtime, debug, or middleware behavior.","noise":"normal","filePath":"web/src/server/services/darkwatch/shodan.client.test.ts","line":227,"snippet":"const host = {","matchedPattern":"proxy or original request header","score":55,"source":"builtin"}
{"slug":"hidden-control-channel","description":"Request header or framework/proxy context read that may influence auth, routing, tenant, runtime, debug, or middleware behavior.","noise":"normal","filePath":"web/src/server/services/darkwatch/shodan.client.test.ts","line":236,"snippet":"const exposures = client.analyzeHostExposures(host);","matchedPattern":"proxy or original request header","score":55,"source":"builtin"}
{"slug":"hidden-control-channel","description":"Request header or framework/proxy context read that may influence auth, routing, tenant, runtime, debug, or middleware behavior.","noise":"normal","filePath":"web/src/server/services/darkwatch/shodan.client.test.ts","line":243,"snippet":"const host = {","matchedPattern":"proxy or original request header","score":55,"source":"builtin"}
{"slug":"hidden-control-channel","description":"Request header or framework/proxy context read that may influence auth, routing, tenant, runtime, debug, or middleware behavior.","noise":"normal","filePath":"web/src/server/services/darkwatch/shodan.client.test.ts","line":257,"snippet":"const exposures = client.analyzeHostExposures(host);","matchedPattern":"proxy or original request header","score":55,"source":"builtin"}
{"slug":"hidden-control-channel","description":"Request header or framework/proxy context read that may influence auth, routing, tenant, runtime, debug, or middleware behavior.","noise":"normal","filePath":"web/src/server/services/darkwatch/shodan.client.test.ts","line":264,"snippet":"const host = {","matchedPattern":"proxy or original request header","score":55,"source":"builtin"}
{"slug":"hidden-control-channel","description":"Request header or framework/proxy context read that may influence auth, routing, tenant, runtime, debug, or middleware behavior.","noise":"normal","filePath":"web/src/server/services/darkwatch/shodan.client.test.ts","line":277,"snippet":"const exposures = client.analyzeHostExposures(host);","matchedPattern":"proxy or original request header","score":55,"source":"builtin"}
{"slug":"hidden-control-channel","description":"Request header or framework/proxy context read that may influence auth, routing, tenant, runtime, debug, or middleware behavior.","noise":"normal","filePath":"web/src/server/services/darkwatch/shodan.client.test.ts","line":284,"snippet":"const host = {","matchedPattern":"proxy or original request header","score":55,"source":"builtin"}
{"slug":"hidden-control-channel","description":"Request header or framework/proxy context read that may influence auth, routing, tenant, runtime, debug, or middleware behavior.","noise":"normal","filePath":"web/src/server/services/darkwatch/shodan.client.test.ts","line":297,"snippet":"const exposures = client.analyzeHostExposures(host);","matchedPattern":"proxy or original request header","score":55,"source":"builtin"}
{"slug":"hidden-control-channel","description":"Request header or framework/proxy context read that may influence auth, routing, tenant, runtime, debug, or middleware behavior.","noise":"normal","filePath":"web/src/server/services/darkwatch/shodan.client.test.ts","line":304,"snippet":"const host = {","matchedPattern":"proxy or original request header","score":55,"source":"builtin"}
{"slug":"hidden-control-channel","description":"Request header or framework/proxy context read that may influence auth, routing, tenant, runtime, debug, or middleware behavior.","noise":"normal","filePath":"web/src/server/services/darkwatch/shodan.client.test.ts","line":317,"snippet":"const exposures = client.analyzeHostExposures(host);","matchedPattern":"proxy or original request header","score":55,"source":"builtin"}
{"slug":"hidden-control-channel","description":"Request header or framework/proxy context read that may influence auth, routing, tenant, runtime, debug, or middleware behavior.","noise":"normal","filePath":"web/src/server/services/darkwatch/shodan.client.test.ts","line":325,"snippet":"const host = {","matchedPattern":"proxy or original request header","score":55,"source":"builtin"}
{"slug":"hidden-control-channel","description":"Request header or framework/proxy context read that may influence auth, routing, tenant, runtime, debug, or middleware behavior.","noise":"normal","filePath":"web/src/server/services/darkwatch/shodan.client.test.ts","line":332,"snippet":"const exposures = client.analyzeHostExposures(host);","matchedPattern":"proxy or original request header","score":55,"source":"builtin"}
{"slug":"ssrf-capable-request","description":"Outbound HTTP request site that may be attacker-controlled.","noise":"normal","filePath":"web/src/server/services/darkwatch/shodan.client.ts","line":169,"snippet":"const res = await fetch(url, {","matchedPattern":"fetch/http client","score":55,"source":"builtin"}
{"slug":"hidden-control-channel","description":"Request header or framework/proxy context read that may influence auth, routing, tenant, runtime, debug, or middleware behavior.","noise":"normal","filePath":"web/src/server/services/darkwatch/shodan.client.ts","line":208,"snippet":"const url = `${this.baseUrl}/host/search?key=${this.apiKey}&query=${encodeURIComponent(query)}&page=${page}`;","matchedPattern":"proxy or original request header","score":55,"source":"builtin"}
{"slug":"hidden-control-channel","description":"Request header or framework/proxy context read that may influence auth, routing, tenant, runtime, debug, or middleware behavior.","noise":"normal","filePath":"web/src/server/services/darkwatch/shodan.client.ts","line":222,"snippet":"// host — detailed host information by IP","matchedPattern":"proxy or original request header","score":55,"source":"builtin"}
{"slug":"hidden-control-channel","description":"Request header or framework/proxy context read that may influence auth, routing, tenant, runtime, debug, or middleware behavior.","noise":"normal","filePath":"web/src/server/services/darkwatch/shodan.client.ts","line":222,"snippet":"// host — detailed host information by IP","matchedPattern":"proxy or original request header","score":55,"source":"builtin"}
{"slug":"hidden-control-channel","description":"Request header or framework/proxy context read that may influence auth, routing, tenant, runtime, debug, or middleware behavior.","noise":"normal","filePath":"web/src/server/services/darkwatch/shodan.client.ts","line":225,"snippet":"async host(ip: string): Promise<ShodanHost | null> {","matchedPattern":"proxy or original request header","score":55,"source":"builtin"}
{"slug":"hidden-control-channel","description":"Request header or framework/proxy context read that may influence auth, routing, tenant, runtime, debug, or middleware behavior.","noise":"normal","filePath":"web/src/server/services/darkwatch/shodan.client.ts","line":226,"snippet":"const cacheKey = `host:${createHash(\"sha256\").update(ip.toLowerCase()).digest(\"hex\").slice(0, 16)}`;","matchedPattern":"proxy or original request header","score":55,"source":"builtin"}
{"slug":"hidden-control-channel","description":"Request header or framework/proxy context read that may influence auth, routing, tenant, runtime, debug, or middleware behavior.","noise":"normal","filePath":"web/src/server/services/darkwatch/shodan.client.ts","line":230,"snippet":"const url = `${this.baseUrl}/host/${encodeURIComponent(ip)}?key=${this.apiKey}`;","matchedPattern":"proxy or original request header","score":55,"source":"builtin"}
{"slug":"hidden-control-channel","description":"Request header or framework/proxy context read that may influence auth, routing, tenant, runtime, debug, or middleware behavior.","noise":"normal","filePath":"web/src/server/services/darkwatch/shodan.client.ts","line":251,"snippet":"const url = `${this.baseUrl}/host/count?key=${this.apiKey}&query=${encodeURIComponent(query)}`;","matchedPattern":"proxy or original request header","score":55,"source":"builtin"}
{"slug":"hidden-control-channel","description":"Request header or framework/proxy context read that may influence auth, routing, tenant, runtime, debug, or middleware behavior.","noise":"normal","filePath":"web/src/server/services/darkwatch/shodan.client.ts","line":263,"snippet":"analyzeHostExposures(host: ShodanHost): ShodanExposure[] {","matchedPattern":"proxy or original request header","score":55,"source":"builtin"}
{"slug":"hidden-control-channel","description":"Request header or framework/proxy context read that may influence auth, routing, tenant, runtime, debug, or middleware behavior.","noise":"normal","filePath":"web/src/server/services/darkwatch/shodan.client.ts","line":267,"snippet":"if (host.tags?.includes(\"tor\")) {","matchedPattern":"proxy or original request header","score":55,"source":"builtin"}
{"slug":"hidden-control-channel","description":"Request header or framework/proxy context read that may influence auth, routing, tenant, runtime, debug, or middleware behavior.","noise":"normal","filePath":"web/src/server/services/darkwatch/shodan.client.ts","line":271,"snippet":"detail: `IP ${host.ip_str} is a known Tor exit node`,","matchedPattern":"proxy or original request header","score":55,"source":"builtin"}
{"slug":"hidden-control-channel","description":"Request header or framework/proxy context read that may influence auth, routing, tenant, runtime, debug, or middleware behavior.","noise":"normal","filePath":"web/src/server/services/darkwatch/shodan.client.ts","line":272,"snippet":"ip: host.ip_str,","matchedPattern":"proxy or original request header","score":55,"source":"builtin"}
{"slug":"hidden-control-channel","description":"Request header or framework/proxy context read that may influence auth, routing, tenant, runtime, debug, or middleware behavior.","noise":"normal","filePath":"web/src/server/services/darkwatch/shodan.client.ts","line":277,"snippet":"if (host.tags?.includes(\"iot\")) {","matchedPattern":"proxy or original request header","score":55,"source":"builtin"}
{"slug":"hidden-control-channel","description":"Request header or framework/proxy context read that may influence auth, routing, tenant, runtime, debug, or middleware behavior.","noise":"normal","filePath":"web/src/server/services/darkwatch/shodan.client.ts","line":281,"snippet":"detail: `IoT device exposed: ${host.ip_str}${host.os ? ` (${host.os})` : \"\"}`,","matchedPattern":"proxy or original request header","score":55,"source":"builtin"}
{"slug":"hidden-control-channel","description":"Request header or framework/proxy context read that may influence auth, routing, tenant, runtime, debug, or middleware behavior.","noise":"normal","filePath":"web/src/server/services/darkwatch/shodan.client.ts","line":281,"snippet":"detail: `IoT device exposed: ${host.ip_str}${host.os ? ` (${host.os})` : \"\"}`,","matchedPattern":"proxy or original request header","score":55,"source":"builtin"}
{"slug":"hidden-control-channel","description":"Request header or framework/proxy context read that may influence auth, routing, tenant, runtime, debug, or middleware behavior.","noise":"normal","filePath":"web/src/server/services/darkwatch/shodan.client.ts","line":281,"snippet":"detail: `IoT device exposed: ${host.ip_str}${host.os ? ` (${host.os})` : \"\"}`,","matchedPattern":"proxy or original request header","score":55,"source":"builtin"}
{"slug":"hidden-control-channel","description":"Request header or framework/proxy context read that may influence auth, routing, tenant, runtime, debug, or middleware behavior.","noise":"normal","filePath":"web/src/server/services/darkwatch/shodan.client.ts","line":282,"snippet":"ip: host.ip_str,","matchedPattern":"proxy or original request header","score":55,"source":"builtin"}
{"slug":"hidden-control-channel","description":"Request header or framework/proxy context read that may influence auth, routing, tenant, runtime, debug, or middleware behavior.","noise":"normal","filePath":"web/src/server/services/darkwatch/shodan.client.ts","line":287,"snippet":"const portData = host.data ?? [];","matchedPattern":"proxy or original request header","score":55,"source":"builtin"}
{"slug":"hidden-control-channel","description":"Request header or framework/proxy context read that may influence auth, routing, tenant, runtime, debug, or middleware behavior.","noise":"normal","filePath":"web/src/server/services/darkwatch/shodan.client.ts","line":295,"snippet":"detail: `Database ${port.product ?? \"service\"} exposed on port ${port.port} (${host.ip_str})`,","matchedPattern":"proxy or original request header","score":55,"source":"builtin"}
{"slug":"hidden-control-channel","description":"Request header or framework/proxy context read that may influence auth, routing, tenant, runtime, debug, or middleware behavior.","noise":"normal","filePath":"web/src/server/services/darkwatch/shodan.client.ts","line":296,"snippet":"ip: host.ip_str,","matchedPattern":"proxy or original request header","score":55,"source":"builtin"}
{"slug":"hidden-control-channel","description":"Request header or framework/proxy context read that may influence auth, routing, tenant, runtime, debug, or middleware behavior.","noise":"normal","filePath":"web/src/server/services/darkwatch/shodan.client.ts","line":311,"snippet":"detail: `Admin panel exposed: \"${port.http.title}\" on port ${port.port} (${host.ip_str})`,","matchedPattern":"proxy or original request header","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"web/src/server/services/darkwatch/shodan.client.ts","line":344,"snippet":"detail: `Service on port ${port.port} has known vulnerabilities: ${port.vulns.join(\", \")}`,","matchedPattern":"path join","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"web/src/server/services/darkwatch/shodan.client.ts","line":381,"snippet":"detail: `Host ${host.ip_str} has vulnerabilities: ${newVulns.join(\", \")}`,","matchedPattern":"path join","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"web/src/server/services/family.service.ts","line":1139,"snippet":"message: `This action requires one of these roles: ${allowedRoles.join(\", \")}`,","matchedPattern":"path join","score":55,"source":"builtin"}
{"slug":"ssrf-capable-request","description":"Outbound HTTP request site that may be attacker-controlled.","noise":"normal","filePath":"web/src/server/services/hometitle/attom.client.ts","line":228,"snippet":"const res = await fetch(url, {","matchedPattern":"fetch/http client","score":55,"source":"builtin"}
{"slug":"ssrf-capable-request","description":"Outbound HTTP request site that may be attacker-controlled.","noise":"normal","filePath":"web/src/server/services/hometitle/county-scrapers/rate-limiter.ts","line":16,"snippet":"* Resolves when it's safe to make the request (respects per-county interval).","matchedPattern":"fetch/http client","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"web/src/server/services/hometitle/county-scrapers/rate-limiter.ts","line":42,"snippet":"resolve();","matchedPattern":"path join","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"web/src/server/services/hometitle/county-scrapers/rate-limiter.ts","line":47,"snippet":"resolve();","matchedPattern":"path join","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"web/src/server/services/hometitle/county-scrapers/rate-limiter.ts","line":63,"snippet":"resolve();","matchedPattern":"path join","score":55,"source":"builtin"}
{"slug":"ssrf-capable-request","description":"Outbound HTTP request site that may be attacker-controlled.","noise":"normal","filePath":"web/src/server/services/hometitle/scanner.ts","line":320,"snippet":"const res = await fetch(url);","matchedPattern":"fetch/http client","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"web/src/server/services/removebrokers/adapter-health.ts","line":188,"snippet":"`Broken: ${failingAdapters.filter((a) => a.status === \"broken\").map((a) => a.brokerName).join(\", \")}`;","matchedPattern":"path join","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"web/src/server/services/removebrokers/adapters/base.ts","line":150,"snippet":"? Promise.resolve({ state: Notification.permission } as PermissionStatus)","matchedPattern":"path join","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"web/src/server/services/removebrokers/adapters/base.ts","line":172,"snippet":"const baseDir = path.resolve(screenshotsDir);","matchedPattern":"path join","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"web/src/server/services/removebrokers/adapters/base.ts","line":175,"snippet":"const fullPath = path.join(baseDir, filename);","matchedPattern":"path join","score":55,"source":"builtin"}
{"slug":"weak-token-or-crypto","description":"Token, JWT, randomness, or crypto usage that deserves review.","noise":"normal","filePath":"web/src/server/services/removebrokers/adapters/base.ts","line":316,"snippet":"await el.type(value, { delay: 50 + Math.random() * 50 });","matchedPattern":"weak random","score":55,"source":"builtin"}
{"slug":"weak-token-or-crypto","description":"Token, JWT, randomness, or crypto usage that deserves review.","noise":"normal","filePath":"web/src/server/services/removebrokers/adapters/base.ts","line":331,"snippet":"await new Promise((r) => setTimeout(r, 200 + Math.random() * 300));","matchedPattern":"weak random","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"web/src/server/services/removebrokers/adapters/beenverified.ts","line":51,"snippet":"await this.fillField('input[name=\"lastName\"], input[placeholder*=\"Last\"]', nameParts.slice(1).join(\" \"));","matchedPattern":"path join","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"web/src/server/services/removebrokers/adapters/whitepages.ts","line":62,"snippet":"const lastName = this.config.personalInfo.fullName.split(\" \").slice(1).join(\" \");","matchedPattern":"path join","score":55,"source":"builtin"}
{"slug":"ssrf-capable-request","description":"Outbound HTTP request site that may be attacker-controlled.","noise":"normal","filePath":"web/src/server/services/removebrokers/captcha-solver.ts","line":169,"snippet":"const submitResponse = await fetch(submitUrl, {","matchedPattern":"fetch/http client","score":55,"source":"builtin"}
{"slug":"ssrf-capable-request","description":"Outbound HTTP request site that may be attacker-controlled.","noise":"normal","filePath":"web/src/server/services/removebrokers/captcha-solver.ts","line":192,"snippet":"const resultResponse = await fetch(resultUrl, {","matchedPattern":"fetch/http client","score":55,"source":"builtin"}
{"slug":"ssrf-capable-request","description":"Outbound HTTP request site that may be attacker-controlled.","noise":"normal","filePath":"web/src/server/services/removebrokers/captcha-solver.ts","line":492,"snippet":"const response = await fetch(","matchedPattern":"fetch/http client","score":55,"source":"builtin"}
{"slug":"ssrf-capable-request","description":"Outbound HTTP request site that may be attacker-controlled.","noise":"normal","filePath":"web/src/server/services/removebrokers/email-verifier.ts","line":137,"snippet":"fetch(","matchedPattern":"fetch/http client","score":55,"source":"builtin"}
{"slug":"hidden-control-channel","description":"Request header or framework/proxy context read that may influence auth, routing, tenant, runtime, debug, or middleware behavior.","noise":"normal","filePath":"web/src/server/services/removebrokers/email-verifier.ts","line":153,"snippet":"host: config.imapHost!,","matchedPattern":"proxy or original request header","score":55,"source":"builtin"}
{"slug":"ssrf-capable-request","description":"Outbound HTTP request site that may be attacker-controlled.","noise":"normal","filePath":"web/src/server/services/removebrokers/email-verifier.ts","line":169,"snippet":"for await (const msg of client.fetch(","matchedPattern":"fetch/http client","score":55,"source":"builtin"}
{"slug":"ssrf-capable-request","description":"Outbound HTTP request site that may be attacker-controlled.","noise":"normal","filePath":"web/src/server/services/removebrokers/email-verifier.ts","line":396,"snippet":"// Find the best matching request (by domain or name)","matchedPattern":"fetch/http client","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"web/src/server/services/reports/generator.ts","line":9,"snippet":"const TEMPLATES_DIR = join(__dirname, \"templates\");","matchedPattern":"path join","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"web/src/server/services/reports/generator.ts","line":10,"snippet":"const REPORTS_DIR = join(process.cwd(), \"reports\");","matchedPattern":"path join","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"web/src/server/services/reports/generator.ts","line":158,"snippet":".join(\"\\n\");","matchedPattern":"path join","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"web/src/server/services/reports/generator.ts","line":221,"snippet":"return items.join(\"\\n\");","matchedPattern":"path join","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"web/src/server/services/reports/generator.ts","line":231,"snippet":"return readFileSync(join(TEMPLATES_DIR, filename), \"utf-8\");","matchedPattern":"file read/write","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"web/src/server/services/reports/generator.ts","line":231,"snippet":"return readFileSync(join(TEMPLATES_DIR, filename), \"utf-8\");","matchedPattern":"path join","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"web/src/server/services/reports/generator.ts","line":312,"snippet":"const userDir = join(REPORTS_DIR, userId);","matchedPattern":"path join","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"web/src/server/services/reports/generator.ts","line":316,"snippet":"const filePath = join(userDir, filename);","matchedPattern":"path join","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"web/src/server/services/reports/generator.ts","line":317,"snippet":"writeFileSync(filePath, pdfBuffer);","matchedPattern":"file read/write","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"web/src/server/services/spamshield/onnx.inference.ts","line":138,"snippet":"const vocabPath = path.join(configPath, \"vocab.txt\");","matchedPattern":"path join","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"web/src/server/services/spamshield/onnx.inference.ts","line":139,"snippet":"const tokenizerConfigPath = path.join(configPath, \"tokenizer_config.json\");","matchedPattern":"path join","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"web/src/server/services/spamshield/onnx.inference.ts","line":144,"snippet":"const vocabText = fs.readFileSync(vocabPath, \"utf-8\");","matchedPattern":"file read/write","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"web/src/server/services/spamshield/onnx.inference.ts","line":158,"snippet":"const configData = JSON.parse(fs.readFileSync(tokenizerConfigPath, \"utf-8\"));","matchedPattern":"file read/write","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"web/src/server/services/spamshield/onnx.inference.ts","line":255,"snippet":"const DEFAULT_MODEL_DIR = path.join(__dirname, \"..\", \"..\", \"models\", \"spam-classifier\");","matchedPattern":"path join","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"web/src/server/services/spamshield/onnx.inference.ts","line":269,"snippet":"const metadataPath = path.join(modelDir, \"model_metadata.json\");","matchedPattern":"path join","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"web/src/server/services/spamshield/onnx.inference.ts","line":271,"snippet":"modelState.metadata = JSON.parse(fs.readFileSync(metadataPath, \"utf-8\"));","matchedPattern":"file read/write","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"web/src/server/services/spamshield/onnx.inference.ts","line":280,"snippet":"const modelPath = path.join(modelDir, \"model.onnx\");","matchedPattern":"path join","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"web/src/server/services/spamshield/onnx.inference.ts","line":283,"snippet":"const modelDataPath = path.join(modelDir, \"model.onnx.data\");","matchedPattern":"path join","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"web/src/server/services/spamshield/onnx.inference.ts","line":291,"snippet":"console.log(`[spamshield] Inputs: ${modelState.session.inputNames.join(\", \")}`);","matchedPattern":"path join","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"web/src/server/services/spamshield/onnx.inference.ts","line":292,"snippet":"console.log(`[spamshield] Outputs: ${modelState.session.outputNames.join(\", \")}`);","matchedPattern":"path join","score":55,"source":"builtin"}
{"slug":"ssrf-capable-request","description":"Outbound HTTP request site that may be attacker-controlled.","noise":"normal","filePath":"web/src/server/services/spamshield/twilio.client.ts","line":246,"snippet":"const response = await fetch(url, {","matchedPattern":"fetch/http client","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"web/src/server/services/spamshield/twilio.client.ts","line":280,"snippet":"const url = `https://lookups.twilio.com/v1/PhoneNumbers/${encodeURIComponent(phoneNumber)}?Type=${types.join(\"&Type=\")}`;","matchedPattern":"path join","score":55,"source":"builtin"}
{"slug":"ssrf-capable-request","description":"Outbound HTTP request site that may be attacker-controlled.","noise":"normal","filePath":"web/src/server/services/spamshield/twilio.client.ts","line":282,"snippet":"const response = await fetch(url, {","matchedPattern":"fetch/http client","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"web/src/server/services/voiceprint/azure.client.test.ts","line":35,"snippet":"Promise.resolve({","matchedPattern":"path join","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"web/src/server/services/voiceprint/azure.client.test.ts","line":63,"snippet":"text: () => Promise.resolve('{\"error\": {\"code\": \"Unauthorized\"}}'),","matchedPattern":"path join","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"web/src/server/services/voiceprint/azure.client.test.ts","line":75,"snippet":"Promise.resolve({","matchedPattern":"path join","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"web/src/server/services/voiceprint/azure.client.test.ts","line":106,"snippet":"Promise.resolve({","matchedPattern":"path join","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"web/src/server/services/voiceprint/azure.client.test.ts","line":126,"snippet":"Promise.resolve({","matchedPattern":"path join","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"web/src/server/services/voiceprint/azure.client.test.ts","line":166,"snippet":"json: () => Promise.resolve(profiles),","matchedPattern":"path join","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"web/src/server/services/voiceprint/azure.client.test.ts","line":179,"snippet":"Promise.resolve({","matchedPattern":"path join","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"web/src/server/services/voiceprint/azure.client.test.ts","line":203,"snippet":"Promise.resolve({","matchedPattern":"path join","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"web/src/server/services/voiceprint/azure.client.test.ts","line":239,"snippet":"json: () => Promise.resolve([]),","matchedPattern":"path join","score":55,"source":"builtin"}
{"slug":"ssrf-capable-request","description":"Outbound HTTP request site that may be attacker-controlled.","noise":"normal","filePath":"web/src/server/services/voiceprint/azure.client.ts","line":116,"snippet":"const response = await fetch(url, {","matchedPattern":"fetch/http client","score":55,"source":"builtin"}
{"slug":"raw-sql-query","description":"Raw SQL construction or query execution that may need parameterization review.","noise":"normal","filePath":"web/src/server/services/voiceprint/azure.client.ts","line":206,"snippet":"return this.request<void>(\"DELETE\", `/profiles/${profileId}`);","matchedPattern":"sql keyword string","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"web/src/server/services/voiceprint/storage.test.ts","line":12,"snippet":"testDir = mkdtempSync(join(tmpdir(), \"vp-storage-test-\"));","matchedPattern":"path join","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"web/src/server/services/voiceprint/storage.test.ts","line":52,"snippet":"const dir = join(testDir, \"uploads\", \"voiceprint\", userId);","matchedPattern":"path join","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"web/src/server/services/voiceprint/storage.test.ts","line":67,"snippet":"const filePath = join(testDir, \"test.wav\");","matchedPattern":"path join","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"web/src/server/services/voiceprint/storage.test.ts","line":68,"snippet":"await writeFile(filePath, Buffer.from(\"test\"));","matchedPattern":"file read/write","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"web/src/server/services/voiceprint/storage.test.ts","line":87,"snippet":"const filePath = join(testDir, \"uploads\", \"voiceprint\", userId, `${hash}.wav`);","matchedPattern":"path join","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"web/src/server/services/voiceprint/storage.ts","line":11,"snippet":"return join(process.cwd(), \"uploads\", \"voiceprint\", userId);","matchedPattern":"path join","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"web/src/server/services/voiceprint/storage.ts","line":23,"snippet":"const filePath = join(userDir, `${hash}.wav`);","matchedPattern":"path join","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"web/src/server/services/voiceprint/storage.ts","line":24,"snippet":"await writeFile(filePath, audioBuffer);","matchedPattern":"file read/write","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"web/src/server/services/voiceprint/storage.ts","line":41,"snippet":"const filePath = join(getUserDir(userId), `${audioHash}.wav`);","matchedPattern":"path join","score":55,"source":"builtin"}
{"slug":"hidden-control-channel","description":"Request header or framework/proxy context read that may influence auth, routing, tenant, runtime, debug, or middleware behavior.","noise":"normal","filePath":"web/src/server/websocket.test.ts","line":23,"snippet":"origin: string;","matchedPattern":"proxy or original request header","score":55,"source":"builtin"}
{"slug":"hidden-control-channel","description":"Request header or framework/proxy context read that may influence auth, routing, tenant, runtime, debug, or middleware behavior.","noise":"normal","filePath":"web/src/server/websocket.test.ts","line":73,"snippet":"describe(\"WebSocket Origin validation\", () => {","matchedPattern":"proxy or original request header","score":55,"source":"builtin"}
{"slug":"hidden-control-channel","description":"Request header or framework/proxy context read that may influence auth, routing, tenant, runtime, debug, or middleware behavior.","noise":"normal","filePath":"web/src/server/websocket.test.ts","line":92,"snippet":"it(\"should accept connection from trusted localhost origin\", () => {","matchedPattern":"proxy or original request header","score":55,"source":"builtin"}
{"slug":"hidden-control-channel","description":"Request header or framework/proxy context read that may influence auth, routing, tenant, runtime, debug, or middleware behavior.","noise":"normal","filePath":"web/src/server/websocket.test.ts","line":95,"snippet":"origin: \"http://localhost:3000\",","matchedPattern":"proxy or original request header","score":55,"source":"builtin"}
{"slug":"hidden-control-channel","description":"Request header or framework/proxy context read that may influence auth, routing, tenant, runtime, debug, or middleware behavior.","noise":"normal","filePath":"web/src/server/websocket.test.ts","line":101,"snippet":"it(\"should accept connection from trusted 127.0.0.1 origin\", () => {","matchedPattern":"proxy or original request header","score":55,"source":"builtin"}
{"slug":"hidden-control-channel","description":"Request header or framework/proxy context read that may influence auth, routing, tenant, runtime, debug, or middleware behavior.","noise":"normal","filePath":"web/src/server/websocket.test.ts","line":104,"snippet":"origin: \"http://127.0.0.1:3000\",","matchedPattern":"proxy or original request header","score":55,"source":"builtin"}
{"slug":"hidden-control-channel","description":"Request header or framework/proxy context read that may influence auth, routing, tenant, runtime, debug, or middleware behavior.","noise":"normal","filePath":"web/src/server/websocket.test.ts","line":110,"snippet":"it(\"should reject connection from untrusted origin\", () => {","matchedPattern":"proxy or original request header","score":55,"source":"builtin"}
{"slug":"hidden-control-channel","description":"Request header or framework/proxy context read that may influence auth, routing, tenant, runtime, debug, or middleware behavior.","noise":"normal","filePath":"web/src/server/websocket.test.ts","line":113,"snippet":"origin: \"https://evil.com\",","matchedPattern":"proxy or original request header","score":55,"source":"builtin"}
{"slug":"hidden-control-channel","description":"Request header or framework/proxy context read that may influence auth, routing, tenant, runtime, debug, or middleware behavior.","noise":"normal","filePath":"web/src/server/websocket.test.ts","line":119,"snippet":"it(\"should reject connection without origin header\", () => {","matchedPattern":"proxy or original request header","score":55,"source":"builtin"}
{"slug":"hidden-control-channel","description":"Request header or framework/proxy context read that may influence auth, routing, tenant, runtime, debug, or middleware behavior.","noise":"normal","filePath":"web/src/server/websocket.test.ts","line":122,"snippet":"origin: \"\",","matchedPattern":"proxy or original request header","score":55,"source":"builtin"}
{"slug":"hidden-control-channel","description":"Request header or framework/proxy context read that may influence auth, routing, tenant, runtime, debug, or middleware behavior.","noise":"normal","filePath":"web/src/server/websocket.test.ts","line":123,"snippet":"req: { headers: { origin: \"\" } },","matchedPattern":"proxy or original request header","score":55,"source":"builtin"}
{"slug":"hidden-control-channel","description":"Request header or framework/proxy context read that may influence auth, routing, tenant, runtime, debug, or middleware behavior.","noise":"normal","filePath":"web/src/server/websocket.test.ts","line":128,"snippet":"it(\"should reject connection with wildcard origin\", () => {","matchedPattern":"proxy or original request header","score":55,"source":"builtin"}
{"slug":"hidden-control-channel","description":"Request header or framework/proxy context read that may influence auth, routing, tenant, runtime, debug, or middleware behavior.","noise":"normal","filePath":"web/src/server/websocket.test.ts","line":132,"snippet":"origin: wildcardOrigin,","matchedPattern":"proxy or original request header","score":55,"source":"builtin"}
{"slug":"hidden-control-channel","description":"Request header or framework/proxy context read that may influence auth, routing, tenant, runtime, debug, or middleware behavior.","noise":"normal","filePath":"web/src/server/websocket.test.ts","line":141,"snippet":"origin: \"ws://localhost:3000\",","matchedPattern":"proxy or original request header","score":55,"source":"builtin"}
{"slug":"hidden-control-channel","description":"Request header or framework/proxy context read that may influence auth, routing, tenant, runtime, debug, or middleware behavior.","noise":"normal","filePath":"web/src/server/websocket.test.ts","line":152,"snippet":"origin: \"http://localhost:3000\",","matchedPattern":"proxy or original request header","score":55,"source":"builtin"}
{"slug":"hidden-control-channel","description":"Request header or framework/proxy context read that may influence auth, routing, tenant, runtime, debug, or middleware behavior.","noise":"normal","filePath":"web/src/server/websocket.test.ts","line":161,"snippet":"origin: \"not-a-valid-url://\",","matchedPattern":"proxy or original request header","score":55,"source":"builtin"}
{"slug":"hidden-control-channel","description":"Request header or framework/proxy context read that may influence auth, routing, tenant, runtime, debug, or middleware behavior.","noise":"normal","filePath":"web/src/server/websocket.ts","line":18,"snippet":"// Validate APP_URL before trusting it as a WebSocket origin","matchedPattern":"proxy or original request header","score":55,"source":"builtin"}
{"slug":"hidden-control-channel","description":"Request header or framework/proxy context read that may influence auth, routing, tenant, runtime, debug, or middleware behavior.","noise":"normal","filePath":"web/src/server/websocket.ts","line":34,"snippet":"for (const origin of explicit.split(\",\").map((o) => o.trim())) {","matchedPattern":"proxy or original request header","score":55,"source":"builtin"}
{"slug":"hidden-control-channel","description":"Request header or framework/proxy context read that may influence auth, routing, tenant, runtime, debug, or middleware behavior.","noise":"normal","filePath":"web/src/server/websocket.ts","line":35,"snippet":"if (origin) origins.push(origin);","matchedPattern":"proxy or original request header","score":55,"source":"builtin"}
{"slug":"hidden-control-channel","description":"Request header or framework/proxy context read that may influence auth, routing, tenant, runtime, debug, or middleware behavior.","noise":"normal","filePath":"web/src/server/websocket.ts","line":35,"snippet":"if (origin) origins.push(origin);","matchedPattern":"proxy or original request header","score":55,"source":"builtin"}
{"slug":"hidden-control-channel","description":"Request header or framework/proxy context read that may influence auth, routing, tenant, runtime, debug, or middleware behavior.","noise":"normal","filePath":"web/src/server/websocket.ts","line":43,"snippet":"* Validates the Origin header against the trusted origins allowlist.","matchedPattern":"proxy or original request header","score":55,"source":"builtin"}
{"slug":"hidden-control-channel","description":"Request header or framework/proxy context read that may influence auth, routing, tenant, runtime, debug, or middleware behavior.","noise":"normal","filePath":"web/src/server/websocket.ts","line":47,"snippet":"origin: string | undefined,","matchedPattern":"proxy or original request header","score":55,"source":"builtin"}
{"slug":"hidden-control-channel","description":"Request header or framework/proxy context read that may influence auth, routing, tenant, runtime, debug, or middleware behavior.","noise":"normal","filePath":"web/src/server/websocket.ts","line":50,"snippet":"if (!origin || !origin.trim()) return false;","matchedPattern":"proxy or original request header","score":55,"source":"builtin"}
{"slug":"hidden-control-channel","description":"Request header or framework/proxy context read that may influence auth, routing, tenant, runtime, debug, or middleware behavior.","noise":"normal","filePath":"web/src/server/websocket.ts","line":50,"snippet":"if (!origin || !origin.trim()) return false;","matchedPattern":"proxy or original request header","score":55,"source":"builtin"}
{"slug":"hidden-control-channel","description":"Request header or framework/proxy context read that may influence auth, routing, tenant, runtime, debug, or middleware behavior.","noise":"normal","filePath":"web/src/server/websocket.ts","line":51,"snippet":"return trustedOrigins.includes(origin);","matchedPattern":"proxy or original request header","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"web/src/server/websocket.ts","line":266,"snippet":"resolve();","matchedPattern":"path join","score":55,"source":"builtin"}
{"slug":"hidden-control-channel","description":"Request header or framework/proxy context read that may influence auth, routing, tenant, runtime, debug, or middleware behavior.","noise":"normal","filePath":"web/src/server/websocket.ts","line":273,"snippet":"verifyClient: (info: { origin: string; req: IncomingMessage }) => {","matchedPattern":"proxy or original request header","score":55,"source":"builtin"}
{"slug":"hidden-control-channel","description":"Request header or framework/proxy context read that may influence auth, routing, tenant, runtime, debug, or middleware behavior.","noise":"normal","filePath":"web/src/server/websocket.ts","line":274,"snippet":"const origin = info.req.headers.origin ?? info.origin;","matchedPattern":"request header read","score":55,"source":"builtin"}
{"slug":"hidden-control-channel","description":"Request header or framework/proxy context read that may influence auth, routing, tenant, runtime, debug, or middleware behavior.","noise":"normal","filePath":"web/src/server/websocket.ts","line":274,"snippet":"const origin = info.req.headers.origin ?? info.origin;","matchedPattern":"proxy or original request header","score":55,"source":"builtin"}
{"slug":"hidden-control-channel","description":"Request header or framework/proxy context read that may influence auth, routing, tenant, runtime, debug, or middleware behavior.","noise":"normal","filePath":"web/src/server/websocket.ts","line":274,"snippet":"const origin = info.req.headers.origin ?? info.origin;","matchedPattern":"proxy or original request header","score":55,"source":"builtin"}
{"slug":"hidden-control-channel","description":"Request header or framework/proxy context read that may influence auth, routing, tenant, runtime, debug, or middleware behavior.","noise":"normal","filePath":"web/src/server/websocket.ts","line":274,"snippet":"const origin = info.req.headers.origin ?? info.origin;","matchedPattern":"proxy or original request header","score":55,"source":"builtin"}
{"slug":"hidden-control-channel","description":"Request header or framework/proxy context read that may influence auth, routing, tenant, runtime, debug, or middleware behavior.","noise":"normal","filePath":"web/src/server/websocket.ts","line":275,"snippet":"if (!isTrustedOrigin(origin, TRUSTED_ORIGINS)) {","matchedPattern":"proxy or original request header","score":55,"source":"builtin"}
{"slug":"hidden-control-channel","description":"Request header or framework/proxy context read that may influence auth, routing, tenant, runtime, debug, or middleware behavior.","noise":"normal","filePath":"web/src/server/websocket.ts","line":277,"snippet":"`[websocket] Rejected untrusted origin: ${origin ?? \"(none)\"}`,","matchedPattern":"proxy or original request header","score":55,"source":"builtin"}
{"slug":"hidden-control-channel","description":"Request header or framework/proxy context read that may influence auth, routing, tenant, runtime, debug, or middleware behavior.","noise":"normal","filePath":"web/src/server/websocket.ts","line":277,"snippet":"`[websocket] Rejected untrusted origin: ${origin ?? \"(none)\"}`,","matchedPattern":"proxy or original request header","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"web/src/server/websocket.ts","line":286,"snippet":"resolve();","matchedPattern":"path join","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"web/src/server/websocket.ts","line":383,"snippet":"resolve();","matchedPattern":"path join","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"web/src/server/websocket.ts","line":395,"snippet":"resolve();","matchedPattern":"path join","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"web/test/__mocks__/drizzle-orm-libsql-migrator.js","line":2,"snippet":"return Promise.resolve();","matchedPattern":"path join","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"web/test/__mocks__/drizzle-orm-libsql.js","line":5,"snippet":"where: () => ({ limit: () => Promise.resolve([]) }),","matchedPattern":"path join","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"web/test/__mocks__/drizzle-orm-libsql.js","line":9,"snippet":"values: () => ({ returning: () => Promise.resolve([{ id: \"mock-id\" }]) }),","matchedPattern":"path join","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"web/test/__mocks__/drizzle-orm-libsql.js","line":13,"snippet":"where: () => ({ returning: () => Promise.resolve([{ id: \"mock-id\" }]) }),","matchedPattern":"path join","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"web/test/__mocks__/drizzle-orm-libsql.js","line":17,"snippet":"where: () => ({ returning: () => Promise.resolve([]) }),","matchedPattern":"path join","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"web/vitest.config.ts","line":8,"snippet":"const content = readFileSync(filePath, \"utf-8\");","matchedPattern":"file read/write","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"web/vitest.config.ts","line":29,"snippet":"const mocksDir = resolve(__dirname, \"./test/__mocks__\");","matchedPattern":"path join","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"web/vitest.config.ts","line":50,"snippet":"{ find: \"~\", replacement: resolve(__dirname, \"./src\") },","matchedPattern":"path join","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"web/vitest.config.ts","line":51,"snippet":"{ find: /^ws$/, replacement: resolve(mocksDir, \"ws.js\") },","matchedPattern":"path join","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"web/vitest.config.ts","line":52,"snippet":"{ find: /^@libsql\\/client$/, replacement: resolve(mocksDir, \"libsql.js\") },","matchedPattern":"path join","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"web/vitest.config.ts","line":53,"snippet":"{ find: /^drizzle-orm\\/libsql\\/migrator$/, replacement: resolve(mocksDir, \"drizzle-orm-libsql-migrator.js\") },","matchedPattern":"path join","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"web/vitest.config.ts","line":54,"snippet":"{ find: /^drizzle-orm\\/libsql$/, replacement: resolve(mocksDir, \"drizzle-orm-libsql.js\") },","matchedPattern":"path join","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"web/vitest.config.ts","line":55,"snippet":"{ find: /^drizzle-orm\\/sqlite-core$/, replacement: resolve(mocksDir, \"drizzle-orm-sqlite-core.js\") },","matchedPattern":"path join","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"web/vitest.config.ts","line":56,"snippet":"{ find: /^drizzle-orm$/, replacement: resolve(mocksDir, \"drizzle-orm.js\") },","matchedPattern":"path join","score":55,"source":"builtin"}
{"slug":"path-traversal-file-access","description":"Filesystem access using path joins or user-controllable paths.","noise":"normal","filePath":"web/vitest.node.config.ts","line":12,"snippet":"{ find: \"~\", replacement: resolve(__dirname, \"./src\") },","matchedPattern":"path join","score":55,"source":"builtin"}
{"slug":"public-entrypoint","description":"Public route, handler, controller, workflow, or operation entry point.","noise":"noisy","filePath":"web/src/routes/api/stripe/session-status.ts","line":6,"snippet":"const sessionId = url.searchParams.get(\"session_id\");","matchedPattern":"http route","score":54,"source":"builtin"}
{"slug":"public-entrypoint","description":"Public route, handler, controller, workflow, or operation entry point.","noise":"noisy","filePath":"web/src/routes/api/stripe/webhook.ts","line":25,"snippet":"const signature = event.request.headers.get(\"stripe-signature\");","matchedPattern":"http route","score":54,"source":"builtin"}
{"slug":"public-entrypoint","description":"Public route, handler, controller, workflow, or operation entry point.","noise":"noisy","filePath":"web/src/server/api/trpc.ts","line":15,"snippet":"const cookieHeader = req.headers.get(\"cookie\") ?? \"\";","matchedPattern":"http route","score":38,"source":"builtin"}
{"slug":"public-entrypoint","description":"Public route, handler, controller, workflow, or operation entry point.","noise":"noisy","filePath":"web/src/server/api/trpc.ts","line":52,"snippet":"const authHeader = req.headers.get(\"authorization\");","matchedPattern":"http route","score":38,"source":"builtin"}
{"slug":"public-entrypoint","description":"Public route, handler, controller, workflow, or operation entry point.","noise":"noisy","filePath":"web/src/server/api/trpc.ts","line":65,"snippet":"apiKey = req.headers.get(\"x-api-key\") ?? null;","matchedPattern":"http route","score":38,"source":"builtin"}