Security: Nix Fleet
0
Vulnerabilities
25
Credential Leaks
FAIL
Quality Gate
B
OWASP Grade
89.9h
Tech Debt (D)
Elite
DORA Rating
⚡
View AI Prompts
AI Fix Prompts
Auto-generated prompts to fix every issue — copy into Claude, GPT, or any AI coder
Repobility · MCP-ready · https://repobility.com
Quality Gate: Default Gate
| Metric | Condition | |
|---|---|---|
| ✗ | overall_score | 0.0 >= 50 |
| ✗ | security_score | 0.0 >= 40 |
| ✓ | critical_vulnerabilities | 0.0 <= 0 |
| ✓ | critical_credentials | 0.0 <= 0 |
| ✓ | duplication_pct | 6.6 <= 20 |
DORA Metrics
| Deploy Frequency | daily (3.0/week) |
| Lead Time | 39.0 hours |
| MTTR | 0.0 hours |
| Change Failure Rate | 0.0% |
| Total Commits | 50 |
| Overall Rating | ELITE |
Credential Findings (25)
| Severity | Pattern | File | Line |
|---|---|---|---|
| high | [sast:aljefra/ssrf-requests] SSRF via HTTP Client with Variable URL | agents/lib/gh-manifest-server.py | 67 |
| high | [sast:aljefra/taint-path-traversal] Path Traversal via Tainted Data | agents/lib/gh-manifest-server.py | 88 |
| high | [sast:aljefra/ssrf-http-client] SSRF via HTTP Client with Dynamic URL | cmd/nixfleet/internal/server/ui/app.js | 23 |
| high | [sast:aljefra/xss-innerhtml] XSS via innerHTML Assignment | cmd/nixfleet/internal/server/ui/app.js | 37 |
| high | [sast:aljefra/xss-innerhtml] XSS via innerHTML Assignment | cmd/nixfleet/internal/server/ui/app.js | 53 |
| high | [sast:aljefra/xss-innerhtml] XSS via innerHTML Assignment | cmd/nixfleet/internal/server/ui/app.js | 57 |
| high | [sast:aljefra/ssrf-http-client] SSRF via HTTP Client with Dynamic URL | cmd/nixfleet/internal/server/ui/app.js | 142 |
| high | [sast:aljefra/ssrf-http-client] SSRF via HTTP Client with Dynamic URL | cmd/nixfleet/internal/server/ui/app.js | 163 |
| high | [sast:aljefra/ssrf-http-client] SSRF via HTTP Client with Dynamic URL | cmd/nixfleet/internal/server/ui/app.js | 184 |
| high | [sast:aljefra/ssrf-http-client] SSRF via HTTP Client with Dynamic URL | cmd/nixfleet/internal/server/ui/app.js | 202 |
| high | [sast:aljefra/xss-innerhtml] XSS via innerHTML Assignment | cmd/nixfleet/internal/server/ui/app.js | 227 |
| high | [sast:aljefra/ssrf-http-client] SSRF via HTTP Client with Dynamic URL | cmd/nixfleet/internal/server/ui/app.js | 233 |
| high | [sast:aljefra/ssrf-http-client] SSRF via HTTP Client with Dynamic URL | cmd/nixfleet/internal/server/ui/app.js | 234 |
| high | [sast:aljefra/xss-innerhtml] XSS via innerHTML Assignment | cmd/nixfleet/internal/server/ui/app.js | 368 |
| high | [sast:aljefra/ssrf-http-client] SSRF via HTTP Client with Dynamic URL | cmd/nixfleet/internal/server/ui/app.js | 383 |
| high | [sast:aljefra/xss-innerhtml] XSS via innerHTML Assignment | cmd/nixfleet/internal/server/ui/app.js | 429 |
| high | [sast:aljefra/xss-innerhtml] XSS via innerHTML Assignment | cmd/nixfleet/internal/server/ui/app.js | 445 |
| high | [sast:aljefra/xss-innerhtml] XSS via innerHTML Assignment | cmd/nixfleet/internal/server/ui/app.js | 460 |
| high | [sast:aljefra/xss-innerhtml] XSS via innerHTML Assignment | cmd/nixfleet/internal/server/ui/app.js | 462 |
| high | [sast:aljefra/xss-innerhtml] XSS via innerHTML Assignment | cmd/nixfleet/internal/server/ui/app.js | 472 |
| high | [sast:aljefra/ssrf-http-client] SSRF via HTTP Client with Dynamic URL | cmd/nixfleet/internal/server/ui/app.js | 501 |
| high | [sast:aljefra/xss-innerhtml] XSS via innerHTML Assignment | cmd/nixfleet/internal/server/ui/app.js | 549 |
| high | [sast:aljefra/xss-innerhtml] XSS via innerHTML Assignment | cmd/nixfleet/internal/server/ui/app.js | 553 |
| high | Password Assignment | netboot/common.nix | 37 |
| high | Password Assignment | netboot/common.nix | 42 |