{ "score": 92, "grade": "A", "gradeLabel": "Ship it!", "totalFindings": 1, "totalDepVulns": 0, "categories": { "secrets": { "label": "Secrets", "findingCount": 0, "deduction": 0, "counts": { "critical": 0, "high": 0, "medium": 0, "low": 0 } }, "injection": { "label": "Code Vulnerabilities", "findingCount": 0, "deduction": 0, "counts": { "critical": 0, "high": 0, "medium": 0, "low": 0 } }, "deps": { "label": "Dependencies", "findingCount": 0, "deduction": 0, "counts": { "critical": 0, "high": 0, "medium": 0, "low": 0 } }, "auth": { "label": "Auth & Access Control", "findingCount": 0, "deduction": 0, "counts": { "critical": 0, "high": 0, "medium": 0, "low": 0 } }, "config": { "label": "Configuration", "findingCount": 1, "deduction": 8, "counts": { "critical": 0, "high": 1, "medium": 0, "low": 0 } }, "supply-chain": { "label": "Supply Chain", "findingCount": 0, "deduction": 0, "counts": { "critical": 0, "high": 0, "medium": 0, "low": 0 } }, "api": { "label": "API Security", "findingCount": 0, "deduction": 0, "counts": { "critical": 0, "high": 0, "medium": 0, "low": 0 } }, "llm": { "label": "AI/LLM Security", "findingCount": 0, "deduction": 0, "counts": { "critical": 0, "high": 0, "medium": 0, "low": 0 } } }, "findings": [ { "file": "/code/xf/GIA/Dockerfile", "line": 26, "severity": "high", "category": "config", "rule": "DOCKER_RUN_AS_ROOT", "title": "Docker: Running as Root", "description": "No USER instruction found. Container runs as root by default.", "fix": "Add USER nonroot before CMD/ENTRYPOINT", "cwe": "CWE-250", "owasp": "A05:2021" } ], "depVulns": [], "remediationPlan": [ { "priority": 1, "severity": "high", "category": "config", "categoryLabel": "CONFIGURATION", "title": "Docker: Running as Root", "file": "Dockerfile:26", "action": "Add USER nonroot before CMD/ENTRYPOINT", "effort": "low" } ], "recon": { "frameworks": [ "django" ], "languages": [ "python" ], "apiRoutes": [ "app/urls.py", "core/management/commands/backfill_xmpp_attachment_urls.py" ], "authPatterns": [], "databases": [], "cloudProviders": [], "frontendExposure": [], "packageManagers": [ "pip" ], "cicd": [], "hasDockerfile": true, "hasTerraform": false, "hasKubernetes": false, "envFiles": [], "configFiles": [] }, "agents": [ { "agent": "InjectionTester", "category": "injection", "findingCount": 0, "success": true }, { "agent": "AuthBypassAgent", "category": "auth", "findingCount": 0, "success": true }, { "agent": "SSRFProber", "category": "ssrf", "findingCount": 0, "success": true }, { "agent": "SupplyChainAudit", "category": "supply-chain", "findingCount": 0, "success": true }, { "agent": "ConfigAuditor", "category": "config", "findingCount": 1, "success": true }, { "agent": "LLMRedTeam", "category": "llm", "findingCount": 0, "success": true }, { "agent": "MobileScanner", "category": "mobile", "findingCount": 0, "success": true }, { "agent": "GitHistoryScanner", "category": "history", "findingCount": 0, "success": true }, { "agent": "CICDScanner", "category": "cicd", "findingCount": 0, "success": true }, { "agent": "APIFuzzer", "category": "api", "findingCount": 0, "success": true } ] }