Security Report
AI Project Orchestrator
Summary
Detected
- Services:
- Permissions: shell:execute
- Data Handling:
Undeclared
All items declared
Warnings
No warnings
Findings (20)
Credentials
env:ORCHESTRATOR_REPO undeclared "{ORCHESTRATOR_REPO}"
This file references the environment variable ORCHESTRATOR_REPO. If this is a credential (API key, token, secret), declare it in requires.data_handling.
env:MSG_FILE undeclared "{MSG_FILE}"
This file references the environment variable MSG_FILE. If this is a credential (API key, token, secret), declare it in requires.data_handling.
env:MSG_FILE undeclared "{MSG_FILE}"
This file references the environment variable MSG_FILE. If this is a credential (API key, token, secret), declare it in requires.data_handling.
env:REPO_NAME undeclared "{REPO_NAME}"
This file references the environment variable REPO_NAME. If this is a credential (API key, token, secret), declare it in requires.data_handling.
env:TIMESTAMP undeclared "{TIMESTAMP}"
This file references the environment variable TIMESTAMP. If this is a credential (API key, token, secret), declare it in requires.data_handling.
env:REPO_NAME undeclared "{REPO_NAME}"
This file references the environment variable REPO_NAME. If this is a credential (API key, token, secret), declare it in requires.data_handling.
env:BRANCH undeclared "{BRANCH}"
This file references the environment variable BRANCH. If this is a credential (API key, token, secret), declare it in requires.data_handling.
env:LATEST_HASH undeclared "{LATEST_HASH}"
This file references the environment variable LATEST_HASH. If this is a credential (API key, token, secret), declare it in requires.data_handling.
env:COMMIT_COUNT undeclared "{COMMIT_COUNT}"
This file references the environment variable COMMIT_COUNT. If this is a credential (API key, token, secret), declare it in requires.data_handling.
env:TIMESTAMP undeclared "{TIMESTAMP}"
This file references the environment variable TIMESTAMP. If this is a credential (API key, token, secret), declare it in requires.data_handling.
env:DIFF_STAT undeclared "{DIFF_STAT}"
This file references the environment variable DIFF_STAT. If this is a credential (API key, token, secret), declare it in requires.data_handling.
env:AGENT_MSG undeclared "{AGENT_MSG}"
This file references the environment variable AGENT_MSG. If this is a credential (API key, token, secret), declare it in requires.data_handling.
env:INBOX_FILE undeclared "{INBOX_FILE}"
This file references the environment variable INBOX_FILE. If this is a credential (API key, token, secret), declare it in requires.data_handling.
env:MSG_FILE undeclared "{MSG_FILE}"
This file references the environment variable MSG_FILE. If this is a credential (API key, token, secret), declare it in requires.data_handling.
env:MSG_FILE undeclared "{MSG_FILE}"
This file references the environment variable MSG_FILE. If this is a credential (API key, token, secret), declare it in requires.data_handling.
env:REPO_NAME undeclared "{REPO_NAME}"
This file references the environment variable REPO_NAME. If this is a credential (API key, token, secret), declare it in requires.data_handling.
Permissions
shell:execute declared "$(basename "$(git rev-parse --show-toplevel)"
This content references shell command execution. If intentional, declare shell:execute in requires.permissions. This is the highest risk permission.
shell:execute declared "$(git rev-parse --short HEAD)"
This content references shell command execution. If intentional, declare shell:execute in requires.permissions. This is the highest risk permission.
shell:execute declared "$(git log --oneline @{push}..HEAD 2>/dev/null | wc -l | tr -d ' ')"
This content references shell command execution. If intentional, declare shell:execute in requires.permissions. This is the highest risk permission.
shell:execute declared "$(git diff --stat @{push}..HEAD 2>/dev/null || echo 'Stats unavailable')"
This content references shell command execution. If intentional, declare shell:execute in requires.permissions. This is the highest risk permission.