<< Back to security report
Repositoryone-man-company/skills-contextmanager →
Commit955f766 →
VerdictFAIL
Score0
DateMay 22, 2026
| Severity | Rule | Message | File:Line |
|---|---|---|---|
| MEDIUM | javascript.express.security.audit.express-path-join-resolve-traversal.express-path-join-resolve-traversal | Possible writing outside of the destination, make sure that the target path is nested in the intended destination | one-man-company/skills-contextmanager/plan-writing-4214e2e2/Skill-ContextManager/server.js:388 → |
| MEDIUM | javascript.express.security.audit.express-path-join-resolve-traversal.express-path-join-resolve-traversal | Possible writing outside of the destination, make sure that the target path is nested in the intended destination | one-man-company/skills-contextmanager/plan-writing-4214e2e2/Skill-ContextManager/server.js:550 → |
| MEDIUM | javascript.express.security.audit.express-path-join-resolve-traversal.express-path-join-resolve-traversal | Possible writing outside of the destination, make sure that the target path is nested in the intended destination | one-man-company/skills-contextmanager/plan-writing-4214e2e2/Skill-ContextManager/server.js:559 → |
| MEDIUM | javascript.express.security.audit.express-path-join-resolve-traversal.express-path-join-resolve-traversal | Possible writing outside of the destination, make sure that the target path is nested in the intended destination | one-man-company/skills-contextmanager/plan-writing-4214e2e2/Skill-ContextManager/server.js:559 → |
| MEDIUM | javascript.express.security.audit.express-path-join-resolve-traversal.express-path-join-resolve-traversal | Possible writing outside of the destination, make sure that the target path is nested in the intended destination | one-man-company/skills-contextmanager/plan-writing-4214e2e2/Skill-ContextManager/server.js:562 → |
| MEDIUM | javascript.express.security.audit.express-path-join-resolve-traversal.express-path-join-resolve-traversal | Possible writing outside of the destination, make sure that the target path is nested in the intended destination | one-man-company/skills-contextmanager/plan-writing-4214e2e2/Skill-ContextManager/server.js:563 → |
| MEDIUM | javascript.express.security.audit.express-path-join-resolve-traversal.express-path-join-resolve-traversal | Possible writing outside of the destination, make sure that the target path is nested in the intended destination | one-man-company/skills-contextmanager/plan-writing-4214e2e2/Skill-ContextManager/server.js:563 → |
| MEDIUM | javascript.express.security.audit.express-path-join-resolve-traversal.express-path-join-resolve-traversal | Possible writing outside of the destination, make sure that the target path is nested in the intended destination | one-man-company/skills-contextmanager/plan-writing-4214e2e2/Skill-ContextManager/server.js:581 → |
| MEDIUM | javascript.express.security.audit.express-path-join-resolve-traversal.express-path-join-resolve-traversal | Possible writing outside of the destination, make sure that the target path is nested in the intended destination | one-man-company/skills-contextmanager/plan-writing-4214e2e2/Skill-ContextManager/server.js:581 → |
| MEDIUM | javascript.express.security.audit.express-path-join-resolve-traversal.express-path-join-resolve-traversal | Possible writing outside of the destination, make sure that the target path is nested in the intended destination | one-man-company/skills-contextmanager/plan-writing-4214e2e2/Skill-ContextManager/server.js:583 → |
| MEDIUM | javascript.express.security.audit.express-path-join-resolve-traversal.express-path-join-resolve-traversal | Possible writing outside of the destination, make sure that the target path is nested in the intended destination | one-man-company/skills-contextmanager/plan-writing-4214e2e2/Skill-ContextManager/server.js:584 → |
| MEDIUM | javascript.express.security.audit.express-path-join-resolve-traversal.express-path-join-resolve-traversal | Possible writing outside of the destination, make sure that the target path is nested in the intended destination | one-man-company/skills-contextmanager/plan-writing-4214e2e2/Skill-ContextManager/server.js:584 → |
| MEDIUM | javascript.express.security.audit.express-path-join-resolve-traversal.express-path-join-resolve-traversal | Possible writing outside of the destination, make sure that the target path is nested in the intended destination | one-man-company/skills-contextmanager/plan-writing-4214e2e2/Skill-ContextManager/server.js:603 → |
| MEDIUM | javascript.express.security.audit.express-path-join-resolve-traversal.express-path-join-resolve-traversal | Possible writing outside of the destination, make sure that the target path is nested in the intended destination | one-man-company/skills-contextmanager/plan-writing-4214e2e2/Skill-ContextManager/server.js:603 → |
| MEDIUM | javascript.express.security.audit.express-path-join-resolve-traversal.express-path-join-resolve-traversal | Possible writing outside of the destination, make sure that the target path is nested in the intended destination | one-man-company/skills-contextmanager/plan-writing-4214e2e2/Skill-ContextManager/server.js:605 → |
| MEDIUM | javascript.express.security.audit.express-path-join-resolve-traversal.express-path-join-resolve-traversal | Possible writing outside of the destination, make sure that the target path is nested in the intended destination | one-man-company/skills-contextmanager/plan-writing-4214e2e2/Skill-ContextManager/server.js:606 → |
| MEDIUM | javascript.express.security.audit.express-path-join-resolve-traversal.express-path-join-resolve-traversal | Possible writing outside of the destination, make sure that the target path is nested in the intended destination | one-man-company/skills-contextmanager/plan-writing-4214e2e2/Skill-ContextManager/server.js:606 → |
| MEDIUM | javascript.express.security.audit.express-path-join-resolve-traversal.express-path-join-resolve-traversal | Possible writing outside of the destination, make sure that the target path is nested in the intended destination | one-man-company/skills-contextmanager/plan-writing-4214e2e2/Skill-ContextManager/server.js:631 → |
| MEDIUM | javascript.express.security.audit.express-path-join-resolve-traversal.express-path-join-resolve-traversal | Possible writing outside of the destination, make sure that the target path is nested in the intended destination | one-man-company/skills-contextmanager/plan-writing-4214e2e2/Skill-ContextManager/server.js:637 → |
| MEDIUM | javascript.express.security.audit.express-path-join-resolve-traversal.express-path-join-resolve-traversal | Possible writing outside of the destination, make sure that the target path is nested in the intended destination | one-man-company/skills-contextmanager/plan-writing-4214e2e2/Skill-ContextManager/server.js:650 → |
| HIGH | javascript.lang.security.detect-child-process.detect-child-process | Detected calls to child_process from a function argument `req`. This could lead to a command injection if the input is user controllable. Try to avoid calls to child_process, and if it is needed ensure user input is correctly sanitized or sandboxed. | one-man-company/skills-contextmanager/plan-writing-4214e2e2/Skill-ContextManager/server.js:696 → |
| MEDIUM | javascript.express.security.audit.express-path-join-resolve-traversal.express-path-join-resolve-traversal | Possible writing outside of the destination, make sure that the target path is nested in the intended destination | one-man-company/skills-contextmanager/plan-writing-4214e2e2/Skill-ContextManager/server.js:727 → |
| HIGH | javascript.lang.security.detect-child-process.detect-child-process | Detected calls to child_process from a function argument `req`. This could lead to a command injection if the input is user controllable. Try to avoid calls to child_process, and if it is needed ensure user input is correctly sanitized or sandboxed. | one-man-company/skills-contextmanager/plan-writing-4214e2e2/Skill-ContextManager/server.js:763 → |
| HIGH | javascript.lang.security.detect-child-process.detect-child-process | Detected calls to child_process from a function argument `req`. This could lead to a command injection if the input is user controllable. Try to avoid calls to child_process, and if it is needed ensure user input is correctly sanitized or sandboxed. | one-man-company/skills-contextmanager/plan-writing-4214e2e2/Skill-ContextManager/server.js:836 → |
| MEDIUM | javascript.express.security.audit.express-path-join-resolve-traversal.express-path-join-resolve-traversal | Possible writing outside of the destination, make sure that the target path is nested in the intended destination | one-man-company/skills-contextmanager/plan-writing-4214e2e2/Skill-ContextManager/server.js:1035 → |
| MEDIUM | javascript.express.security.audit.express-path-join-resolve-traversal.express-path-join-resolve-traversal | Possible writing outside of the destination, make sure that the target path is nested in the intended destination | one-man-company/skills-contextmanager/plan-writing-4214e2e2/Skill-ContextManager/server.js:1044 → |
| MEDIUM | javascript.express.security.audit.express-path-join-resolve-traversal.express-path-join-resolve-traversal | Possible writing outside of the destination, make sure that the target path is nested in the intended destination | one-man-company/skills-contextmanager/plan-writing-4214e2e2/Skill-ContextManager/server.js:1044 → |
| MEDIUM | javascript.express.security.audit.express-path-join-resolve-traversal.express-path-join-resolve-traversal | Possible writing outside of the destination, make sure that the target path is nested in the intended destination | one-man-company/skills-contextmanager/plan-writing-4214e2e2/Skill-ContextManager/server.js:1046 → |
| MEDIUM | javascript.express.security.audit.express-path-join-resolve-traversal.express-path-join-resolve-traversal | Possible writing outside of the destination, make sure that the target path is nested in the intended destination | one-man-company/skills-contextmanager/plan-writing-4214e2e2/Skill-ContextManager/server.js:1047 → |
| MEDIUM | javascript.express.security.audit.express-path-join-resolve-traversal.express-path-join-resolve-traversal | Possible writing outside of the destination, make sure that the target path is nested in the intended destination | one-man-company/skills-contextmanager/plan-writing-4214e2e2/Skill-ContextManager/server.js:1047 → |
| MEDIUM | javascript.express.security.audit.express-path-join-resolve-traversal.express-path-join-resolve-traversal | Possible writing outside of the destination, make sure that the target path is nested in the intended destination | one-man-company/skills-contextmanager/plan-writing-4214e2e2/Skill-ContextManager/server.js:1065 → |
| MEDIUM | javascript.express.security.audit.express-path-join-resolve-traversal.express-path-join-resolve-traversal | Possible writing outside of the destination, make sure that the target path is nested in the intended destination | one-man-company/skills-contextmanager/plan-writing-4214e2e2/Skill-ContextManager/server.js:1065 → |
| MEDIUM | javascript.express.security.audit.express-path-join-resolve-traversal.express-path-join-resolve-traversal | Possible writing outside of the destination, make sure that the target path is nested in the intended destination | one-man-company/skills-contextmanager/plan-writing-4214e2e2/Skill-ContextManager/server.js:1067 → |
| MEDIUM | javascript.express.security.audit.express-path-join-resolve-traversal.express-path-join-resolve-traversal | Possible writing outside of the destination, make sure that the target path is nested in the intended destination | one-man-company/skills-contextmanager/plan-writing-4214e2e2/Skill-ContextManager/server.js:1068 → |
| MEDIUM | javascript.express.security.audit.express-path-join-resolve-traversal.express-path-join-resolve-traversal | Possible writing outside of the destination, make sure that the target path is nested in the intended destination | one-man-company/skills-contextmanager/plan-writing-4214e2e2/Skill-ContextManager/server.js:1068 → |
| MEDIUM | javascript.express.security.audit.express-path-join-resolve-traversal.express-path-join-resolve-traversal | Possible writing outside of the destination, make sure that the target path is nested in the intended destination | one-man-company/skills-contextmanager/plan-writing-4214e2e2/Skill-ContextManager/server.js:1086 → |
| MEDIUM | javascript.express.security.audit.express-path-join-resolve-traversal.express-path-join-resolve-traversal | Possible writing outside of the destination, make sure that the target path is nested in the intended destination | one-man-company/skills-contextmanager/plan-writing-4214e2e2/Skill-ContextManager/server.js:1086 → |
| MEDIUM | javascript.express.security.audit.express-path-join-resolve-traversal.express-path-join-resolve-traversal | Possible writing outside of the destination, make sure that the target path is nested in the intended destination | one-man-company/skills-contextmanager/plan-writing-4214e2e2/Skill-ContextManager/server.js:1088 → |
| MEDIUM | javascript.express.security.audit.express-path-join-resolve-traversal.express-path-join-resolve-traversal | Possible writing outside of the destination, make sure that the target path is nested in the intended destination | one-man-company/skills-contextmanager/plan-writing-4214e2e2/Skill-ContextManager/server.js:1089 → |
| MEDIUM | javascript.express.security.audit.express-path-join-resolve-traversal.express-path-join-resolve-traversal | Possible writing outside of the destination, make sure that the target path is nested in the intended destination | one-man-company/skills-contextmanager/plan-writing-4214e2e2/Skill-ContextManager/server.js:1089 → |
| MEDIUM | javascript.express.security.audit.express-path-join-resolve-traversal.express-path-join-resolve-traversal | Possible writing outside of the destination, make sure that the target path is nested in the intended destination | one-man-company/skills-contextmanager/plan-writing-4214e2e2/Skill-ContextManager/server.js:1114 → |
| MEDIUM | javascript.express.security.audit.express-path-join-resolve-traversal.express-path-join-resolve-traversal | Possible writing outside of the destination, make sure that the target path is nested in the intended destination | one-man-company/skills-contextmanager/plan-writing-4214e2e2/Skill-ContextManager/server.js:1120 → |
| MEDIUM | javascript.express.security.audit.express-path-join-resolve-traversal.express-path-join-resolve-traversal | Possible writing outside of the destination, make sure that the target path is nested in the intended destination | one-man-company/skills-contextmanager/plan-writing-4214e2e2/Skill-ContextManager/server.js:1133 → |
| HIGH | javascript.lang.security.detect-child-process.detect-child-process | Detected calls to child_process from a function argument `req`. This could lead to a command injection if the input is user controllable. Try to avoid calls to child_process, and if it is needed ensure user input is correctly sanitized or sandboxed. | one-man-company/skills-contextmanager/plan-writing-4214e2e2/Skill-ContextManager/server.js:1176 → |
| MEDIUM | javascript.express.security.audit.express-path-join-resolve-traversal.express-path-join-resolve-traversal | Possible writing outside of the destination, make sure that the target path is nested in the intended destination | one-man-company/skills-contextmanager/plan-writing-4214e2e2/Skill-ContextManager/server.js:1204 → |
| HIGH | javascript.lang.security.detect-child-process.detect-child-process | Detected calls to child_process from a function argument `req`. This could lead to a command injection if the input is user controllable. Try to avoid calls to child_process, and if it is needed ensure user input is correctly sanitized or sandboxed. | one-man-company/skills-contextmanager/plan-writing-4214e2e2/Skill-ContextManager/server.js:1236 → |
| MEDIUM | javascript.express.security.audit.express-path-join-resolve-traversal.express-path-join-resolve-traversal | Possible writing outside of the destination, make sure that the target path is nested in the intended destination | one-man-company/skills-contextmanager/plan-writing-4214e2e2/Skill-ContextManager/server.js:1344 → |
| MEDIUM | javascript.express.security.audit.express-path-join-resolve-traversal.express-path-join-resolve-traversal | Possible writing outside of the destination, make sure that the target path is nested in the intended destination | one-man-company/skills-contextmanager/plan-writing-4214e2e2/Skill-ContextManager/server.js:1363 → |
| MEDIUM | javascript.express.security.audit.express-path-join-resolve-traversal.express-path-join-resolve-traversal | Possible writing outside of the destination, make sure that the target path is nested in the intended destination | one-man-company/skills-contextmanager/plan-writing-4214e2e2/Skill-ContextManager/server.js:1364 → |
| MEDIUM | javascript.express.security.audit.express-path-join-resolve-traversal.express-path-join-resolve-traversal | Possible writing outside of the destination, make sure that the target path is nested in the intended destination | one-man-company/skills-contextmanager/plan-writing-4214e2e2/Skill-ContextManager/server.js:1369 → |
| MEDIUM | javascript.express.security.audit.express-path-join-resolve-traversal.express-path-join-resolve-traversal | Possible writing outside of the destination, make sure that the target path is nested in the intended destination | one-man-company/skills-contextmanager/plan-writing-4214e2e2/Skill-ContextManager/server.js:1372 → |
| MEDIUM | javascript.express.security.audit.express-path-join-resolve-traversal.express-path-join-resolve-traversal | Possible writing outside of the destination, make sure that the target path is nested in the intended destination | one-man-company/skills-contextmanager/plan-writing-4214e2e2/Skill-ContextManager/server.js:1372 → |