← Scan another repo

github.com/santifer/career-ops

Submitted 6/10/2026, 8:13:16 AM · Status: ok

Risk grade
C
37 / 100
Findings
57
0 critical1 high12 medium1 low43 info0 on CISA KEV0ATT&CK
Showing 57 of 57 findings

Findings

  • Detected calls to child_process from a function argument `cmd`. This could lead to a command injection if the input is user controllable. Try to avoid calls to child_process, and if it is needed ensur
    Detected calls to child_process from a function argument `cmd`. This could lead to a command injection if the input is user controllable. Try to avoid calls to child_process, and if it is needed ensure user input is correctly sanitized or sandboxed.
    semgrep/tmp/scan-psc_c137f4d375bfa9d5c75b2e3badadda5e/repo/test-all.mjs:38
  • Ensure top-level permissions are not set to write-all
    Ensure top-level permissions are not set to write-all on on(Welcome)
    checkov.github/workflows/welcome.yml:12
  • Ensure top-level permissions are not set to write-all
    Ensure top-level permissions are not set to write-all on on(Label PRs)
    checkov.github/workflows/labeler.yml:10
  • Ensure top-level permissions are not set to write-all
    Ensure top-level permissions are not set to write-all on on(Tests)
    checkov.github/workflows/test.yml:0
  • Detected possible user input going into a `path.join` or `path.resolve` function. This could possibly lead to a path traversal vulnerability, where the attacker can access arbitrary files stored in t
    Detected possible user input going into a `path.join` or `path.resolve` function. This could possibly lead to a path traversal vulnerability, where the attacker can access arbitrary files stored in the file system. Instead, be sure to sanitize or validate user input first.
    semgrep/tmp/scan-psc_c137f4d375bfa9d5c75b2e3badadda5e/repo/test-all.mjs:45
  • Detected possible user input going into a `path.join` or `path.resolve` function. This could possibly lead to a path traversal vulnerability, where the attacker can access arbitrary files stored in t
    Detected possible user input going into a `path.join` or `path.resolve` function. This could possibly lead to a path traversal vulnerability, where the attacker can access arbitrary files stored in the file system. Instead, be sure to sanitize or validate user input first.
    semgrep/tmp/scan-psc_c137f4d375bfa9d5c75b2e3badadda5e/repo/analyze-patterns.mjs:359
  • Detected possible user input going into a `path.join` or `path.resolve` function. This could possibly lead to a path traversal vulnerability, where the attacker can access arbitrary files stored in t
    Detected possible user input going into a `path.join` or `path.resolve` function. This could possibly lead to a path traversal vulnerability, where the attacker can access arbitrary files stored in the file system. Instead, be sure to sanitize or validate user input first.
    semgrep/tmp/scan-psc_c137f4d375bfa9d5c75b2e3badadda5e/repo/doctor.mjs:105
  • Detected possible user input going into a `path.join` or `path.resolve` function. This could possibly lead to a path traversal vulnerability, where the attacker can access arbitrary files stored in t
    Detected possible user input going into a `path.join` or `path.resolve` function. This could possibly lead to a path traversal vulnerability, where the attacker can access arbitrary files stored in the file system. Instead, be sure to sanitize or validate user input first.
    semgrep/tmp/scan-psc_c137f4d375bfa9d5c75b2e3badadda5e/repo/doctor.mjs:105
  • Detected possible user input going into a `path.join` or `path.resolve` function. This could possibly lead to a path traversal vulnerability, where the attacker can access arbitrary files stored in t
    Detected possible user input going into a `path.join` or `path.resolve` function. This could possibly lead to a path traversal vulnerability, where the attacker can access arbitrary files stored in the file system. Instead, be sure to sanitize or validate user input first.
    semgrep/tmp/scan-psc_c137f4d375bfa9d5c75b2e3badadda5e/repo/doctor.mjs:144
  • Detected possible user input going into a `path.join` or `path.resolve` function. This could possibly lead to a path traversal vulnerability, where the attacker can access arbitrary files stored in t
    Detected possible user input going into a `path.join` or `path.resolve` function. This could possibly lead to a path traversal vulnerability, where the attacker can access arbitrary files stored in the file system. Instead, be sure to sanitize or validate user input first.
    semgrep/tmp/scan-psc_c137f4d375bfa9d5c75b2e3badadda5e/repo/followup-cadence.mjs:151
  • Detected possible user input going into a `path.join` or `path.resolve` function. This could possibly lead to a path traversal vulnerability, where the attacker can access arbitrary files stored in t
    Detected possible user input going into a `path.join` or `path.resolve` function. This could possibly lead to a path traversal vulnerability, where the attacker can access arbitrary files stored in the file system. Instead, be sure to sanitize or validate user input first.
    semgrep/tmp/scan-psc_c137f4d375bfa9d5c75b2e3badadda5e/repo/scan.mjs:65
  • Detected possible user input going into a `path.join` or `path.resolve` function. This could possibly lead to a path traversal vulnerability, where the attacker can access arbitrary files stored in t
    Detected possible user input going into a `path.join` or `path.resolve` function. This could possibly lead to a path traversal vulnerability, where the attacker can access arbitrary files stored in the file system. Instead, be sure to sanitize or validate user input first.
    semgrep/tmp/scan-psc_c137f4d375bfa9d5c75b2e3badadda5e/repo/scan.mjs:65
  • Detected possible user input going into a `path.join` or `path.resolve` function. This could possibly lead to a path traversal vulnerability, where the attacker can access arbitrary files stored in t
    Detected possible user input going into a `path.join` or `path.resolve` function. This could possibly lead to a path traversal vulnerability, where the attacker can access arbitrary files stored in the file system. Instead, be sure to sanitize or validate user input first.
    semgrep/tmp/scan-psc_c137f4d375bfa9d5c75b2e3badadda5e/repo/test-all.mjs:44

This report is public.