github analyzed 8432a66

KevinRabun/judges

45 judges that evaluate AI-generated code for security, cost, and quality with built-in AST.

maintainer: KevinRabun
license: —
first seen: 2026-06-03
last seen: 2026-06-03
releases · 30d: 0
short id

Drift inferred · capture-to-capture

No drift recorded — single capability capture; advisories appear once its surface changes.

capabilities 2 tools

transport stdio · http verified reported listed in the official MCP registry counts 2 tools · 0 res · 0 prompts permission surface via code analysis

tools

changedLines

number[]
mustFixDangerousRulePrefixes

string[]

skills & danger signals github-tarball

prompt-surface shipped agent-instruction files + hidden-content / dangerous-code findings — quoted from the analyzed source

analyzed commit 8432a66 · analyzer v18 · 10h ago

danger signals12

dynamic code executioneval()KevinRabun-judges-8432a66/content/snippets/javascript/js-02-eval-injection.js:2return eval("`" + template + "`");
dynamic code executioneval()KevinRabun-judges-8432a66/content/snippets/javascript/js-08-prototype-pollution.js:4return eval(obj.action);
dynamic code executioneval()KevinRabun-judges-8432a66/content/snippets/typescript/ts-02-eval-injection.ts:2return eval(expr);
dynamic code executioneval()KevinRabun-judges-8432a66/content/snippets/typescript/ts-05-path-traversal.ts:4return eval(content);
dynamic code executioneval()KevinRabun-judges-8432a66/content/snippets/typescript/ts-07-xss-reflect.ts:4eval(html);
dynamic code executionnew Function()KevinRabun-judges-8432a66/content/snippets/typescript/ts-08-unsafe-deserialize.ts:2const fn = new Function("return " + raw);
dynamic code executioneval()KevinRabun-judges-8432a66/src/commands/benchmark.ts:298const result = eval(req.body.expression);
dynamic code executionnew Function()KevinRabun-judges-8432a66/src/commands/benchmark.ts:441const config = new Function("return " + req.body.config)();
dynamic code executioneval()KevinRabun-judges-8432a66/src/commands/encoding-safety.ts:262Checks: eval(), unsafe deserialization (pickle, marshal, yaml.load), SQL/HTML/XML interpolation,
dynamic code executioneval()KevinRabun-judges-8432a66/src/judges/ai-code-safety.ts:57- No eval(), exec(), or dynamic code generation from untrusted input
committed secretOpenAI keyKevinRabun-judges-8432a66/content/snippets/python/py-05-hardcoded-secret.py:1sk-pro…(31 chars, redacted)
credential in logscredential in logKevinRabun-judges-8432a66/src/commands/benchmark.ts:1027logger.info("Login attempt", { username, password });

code evidence vHEAD · github-tarball

evidence-backed findings quoted directly from the published source artifact — not inferred

filesystem 167

fs KevinRabun-judges-8432a66/content/snippets/javascript/js-05-path-traversal.js :1 const fs = require("fs");
fs KevinRabun-judges-8432a66/content/snippets/typescript/ts-05-path-traversal.ts :1 import { readFileSync } from "fs";
fs KevinRabun-judges-8432a66/scripts/copilot-llm-benchmark.ts :24 import { writeFileSync, readFileSync, mkdirSync, existsSync } from "fs";
fs KevinRabun-judges-8432a66/scripts/daily-popular-repo-autofix.ts :4 import { existsSync, mkdtempSync, readFileSync, readdirSync, rmSync, statSync, writeFileSync } from "fs";
fs KevinRabun-judges-8432a66/scripts/debug-classify.ts :2 import { readFileSync } from "fs";
fs KevinRabun-judges-8432a66/scripts/export-to-martian.ts :16 import { readFileSync, writeFileSync, readdirSync } from "fs";
fs KevinRabun-judges-8432a66/scripts/generate-agents-from-judges.ts :9 import { writeFileSync, mkdirSync, existsSync } from "node:fs";
fs KevinRabun-judges-8432a66/scripts/generate-linkedin-snippets.ts :17 import { readFileSync, writeFileSync, readdirSync, mkdirSync, existsSync } from "fs";
fs KevinRabun-judges-8432a66/scripts/generate-skills-docs.ts :3 import { writeFileSync } from "node:fs";
fs KevinRabun-judges-8432a66/scripts/hill-climb-benchmark.ts :27 import { writeFileSync, readFileSync, mkdirSync, existsSync, unlinkSync } from "node:fs";
fs KevinRabun-judges-8432a66/scripts/prepare-cli-package.mjs :1 import { cpSync, existsSync, mkdirSync, readFileSync, rmSync, writeFileSync } from "node:fs";
fs KevinRabun-judges-8432a66/scripts/prepare-openssf-l2-cases.ts :12 import { readFileSync, writeFileSync, existsSync, readdirSync, mkdirSync } from "fs";
fs KevinRabun-judges-8432a66/scripts/run-local-llm-benchmark.ts :21 import { writeFileSync, mkdirSync } from "fs";
fs KevinRabun-judges-8432a66/scripts/run-tests-with-coverage.mjs :2 import { readFile } from 'node:fs/promises';
fs KevinRabun-judges-8432a66/scripts/self-eval.ts :6 import { readFileSync, readdirSync, statSync } from "fs";
fs KevinRabun-judges-8432a66/scripts/sync-docs.ts :14 import { readFileSync, writeFileSync } from "fs";
fs KevinRabun-judges-8432a66/scripts/sync-wiki.ts :18 import { readFileSync, writeFileSync, existsSync } from "fs";
fs KevinRabun-judges-8432a66/scripts/validate-agents.ts :11 import { existsSync, readdirSync } from "node:fs";
fs KevinRabun-judges-8432a66/src/agent-loader.ts :38 import { readFileSync, readdirSync, existsSync } from "node:fs";
fs KevinRabun-judges-8432a66/src/ast/taint-tracker.ts :57 | "path-traversal" // fs.readFile with user input
fs KevinRabun-judges-8432a66/src/ast/tree-sitter-ast.ts :17 import { existsSync, mkdirSync, renameSync, unlinkSync, writeFileSync } from "node:fs";
fs KevinRabun-judges-8432a66/src/audit-trail.ts :19 import { appendFileSync, readFileSync, existsSync } from "fs";
fs KevinRabun-judges-8432a66/src/cli-formatters.ts :1 import { mkdirSync, writeFileSync } from "fs";
fs KevinRabun-judges-8432a66/src/cli-helpers.ts :1 import { existsSync, readdirSync, statSync } from "fs";
fs KevinRabun-judges-8432a66/src/cli.ts :25 import { readFileSync, existsSync, writeFileSync, readdirSync, statSync } from "fs";
fs KevinRabun-judges-8432a66/src/commands/adoption-report.ts :8 import { readFileSync, existsSync } from "fs";
fs KevinRabun-judges-8432a66/src/commands/adoption-track.ts :5 import { readFileSync, readdirSync, statSync, existsSync } from "fs";
fs KevinRabun-judges-8432a66/src/commands/ai-gate.ts :8 import { existsSync, readFileSync, readdirSync, mkdirSync, writeFileSync } from "fs";
fs KevinRabun-judges-8432a66/src/commands/ai-model-trust.ts :8 import { readFileSync, writeFileSync, existsSync, mkdirSync } from "fs";
fs KevinRabun-judges-8432a66/src/commands/ai-output-compare.ts :9 import { existsSync, readFileSync } from "fs";
fs KevinRabun-judges-8432a66/src/commands/ai-pattern-trend.ts :9 import { existsSync, readFileSync, readdirSync, mkdirSync, writeFileSync } from "fs";
fs KevinRabun-judges-8432a66/src/commands/ai-prompt-audit.ts :8 import { readFileSync, writeFileSync, existsSync, mkdirSync } from "fs";
fs KevinRabun-judges-8432a66/src/commands/ai-provenance.ts :5 import { readFileSync, readdirSync, statSync } from "fs";
fs KevinRabun-judges-8432a66/src/commands/api-audit.ts :9 import { existsSync, readFileSync, readdirSync } from "fs";
fs KevinRabun-judges-8432a66/src/commands/api-misuse.ts :5 import { readFileSync, readdirSync, statSync } from "fs";
fs KevinRabun-judges-8432a66/src/commands/api-versioning-audit.ts :6 import { readFileSync, readdirSync, statSync, existsSync } from "fs";
fs KevinRabun-judges-8432a66/src/commands/approve-chain.ts :8 import { existsSync, readFileSync, writeFileSync, mkdirSync } from "fs";
fs KevinRabun-judges-8432a66/src/commands/arch-audit.ts :9 import { existsSync, readFileSync, readdirSync } from "fs";
fs KevinRabun-judges-8432a66/src/commands/assertion-density.ts :5 import { readFileSync, readdirSync, statSync } from "fs";
fs KevinRabun-judges-8432a66/src/commands/assign-findings.ts :36 const { readFileSync, existsSync } = require("fs");
fs KevinRabun-judges-8432a66/src/commands/async-safety.ts :5 import { readFileSync, readdirSync, statSync } from "fs";
fs KevinRabun-judges-8432a66/src/commands/audit-bundle.ts :8 import { readFileSync, writeFileSync, existsSync, mkdirSync, readdirSync } from "fs";
fs KevinRabun-judges-8432a66/src/commands/audit-trail.ts :8 import { readFileSync, writeFileSync, existsSync, mkdirSync } from "fs";
fs KevinRabun-judges-8432a66/src/commands/auto-approve.ts :5 import { readFileSync } from "fs";
fs KevinRabun-judges-8432a66/src/commands/auto-calibrate.ts :15 import { existsSync, readFileSync, writeFileSync } from "fs";
fs KevinRabun-judges-8432a66/src/commands/auto-fix.ts :6 import { readFileSync, writeFileSync, existsSync, mkdirSync } from "fs";
fs KevinRabun-judges-8432a66/src/commands/auto-triage.ts :114 const { readFileSync, existsSync } = require("fs");
fs KevinRabun-judges-8432a66/src/commands/baseline.ts :12 import { readFileSync, writeFileSync, existsSync } from "fs";
fs KevinRabun-judges-8432a66/src/commands/batch-review.ts :5 import { readFileSync, readdirSync, statSync } from "fs";
fs KevinRabun-judges-8432a66/src/commands/benchmark.ts :14 import { existsSync, readFileSync, writeFileSync, mkdirSync } from "fs";
fs KevinRabun-judges-8432a66/src/commands/blame-review.ts :5 import { readFileSync, readdirSync, statSync } from "fs";
fs KevinRabun-judges-8432a66/src/commands/boundary-enforce.ts :6 import { readFileSync, readdirSync, statSync, existsSync } from "fs";
fs KevinRabun-judges-8432a66/src/commands/build-optimize.ts :7 import { readFileSync, readdirSync, statSync } from "fs";
fs KevinRabun-judges-8432a66/src/commands/burndown.ts :8 import { readFileSync, writeFileSync, existsSync } from "fs";
fs KevinRabun-judges-8432a66/src/commands/cache-audit.ts :5 import { readFileSync, readdirSync, statSync } from "fs";
fs KevinRabun-judges-8432a66/src/commands/calibration-share.ts :15 import { readFileSync, writeFileSync, existsSync } from "fs";
fs KevinRabun-judges-8432a66/src/commands/chat-notify.ts :9 import { existsSync, readFileSync, writeFileSync, mkdirSync } from "fs";
fs KevinRabun-judges-8432a66/src/commands/ci-template.ts :157 const { existsSync } = require("fs");
fs KevinRabun-judges-8432a66/src/commands/clarity-score.ts :9 import { existsSync, readFileSync, readdirSync } from "fs";
fs KevinRabun-judges-8432a66/src/commands/clone-detect.ts :5 import { readFileSync, readdirSync, statSync } from "fs";
fs KevinRabun-judges-8432a66/src/commands/coach-mode.ts :8 import { readFileSync, existsSync } from "fs";
fs KevinRabun-judges-8432a66/src/commands/code-health.ts :5 import { readFileSync, existsSync } from "fs";
fs KevinRabun-judges-8432a66/src/commands/code-owner-suggest.ts :8 import { readFileSync, writeFileSync, existsSync, mkdirSync } from "fs";
fs KevinRabun-judges-8432a66/src/commands/code-similarity.ts :9 import { existsSync, readFileSync, readdirSync } from "fs";
fs KevinRabun-judges-8432a66/src/commands/codify-amendments.ts :21 import { readFileSync, writeFileSync, existsSync } from "fs";
fs KevinRabun-judges-8432a66/src/commands/comment-drift.ts :5 import { readFileSync, readdirSync, statSync } from "fs";
fs KevinRabun-judges-8432a66/src/commands/community-patterns.ts :8 import { readFileSync, writeFileSync, existsSync } from "node:fs";
fs KevinRabun-judges-8432a66/src/commands/compare-runs.ts :8 import { readFileSync, writeFileSync, existsSync, mkdirSync, readdirSync } from "fs";
fs KevinRabun-judges-8432a66/src/commands/completion-audit.ts :5 import { readFileSync, readdirSync, statSync } from "fs";
fs KevinRabun-judges-8432a66/src/commands/compliance-map.ts :9 import { existsSync, readFileSync, mkdirSync, writeFileSync } from "fs";
fs KevinRabun-judges-8432a66/src/commands/compliance-weight.ts :269 const input = require("fs").readFileSync(0, "utf-8");
fs KevinRabun-judges-8432a66/src/commands/config-drift.ts :8 import { readFileSync, existsSync, readdirSync, statSync } from "fs";
fs KevinRabun-judges-8432a66/src/commands/config-lint.ts :5 import { readFileSync, existsSync } from "fs";
fs KevinRabun-judges-8432a66/src/commands/config-migrate.ts :15 import { existsSync, readFileSync, writeFileSync } from "fs";
fs KevinRabun-judges-8432a66/src/commands/config-share.ts :16 import { readFileSync, writeFileSync, existsSync } from "fs";
fs KevinRabun-judges-8432a66/src/commands/context-blind.ts :5 import { readFileSync, readdirSync, statSync } from "fs";
fs KevinRabun-judges-8432a66/src/commands/context-inject.ts :9 import { readFileSync, writeFileSync, existsSync, mkdirSync, readdirSync } from "fs";
fs KevinRabun-judges-8432a66/src/commands/contract-verify.ts :5 import { readFileSync, readdirSync, statSync, existsSync } from "fs";
fs KevinRabun-judges-8432a66/src/commands/correlate.ts :8 import { readFileSync, writeFileSync, existsSync } from "fs";
fs KevinRabun-judges-8432a66/src/commands/cost-forecast.ts :8 import { readFileSync, writeFileSync, existsSync, mkdirSync } from "fs";
fs KevinRabun-judges-8432a66/src/commands/cross-file-consistency.ts :5 import { readFileSync, readdirSync, statSync } from "fs";
fs KevinRabun-judges-8432a66/src/commands/cross-pr-regression.ts :9 import { existsSync, readFileSync, writeFileSync, mkdirSync, readdirSync } from "fs";
fs KevinRabun-judges-8432a66/src/commands/custom-rule.ts :5 import { readFileSync, existsSync, writeFileSync, readdirSync, statSync } from "fs";
fs KevinRabun-judges-8432a66/src/commands/dead-code-detect.ts :5 import { readFileSync, readdirSync, statSync } from "fs";
fs KevinRabun-judges-8432a66/src/commands/dep-audit.ts :14 import { existsSync, readFileSync } from "fs";
fs KevinRabun-judges-8432a66/src/commands/dep-correlate.ts :9 import { existsSync, readFileSync, mkdirSync, writeFileSync } from "fs";
fs KevinRabun-judges-8432a66/src/commands/deploy-readiness.ts :6 import { readFileSync, readdirSync, statSync, existsSync } from "fs";
fs KevinRabun-judges-8432a66/src/commands/deprecated.ts :202 const { readFileSync, existsSync } = require("fs");
fs KevinRabun-judges-8432a66/src/commands/deps.ts :10 import { readFileSync, existsSync, readdirSync } from "fs";
fs KevinRabun-judges-8432a66/src/commands/design-audit.ts :9 import { existsSync, readFileSync, readdirSync } from "fs";
fs KevinRabun-judges-8432a66/src/commands/dev-score.ts :8 import { readFileSync, writeFileSync, existsSync, mkdirSync } from "fs";
fs KevinRabun-judges-8432a66/src/commands/diff-explain.ts :5 import { readFileSync } from "fs";
fs KevinRabun-judges-8432a66/src/commands/diff-review.ts :5 import { readFileSync } from "fs";
fs KevinRabun-judges-8432a66/src/commands/diff.ts :9 import { readFileSync, existsSync } from "fs";
fs KevinRabun-judges-8432a66/src/commands/digest.ts :8 import { readFileSync, writeFileSync, existsSync } from "fs";
fs KevinRabun-judges-8432a66/src/commands/doc-drift.ts :9 import { existsSync, readFileSync, readdirSync } from "fs";
fs KevinRabun-judges-8432a66/src/commands/doc-gen.ts :8 import { existsSync, readFileSync, mkdirSync, writeFileSync } from "fs";
fs KevinRabun-judges-8432a66/src/commands/docs.ts :10 import { writeFileSync, mkdirSync, existsSync } from "fs";
fs KevinRabun-judges-8432a66/src/commands/doctor.ts :12 import { existsSync, readFileSync } from "fs";
fs KevinRabun-judges-8432a66/src/commands/encoding-safety.ts :5 import { readFileSync, readdirSync, statSync } from "fs";
fs KevinRabun-judges-8432a66/src/commands/error-taxonomy.ts :6 import { readFileSync, readdirSync, statSync } from "fs";
fs KevinRabun-judges-8432a66/src/commands/error-ux.ts :5 import { readFileSync, readdirSync, statSync } from "fs";
fs KevinRabun-judges-8432a66/src/commands/event-leak.ts :5 import { readFileSync, readdirSync, statSync } from "fs";
fs KevinRabun-judges-8432a66/src/commands/evidence-chain.ts :5 import { readFileSync, readdirSync, statSync } from "fs";
fs KevinRabun-judges-8432a66/src/commands/example-leak.ts :5 import { readFileSync, readdirSync, statSync } from "fs";
fs KevinRabun-judges-8432a66/src/commands/exception-consistency.ts :7 import { readFileSync, readdirSync, statSync } from "fs";
fs KevinRabun-judges-8432a66/src/commands/exec-report.ts :9 import { existsSync, readFileSync, mkdirSync, writeFileSync } from "fs";
fs KevinRabun-judges-8432a66/src/commands/explain-finding.ts :6 import { readFileSync, existsSync } from "fs";
fs KevinRabun-judges-8432a66/src/commands/external-benchmarks.ts :19 import { existsSync, readFileSync, writeFileSync, mkdirSync } from "fs";
fs KevinRabun-judges-8432a66/src/commands/false-negatives.ts :38 const { readFileSync, existsSync } = require("fs");
fs KevinRabun-judges-8432a66/src/commands/feedback-rules.ts :14 import { readFileSync, writeFileSync, existsSync } from "fs";
fs KevinRabun-judges-8432a66/src/commands/feedback.ts :18 import { existsSync, readFileSync, writeFileSync, mkdirSync } from "fs";
fs KevinRabun-judges-8432a66/src/commands/finding-age-analysis.ts :5 import { readFileSync, existsSync, readdirSync } from "fs";
fs KevinRabun-judges-8432a66/src/commands/finding-age-report.ts :5 import { readFileSync, writeFileSync, existsSync, mkdirSync } from "fs";
fs KevinRabun-judges-8432a66/src/commands/finding-age-tracker.ts :8 import { readFileSync, writeFileSync, existsSync, mkdirSync } from "fs";
fs KevinRabun-judges-8432a66/src/commands/finding-age.ts :5 import { readFileSync, writeFileSync, existsSync, mkdirSync } from "fs";
fs KevinRabun-judges-8432a66/src/commands/finding-ancestry-trace.ts :1 import { readFileSync, existsSync } from "fs";
fs KevinRabun-judges-8432a66/src/commands/finding-annotation-export.ts :1 import { readFileSync, writeFileSync, existsSync, mkdirSync } from "fs";
fs KevinRabun-judges-8432a66/src/commands/finding-annotation-layer.ts :5 import { readFileSync, writeFileSync, existsSync } from "fs";
fs KevinRabun-judges-8432a66/src/commands/finding-auto-categorize.ts :1 import { readFileSync, existsSync } from "fs";
fs KevinRabun-judges-8432a66/src/commands/finding-auto-fix-suggest.ts :1 import { readFileSync, existsSync } from "fs";
fs KevinRabun-judges-8432a66/src/commands/finding-auto-fix.ts :5 import { readFileSync, writeFileSync, existsSync, mkdirSync } from "fs";
fs KevinRabun-judges-8432a66/src/commands/finding-auto-group.ts :5 import { readFileSync, existsSync } from "fs";
fs KevinRabun-judges-8432a66/src/commands/finding-auto-label.ts :6 import { readFileSync, existsSync, writeFileSync, mkdirSync } from "fs";
fs KevinRabun-judges-8432a66/src/commands/finding-auto-priority.ts :1 import { readFileSync, existsSync } from "fs";
fs KevinRabun-judges-8432a66/src/commands/finding-auto-suppress.ts :5 import { readFileSync, writeFileSync, existsSync } from "fs";
fs KevinRabun-judges-8432a66/src/commands/finding-auto-tag.ts :5 import { readFileSync, existsSync } from "fs";
fs KevinRabun-judges-8432a66/src/commands/finding-auto-triage.ts :5 import { readFileSync, writeFileSync, existsSync } from "fs";
fs KevinRabun-judges-8432a66/src/commands/finding-autofix-preview.ts :6 import { readFileSync, existsSync } from "fs";
fs KevinRabun-judges-8432a66/src/commands/finding-batch-resolve.ts :5 import { readFileSync, writeFileSync, existsSync, mkdirSync } from "fs";
fs KevinRabun-judges-8432a66/src/commands/finding-batch-suppress.ts :5 import { readFileSync, writeFileSync, existsSync } from "fs";
fs KevinRabun-judges-8432a66/src/commands/finding-batch-triage.ts :1 import { readFileSync, existsSync, writeFileSync, mkdirSync } from "fs";
fs KevinRabun-judges-8432a66/src/commands/finding-blast-radius.ts :5 import { readFileSync, existsSync } from "fs";
fs KevinRabun-judges-8432a66/src/commands/finding-budget.ts :5 import { readFileSync, readdirSync, statSync } from "fs";
fs KevinRabun-judges-8432a66/src/commands/finding-category-map.ts :5 import { readFileSync, existsSync } from "fs";
fs KevinRabun-judges-8432a66/src/commands/finding-category-stats.ts :5 import { readFileSync, existsSync } from "fs";
fs KevinRabun-judges-8432a66/src/commands/finding-category.ts :5 import { readFileSync, writeFileSync, existsSync, mkdirSync } from "fs";
fs KevinRabun-judges-8432a66/src/commands/finding-change-impact.ts :5 import { readFileSync, existsSync } from "fs";
fs KevinRabun-judges-8432a66/src/commands/finding-cluster-analysis.ts :5 import { readFileSync, existsSync } from "fs";
fs KevinRabun-judges-8432a66/src/commands/finding-cluster-group.ts :5 import { readFileSync, existsSync } from "fs";
fs KevinRabun-judges-8432a66/src/commands/finding-cluster-summary.ts :1 import { readFileSync, existsSync } from "fs";
fs KevinRabun-judges-8432a66/src/commands/finding-cluster.ts :5 import { readFileSync, existsSync } from "fs";
fs KevinRabun-judges-8432a66/src/commands/finding-code-context.ts :5 import { readFileSync, existsSync } from "fs";
fs KevinRabun-judges-8432a66/src/commands/finding-code-smell.ts :5 import { readFileSync, existsSync } from "fs";
fs KevinRabun-judges-8432a66/src/commands/finding-compare-runs.ts :5 import { readFileSync, existsSync } from "fs";
fs KevinRabun-judges-8432a66/src/commands/finding-compliance-tag.ts :1 import { readFileSync, existsSync } from "fs";
fs KevinRabun-judges-8432a66/src/commands/finding-confidence-boost.ts :1 import { readFileSync, existsSync } from "fs";
fs KevinRabun-judges-8432a66/src/commands/finding-confidence-calibrate.ts :5 import { readFileSync, writeFileSync, existsSync } from "fs";
fs KevinRabun-judges-8432a66/src/commands/finding-confidence-filter.ts :5 import { readFileSync, existsSync } from "fs";
fs KevinRabun-judges-8432a66/src/commands/finding-contest.ts :8 import { existsSync, readFileSync, writeFileSync, mkdirSync } from "fs";
fs KevinRabun-judges-8432a66/src/commands/finding-context-enrich.ts :5 import { readFileSync, existsSync } from "fs";
fs KevinRabun-judges-8432a66/src/commands/finding-context-expand.ts :6 import { readFileSync, existsSync } from "fs";
fs KevinRabun-judges-8432a66/src/commands/finding-context-link.ts :1 import { readFileSync, existsSync } from "fs";
fs KevinRabun-judges-8432a66/src/commands/finding-context-summary.ts :1 import { readFileSync, existsSync } from "fs";
fs KevinRabun-judges-8432a66/src/commands/finding-context-window.ts :5 import { readFileSync, existsSync } from "fs";
fs KevinRabun-judges-8432a66/src/commands/finding-context.ts :5 import { readFileSync, writeFileSync, existsSync, mkdirSync } from "fs";
fs KevinRabun-judges-8432a66/src/commands/finding-correlate.ts :5 import { readFileSync, existsSync } from "fs";
fs KevinRabun-judges-8432a66/src/commands/finding-correlation-map.ts :5 import { readFileSync, existsSync } from "fs";
fs KevinRabun-judges-8432a66/src/commands/finding-correlation.ts :5 import { readFileSync, existsSync, readdirSync } from "fs";
fs KevinRabun-judges-8432a66/src/commands/finding-cross-file-link.ts :1 import { readFileSync, existsSync } from "fs";
fs KevinRabun-judges-8432a66/src/commands/finding-cross-ref.ts :5 import { readFileSync, existsSync, readdirSync } from "fs";
fs KevinRabun-judges-8432a66/src/commands/finding-cve-lookup.ts :5 import { readFileSync, existsSync } from "fs";
fs KevinRabun-judges-8432a66/src/commands/finding-cwe-lookup.ts :5 import { readFileSync, existsSync } from "fs";
fs KevinRabun-judges-8432a66/src/commands/finding-cwe-map.ts :6 import { readFileSync, existsSync } from "fs";
fs KevinRabun-judges-8432a66/src/commands/finding-dedup-cross-file.ts :5 import { readFileSync, existsSync } from "fs";
fs KevinRabun-judges-8432a66/src/commands/finding-dedup-cross.ts :5 import { readFileSync, existsSync } from "fs";
fs KevinRabun-judges-8432a66/src/commands/finding-dedup-merge.ts :1 import { readFileSync, existsSync, readdirSync } from "fs";

shell / exec 17

shell KevinRabun-judges-8432a66/content/snippets/javascript/js-04-command-injection.js :1 const { execSync } = require("child_process");
shell KevinRabun-judges-8432a66/scripts/check-agents.ts :9 import { execSync } from "node:child_process";
shell KevinRabun-judges-8432a66/scripts/daily-popular-repo-autofix.ts :3 import { execFileSync } from "child_process";
shell KevinRabun-judges-8432a66/scripts/prepare-openssf-l2-cases.ts :14 import { execSync } from "child_process";
shell KevinRabun-judges-8432a66/scripts/run-tests-with-coverage.mjs :1 import { spawn } from 'node:child_process';
shell KevinRabun-judges-8432a66/scripts/sync-wiki.ts :20 import { execSync } from "child_process";
shell KevinRabun-judges-8432a66/src/ast/cross-file-taint.ts :177 // export function processInput(userInput: string) { exec(userInput); }
shell KevinRabun-judges-8432a66/src/commands/auto-fix.ts :63 before: 'exec("git " + command)',
shell KevinRabun-judges-8432a66/src/commands/batch-review.ts :44 { name: "command-injection", severity: "critical", regex: /exec(?:Sync)?\s*\(\s*`[^`]*\$\{/ },
shell KevinRabun-judges-8432a66/src/commands/benchmark.ts :260 code: `import { exec } from "child_process";
shell KevinRabun-judges-8432a66/src/commands/burndown.ts :41 const { execSync } = require("child_process");
shell KevinRabun-judges-8432a66/src/commands/coach-mode.ts :100 "BEFORE: `execSync('convert ' + filename)`\nAFTER: `spawn('convert', [filename])`\n\nUse array-based APIs. Validate inputs against allowlists. Never pass user input to exec().",
shell KevinRabun-judges-8432a66/src/commands/commit-hygiene.ts :6 import { execSync } from "child_process";
shell KevinRabun-judges-8432a66/src/commands/dep-audit.ts :15 import { execSync } from "child_process";
shell KevinRabun-judges-8432a66/src/commands/dep-correlate.ts :129 child_process: ["command-injection", "exec"],
shell KevinRabun-judges-8432a66/src/commands/diff-review.ts :6 import { execSync } from "child_process";
shell KevinRabun-judges-8432a66/src/commands/doc-gen.ts :102 example: "execFile('git', ['log', '--oneline'], callback)",

network 7

net KevinRabun-judges-8432a66/content/snippets/typescript/ts-03-hardcoded-secret.ts :3 return fetch("/api", {
net KevinRabun-judges-8432a66/src/ast/tree-sitter-ast.ts :119 const response = await fetch(`${GRAMMAR_BASE_URL}/${file}`);
net KevinRabun-judges-8432a66/src/commands/api-misuse.ts :100 issue: "fetch() without status check",
net KevinRabun-judges-8432a66/src/commands/auto-fix.ts :95 before: "await fetch(userUrl)",
net KevinRabun-judges-8432a66/src/commands/benchmark.ts :232 fetch("https://api.example.com", {
net KevinRabun-judges-8432a66/src/commands/coach-mode.ts :80 "BEFORE: `fetch('http://api.example.com/data')`\nAFTER: `fetch('https://api.example.com/data')`\n\nAlways use HTTPS. Enable HSTS headers. Reject HTTP in production.",
net KevinRabun-judges-8432a66/src/commands/config-share.ts :466 const response = await fetch(url);

secrets 8

secrets KevinRabun-judges-8432a66/content/snippets/javascript/js-01-auth-bypass.js :2 return token === process.env.ADMIN_TOKEN;
secrets KevinRabun-judges-8432a66/scripts/daily-popular-repo-autofix.ts :239 if (process.env.GH_TOKEN?.trim() || process.env.GITHUB_TOKEN?.trim()) {
secrets KevinRabun-judges-8432a66/scripts/debug-verdict.ts :48 const token = jwt.sign({ sub: user.id, role: user.role }, process.env.JWT_SECRET!, {
secrets KevinRabun-judges-8432a66/scripts/hill-climb-benchmark.ts :413 const apiKey = process.env.ANTHROPIC_API_KEY;
secrets KevinRabun-judges-8432a66/src/commands/benchmark.ts :400 const token = jwt.sign({ sub: user.id }, process.env.JWT_SECRET!, { expiresIn: "1h" });
secrets KevinRabun-judges-8432a66/src/commands/coach-mode.ts :50 "BEFORE: `const apiKey = 'sk-1234567890abcdef'`\nAFTER: `const apiKey = process.env.API_KEY`\n\nUse environment variables, .env files (gitignored), or a secrets manager (AWS SSM, HashiCorp Vault).",
secrets KevinRabun-judges-8432a66/src/commands/doc-gen.ts :107 example: "const apiKey = process.env.API_KEY",
secrets KevinRabun-judges-8432a66/src/commands/finding-auto-fix.ts :48 snippet: "// Before: const apiKey = 'sk-abc123'\n// After: const apiKey = process.env.API_KEY",

database 1

db KevinRabun-judges-8432a66/content/snippets/javascript/js-03-hardcoded-secret.js :3 return require("pg").Pool({

tool registrations 1

judges_evaluate KevinRabun-judges-8432a66/vscode-extension/src/lm-tool.ts :31

declared dependencies 16

@modelcontextprotocol/sdk@^1.26.0
typescript@^5.9.3
web-tree-sitter@^0.26.6
zod@^4.3.6
@anthropic-ai/sdk@^0.81.0
@eslint/js@^10.0.1
@types/node@^25.3.0
@typescript-eslint/eslint-plugin@^8.56.1
@typescript-eslint/parser@^8.56.1
c8@^11.0.0
eslint@^10.0.2
eslint-config-prettier@^10.1.8
husky@^9.1.7
lint-staged@^16.2.7
prettier@^3.8.1
tsx@^4.19.4