Informational scan, not a security audit. How this is computed.
API keys, passwords or tokens committed into the repo.
curl-auth-header Discovered a potential authorization token provided in a curl command header, which could compromise the curl accessed resource.curl-auth-header Discovered a potential authorization token provided in a curl command header, which could compromise the curl accessed resource.curl-auth-header Discovered a potential authorization token provided in a curl command header, which could compromise the curl accessed resource.curl-auth-header Discovered a potential authorization token provided in a curl command header, which could compromise the curl accessed resource.curl-auth-header Discovered a potential authorization token provided in a curl command header, which could compromise the curl accessed resource.curl-auth-header Discovered a potential authorization token provided in a curl command header, which could compromise the curl accessed resource.curl-auth-header Discovered a potential authorization token provided in a curl command header, which could compromise the curl accessed resource.curl-auth-header Discovered a potential authorization token provided in a curl command header, which could compromise the curl accessed resource.curl-auth-header Discovered a potential authorization token provided in a curl command header, which could compromise the curl accessed resource.curl-auth-header Discovered a potential authorization token provided in a curl command header, which could compromise the curl accessed resource.curl-auth-header Discovered a potential authorization token provided in a curl command header, which could compromise the curl accessed resource.curl-auth-header Discovered a potential authorization token provided in a curl command header, which could compromise the curl accessed resource.curl-auth-header Discovered a potential authorization token provided in a curl command header, which could compromise the curl accessed resource.curl-auth-header Discovered a potential authorization token provided in a curl command header, which could compromise the curl accessed resource.curl-auth-header Discovered a potential authorization token provided in a curl command header, which could compromise the curl accessed resource.curl-auth-header Discovered a potential authorization token provided in a curl command header, which could compromise the curl accessed resource.curl-auth-header Discovered a potential authorization token provided in a curl command header, which could compromise the curl accessed resource.curl-auth-header Discovered a potential authorization token provided in a curl command header, which could compromise the curl accessed resource.curl-auth-header Discovered a potential authorization token provided in a curl command header, which could compromise the curl accessed resource.curl-auth-header Discovered a potential authorization token provided in a curl command header, which could compromise the curl accessed resource.curl-auth-header Discovered a potential authorization token provided in a curl command header, which could compromise the curl accessed resource.curl-auth-header Discovered a potential authorization token provided in a curl command header, which could compromise the curl accessed resource.curl-auth-header Discovered a potential authorization token provided in a curl command header, which could compromise the curl accessed resource.curl-auth-header Discovered a potential authorization token provided in a curl command header, which could compromise the curl accessed resource.curl-auth-header Discovered a potential authorization token provided in a curl command header, which could compromise the curl accessed resource.Packages you depend on that have known security holes (CVEs).
CVE-2026-35002 Agno is vulnerable to Eval InjectionCVE-2026-32871 fastmcp: FastMCP: Authenticated Server-Side Request Forgery via path traversal in OpenAPI path parametersCVE-2026-32274 black: Black: Arbitrary file writes from unsanitized user input in cache file nameCVE-2025-68146 filelock: filelock: Time-of-Check-Time-of-Use (TOCTOU) race condition and symlink attack allows arbitrary file corruption or truncationCVE-2026-22701 filelock: filelock Time-of-Check-Time-of-Use (TOCTOU) in SoftFileLockCVE-2025-66034 fonttools: fontTools: Arbitrary file write leading to remote code execution via malicious .designspace fileCVE-2026-42215 GitPython is a python library used to interact with Git repositories. ...CVE-2026-42284 GitPython is a python library used to interact with Git repositories. ...CVE-2026-44243 GitPython: GitPython: Arbitrary file write via crafted reference pathsCVE-2026-44244 GitPython is a python library used to interact with Git repositories. ...GHSA-mv93-w799-cj2w GitPython: Newline injection in config_writer() section parameter bypasses CVE-2026-42215 patch, enabling RCE via core.hooksPathCVE-2026-45409 Internationalized Domain Names in Applications (IDNA) for Python provi ...CVE-2026-25990 pillow: Pillow: Out-of-bounds Write via Specially Crafted PSD ImageCVE-2026-40192 Pillow: Pillow: Denial of Service via decompression bomb in FITS image processingCVE-2026-42311 Pillow: python-pillow: Pillow: Arbitrary code execution via malicious PSD file processingCVE-2026-42308 Pillow: python: Pillow: Denial of Service via integer overflow in font processingCVE-2026-42309 Pillow: Pillow: Denial of Service via specially crafted coordinate inputCVE-2026-42310 Pillow: Pillow: Denial of Service via malicious PDF processingCVE-2026-23490 pyasn1: pyasn1: Denial of Service due to memory exhaustion from malformed RELATIVE-OIDCVE-2026-30922 pyasn1: pyasn1 Vulnerable to Denial of Service via Unbounded RecursionCVE-2026-28684 python-dotenv: python-dotenv: Arbitrary file overwrite via symbolic link followingCVE-2026-24486 python-multipart: Python-Multipart: Arbitrary file write via path traversal vulnerabilityCVE-2026-42561 python-multipart: python-multipart: Denial of Service via excessive multipart part headersCVE-2026-53539 Python-Multipart is a streaming multipart parser for Python. Prior to ...CVE-2026-40347 python-multipart: Python-Multipart: Denial of Service via crafted multipart/form-data requestsYour dependencies cross-checked against the OSV vulnerability database.
PYSEC-2026-256 Agno is vulnerable to Eval InjectionPYSEC-2026-366 Jupyter Server: Stored XSS in `NbconvertFileHandler` / `NbconvertPostHandler` via missing `sandbox` CSP GHSA-mqcg-5x36-vfcg JupyterLab's command linker attributes in HTML enable one-click command execution from untrusted contentGHSA-mqcg-5x36-vfcg JupyterLab's command linker attributes in HTML enable one-click command execution from untrusted contentPYSEC-2026-36 cryptography is a package designed to expose cryptographic primitives and recipes to Python developers. From 45.0.0 to before 46.0.7, if a non-contiguous buffer was passed to APIs which accepted PythoPYSEC-2026-338 FastMCP OpenAPI Provider has an SSRF & Path Traversal VulnerabilityPYSEC-2026-215 Internationalized Domain Names in Applications (IDNA) for Python provides support for Internationalized Domain Names in Applications (IDNA) and Unicode IDNA Compatibility Processing. In versions priorPYSEC-2018-28 The Requests package before 2.20.0 for Python sends an HTTP Authorization header to an http URI upon receiving a same-hostname https-to-http redirect, which makes it easier for remote attackers to disPYSEC-2023-74 Requests is a HTTP library. Since Requests 2.3.0, Requests has been leaking Proxy-Authorization headers to destination servers when redirected to an HTTPS endpoint. This is a product of how we use `rePYSEC-2026-1872 Requests vulnerable to .netrc credentials leak via malicious URLsPYSEC-2026-1873 Requests `Session` object does not verify requests after making first request with verify=FalseGHSA-gc5v-m9x4-r6x2 Requests has Insecure Temp File Reuse in its extract_zipped_paths() utility functionPYSEC-2017-74 The tqdm._version module in tqdm versions 4.4.1 and 4.10 allows local users to execute arbitrary code via a crafted repo with a malicious git log in the current working directory.GHSA-82m5-3pcp-hccq agno contains a SQL injection vulnerabilityGHSA-3936-cmfr-pm3m Black: Arbitrary file writes from unsanitized user input in cache file nameGHSA-gj48-438w-jh9v Bleach clean() / Cleaner() fails to sanitize dangerous URI schemes in allowed formaction attributesPYSEC-2026-1374 filelock Time-of-Check-Time-of-Use (TOCTOU) Symlink Vulnerability in SoftFileLockPYSEC-2026-1375 filelock has a TOCTOU race condition which allows symlink attacks during lock file creationPYSEC-2026-1389 fontTools is Vulnerable to Arbitrary File Write and XML injection in fontTools.varLibGHSA-7545-fcxq-7j24 GitPython reference APIs has a path traversal vulnerability that allows arbitrary file write and delete outside the repositoryGHSA-mv93-w799-cj2w GitPython: Newline injection in config_writer() section parameter bypasses CVE-2026-42215 patch, enabling RCE via core.hooksPathGHSA-rpm5-65cw-6hj4 GitPython has Command Injection via Git options bypassGHSA-v87r-6q3f-2j67 GitPython: Newline injection in config_writer().set_value() enables RCE via core.hooksPathGHSA-x2qx-6953-8485 GitPython: Unsafe option check validates multi_options before shlex.split transformationPYSEC-2026-215 Internationalized Domain Names in Applications (IDNA) for Python provides support for Internationalized Domain Names in Applications (IDNA) and Unicode IDNA Compatibility Processing. In versions priorCode that can be exploited — injection, hardcoded credentials and similar.
Nothing found by this check. ✓
Packages that look intentionally malicious — typosquats, sneaky install scripts.
Nothing found by this check. ✓
A signal about how the project is maintained — not a vulnerability in your code. It doesn’t affect the verdict above.
Maintenance & supply-chain hygiene. A signal about the project — not a vulnerability in your code.
scorecard-overall OpenSSF Scorecard overall: 1.8/10scorecard-CI-Tests CI-Tests scored 0: 0 out of 7 merged PRs checked by a CI test -- score normalized to 0scorecard-CII-Best-Practices CII-Best-Practices scored 0: no effort to earn an OpenSSF best practices badge detectedscorecard-Code-Review Code-Review scored 0: Found 0/8 approved changesets -- score normalized to 0scorecard-Dependency-Update-Tool Dependency-Update-Tool scored 0: no update tool detectedscorecard-Fuzzing Fuzzing scored 0: project is not fuzzedscorecard-Maintained Maintained scored 0: project was created within the last 90 days. Please review its contents carefullyscorecard-Pinned-Dependencies Pinned-Dependencies scored 0: dependency not pinned by hash detected -- score normalized to 0scorecard-SAST SAST scored 0: SAST tool is not run on all commits -- score normalized to 0scorecard-Security-Policy Security-Policy scored 0: security policy file not detected