@maestro-ai/mcp-server

Environment file access

Detected by automated pattern matching (rule DE-002) with medium confidence. May be a false positive.

    48: 
    49: # Configure variáveis de ambiente
>>> 50: cp .env.example .env
    51: # Edite .env com suas configurações
    52: 

Environment file access

Detected by automated pattern matching (rule DE-002) with medium confidence. May be a false positive.

    328: ```markdown
    329: ❌ Ruim: "Configure as variáveis de ambiente"
>>> 330: ✅ Bom: "Copie .env.example para .env e configure DATABASE_URL com sua string de conexão PostgreSQL"
    331: ```
    332: 

Environment file access

Detected by automated pattern matching (rule DE-002) with medium confidence. May be a false positive.

    241: ```bash
    242: npm install
>>> 243: cp .env.example .env
    244: npm run dev
    245: ```

Environment file access

Detected by automated pattern matching (rule DE-002) with medium confidence. May be a false positive.

    52: cd [projeto]
    53: npm install
>>> 54: cp .env.example .env
    55: npm run dev
    56: ```

Environment file access

Detected by automated pattern matching (rule DE-002) with medium confidence. May be a false positive.

    450: 
    451: # Configuração
>>> 452: cp .env.example .env
    453: 
    454: # Execução

Environment file access

Detected by automated pattern matching (rule DE-002) with medium confidence. May be a false positive.

    73: 
    74: # Configure variáveis de ambiente
>>> 75: cp .env.example .env
    76: # Configure DATABASE_URL, JWT_SECRET, etc.
    77: 

Environment file access

Detected by automated pattern matching (rule DE-002) with medium confidence. May be a false positive.

    145:                 checks.append("✅ .env.example existe")
    146:             else:
>>> 147:                 issues.append("❌ .env.example ausente")
    148:         else:
    149:             issues.append("❌ README.md não existe")

Environment file access

Detected by automated pattern matching (rule DE-002) with medium confidence. May be a false positive.

    143:             if env_example.exists():
    144:                 score += 1
>>> 145:                 checks.append("✅ .env.example existe")
    146:             else:
    147:                 issues.append("❌ .env.example ausente")

Environment file access

Detected by automated pattern matching (rule DE-002) with medium confidence. May be a false positive.

    140:             
    141:             # Variáveis de ambiente
>>> 142:             env_example = self.project_path / ".env.example"
    143:             if env_example.exists():
    144:                 score += 1

Environment file access

Detected by automated pattern matching (rule DE-002) with medium confidence. May be a false positive.

    647:         """Retorna próximos passos após inicialização"""
    648:         steps = [
>>> 649:             "Configure as variáveis de ambiente no arquivo .env",
    650:             "Execute as migrações do banco de dados (se aplicável)",
    651:             "Inicie o servidor de desenvolvimento",

Environment file access

Detected by automated pattern matching (rule DE-002) with medium confidence. May be a false positive.

    200: import { apiClient } from './client/api-client';
    201: 
>>> 202: apiClient.defaults.baseURL = process.env.API_URL;
    203: \`\`\`
    204: 

Environment file access

Detected by automated pattern matching (rule DE-002) with medium confidence. May be a false positive.

    146: \`\`\`typescript
    147: // Trocar mocks por API real
>>> 148: if (process.env.NODE_ENV === 'production') {
    149:   // MSW não inicia
    150:   // Cliente usa API real

Environment file access

Detected by automated pattern matching (rule DE-002) with medium confidence. May be a false positive.

    551: # Configure variáveis de ambiente
    552: cp .env.example .env
>>> 553: # Edite o arquivo .env com suas configurações
    554: 
    555: # Execute migrações (se aplicável)

Environment file access

Detected by automated pattern matching (rule DE-002) with medium confidence. May be a false positive.

    550: 
    551: # Configure variáveis de ambiente
>>> 552: cp .env.example .env
    553: # Edite o arquivo .env com suas configurações
    554: 

Environment file access

Detected by automated pattern matching (rule DE-002) with medium confidence. May be a false positive.

    271:     
    272:     def _generate_env_example(self, project_type: str) -> str:
>>> 273:         """Gera .env.example baseado no tipo de projeto"""
    274:         
    275:         base_vars = """

Environment file access

Detected by automated pattern matching (rule DE-002) with medium confidence. May be a false positive.

    133:             env_content = self._generate_env_example(project_type)
    134:             files.append({
>>> 135:                 "path": ".env.example",
    136:                 "content": env_content,
    137:                 "type": "env"

Environment file access

Detected by automated pattern matching (rule DE-002) with medium confidence. May be a false positive.

    129:         })
    130:         
>>> 131:         # .env.example (se aplicável)
    132:         if project_type in ["web", "api"]:
    133:             env_content = self._generate_env_example(project_type)

Environment file access

Detected by automated pattern matching (rule DE-002) with medium confidence. May be a false positive.

    41: ### Tier 1: Mínimo Viável (Todo Projeto)
    42: - README.md com getting started
>>> 43: - .env.example com variáveis obrigatórias
    44: - OpenAPI spec (se tiver API)
    45: - Scripts básicos (dev, build, test)

Environment file access

Detected by automated pattern matching (rule DE-002) with medium confidence. May be a false positive.

    113: import { worker } from './api-contract/mocks/browser';
    114: 
>>> 115: if (process.env.NODE_ENV === 'development') {
    116:   worker.start();
    117: }

Environment file access

Detected by automated pattern matching (rule DE-002) with medium confidence. May be a false positive.

    84:  */
    85: export function getDefaultProjectsDirectory() {
>>> 86:     return process.env.NODE_ENV === "production"
    87:         ? "/app/projects"
    88:         : process.cwd();

Environment file access

Detected by automated pattern matching (rule DE-002) with medium confidence. May be a false positive.

    3: import cors from "cors";
    4: import { randomUUID } from "crypto";
>>> 5: const PORT = parseInt(process.env.PORT || "3000", 10);
    6: const app = express();
    7: // Middleware

Environment file access

Detected by automated pattern matching (rule DE-002) with medium confidence. May be a false positive.

    77:  */
    78: export function validarGateComTemplate(fase, entregavel, tier = "base", diretorioContent, checklistItems) {
>>> 79:     if (process.env.NODE_ENV !== 'production') {
    80:         console.warn(`[DEPRECATED v6.3] validarGateComTemplate() foi substituído por IntelligentGateEngine.validateDeliverable(). ` +
    81:             `Será removido na v7.0.`);

Environment file access

Detected by automated pattern matching (rule DE-002) with medium confidence. May be a false positive.

    88: SKIP_DIRS = {'node_modules', '.git', 'dist', 'build', '__pycache__', '.venv', 'venv', '.next'}
    89: CODE_EXTENSIONS = {'.js', '.ts', '.jsx', '.tsx', '.py', '.go', '.java', '.rb', '.php'}
>>> 90: CONFIG_EXTENSIONS = {'.json', '.yaml', '.yml', '.toml', '.env', '.env.local', '.env.development'}
    91: 
    92: 

Environment file access

Detected by automated pattern matching (rule DE-002) with medium confidence. May be a false positive.

    384:     service: process.env.SERVICE_NAME,
    385:     version: process.env.SERVICE_VERSION,
>>> 386:     environment: process.env.NODE_ENV
    387:   },
    388:   transports: [

Environment file access

Detected by automated pattern matching (rule DE-002) with medium confidence. May be a false positive.

    843: Sentry.init({
    844:   dsn: process.env.NEXT_PUBLIC_SENTRY_DSN,
>>> 845:   environment: process.env.NODE_ENV,
    846:   tracesSampleRate: 1.0,
    847: });

Environment file access

Detected by automated pattern matching (rule DE-002) with medium confidence. May be a false positive.

    842: 
    843: Sentry.init({
>>> 844:   dsn: process.env.NEXT_PUBLIC_SENTRY_DSN,
    845:   environment: process.env.NODE_ENV,
    846:   tracesSampleRate: 1.0,

Environment file access

Detected by automated pattern matching (rule DE-002) with medium confidence. May be a false positive.

    707:                             env_patterns = [
    708:                                 r'process\.env\.([A-Z_]+)',
>>> 709:                                 r'import\.meta\.env\.([A-Z_]+)',
    710:                                 r'["\']([A-Z_]+)["\'].*environment'
    711:                             ]

Environment file access

Detected by automated pattern matching (rule DE-002) with medium confidence. May be a false positive.

    706:                             import re
    707:                             env_patterns = [
>>> 708:                                 r'process\.env\.([A-Z_]+)',
    709:                                 r'import\.meta\.env\.([A-Z_]+)',
    710:                                 r'["\']([A-Z_]+)["\'].*environment'

Environment file access

Detected by automated pattern matching (rule DE-002) with medium confidence. May be a false positive.

    268: #### Configuration Changes
    269: ```bash
>>> 270: # Arquivo: .env.production
    271: # Mudanças:
    272: - OLD_VALUE=new_value

Environment file access

Detected by automated pattern matching (rule DE-002) with medium confidence. May be a false positive.

    849:   
    850:   private async sendSlackAlert(severity: string, message: string): Promise<void> {
>>> 851:     const webhook = process.env.SLACK_WEBHOOK_URL;
    852:     const color = this.getSeverityColor(severity);
    853:     

Environment file access

Detected by automated pattern matching (rule DE-002) with medium confidence. May be a false positive.

    383:   defaultMeta: {
    384:     service: process.env.SERVICE_NAME,
>>> 385:     version: process.env.SERVICE_VERSION,
    386:     environment: process.env.NODE_ENV
    387:   },

Environment file access

Detected by automated pattern matching (rule DE-002) with medium confidence. May be a false positive.

    69: 2. `source venv/bin/activate`
    70: 3. `pip install fastapi uvicorn sqlalchemy alembic pydantic`
>>> 71: 4. Create `.env`
    72: 5. `alembic upgrade head`
    73: 6. `uvicorn app.main:app --reload`

Environment file access

Detected by automated pattern matching (rule DE-002) with medium confidence. May be a false positive.

    35: │   └── utils/
    36: ├── tests/
>>> 37: ├── .env.example
    38: └── requirements.txt
    39: ```

Environment file access

Detected by automated pattern matching (rule DE-002) with medium confidence. May be a false positive.

    46: │   └── css/
    47: │       └── main.css
>>> 48: ├── .env.example
    49: ├── nuxt.config.ts
    50: └── package.json

Environment file access

Detected by automated pattern matching (rule DE-002) with medium confidence. May be a false positive.

    37: │   │   └── utils.ts
    38: │   └── types/
>>> 39: ├── .env.example
    40: └── package.json
    41: ```

Environment file access

Detected by automated pattern matching (rule DE-002) with medium confidence. May be a false positive.

    82: | `tsconfig.json` | TypeScript + path aliases (`@/features/*`) |
    83: | `tailwind.config.ts` | Tailwind config |
>>> 84: | `.env.example` | Environment template |
    85: | `README.md` | Project documentation |
    86: | `.gitignore` | Git ignore rules |

Environment file access

Detected by automated pattern matching (rule DE-002) with medium confidence. May be a false positive.

    54: ├── public/
    55: ├── .env.example
>>> 56: ├── .env.local
    57: ├── package.json
    58: ├── tailwind.config.ts

Environment file access

Detected by automated pattern matching (rule DE-002) with medium confidence. May be a false positive.

    53: │
    54: ├── public/
>>> 55: ├── .env.example
    56: ├── .env.local
    57: ├── package.json

Environment file access

Detected by automated pattern matching (rule DE-002) with medium confidence. May be a false positive.

    53: 52,Environment,Use runtimeConfig for env vars,Access environment variables safely,runtimeConfig in nuxt.config,process.env directly,"runtimeConfig: { apiSecret: '', public: { apiBase: '' } }",process.env.API_SECRET in components,High,https://nuxt.com/docs/guide/going-further/runtime-config
    54: 53,Environment,Use NUXT_ prefix for env override,Override config with environment variables,NUXT_API_SECRET NUXT_PUBLIC_API_BASE,Custom env var names,NUXT_PUBLIC_API_BASE=https://api.example.com,API_BASE=https://api.example.com,High,https://nuxt.com/docs/guide/going-further/runtime-config
>>> 55: 54,Environment,Access public config with useRuntimeConfig,Get public config in components,useRuntimeConfig().public,Direct process.env access,const config = useRuntimeConfig(); config.public.apiBase,process.env.NUXT_PUBLIC_API_BASE,High,https://nuxt.com/docs/api/composables/use-runtime-config
    56: 55,Environment,Keep secrets in private config,Server-only secrets in runtimeConfig root,runtimeConfig.apiSecret (server only),Secrets in public config,runtimeConfig: { dbPassword: '' },runtimeConfig: { public: { dbPassword: '' } },High,https://nuxt.com/docs/guide/going-further/runtime-config
    57: 56,Performance,Use Lazy prefix for code splitting,Lazy load components with Lazy prefix,<LazyComponent> for below-fold,Eager load all components,<LazyMountainsList v-if="show"/>,<MountainsList/> for hidden content,Medium,https://nuxt.com/docs/guide/directory-structure/components

Environment file access

Detected by automated pattern matching (rule DE-002) with medium confidence. May be a false positive.

    51: 50,Plugins,Use provide for injection,Provide helpers across app,return { provide: {} } for type safety,nuxtApp.provide without types,"return { provide: { hello: (name) => `Hello ${name}!` } }","nuxtApp.provide('hello', fn)",Medium,https://nuxt.com/docs/guide/directory-structure/plugins
    52: 51,Plugins,Use .client or .server suffix,Control plugin execution environment,plugin.client.ts for client-only,if (process.client) checks,analytics.client.ts,"if (process.client) { // analytics }",Medium,https://nuxt.com/docs/guide/directory-structure/plugins
>>> 53: 52,Environment,Use runtimeConfig for env vars,Access environment variables safely,runtimeConfig in nuxt.config,process.env directly,"runtimeConfig: { apiSecret: '', public: { apiBase: '' } }",process.env.API_SECRET in components,High,https://nuxt.com/docs/guide/going-further/runtime-config
    54: 53,Environment,Use NUXT_ prefix for env override,Override config with environment variables,NUXT_API_SECRET NUXT_PUBLIC_API_BASE,Custom env var names,NUXT_PUBLIC_API_BASE=https://api.example.com,API_BASE=https://api.example.com,High,https://nuxt.com/docs/guide/going-further/runtime-config
    55: 54,Environment,Access public config with useRuntimeConfig,Get public config in components,useRuntimeConfig().public,Direct process.env access,const config = useRuntimeConfig(); config.public.apiBase,process.env.NUXT_PUBLIC_API_BASE,High,https://nuxt.com/docs/api/composables/use-runtime-config

Environment file access

Detected by automated pattern matching (rule DE-002) with medium confidence. May be a false positive.

    36: 35,Environment,Use NEXT_PUBLIC prefix,Client-accessible env vars need prefix,NEXT_PUBLIC_ for client vars,Server vars exposed to client,NEXT_PUBLIC_API_URL,API_SECRET in client code,High,https://nextjs.org/docs/app/building-your-application/configuring/environment-variables
    37: 36,Environment,Validate env vars,Check required env vars exist,Validate on startup,Undefined env at runtime,if (!process.env.DATABASE_URL) throw,process.env.DATABASE_URL (might be undefined),High,
>>> 38: 37,Environment,Use .env.local for secrets,Local env file for development secrets,.env.local gitignored,Secrets in .env committed,.env.local with secrets,.env with DATABASE_PASSWORD,High,
    39: 38,Performance,Analyze bundle size,Use @next/bundle-analyzer,Bundle analyzer in dev,Ship large bundles blindly,ANALYZE=true npm run build,No bundle analysis,Medium,https://nextjs.org/docs/app/building-your-application/optimizing/bundle-analyzer
    40: 39,Performance,Use dynamic imports,Code split with next/dynamic,dynamic() for heavy components,Import everything statically,const Chart = dynamic(() => import('./Chart')),import Chart from './Chart',Medium,https://nextjs.org/docs/app/building-your-application/optimizing/lazy-loading

Environment file access

Detected by automated pattern matching (rule DE-002) with medium confidence. May be a false positive.

    35: 34,Middleware,Keep middleware edge-compatible,Middleware runs on Edge runtime,Edge-compatible code only,Node.js APIs in middleware,Edge-compatible auth check,fs.readFile in middleware,High,
    36: 35,Environment,Use NEXT_PUBLIC prefix,Client-accessible env vars need prefix,NEXT_PUBLIC_ for client vars,Server vars exposed to client,NEXT_PUBLIC_API_URL,API_SECRET in client code,High,https://nextjs.org/docs/app/building-your-application/configuring/environment-variables
>>> 37: 36,Environment,Validate env vars,Check required env vars exist,Validate on startup,Undefined env at runtime,if (!process.env.DATABASE_URL) throw,process.env.DATABASE_URL (might be undefined),High,
    38: 37,Environment,Use .env.local for secrets,Local env file for development secrets,.env.local gitignored,Secrets in .env committed,.env.local with secrets,.env with DATABASE_PASSWORD,High,
    39: 38,Performance,Analyze bundle size,Use @next/bundle-analyzer,Bundle analyzer in dev,Ship large bundles blindly,ANALYZE=true npm run build,No bundle analysis,Medium,https://nextjs.org/docs/app/building-your-application/optimizing/bundle-analyzer

Environment file access

Detected by automated pattern matching (rule DE-002) with medium confidence. May be a false positive.

    84: - API (4) - Route Handlers, Response objects, HTTP methods, validation
    85: - Middleware (3) - Auth, path matching, edge-compatible
>>> 86: - Environment (3) - NEXT_PUBLIC prefix, validation, .env.local
    87: - Performance (4) - Bundle analyzer, dynamic imports, layout shifts
    88: - Link (3) - next/link, prefetch, scroll

Environment file access

Detected by automated pattern matching (rule DE-002) with medium confidence. May be a false positive.

    31:         severity: "critical",
    32:         pattern: /(password|secret|api_key|apikey|token|jwt_secret|private_key)\s*[:=]\s*['"][^'"]{8,}['"]/i,
>>> 33:         suggestion: "Use variáveis de ambiente (process.env) para secrets",
    34:         references: ["https://owasp.org/Top10/A02_2021-Cryptographic_Failures/"],
    35:     },

Environment file access

Detected by automated pattern matching (rule DE-002) with medium confidence. May be a false positive.

    382:   ),
    383:   defaultMeta: {
>>> 384:     service: process.env.SERVICE_NAME,
    385:     version: process.env.SERVICE_VERSION,
    386:     environment: process.env.NODE_ENV

Environment file access

Detected by automated pattern matching (rule DE-002) with medium confidence. May be a false positive.

    303: 2. Edite o arquivo `.env` com suas configurações
    304: 
>>> 305: 3. Nunca commit o arquivo `.env` (já está no `.gitignore`)
    306: 
    307: ---

Environment file access

Detected by automated pattern matching (rule DE-002) with medium confidence. May be a false positive.

    301:    ```
    302: 
>>> 303: 2. Edite o arquivo `.env` com suas configurações
    304: 
    305: 3. Nunca commit o arquivo `.env` (já está no `.gitignore`)

Environment file access

Detected by automated pattern matching (rule DE-002) with medium confidence. May be a false positive.

    298: 1. Copie o arquivo de exemplo:
    299:    ```bash
>>> 300:    cp .env.example .env
    301:    ```
    302: 

Environment file access

Detected by automated pattern matching (rule DE-002) with medium confidence. May be a false positive.

    212: ├── 📄 tailwind.config.js         # Configuração Tailwind
    213: ├── 📄 docker-compose.yml          # Docker Compose
>>> 214: ├── 📄 .env.example               # Exemplo de variáveis
    215: ├── 📄 .gitignore                 # Arquivos ignorados
    216: └── 📄 LICENSE                    # Licença

Environment file access

Detected by automated pattern matching (rule DE-002) with medium confidence. May be a false positive.

    128: 1. **Variáveis de Ambiente**
    129:    ```bash
>>> 130:    # .env
    131:    DATABASE_URL="postgresql://user:password@localhost:5432/dbname"
    132:    JWT_SECRET="your-secret-key"

Environment file access

Detected by automated pattern matching (rule DE-002) with medium confidence. May be a false positive.

    111: # Configure variáveis de ambiente
    112: cp .env.example .env
>>> 113: # Edite o arquivo .env com suas configurações
    114: 
    115: # Execute migrações do banco (se aplicável)

Environment file access

Detected by automated pattern matching (rule DE-002) with medium confidence. May be a false positive.

    110: 
    111: # Configure variáveis de ambiente
>>> 112: cp .env.example .env
    113: # Edite o arquivo .env com suas configurações
    114: 

Environment file access

Detected by automated pattern matching (rule DE-002) with medium confidence. May be a false positive.

    49: # Configure variáveis de ambiente
    50: cp .env.example .env
>>> 51: # Edite .env com suas configurações
    52: 
    53: # Inicie o desenvolvimento

Decoded base64 content: r��v�,��b��&��nW���

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: u��z�.�\�z�'���L�

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: r��v�,��u�݊�����

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Dynamic code evaluation via eval()

Detected by automated pattern matching (rule SC-004) with medium confidence. May be a false positive.

    74:         id: "A03-EVAL",
    75:         name: "Uso de eval",
>>> 76:         description: "Uso de eval() que pode executar código arbitrário",
    77:         severity: "critical",
    78:         pattern: /\beval\s*\(/i,

Dynamic code evaluation via eval()

Detected by automated pattern matching (rule SC-004) with medium confidence. May be a false positive.

    77:         severity: "critical",
    78:         pattern: /\beval\s*\(/i,
>>> 79:         suggestion: "Nunca use eval() com input do usuário. Use JSON.parse para dados",
    80:         references: ["https://owasp.org/Top10/A03_2021-Injection/"],
    81:     },

Decoded base64 content: �+-zo쵧$������

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: ��j)ޯ��zǧ��b�v�

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: �+-zo쵧$������

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: ���zا�������

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: j�e�ƭ������z�������

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: j�e�ƭ������z����%���

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: ��ޭ�^J֭��ڭ��

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: ��ږ'Z��ڶ�z���֭y6�

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: j�e�ƭ�����b�,�ߢ{l

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: u��z�.�\�z�'���L�

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: r��v�,��b��&��nW���

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: r��v�,��u�݊�����

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: r��v�,��u�݊�����

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: ���r۫{�(��'z{l

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: r��v�,��u�݊�����

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: ���r۫{�(��'z{l

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: r��v�,��b��&��nW���

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: r��v�,��b��&��nW���

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: r��v�,��b��&��nW���

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: r��v�,��b��&��nW���

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: r��v�,��b��&��nW���

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: r��v�,��b��&��nW���

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: r��v�,��u�ܢw��?��m

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: r��v�,��u�݊�����

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: r��v�,��u�݊�����

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: r��v�,��u�݊�����

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: r��v�,��u�݊�����

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: r��v�,��b��&��nW���

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: r��v�,��b��&��nW���

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: r��v�,��b��&��nW���

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: r��v�,��b��&��nW���

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: r��v�,��u�݊�����

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: ���r۫{��u�^���

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: r��v�,��u�݊�����

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: ���r۫{��u�^���

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: r��v�,��u�݊�����

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: ���r۫{��u�^���

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: r��v�,��b��b��ܕ�

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: r��v�,��b��&��ޞ�?��m

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: r��v�,��b��&��ޞ�?��m

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: r��v�,��b��&��nW���

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: r��v�,��u�ܢw��?j�h

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: r��v�,��u�ܢw��?j�h

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: r��v�,��u�ܢw��?j�h

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: r��v�,��u�݊�����

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: r��v�,��u�݊�����

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: r��v�,��u�݊�����

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: r��v�,��u��)�

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: r��v�,��u��)�

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: r��v�,��b��&��nW���

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: r��v�,��u��)�

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: ���r۫{�(��'z{l

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: r��v�,��b��&��nW���

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: r��v�,��u��)�

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: ~����{^�)��֥

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: u����ޭ��{��i��ǒ��^

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: u����ޭ��{��i��ǒ��^

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: u����ޭ��{��i���

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: r���w���Ա��Rǫ ��

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: u����ޭ��{��i������

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: v��r���w���➛�

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: u����ޭ��{��i��ǃy����Uj[�

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: u����ޭ��{��i����

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: ��j)ޯ��zǧ��b�v�

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: u����ޭ��{��i�rZ'xI^���

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: m���)u�^���z�)u�^

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: I�.�䭢��)윅��

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: ��?��{�������&��"�*'

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: ��?��{�r���*m��&��"�*'

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: ��?��{�r���*m��&��"�*'

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: u���,�w�jh���

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: u���,�w�jh���

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: u���,�w�jh���

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: ��?��{�r���*m��&��"�*'

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Subprocess execution

Detected by automated pattern matching (rule SC-001) with medium confidence. May be a false positive.

    78:     
    79:     try:
>>> 80:         proc = subprocess.run(
    81:             linter["cmd"],
    82:             cwd=str(cwd),

Decoded base64 content: >���K��B�{Z�w�

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Keychain access

Detected by automated pattern matching (rule DE-007) with medium confidence. May be a false positive.

    105: | ❌ NEVER DO | Why It's Wrong | ✅ ALWAYS DO |
    106: |-------------|----------------|--------------|
>>> 107: | **Token in AsyncStorage** | Easily accessible, stolen on rooted device | `SecureStore` / `Keychain` / `EncryptedSharedPreferences` |
    108: | **Hardcode API keys** | Reverse engineered from APK/IPA | Environment variables, secure storage |
    109: | **Skip SSL pinning** | MITM attacks possible | Pin certificates in production |

Keychain access

Detected by automated pattern matching (rule DE-007) with medium confidence. May be a false positive.

    227:         │   │
    228:         │   └── ✅ Secure Storage
>>> 229:         │       ├── iOS: Keychain
    230:         │       ├── Android: EncryptedSharedPreferences
    231:         │       └── RN: expo-secure-store / react-native-keychain

Keychain access

Detected by automated pattern matching (rule DE-007) with medium confidence. May be a false positive.

    229:         │       ├── iOS: Keychain
    230:         │       ├── Android: EncryptedSharedPreferences
>>> 231:         │       └── RN: expo-secure-store / react-native-keychain
    232:         │
    233:         ├── User preferences (settings, theme)

Keychain access

Detected by automated pattern matching (rule DE-007) with medium confidence. May be a false positive.

    362: 
    363: ✅ ALWAYS store tokens in:
>>> 364: ├── iOS: Keychain
    365: ├── Android: EncryptedSharedPreferences
    366: ├── Expo: SecureStore

Keychain access

Detected by automated pattern matching (rule DE-007) with medium confidence. May be a false positive.

    506: 
    507: ```
>>> 508: Secrets?             → SecureStore / Keychain
    509: Settings?            → AsyncStorage / UserDefaults
    510: Structured data?     → SQLite

Keychain access

Detected by automated pattern matching (rule DE-007) with medium confidence. May be a false positive.

    255: REFRESH TOKEN:
    256: ├── Long-lived (30-90 days)
>>> 257: ├── Stored in SecureStore/Keychain
    258: ├── Used only to get new access token
    259: └── Rotate on each use (security)

Keychain access

Detected by automated pattern matching (rule DE-007) with medium confidence. May be a false positive.

    326:         # 8.1 Secure Storage Check
    327:         has_async_storage = bool(re.search(r'AsyncStorage|@react-native-async-storage', content))
>>> 328:         has_secure_storage = bool(re.search(r'SecureStore|Keychain|EncryptedSharedPreferences', content))
    329:         has_token_storage = bool(re.search(r'token|jwt|auth.*storage', content, re.IGNORECASE))
    330:         if has_token_storage and has_async_storage and not has_secure_storage:

Decoded base64 content: r����h��&M��j��j�+

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: r����h��&M��j��j�+

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: 6�b~'�*'�m�$

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: Z�)�
�b�pn��'

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: ��Cz��yԭjׅ�����+

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Subprocess execution

Detected by automated pattern matching (rule SC-001) with medium confidence. May be a false positive.

    20:             output_path = f.name
    21:         
>>> 22:         result = subprocess.run(
    23:             [
    24:                 "lighthouse",

Subprocess execution

Detected by automated pattern matching (rule SC-001) with medium confidence. May be a false positive.

    301:         # Executar testes com cobertura se não existir
    302:         try:
>>> 303:             result = subprocess.run(
    304:                 ["npm", "run", "test:coverage"],
    305:                 cwd=project_path,

Decoded base64 content: �{^�����ŭ��Š�

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: �+a�����,�׬�)�

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: �װ��7�^@߮6��ﰺ�u��>�

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: ��bu�^B楊܆j׬

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: ��ޭ�^N��u'��*'

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: r��nZ ����w��)�

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: ���ƥ�x���v+���0

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: .����j����ۜ�*'

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: ���ƥ�x���v+���0

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: ��?���Ǭ�K�'��'

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Dynamic code evaluation via eval()

Detected by automated pattern matching (rule SC-004) with medium confidence. May be a false positive.

    702:         "max_file_size": "10MB",
    703:         "allowed_extensions": [".ts", ".tsx", ".js", ".jsx", ".vue", ".json"],
>>> 704:         "forbidden_patterns": ["eval(", "innerHTML", "document.write"]
    705:     },
    706:     "api_calls": {

Decoded base64 content: E朷�n{�'��Z���z[^

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: E�n��n�֧w��&�V�

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: M���)���Zu��杕�,

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Dynamic code evaluation via eval()

Detected by automated pattern matching (rule SC-004) with medium confidence. May be a false positive.

    612:                             if 'innerHTML' in content and 'sanitize' not in content:
    613:                                 security_issues += 1
>>> 614:                             if 'eval(' in content:
    615:                                 security_issues += 1
    616:                             if 'document.write' in content:

Dynamic code evaluation via eval()

Detected by automated pattern matching (rule SC-004) with medium confidence. May be a false positive.

    689:                                 security_issues.append(f"Uso perigoso de innerHTML em {file}")
    690:                             
>>> 691:                             # Verificar eval() usage
    692:                             if 'eval(' in content:
    693:                                 security_issues.append(f"Uso perigoso de eval() em {file}")

Dynamic code evaluation via eval()

Detected by automated pattern matching (rule SC-004) with medium confidence. May be a false positive.

    690:                             
    691:                             # Verificar eval() usage
>>> 692:                             if 'eval(' in content:
    693:                                 security_issues.append(f"Uso perigoso de eval() em {file}")
    694:                             

Dynamic code evaluation via eval()

Detected by automated pattern matching (rule SC-004) with medium confidence. May be a false positive.

    691:                             # Verificar eval() usage
    692:                             if 'eval(' in content:
>>> 693:                                 security_issues.append(f"Uso perigoso de eval() em {file}")
    694:                             
    695:                             # Verificar document.write

Decoded base64 content: ��ڽ�^zp��W�Z+a

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: ��?r���w����z�h�ȯxj�w�^��'�+���

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: �ǫ�'��k�ۜ�'��'

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: ��?r���w������h��n��'

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: ��?��$���x*.�׫

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: u��z�.�\�z�'���L�

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: "{^�v���ږ,ڶ*'

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Keychain access

Detected by automated pattern matching (rule DE-007) with medium confidence. May be a false positive.

    101: - [ ] **(2pt)** Dados persistidos corretamente (sobrevivem a restart do app)
    102: - [ ] **(2pt)** Dados sensíveis criptografados (tokens, senhas, PII)
>>> 103:   - iOS: Keychain
    104:   - Android: EncryptedSharedPreferences
    105: - [ ] **(1pt)** Cache implementado adequadamente (imagens, dados de API)

Keychain access

Detected by automated pattern matching (rule DE-007) with medium confidence. May be a false positive.

    145: ### Proteção de Dados (5 pontos)
    146: - [ ] **(2pt)** Tokens armazenados com segurança
>>> 147:   - iOS: Keychain
    148:   - Android: EncryptedSharedPreferences
    149:   - Nunca em AsyncStorage/SharedPreferences plain

Keychain access

Detected by automated pattern matching (rule DE-007) with medium confidence. May be a false positive.

    338: ```
    339: 
>>> 340: ### Keychain (Dados Sensíveis)
    341: 
    342: ```swift

Keychain access

Detected by automated pattern matching (rule DE-007) with medium confidence. May be a false positive.

    343: import Security
    344: 
>>> 345: class KeychainManager {
    346:     static let shared = KeychainManager()
    347:     

Keychain access

Detected by automated pattern matching (rule DE-007) with medium confidence. May be a false positive.

    344: 
    345: class KeychainManager {
>>> 346:     static let shared = KeychainManager()
    347:     
    348:     func save(_ value: String, forKey key: String) throws {

Keychain access

Detected by automated pattern matching (rule DE-007) with medium confidence. May be a false positive.

    360:         let status = SecItemAdd(query as CFDictionary, nil)
    361:         guard status == errSecSuccess else {
>>> 362:             throw KeychainError.saveFailed
    363:         }
    364:     }

Keychain access

Detected by automated pattern matching (rule DE-007) with medium confidence. May be a false positive.

    391:         let status = SecItemDelete(query as CFDictionary)
    392:         guard status == errSecSuccess || status == errSecItemNotFound else {
>>> 393:             throw KeychainError.deleteFailed
    394:         }
    395:     }

Keychain access

Detected by automated pattern matching (rule DE-007) with medium confidence. May be a false positive.

    396: }
    397: 
>>> 398: enum KeychainError: Error {
    399:     case saveFailed
    400:     case deleteFailed

Keychain access

Detected by automated pattern matching (rule DE-007) with medium confidence. May be a false positive.

    402: 
    403: // Uso
>>> 404: try KeychainManager.shared.save("token123", forKey: "authToken")
    405: let token = try KeychainManager.shared.get(forKey: "authToken")
    406: ```

Keychain access

Detected by automated pattern matching (rule DE-007) with medium confidence. May be a false positive.

    403: // Uso
    404: try KeychainManager.shared.save("token123", forKey: "authToken")
>>> 405: let token = try KeychainManager.shared.get(forKey: "authToken")
    406: ```
    407: 

Decoded base64 content: r��z�E����� �

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: r��z�E����� �

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: ���,�t7�r���*'

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: �'� V��g�z��=�,Š�

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: �'� V��g�z��=�,Š�

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: �'� V��g�z��=�,Š�

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: r��{�
�^�V����

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Keychain access

Detected by automated pattern matching (rule DE-007) with medium confidence. May be a false positive.

    585: 
    586: ```typescript
>>> 587: import * as Keychain from 'react-native-keychain';
    588: 
    589: // Salvar credenciais

Keychain access

Detected by automated pattern matching (rule DE-007) with medium confidence. May be a false positive.

    588: 
    589: // Salvar credenciais
>>> 590: await Keychain.setGenericPassword('username', 'password', {
    591:   service: 'com.myapp.auth',
    592:   accessible: Keychain.ACCESSIBLE.WHEN_UNLOCKED,

Keychain access

Detected by automated pattern matching (rule DE-007) with medium confidence. May be a false positive.

    590: await Keychain.setGenericPassword('username', 'password', {
    591:   service: 'com.myapp.auth',
>>> 592:   accessible: Keychain.ACCESSIBLE.WHEN_UNLOCKED,
    593: });
    594: 

Keychain access

Detected by automated pattern matching (rule DE-007) with medium confidence. May be a false positive.

    594: 
    595: // Recuperar credenciais
>>> 596: const credentials = await Keychain.getGenericPassword({
    597:   service: 'com.myapp.auth',
    598: });

Keychain access

Detected by automated pattern matching (rule DE-007) with medium confidence. May be a false positive.

    604: 
    605: // Remover credenciais
>>> 606: await Keychain.resetGenericPassword({
    607:   service: 'com.myapp.auth',
    608: });

Decoded base64 content: ��b�Ѣ�Mj��j�+

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: >���Cz֢�Ĝ��

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: �֯����¢{Z�w�

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: r����h��&M��j��j�+

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: r����h��&M��j��j�+

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: ���g�z��=�,Š�

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: jwk�'j�n�w�.�������^���y���i

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Keychain access

Detected by automated pattern matching (rule DE-007) with medium confidence. May be a false positive.

    187: 
    188: - [ ] Dados sensíveis criptografados
>>> 189: - [ ] Tokens armazenados com segurança (SecureStore/Keychain)
    190: - [ ] Validação de inputs
    191: - [ ] HTTPS obrigatório

Decoded base64 content: I�.�䭢��)윅��

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: ��(����^��Z��?

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: ��(����^��Z��?��

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: ��(�����jjez�ݡ˦z{Z�*'

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: �.���jب���&��7�

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: �.���jب���&��7�

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: {"alg":"HS256","typ":"JWT"}

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: ��&��ޞ�?��^��?Rǫ

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: �����no������.j������h

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Keychain access

Detected by automated pattern matching (rule DE-007) with medium confidence. May be a false positive.

    178: ### 1. Secure Storage
    179: ```javascript
>>> 180: // React Native com Keychain
    181: import * as Keychain from 'react-native-keychain';
    182: 

Keychain access

Detected by automated pattern matching (rule DE-007) with medium confidence. May be a false positive.

    179: ```javascript
    180: // React Native com Keychain
>>> 181: import * as Keychain from 'react-native-keychain';
    182: 
    183: const secureStorage = {

Keychain access

Detected by automated pattern matching (rule DE-007) with medium confidence. May be a false positive.

    183: const secureStorage = {
    184:   async set(key, value) {
>>> 185:     await Keychain.setInternetCredentials(
    186:       'com.myapp',
    187:       key,

Keychain access

Detected by automated pattern matching (rule DE-007) with medium confidence. May be a false positive.

    191:   
    192:   async get(key) {
>>> 193:     const credentials = await Keychain.getInternetCredentials('com.myapp');
    194:     if (credentials.password) {
    195:       return JSON.parse(credentials.password)[key];

Keychain access

Detected by automated pattern matching (rule DE-007) with medium confidence. May be a false positive.

    507: - **Data Encryption:** AES-256
    508: - **API Security:** OAuth 2.0 + JWT
>>> 509: - **Local Storage:** Keychain/Keystore
    510: - **Network Security:** SSL Pinning
    511: - **Biometric Auth:** TouchID/FaceID

Decoded base64 content: r��z{�����b��?�^r&���Z

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: r��z{�����b��?�^r&���Z

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Subprocess execution

Detected by automated pattern matching (rule SC-001) with medium confidence. May be a false positive.

    89:     
    90:     try:
>>> 91:         proc = subprocess.run(
    92:             cmd,
    93:             cwd=str(cwd),

Dynamic code execution via exec()

Detected by automated pattern matching (rule SC-003) with medium confidence. May be a false positive.

    203: |---------|------|----------|
    204: | **String concat in queries** | Injection | `"SELECT * FROM " + user_input` |
>>> 205: | **Dynamic code execution** | RCE | `eval()`, `exec()`, `Function()` |
    206: | **Unsafe deserialization** | RCE | `pickle.loads()`, `unserialize()` |
    207: | **Path manipulation** | Traversal | User input in file paths |

Dynamic code evaluation via eval()

Detected by automated pattern matching (rule SC-004) with medium confidence. May be a false positive.

    203: |---------|------|----------|
    204: | **String concat in queries** | Injection | `"SELECT * FROM " + user_input` |
>>> 205: | **Dynamic code execution** | RCE | `eval()`, `exec()`, `Function()` |
    206: | **Unsafe deserialization** | RCE | `pickle.loads()`, `unserialize()` |
    207: | **Path manipulation** | Traversal | User input in file paths |

Dynamic code evaluation via eval()

Detected by automated pattern matching (rule SC-004) with medium confidence. May be a false positive.

    23: - [ ] Input validation on all user data
    24: - [ ] Output encoding for XSS
>>> 25: - [ ] No eval() or dynamic code execution
    26: 
    27: ### A04: Insecure Design

Dynamic code evaluation via eval()

Detected by automated pattern matching (rule SC-004) with medium confidence. May be a false positive.

    61: DANGEROUS_PATTERNS = [
    62:     # Injection risks
>>> 63:     (r'eval\s*\(', "eval() usage", "critical", "Code Injection risk"),
    64:     (r'exec\s*\(', "exec() usage", "critical", "Code Injection risk"),
    65:     (r'new\s+Function\s*\(', "Function constructor", "high", "Code Injection risk"),

Dynamic code execution via exec()

Detected by automated pattern matching (rule SC-003) with medium confidence. May be a false positive.

    62:     # Injection risks
    63:     (r'eval\s*\(', "eval() usage", "critical", "Code Injection risk"),
>>> 64:     (r'exec\s*\(', "exec() usage", "critical", "Code Injection risk"),
    65:     (r'new\s+Function\s*\(', "Function constructor", "high", "Code Injection risk"),
    66:     (r'child_process\.exec\s*\(', "child_process.exec", "high", "Command Injection risk"),

Node.js child process spawning

Detected by automated pattern matching (rule SC-005) with medium confidence. May be a false positive.

    64:     (r'exec\s*\(', "exec() usage", "critical", "Code Injection risk"),
    65:     (r'new\s+Function\s*\(', "Function constructor", "high", "Code Injection risk"),
>>> 66:     (r'child_process\.exec\s*\(', "child_process.exec", "high", "Command Injection risk"),
    67:     (r'subprocess\.call\s*\([^)]*shell\s*=\s*True', "subprocess with shell=True", "high", "Command Injection risk"),
    68:     

Subprocess execution

Detected by automated pattern matching (rule SC-001) with medium confidence. May be a false positive.

    132:     if (Path(project_path) / "package.json").exists():
    133:         try:
>>> 134:             result = subprocess.run(
    135:                 ["npm", "audit", "--json"],
    136:                 cwd=project_path,

Decoded base64 content: r���ƿj[Z�g����j,Z

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: r���ƿj[Z�g����j,Z

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: r���ƿj[Z�g����j,Z

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: �����"jX����y���)�

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: r���ƿj[Z�g����j,Z

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Dynamic code execution via exec()

Detected by automated pattern matching (rule SC-003) with medium confidence. May be a false positive.

    126:         const importRegex = /import\s+.*?\s+from\s+['"](.+?)['"]/g;
    127:         let match;
>>> 128:         while ((match = importRegex.exec(content)) !== null) {
    129:             const importPath = match[1];
    130:             // Apenas imports relativos

Decoded base64 content: n�t7�zw^�̆��a

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: n�t7�zw^�̆��a

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: I�.�+rU�bu�h�jڦ��

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: �����+{�ږ'Z�*'�V�z�?I�.�+rU�bu�h�jڦ��

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: I�.�+rU�bu�h�jڦ��

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: �����+{�ږ'Z�*'�V�z�?I�.�+rU�bu�h�jڦ��

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: ��ޭ�^wi�)��ܶ*'

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: ��ޭ�^wi�)��ܶ*'

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: �b���nW�jX�j�+

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: ��(���M驕�^=�a

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: ��(���M驕�^=�a

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Dynamic code execution via exec()

Detected by automated pattern matching (rule SC-003) with medium confidence. May be a false positive.

    105:         padrao.lastIndex = 0; // Reset regex state
    106:         let match;
>>> 107:         while ((match = padrao.exec(entregavel)) !== null) {
    108:             const decisaoTexto = match[1]?.trim();
    109:             if (!decisaoTexto || decisaoTexto.length < 5)

Decoded base64 content: ����b�� ��%y��

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

Decoded base64 content: ����b�� ��%y��

Detected by automated pattern matching (rule DO-BAS) with medium confidence. May be a false positive.

High-entropy string (4.5 bits/char) — possible encoded payload

Detected by automated pattern matching (rule EN-001) with medium confidence. May be a false positive.

JavaScript fetch() call

Detected by automated pattern matching (rule NS-003) with medium confidence. May be a false positive.

    11: 10,Rendering,Use streaming for better UX,Stream content with Suspense boundaries,Suspense for slow data fetches,Wait for all data before render,<Suspense><SlowComponent/></Suspense>,await allData then render,Medium,https://nextjs.org/docs/app/building-your-application/routing/loading-ui-and-streaming
    12: 11,Rendering,Choose correct rendering strategy,SSG for static SSR for dynamic ISR for semi-static,generateStaticParams for known paths,SSR for static content,export const revalidate = 3600,fetch without cache config,Medium,
>>> 13: 12,DataFetching,Fetch data in Server Components,Fetch directly in async Server Components,async function Page() { const data = await fetch() },useEffect for initial data,const data = await fetch(url),useEffect(() => fetch(url)),High,https://nextjs.org/docs/app/building-your-application/data-fetching
    14: 13,DataFetching,Configure caching explicitly (Next.js 15+),Next.js 15 changed defaults to uncached for fetch,Explicitly set cache: 'force-cache' for static data,Assume default is cached (it's not in Next.js 15),fetch(url { cache: 'force-cache' }),fetch(url) // Uncached in v15,High,https://nextjs.org/docs/app/building-your-application/upgrading/version-15
    15: 14,DataFetching,Deduplicate fetch requests,React and Next.js dedupe same requests,Same fetch call in multiple components,Manual request deduplication,Multiple components fetch same URL,Custom cache layer,Low,

JavaScript fetch() call

Detected by automated pattern matching (rule NS-003) with medium confidence. May be a false positive.

    12: 11,Rendering,Choose correct rendering strategy,SSG for static SSR for dynamic ISR for semi-static,generateStaticParams for known paths,SSR for static content,export const revalidate = 3600,fetch without cache config,Medium,
    13: 12,DataFetching,Fetch data in Server Components,Fetch directly in async Server Components,async function Page() { const data = await fetch() },useEffect for initial data,const data = await fetch(url),useEffect(() => fetch(url)),High,https://nextjs.org/docs/app/building-your-application/data-fetching
>>> 14: 13,DataFetching,Configure caching explicitly (Next.js 15+),Next.js 15 changed defaults to uncached for fetch,Explicitly set cache: 'force-cache' for static data,Assume default is cached (it's not in Next.js 15),fetch(url { cache: 'force-cache' }),fetch(url) // Uncached in v15,High,https://nextjs.org/docs/app/building-your-application/upgrading/version-15
    15: 14,DataFetching,Deduplicate fetch requests,React and Next.js dedupe same requests,Same fetch call in multiple components,Manual request deduplication,Multiple components fetch same URL,Custom cache layer,Low,
    16: 15,DataFetching,Use Server Actions for mutations,Server Actions for form submissions,action={serverAction} in forms,API route for every mutation,<form action={createPost}>,<form onSubmit={callApiRoute}>,Medium,https://nextjs.org/docs/app/building-your-application/data-fetching/server-actions-and-mutations

High-entropy string (4.8 bits/char) — possible encoded payload

Detected by automated pattern matching (rule EN-001) with medium confidence. May be a false positive.

High-entropy string (4.6 bits/char) — possible encoded payload

Detected by automated pattern matching (rule EN-001) with medium confidence. May be a false positive.

High-entropy string (4.7 bits/char) — possible encoded payload

Detected by automated pattern matching (rule EN-001) with medium confidence. May be a false positive.

High-entropy string (4.9 bits/char) — possible encoded payload

Detected by automated pattern matching (rule EN-001) with medium confidence. May be a false positive.

High-entropy string (4.6 bits/char) — possible encoded payload

Detected by automated pattern matching (rule EN-001) with medium confidence. May be a false positive.

High-entropy string (4.6 bits/char) — possible encoded payload

Detected by automated pattern matching (rule EN-001) with medium confidence. May be a false positive.

High-entropy string (4.9 bits/char) — possible encoded payload

Detected by automated pattern matching (rule EN-001) with medium confidence. May be a false positive.

JavaScript fetch() call

Detected by automated pattern matching (rule NS-003) with medium confidence. May be a false positive.

    8: 7,Rendering,Use .client suffix for client-only components,Mark components to render only on client,ComponentName.client.vue suffix,v-if with process.client check,Comments.client.vue,<div v-if="process.client"><Comments/></div>,Medium,https://nuxt.com/docs/guide/directory-structure/components
    9: 8,Rendering,Use .server suffix for server-only components,Mark components to render only on server,ComponentName.server.vue suffix,Manual server check,HeavyMarkdown.server.vue,v-if="process.server",Low,https://nuxt.com/docs/guide/directory-structure/components
>>> 10: 9,DataFetching,Use useFetch for simple data fetching,Wrapper around useAsyncData for URL fetching,useFetch for API calls,$fetch in onMounted,"const { data } = await useFetch('/api/posts')","onMounted(async () => { data.value = await $fetch('/api/posts') })",High,https://nuxt.com/docs/api/composables/use-fetch
    11: 10,DataFetching,Use useAsyncData for complex fetching,Fine-grained control over async data,useAsyncData for CMS or custom fetching,useFetch for non-URL data sources,"const { data } = await useAsyncData('posts', () => cms.getPosts())","const { data } = await useFetch(() => cms.getPosts())",Medium,https://nuxt.com/docs/api/composables/use-async-data
    12: 11,DataFetching,Use $fetch for non-reactive requests,$fetch for event handlers and non-component code,$fetch in event handlers or server routes,useFetch in click handlers,"async function submit() { await $fetch('/api/submit', { method: 'POST' }) }","async function submit() { await useFetch('/api/submit') }",High,https://nuxt.com/docs/api/utils/dollarfetch

High-entropy string (4.8 bits/char) — possible encoded payload

Detected by automated pattern matching (rule EN-001) with medium confidence. May be a false positive.

JavaScript fetch() call

Detected by automated pattern matching (rule NS-003) with medium confidence. May be a false positive.

    9: 8,Rendering,Use .server suffix for server-only components,Mark components to render only on server,ComponentName.server.vue suffix,Manual server check,HeavyMarkdown.server.vue,v-if="process.server",Low,https://nuxt.com/docs/guide/directory-structure/components
    10: 9,DataFetching,Use useFetch for simple data fetching,Wrapper around useAsyncData for URL fetching,useFetch for API calls,$fetch in onMounted,"const { data } = await useFetch('/api/posts')","onMounted(async () => { data.value = await $fetch('/api/posts') })",High,https://nuxt.com/docs/api/composables/use-fetch
>>> 11: 10,DataFetching,Use useAsyncData for complex fetching,Fine-grained control over async data,useAsyncData for CMS or custom fetching,useFetch for non-URL data sources,"const { data } = await useAsyncData('posts', () => cms.getPosts())","const { data } = await useFetch(() => cms.getPosts())",Medium,https://nuxt.com/docs/api/composables/use-async-data
    12: 11,DataFetching,Use $fetch for non-reactive requests,$fetch for event handlers and non-component code,$fetch in event handlers or server routes,useFetch in click handlers,"async function submit() { await $fetch('/api/submit', { method: 'POST' }) }","async function submit() { await useFetch('/api/submit') }",High,https://nuxt.com/docs/api/utils/dollarfetch
    13: 12,DataFetching,Use lazy option for non-blocking fetch,Defer data fetching for better initial load,lazy: true for below-fold content,Blocking fetch for non-critical data,"useFetch('/api/comments', { lazy: true })",await useFetch('/api/comments') for footer,Medium,https://nuxt.com/docs/api/composables/use-fetch

JavaScript fetch() call

Detected by automated pattern matching (rule NS-003) with medium confidence. May be a false positive.

    10: 9,DataFetching,Use useFetch for simple data fetching,Wrapper around useAsyncData for URL fetching,useFetch for API calls,$fetch in onMounted,"const { data } = await useFetch('/api/posts')","onMounted(async () => { data.value = await $fetch('/api/posts') })",High,https://nuxt.com/docs/api/composables/use-fetch
    11: 10,DataFetching,Use useAsyncData for complex fetching,Fine-grained control over async data,useAsyncData for CMS or custom fetching,useFetch for non-URL data sources,"const { data } = await useAsyncData('posts', () => cms.getPosts())","const { data } = await useFetch(() => cms.getPosts())",Medium,https://nuxt.com/docs/api/composables/use-async-data
>>> 12: 11,DataFetching,Use $fetch for non-reactive requests,$fetch for event handlers and non-component code,$fetch in event handlers or server routes,useFetch in click handlers,"async function submit() { await $fetch('/api/submit', { method: 'POST' }) }","async function submit() { await useFetch('/api/submit') }",High,https://nuxt.com/docs/api/utils/dollarfetch
    13: 12,DataFetching,Use lazy option for non-blocking fetch,Defer data fetching for better initial load,lazy: true for below-fold content,Blocking fetch for non-critical data,"useFetch('/api/comments', { lazy: true })",await useFetch('/api/comments') for footer,Medium,https://nuxt.com/docs/api/composables/use-fetch
    14: 13,DataFetching,Use server option to control fetch location,Choose where data is fetched,server: false for client-only data,Server fetch for user-specific client data,"useFetch('/api/user-preferences', { server: false })",useFetch for localStorage-dependent data,Medium,https://nuxt.com/docs/api/composables/use-fetch

JavaScript fetch() call

Detected by automated pattern matching (rule NS-003) with medium confidence. May be a false positive.

    11: 10,DataFetching,Use useAsyncData for complex fetching,Fine-grained control over async data,useAsyncData for CMS or custom fetching,useFetch for non-URL data sources,"const { data } = await useAsyncData('posts', () => cms.getPosts())","const { data } = await useFetch(() => cms.getPosts())",Medium,https://nuxt.com/docs/api/composables/use-async-data
    12: 11,DataFetching,Use $fetch for non-reactive requests,$fetch for event handlers and non-component code,$fetch in event handlers or server routes,useFetch in click handlers,"async function submit() { await $fetch('/api/submit', { method: 'POST' }) }","async function submit() { await useFetch('/api/submit') }",High,https://nuxt.com/docs/api/utils/dollarfetch
>>> 13: 12,DataFetching,Use lazy option for non-blocking fetch,Defer data fetching for better initial load,lazy: true for below-fold content,Blocking fetch for non-critical data,"useFetch('/api/comments', { lazy: true })",await useFetch('/api/comments') for footer,Medium,https://nuxt.com/docs/api/composables/use-fetch
    14: 13,DataFetching,Use server option to control fetch location,Choose where data is fetched,server: false for client-only data,Server fetch for user-specific client data,"useFetch('/api/user-preferences', { server: false })",useFetch for localStorage-dependent data,Medium,https://nuxt.com/docs/api/composables/use-fetch
    15: 14,DataFetching,Use pick to reduce payload size,Select only needed fields from response,pick option for large responses,Fetching entire objects when few fields needed,"useFetch('/api/user', { pick: ['id', 'name'] })",useFetch('/api/user') then destructure,Low,https://nuxt.com/docs/api/composables/use-fetch

JavaScript fetch() call

Detected by automated pattern matching (rule NS-003) with medium confidence. May be a false positive.

    12: 11,DataFetching,Use $fetch for non-reactive requests,$fetch for event handlers and non-component code,$fetch in event handlers or server routes,useFetch in click handlers,"async function submit() { await $fetch('/api/submit', { method: 'POST' }) }","async function submit() { await useFetch('/api/submit') }",High,https://nuxt.com/docs/api/utils/dollarfetch
    13: 12,DataFetching,Use lazy option for non-blocking fetch,Defer data fetching for better initial load,lazy: true for below-fold content,Blocking fetch for non-critical data,"useFetch('/api/comments', { lazy: true })",await useFetch('/api/comments') for footer,Medium,https://nuxt.com/docs/api/composables/use-fetch
>>> 14: 13,DataFetching,Use server option to control fetch location,Choose where data is fetched,server: false for client-only data,Server fetch for user-specific client data,"useFetch('/api/user-preferences', { server: false })",useFetch for localStorage-dependent data,Medium,https://nuxt.com/docs/api/composables/use-fetch
    15: 14,DataFetching,Use pick to reduce payload size,Select only needed fields from response,pick option for large responses,Fetching entire objects when few fields needed,"useFetch('/api/user', { pick: ['id', 'name'] })",useFetch('/api/user') then destructure,Low,https://nuxt.com/docs/api/composables/use-fetch
    16: 15,DataFetching,Use transform for data manipulation,Transform data before storing in state,transform option for data shaping,Manual transformation after fetch,"useFetch('/api/posts', { transform: (posts) => posts.map(p => p.title) })",const titles = data.value.map(p => p.title),Low,https://nuxt.com/docs/api/composables/use-fetch

JavaScript fetch() call

Detected by automated pattern matching (rule NS-003) with medium confidence. May be a false positive.

    13: 12,DataFetching,Use lazy option for non-blocking fetch,Defer data fetching for better initial load,lazy: true for below-fold content,Blocking fetch for non-critical data,"useFetch('/api/comments', { lazy: true })",await useFetch('/api/comments') for footer,Medium,https://nuxt.com/docs/api/composables/use-fetch
    14: 13,DataFetching,Use server option to control fetch location,Choose where data is fetched,server: false for client-only data,Server fetch for user-specific client data,"useFetch('/api/user-preferences', { server: false })",useFetch for localStorage-dependent data,Medium,https://nuxt.com/docs/api/composables/use-fetch
>>> 15: 14,DataFetching,Use pick to reduce payload size,Select only needed fields from response,pick option for large responses,Fetching entire objects when few fields needed,"useFetch('/api/user', { pick: ['id', 'name'] })",useFetch('/api/user') then destructure,Low,https://nuxt.com/docs/api/composables/use-fetch
    16: 15,DataFetching,Use transform for data manipulation,Transform data before storing in state,transform option for data shaping,Manual transformation after fetch,"useFetch('/api/posts', { transform: (posts) => posts.map(p => p.title) })",const titles = data.value.map(p => p.title),Low,https://nuxt.com/docs/api/composables/use-fetch
    17: 16,DataFetching,Handle loading and error states,Always handle pending and error states,Check status pending error refs,Ignoring loading states,"<div v-if=""status === 'pending'"">Loading...</div>",No loading indicator,High,https://nuxt.com/docs/getting-started/data-fetching

JavaScript fetch() call

Detected by automated pattern matching (rule NS-003) with medium confidence. May be a false positive.

    14: 13,DataFetching,Use server option to control fetch location,Choose where data is fetched,server: false for client-only data,Server fetch for user-specific client data,"useFetch('/api/user-preferences', { server: false })",useFetch for localStorage-dependent data,Medium,https://nuxt.com/docs/api/composables/use-fetch
    15: 14,DataFetching,Use pick to reduce payload size,Select only needed fields from response,pick option for large responses,Fetching entire objects when few fields needed,"useFetch('/api/user', { pick: ['id', 'name'] })",useFetch('/api/user') then destructure,Low,https://nuxt.com/docs/api/composables/use-fetch
>>> 16: 15,DataFetching,Use transform for data manipulation,Transform data before storing in state,transform option for data shaping,Manual transformation after fetch,"useFetch('/api/posts', { transform: (posts) => posts.map(p => p.title) })",const titles = data.value.map(p => p.title),Low,https://nuxt.com/docs/api/composables/use-fetch
    17: 16,DataFetching,Handle loading and error states,Always handle pending and error states,Check status pending error refs,Ignoring loading states,"<div v-if=""status === 'pending'"">Loading...</div>",No loading indicator,High,https://nuxt.com/docs/getting-started/data-fetching
    18: 17,Lifecycle,Avoid side effects in script setup root,Move side effects to lifecycle hooks,Side effects in onMounted,setInterval in root script setup,"onMounted(() => { interval = setInterval(...) })","<script setup>setInterval(...)</script>",High,https://nuxt.com/docs/guide/concepts/nuxt-lifecycle

JavaScript fetch() call

Detected by automated pattern matching (rule NS-003) with medium confidence. May be a false positive.

    28: 27,State,Use unique keys for useState,Prevent state conflicts with unique keys,Descriptive unique keys for each state,Generic or duplicate keys,"useState('user-preferences', () => ({}))",useState('data') in multiple places,Medium,https://nuxt.com/docs/api/composables/use-state
    29: 28,State,Use Pinia for complex state,Pinia for advanced state management,@pinia/nuxt for complex apps,Custom state management,useMainStore() with Pinia,Custom reactive store implementation,Medium,https://nuxt.com/docs/getting-started/state-management
>>> 30: 29,State,Use callOnce for one-time async operations,Ensure async operations run only once,callOnce for store initialization,Direct await in component,"await callOnce(store.fetch)",await store.fetch() on every render,Medium,https://nuxt.com/docs/api/utils/call-once
    31: 30,SEO,Use useSeoMeta for SEO tags,Type-safe SEO meta tag management,useSeoMeta for meta tags,useHead for simple meta,"useSeoMeta({ title: 'Home', ogTitle: 'Home', description: '...' })","useHead({ meta: [{ name: 'description', content: '...' }] })",High,https://nuxt.com/docs/api/composables/use-seo-meta
    32: 31,SEO,Use reactive values in useSeoMeta,Dynamic SEO tags with refs or getters,Computed getters for dynamic values,Static values for dynamic content,"useSeoMeta({ title: () => post.value.title })","useSeoMeta({ title: post.value.title })",Medium,https://nuxt.com/docs/api/composables/use-seo-meta

High-entropy string (4.9 bits/char) — possible encoded payload

Detected by automated pattern matching (rule EN-001) with medium confidence. May be a false positive.

High-entropy string (4.5 bits/char) — possible encoded payload

Detected by automated pattern matching (rule EN-001) with medium confidence. May be a false positive.

JavaScript fetch() call

Detected by automated pattern matching (rule NS-003) with medium confidence. May be a false positive.

    56: 55,Environment,Keep secrets in private config,Server-only secrets in runtimeConfig root,runtimeConfig.apiSecret (server only),Secrets in public config,runtimeConfig: { dbPassword: '' },runtimeConfig: { public: { dbPassword: '' } },High,https://nuxt.com/docs/guide/going-further/runtime-config
    57: 56,Performance,Use Lazy prefix for code splitting,Lazy load components with Lazy prefix,<LazyComponent> for below-fold,Eager load all components,<LazyMountainsList v-if="show"/>,<MountainsList/> for hidden content,Medium,https://nuxt.com/docs/guide/directory-structure/components
>>> 58: 57,Performance,Use useLazyFetch for non-blocking data,Alias for useFetch with lazy: true,useLazyFetch for secondary data,useFetch for all requests,"const { data } = useLazyFetch('/api/comments')",await useFetch for comments section,Medium,https://nuxt.com/docs/api/composables/use-lazy-fetch
    59: 58,Performance,Use lazy hydration for interactivity,Delay component hydration until needed,LazyComponent with hydration strategy,Immediate hydration for all,<LazyModal hydrate-on-visible/>,<Modal/> in footer,Low,https://nuxt.com/docs/guide/going-further/experimental-features

High-entropy string (4.8 bits/char) — possible encoded payload

Detected by automated pattern matching (rule EN-001) with medium confidence. May be a false positive.

High-entropy string (4.8 bits/char) — possible encoded payload

Detected by automated pattern matching (rule EN-001) with medium confidence. May be a false positive.

High-entropy string (4.9 bits/char) — possible encoded payload

Detected by automated pattern matching (rule EN-001) with medium confidence. May be a false positive.

High-entropy string (4.8 bits/char) — possible encoded payload

Detected by automated pattern matching (rule EN-001) with medium confidence. May be a false positive.

High-entropy string (4.8 bits/char) — possible encoded payload

Detected by automated pattern matching (rule EN-001) with medium confidence. May be a false positive.

High-entropy string (4.7 bits/char) — possible encoded payload

Detected by automated pattern matching (rule EN-001) with medium confidence. May be a false positive.

High-entropy string (4.6 bits/char) — possible encoded payload

Detected by automated pattern matching (rule EN-001) with medium confidence. May be a false positive.

High-entropy string (4.6 bits/char) — possible encoded payload

Detected by automated pattern matching (rule EN-001) with medium confidence. May be a false positive.

High-entropy string (4.5 bits/char) — possible encoded payload

Detected by automated pattern matching (rule EN-001) with medium confidence. May be a false positive.

High-entropy string (5.1 bits/char) — possible encoded payload

Detected by automated pattern matching (rule EN-001) with medium confidence. May be a false positive.

High-entropy string (4.9 bits/char) — possible encoded payload

Detected by automated pattern matching (rule EN-001) with medium confidence. May be a false positive.

High-entropy string (4.6 bits/char) — possible encoded payload

Detected by automated pattern matching (rule EN-001) with medium confidence. May be a false positive.

High-entropy string (4.7 bits/char) — possible encoded payload

Detected by automated pattern matching (rule EN-001) with medium confidence. May be a false positive.

High-entropy string (4.7 bits/char) — possible encoded payload

Detected by automated pattern matching (rule EN-001) with medium confidence. May be a false positive.

High-entropy string (4.7 bits/char) — possible encoded payload

Detected by automated pattern matching (rule EN-001) with medium confidence. May be a false positive.

High-entropy string (4.8 bits/char) — possible encoded payload

Detected by automated pattern matching (rule EN-001) with medium confidence. May be a false positive.

High-entropy string (4.9 bits/char) — possible encoded payload

Detected by automated pattern matching (rule EN-001) with medium confidence. May be a false positive.

High-entropy string (4.8 bits/char) — possible encoded payload

Detected by automated pattern matching (rule EN-001) with medium confidence. May be a false positive.

High-entropy string (4.6 bits/char) — possible encoded payload

Detected by automated pattern matching (rule EN-001) with medium confidence. May be a false positive.

High-entropy string (4.7 bits/char) — possible encoded payload

Detected by automated pattern matching (rule EN-001) with medium confidence. May be a false positive.

High-entropy string (4.5 bits/char) — possible encoded payload

Detected by automated pattern matching (rule EN-001) with medium confidence. May be a false positive.

High-entropy string (4.6 bits/char) — possible encoded payload

Detected by automated pattern matching (rule EN-001) with medium confidence. May be a false positive.

High-entropy string (4.6 bits/char) — possible encoded payload

Detected by automated pattern matching (rule EN-001) with medium confidence. May be a false positive.

High-entropy string (4.9 bits/char) — possible encoded payload

Detected by automated pattern matching (rule EN-001) with medium confidence. May be a false positive.

High-entropy string (4.6 bits/char) — possible encoded payload

Detected by automated pattern matching (rule EN-001) with medium confidence. May be a false positive.

High-entropy string (4.7 bits/char) — possible encoded payload

Detected by automated pattern matching (rule EN-001) with medium confidence. May be a false positive.

High-entropy string (4.6 bits/char) — possible encoded payload

Detected by automated pattern matching (rule EN-001) with medium confidence. May be a false positive.

High-entropy string (4.7 bits/char) — possible encoded payload

Detected by automated pattern matching (rule EN-001) with medium confidence. May be a false positive.

High-entropy string (5.0 bits/char) — possible encoded payload

Detected by automated pattern matching (rule EN-001) with medium confidence. May be a false positive.

High-entropy string (4.7 bits/char) — possible encoded payload

Detected by automated pattern matching (rule EN-001) with medium confidence. May be a false positive.

High-entropy string (5.1 bits/char) — possible encoded payload

Detected by automated pattern matching (rule EN-001) with medium confidence. May be a false positive.

High-entropy string (4.9 bits/char) — possible encoded payload

Detected by automated pattern matching (rule EN-001) with medium confidence. May be a false positive.

High-entropy string (5.2 bits/char) — possible encoded payload

Detected by automated pattern matching (rule EN-001) with medium confidence. May be a false positive.

High-entropy string (5.2 bits/char) — possible encoded payload

Detected by automated pattern matching (rule EN-001) with medium confidence. May be a false positive.

High-entropy string (4.6 bits/char) — possible encoded payload

Detected by automated pattern matching (rule EN-001) with medium confidence. May be a false positive.

High-entropy string (4.7 bits/char) — possible encoded payload

Detected by automated pattern matching (rule EN-001) with medium confidence. May be a false positive.

High-entropy string (4.8 bits/char) — possible encoded payload

Detected by automated pattern matching (rule EN-001) with medium confidence. May be a false positive.

High-entropy string (4.6 bits/char) — possible encoded payload

Detected by automated pattern matching (rule EN-001) with medium confidence. May be a false positive.

High-entropy string (5.1 bits/char) — possible encoded payload

Detected by automated pattern matching (rule EN-001) with medium confidence. May be a false positive.

High-entropy string (4.5 bits/char) — possible encoded payload

Detected by automated pattern matching (rule EN-001) with medium confidence. May be a false positive.

High-entropy string (4.5 bits/char) — possible encoded payload

Detected by automated pattern matching (rule EN-001) with medium confidence. May be a false positive.

JavaScript fetch() call

Detected by automated pattern matching (rule NS-003) with medium confidence. May be a false positive.

    529: 
    530:       const queryParams = buildQueryParams();
>>> 531:       const response = await fetch(`/api/products?${queryParams}`);
    532:       
    533:       if (!response.ok) {

High-entropy string (4.6 bits/char) — possible encoded payload

Detected by automated pattern matching (rule EN-001) with medium confidence. May be a false positive.

High-entropy string (4.6 bits/char) — possible encoded payload

Detected by automated pattern matching (rule EN-001) with medium confidence. May be a false positive.

JavaScript fetch() call

Detected by automated pattern matching (rule NS-003) with medium confidence. May be a false positive.

    801:           return response;
    802:         }
>>> 803:         return fetch(event.request);
    804:       })
    805:   );

High-entropy string (4.6 bits/char) — possible encoded payload

Detected by automated pattern matching (rule EN-001) with medium confidence. May be a false positive.

High-entropy string (4.5 bits/char) — possible encoded payload

Detected by automated pattern matching (rule EN-001) with medium confidence. May be a false positive.

JavaScript fetch() call

Detected by automated pattern matching (rule NS-003) with medium confidence. May be a false positive.

    291:     setLoading(true);
    292:     try {
>>> 293:       const response = await fetch('/api/data');
    294:       const result = await response.json();
    295:       setData(result);

High-entropy string (5.0 bits/char) — possible encoded payload

Detected by automated pattern matching (rule EN-001) with medium confidence. May be a false positive.

JavaScript fetch() call

Detected by automated pattern matching (rule NS-003) with medium confidence. May be a false positive.

    290:         
    291:         do {
>>> 292:             let response: ProductsResponse = try await APIClient.shared.fetch("/products")
    293:             products = response.products
    294:         } catch {

High-entropy string (4.6 bits/char) — possible encoded payload

Detected by automated pattern matching (rule EN-001) with medium confidence. May be a false positive.

High-entropy string (4.5 bits/char) — possible encoded payload

Detected by automated pattern matching (rule EN-001) with medium confidence. May be a false positive.

JavaScript fetch() call

Detected by automated pattern matching (rule NS-003) with medium confidence. May be a false positive.

    146: 
    147: ```typescript
>>> 148: const especialista = await fetch('maestro://especialista/debugging-troubleshooting');
    149: ```
    150: 

Possible Base64-encoded payload (long encoded string)

Detected by automated pattern matching (rule OB-001) with medium confidence. May be a false positive.

>>> 1: {"version":3,"file":"SecurityValidatorWrapper.js","sourceRoot":"","sources":["../../../../src/core/validation/layers/SecurityValidatorWrapper.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,iBAAiB,IAAI,uBAAuB,EAAE,MAAM,yBAAyB,CAAC;AAEvF;;;GAGG;AACH,MAAM,OAAO,wBAAwB;IACzB,SAAS,CAA0B;IAE3C;QACI,IAAI,CAAC,SAAS,GAAG,IAAI,uBAAuB,EAAE,CAAC;IACnD,CAAC;IAED,KAAK,CAAC,QAAQ,CAAC,IAAY,EAAE,OAA2B;QACpD,IAAI,CAAC;YACD,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,SAAS,CAAC,aAAa,CAAC,IAAI,CAAC,CAAC;YAExD,MAAM,MAAM,GAAsB,MAAM,CAAC,MAAM,IAAI,EAAE,CAAC;YACtD,MAAM,KAAK,GAAG,MAAM,CAAC,KAAK,IAAI,EAAE,CAAC;YACjC,MAAM,MAAM,GAAG,KAAK,IAAI,EAAE,CAAC;YAE3B,OAAO;gBACH,KAAK,EAAE,WAAW;gBAClB,KAAK;gBACL,MAAM;gBACN,MAAM;gBACN,WAAW,EAAE,IAAI,CAAC,mBAAmB,CAAC,MAAM,CAAC;gBAC7C,SAAS,EAAE,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE;aACtC,CAAC;QACN,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACb,+BAA+B;YAC/B,OAAO;gBACH,KAAK,EAAE,WAAW;gBAClB,KAAK,EAAE,EAAE;gBACT,MAAM,EAAE,IAAI;gBACZ,MAAM,EAAE,EAAE;gBACV,WAAW,EAAE,CAAC,kCAAkC,CAAC;gBACjD,SAAS,EAAE,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE;aACtC,CAAC;QACN,CAAC;IACL,CAAC;IAEO,mBAAmB,CAAC,MAAyB;QACjD,MAAM,WAAW,GAAa,EAAE,CAAC;QAEjC,MAAM,QAAQ,GAAG,MAAM,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,QAAQ,KAAK,UAAU,CAAC,CAAC;QAC/D,IAAI,QAAQ,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;YACtB,WAAW,CAAC,IAAI,CAAC,iDAAiD,CAAC,CAAC;QACxE,CAAC;QAED,MAAM,IAAI,GAAG,MAAM,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,QAAQ,KAAK,MAAM,CAAC,CAAC;QACvD,IAAI,IAAI,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;YAClB,WAAW,CAAC,IAAI,CAAC,mDAAmD,CAAC,CAAC;QAC1E,CAAC;QAED,IAAI,WAAW,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;YAC3B,WAAW,CAAC,IAAI,CAAC,mCAAmC,CAAC,CAAC;QAC1D,CAAC;QAED,OAAO,WAAW,CAAC;IACvB,CAAC;CACJ"}

Possible Base64-encoded payload (long encoded string)

Detected by automated pattern matching (rule OB-001) with medium confidence. May be a false positive.

    209:     Networking.addPublicKeyPin(
    210:       'api.example.com',
>>> 211:       ['sha256/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA=']
    212:     );
    213:   }

JavaScript fetch() call

Detected by automated pattern matching (rule NS-003) with medium confidence. May be a false positive.

    29: 28,Forms,Debounce rapid input changes,Debounce search/filter inputs,useDeferredValue or debounce for search,Filter on every keystroke,useDeferredValue(searchTerm),useEffect filtering on every change,Medium,https://react.dev/reference/react/useDeferredValue
    30: 29,Hooks,Follow rules of hooks,Only call hooks at top level and in React functions,Hooks at component top level,Hooks in conditions loops or callbacks,"const [x, setX] = useState()","if (cond) { const [x, setX] = useState() }",High,https://react.dev/reference/rules/rules-of-hooks
>>> 31: 30,Hooks,Custom hooks for reusable logic,Extract shared stateful logic to custom hooks,useCustomHook for reusable patterns,Duplicate hook logic across components,const { data } = useFetch(url),Duplicate useEffect/useState in components,Medium,https://react.dev/learn/reusing-logic-with-custom-hooks
    32: 31,Hooks,Name custom hooks with use prefix,Custom hooks must start with use,useFetch useForm useAuth,fetchData or getData for hook,function useFetch(url),function fetchData(url),High,
    33: 32,Context,Use context for global data,Context for theme auth locale,Context for app-wide state,Context for frequently changing data,<ThemeContext.Provider>,Context for form field values,Medium,https://react.dev/learn/passing-data-deeply-with-context

JavaScript fetch() call

Detected by automated pattern matching (rule NS-003) with medium confidence. May be a false positive.

    30: 29,Hooks,Follow rules of hooks,Only call hooks at top level and in React functions,Hooks at component top level,Hooks in conditions loops or callbacks,"const [x, setX] = useState()","if (cond) { const [x, setX] = useState() }",High,https://react.dev/reference/rules/rules-of-hooks
    31: 30,Hooks,Custom hooks for reusable logic,Extract shared stateful logic to custom hooks,useCustomHook for reusable patterns,Duplicate hook logic across components,const { data } = useFetch(url),Duplicate useEffect/useState in components,Medium,https://react.dev/learn/reusing-logic-with-custom-hooks
>>> 32: 31,Hooks,Name custom hooks with use prefix,Custom hooks must start with use,useFetch useForm useAuth,fetchData or getData for hook,function useFetch(url),function fetchData(url),High,
    33: 32,Context,Use context for global data,Context for theme auth locale,Context for app-wide state,Context for frequently changing data,<ThemeContext.Provider>,Context for form field values,Medium,https://react.dev/learn/passing-data-deeply-with-context
    34: 33,Context,Split contexts by concern,Separate contexts for different domains,ThemeContext + AuthContext,One giant AppContext,<ThemeProvider><AuthProvider>,<AppProvider value={{theme user...}}>,Medium,

JavaScript fetch() call

Detected by automated pattern matching (rule NS-003) with medium confidence. May be a false positive.

    39: 38,Performance,Batch state updates,React 18 auto-batches but be aware,Let React batch related updates,Manual batching with flushSync,setA(1); setB(2); // batched,flushSync(() => setA(1)),Low,https://react.dev/learn/queueing-a-series-of-state-updates
    40: 39,ErrorHandling,Use error boundaries,Catch JavaScript errors in component tree,ErrorBoundary wrapping sections,Let errors crash entire app,<ErrorBoundary><App/></ErrorBoundary>,No error handling,High,https://react.dev/reference/react/Component#catching-rendering-errors-with-an-error-boundary
>>> 41: 40,ErrorHandling,Handle async errors,Catch errors in async operations,try/catch in async handlers,Unhandled promise rejections,try { await fetch() } catch(e) {},await fetch() // no catch,High,
    42: 41,Testing,Test behavior not implementation,Test what user sees and does,Test renders and interactions,Test internal state or methods,expect(screen.getByText('Hello')),expect(component.state.name),Medium,https://testing-library.com/docs/react-testing-library/intro/
    43: 42,Testing,Use testing-library queries,Use accessible queries,getByRole getByLabelText,getByTestId for everything,getByRole('button'),getByTestId('submit-btn'),Medium,https://testing-library.com/docs/queries/about#priority

High-entropy string (4.7 bits/char) — possible encoded payload

Detected by automated pattern matching (rule EN-001) with medium confidence. May be a false positive.

JavaScript fetch() call

Detected by automated pattern matching (rule NS-003) with medium confidence. May be a false positive.

    270:         else {
    271:             const url = this.buildUrlTemplate(endpoint.path);
>>> 272:             func += `  const response = await fetch(\`\${BASE_URL}${url}\`, {\n`;
    273:             func += `    method: '${endpoint.method}',\n`;
    274:             if (endpoint.request?.body) {

Python requests library HTTP call

Detected by automated pattern matching (rule NS-001) with medium confidence. May be a false positive.

    422: def fetch_url(url: str):
    423:     # VULNERABILIDADE: Permite qualquer URL
>>> 424:     response = requests.get(url)
    425:     return response.json()
    426: ```

Python requests library HTTP call

Detected by automated pattern matching (rule NS-001) with medium confidence. May be a false positive.

    456:     
    457:     # MITIGAÇÃO: Timeout e validação
>>> 458:     response = requests.get(url, timeout=10)
    459:     return response.json()
    460: ```

JavaScript fetch() call

Detected by automated pattern matching (rule NS-003) with medium confidence. May be a false positive.

    198: // Carregar especialista da próxima fase
    199: const proximaFase = novoEstado.fases[novoEstado.fase_atual - 1];
>>> 200: const especialista = await fetch(`maestro://especialista/${proximaFase.especialista}`);
    201: ```
    202: 

Possible Base64-encoded payload (long encoded string)

Detected by automated pattern matching (rule OB-001) with medium confidence. May be a false positive.

    65:    - **migracao**: Mudança de padrão/arquitetura
    66: 
>>> 67:    Escolha: [complexidade/duplicacao/performance/manutencao/migracao]
    68: 
    69: 3. (Opcional) Arquivos principais:

JavaScript fetch() call

Detected by automated pattern matching (rule NS-003) with medium confidence. May be a false positive.

    187: 
    188: ```typescript
>>> 189: const especialista = await fetch('maestro://especialista/gestao-de-produto');
    190: // Aplicar persona e instruções do especialista
    191: ```

High-entropy string (5.1 bits/char) — possible encoded payload

Detected by automated pattern matching (rule EN-001) with medium confidence. May be a false positive.

High-entropy string (4.5 bits/char) — possible encoded payload

Detected by automated pattern matching (rule EN-001) with medium confidence. May be a false positive.

JavaScript fetch() call

Detected by automated pattern matching (rule NS-003) with medium confidence. May be a false positive.

    43: 42,SvelteKit,Use +page.js for data loading,Load data before render,load function in +page.js,onMount for data fetching,export function load() {},onMount(() => fetchData()),High,https://kit.svelte.dev/docs/load
    44: 43,SvelteKit,Use +page.server.js for server-only,Server-side data loading,+page.server.js for sensitive data,+page.js for API keys,+page.server.js with DB access,+page.js with DB access,High,
>>> 45: 44,SvelteKit,Use form actions,Server-side form handling,+page.server.js actions,API routes for forms,export const actions = { default },fetch('/api/submit'),Medium,https://kit.svelte.dev/docs/form-actions
    46: 45,SvelteKit,Use $app/stores for app state,$page $navigating $updated,$page for current page data,Manual URL parsing,import { page } from '$app/stores',window.location.pathname,Medium,https://kit.svelte.dev/docs/modules#$app-stores
    47: 46,Performance,Use {#key} for forced re-render,Reset component state,{#key id} for fresh instance,Manual destroy/create,{#key item.id}<Component/>{/key},on:change={() => component = null},Low,https://svelte.dev/docs/logic-blocks#key

High-entropy string (5.0 bits/char) — possible encoded payload

Detected by automated pattern matching (rule EN-001) with medium confidence. May be a false positive.

High-entropy string (5.0 bits/char) — possible encoded payload

Detected by automated pattern matching (rule EN-001) with medium confidence. May be a false positive.

High-entropy string (4.7 bits/char) — possible encoded payload

Detected by automated pattern matching (rule EN-001) with medium confidence. May be a false positive.

JavaScript fetch() call

Detected by automated pattern matching (rule NS-003) with medium confidence. May be a false positive.

    21: 20,Components,Use PascalCase for components,Consistent component naming,PascalCase in imports and templates,kebab-case in script,<MyComponent/>,<my-component/>,Low,https://vuejs.org/style-guide/rules-strongly-recommended.html
    22: 21,Components,Prefer composition over mixins,Composables replace mixins,Composables for shared logic,Mixins for code reuse,const { data } = useApi(),mixins: [apiMixin],Medium,
>>> 23: 22,Composables,Name composables with use prefix,Convention for composable functions,useFetch useAuth useForm,getData or fetchApi,export function useFetch(),export function fetchData(),Medium,https://vuejs.org/guide/reusability/composables.html
    24: 23,Composables,Return refs from composables,Maintain reactivity when destructuring,Return ref values,Return reactive objects that lose reactivity,return { data: ref(null) },return reactive({ data: null }),Medium,
    25: 24,Composables,Accept ref or value params,Use toValue for flexible inputs,toValue() or unref() for params,Only accept ref or only value,const val = toValue(maybeRef),const val = maybeRef.value,Low,https://vuejs.org/api/reactivity-utilities.html#tovalue

High-entropy string (4.9 bits/char) — possible encoded payload

Detected by automated pattern matching (rule EN-001) with medium confidence. May be a false positive.

High-entropy string (4.8 bits/char) — possible encoded payload

Detected by automated pattern matching (rule EN-001) with medium confidence. May be a false positive.

High-entropy string (4.7 bits/char) — possible encoded payload

Detected by automated pattern matching (rule EN-001) with medium confidence. May be a false positive.

Possible Base64-encoded payload (long encoded string)

Detected by automated pattern matching (rule OB-001) with medium confidence. May be a false positive.

>>> 1: {"version":3,"file":"SecurityValidatorWrapper.d.ts","sourceRoot":"","sources":["../../../../src/core/validation/layers/SecurityValidatorWrapper.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,cAAc,EAAE,qBAAqB,EAAE,iBAAiB,EAAmB,MAAM,aAAa,CAAC;AAG7G;;;GAGG;AACH,qBAAa,wBAAyB,YAAW,cAAc;IAC3D,OAAO,CAAC,SAAS,CAA0B;;IAMrC,QAAQ,CAAC,IAAI,EAAE,MAAM,EAAE,OAAO,CAAC,EAAE,iBAAiB,GAAG,OAAO,CAAC,qBAAqB,CAAC;IA6BzF,OAAO,CAAC,mBAAmB;CAmB9B"}

High-entropy string (5.0 bits/char) — possible encoded payload

Detected by automated pattern matching (rule EN-001) with medium confidence. May be a false positive.

High-entropy string (4.7 bits/char) — possible encoded payload

Detected by automated pattern matching (rule EN-001) with medium confidence. May be a false positive.

High-entropy string (5.0 bits/char) — possible encoded payload

Detected by automated pattern matching (rule EN-001) with medium confidence. May be a false positive.

High-entropy string (5.0 bits/char) — possible encoded payload

Detected by automated pattern matching (rule EN-001) with medium confidence. May be a false positive.

High-entropy string (4.5 bits/char) — possible encoded payload

Detected by automated pattern matching (rule EN-001) with medium confidence. May be a false positive.

High-entropy string (4.6 bits/char) — possible encoded payload

Detected by automated pattern matching (rule EN-001) with medium confidence. May be a false positive.

Python requests library HTTP call

Detected by automated pattern matching (rule NS-001) with medium confidence. May be a false positive.

    429: 
    430: headers = {'Authorization': f'Bearer {token}'}
>>> 431: response = requests.get('https://api.example.com/v1/users', headers=headers)
    432: users = response.json()
    433: ```

High-entropy string (5.2 bits/char) — possible encoded payload

Detected by automated pattern matching (rule EN-001) with medium confidence. May be a false positive.

High-entropy string (5.1 bits/char) — possible encoded payload

Detected by automated pattern matching (rule EN-001) with medium confidence. May be a false positive.

High-entropy string (4.9 bits/char) — possible encoded payload

Detected by automated pattern matching (rule EN-001) with medium confidence. May be a false positive.

High-entropy string (5.2 bits/char) — possible encoded payload

Detected by automated pattern matching (rule EN-001) with medium confidence. May be a false positive.

High-entropy string (4.7 bits/char) — possible encoded payload

Detected by automated pattern matching (rule EN-001) with medium confidence. May be a false positive.

High-entropy string (5.1 bits/char) — possible encoded payload

Detected by automated pattern matching (rule EN-001) with medium confidence. May be a false positive.

High-entropy string (4.6 bits/char) — possible encoded payload

Detected by automated pattern matching (rule EN-001) with medium confidence. May be a false positive.

High-entropy string (5.2 bits/char) — possible encoded payload

Detected by automated pattern matching (rule EN-001) with medium confidence. May be a false positive.

High-entropy string (4.6 bits/char) — possible encoded payload

Detected by automated pattern matching (rule EN-001) with medium confidence. May be a false positive.

High-entropy string (4.5 bits/char) — possible encoded payload

Detected by automated pattern matching (rule EN-001) with medium confidence. May be a false positive.

High-entropy string (4.6 bits/char) — possible encoded payload

Detected by automated pattern matching (rule EN-001) with medium confidence. May be a false positive.

High-entropy string (5.1 bits/char) — possible encoded payload

Detected by automated pattern matching (rule EN-001) with medium confidence. May be a false positive.

High-entropy string (5.6 bits/char) — possible encoded payload

Detected by automated pattern matching (rule EN-001) with medium confidence. May be a false positive.

High-entropy string (5.0 bits/char) — possible encoded payload

Detected by automated pattern matching (rule EN-001) with medium confidence. May be a false positive.

High-entropy string (4.7 bits/char) — possible encoded payload

Detected by automated pattern matching (rule EN-001) with medium confidence. May be a false positive.

High-entropy string (4.6 bits/char) — possible encoded payload

Detected by automated pattern matching (rule EN-001) with medium confidence. May be a false positive.

High-entropy string (4.8 bits/char) — possible encoded payload

Detected by automated pattern matching (rule EN-001) with medium confidence. May be a false positive.

High-entropy string (4.6 bits/char) — possible encoded payload

Detected by automated pattern matching (rule EN-001) with medium confidence. May be a false positive.

High-entropy string (4.5 bits/char) — possible encoded payload

Detected by automated pattern matching (rule EN-001) with medium confidence. May be a false positive.

High-entropy string (4.6 bits/char) — possible encoded payload

Detected by automated pattern matching (rule EN-001) with medium confidence. May be a false positive.

High-entropy string (4.7 bits/char) — possible encoded payload

Detected by automated pattern matching (rule EN-001) with medium confidence. May be a false positive.

High-entropy string (4.8 bits/char) — possible encoded payload

Detected by automated pattern matching (rule EN-001) with medium confidence. May be a false positive.

High-entropy string (4.7 bits/char) — possible encoded payload

Detected by automated pattern matching (rule EN-001) with medium confidence. May be a false positive.

High-entropy string (4.6 bits/char) — possible encoded payload

Detected by automated pattern matching (rule EN-001) with medium confidence. May be a false positive.

High-entropy string (4.5 bits/char) — possible encoded payload

Detected by automated pattern matching (rule EN-001) with medium confidence. May be a false positive.

High-entropy string (4.6 bits/char) — possible encoded payload

Detected by automated pattern matching (rule EN-001) with medium confidence. May be a false positive.

High-entropy string (4.6 bits/char) — possible encoded payload

Detected by automated pattern matching (rule EN-001) with medium confidence. May be a false positive.

High-entropy string (4.5 bits/char) — possible encoded payload

Detected by automated pattern matching (rule EN-001) with medium confidence. May be a false positive.

High-entropy string (4.7 bits/char) — possible encoded payload

Detected by automated pattern matching (rule EN-001) with medium confidence. May be a false positive.

High-entropy string (4.6 bits/char) — possible encoded payload

Detected by automated pattern matching (rule EN-001) with medium confidence. May be a false positive.

High-entropy string (4.6 bits/char) — possible encoded payload

Detected by automated pattern matching (rule EN-001) with medium confidence. May be a false positive.

High-entropy string (4.6 bits/char) — possible encoded payload

Detected by automated pattern matching (rule EN-001) with medium confidence. May be a false positive.

High-entropy string (4.7 bits/char) — possible encoded payload

Detected by automated pattern matching (rule EN-001) with medium confidence. May be a false positive.

High-entropy string (4.5 bits/char) — possible encoded payload

Detected by automated pattern matching (rule EN-001) with medium confidence. May be a false positive.

High-entropy string (4.9 bits/char) — possible encoded payload

Detected by automated pattern matching (rule EN-001) with medium confidence. May be a false positive.

High-entropy string (4.6 bits/char) — possible encoded payload

Detected by automated pattern matching (rule EN-001) with medium confidence. May be a false positive.

High-entropy string (4.5 bits/char) — possible encoded payload

Detected by automated pattern matching (rule EN-001) with medium confidence. May be a false positive.

High-entropy string (4.7 bits/char) — possible encoded payload

Detected by automated pattern matching (rule EN-001) with medium confidence. May be a false positive.

High-entropy string (4.5 bits/char) — possible encoded payload

Detected by automated pattern matching (rule EN-001) with medium confidence. May be a false positive.

High-entropy string (4.5 bits/char) — possible encoded payload

Detected by automated pattern matching (rule EN-001) with medium confidence. May be a false positive.

High-entropy string (4.6 bits/char) — possible encoded payload

Detected by automated pattern matching (rule EN-001) with medium confidence. May be a false positive.

High-entropy string (4.8 bits/char) — possible encoded payload

Detected by automated pattern matching (rule EN-001) with medium confidence. May be a false positive.

High-entropy string (4.6 bits/char) — possible encoded payload

Detected by automated pattern matching (rule EN-001) with medium confidence. May be a false positive.

High-entropy string (4.5 bits/char) — possible encoded payload

Detected by automated pattern matching (rule EN-001) with medium confidence. May be a false positive.

High-entropy string (4.6 bits/char) — possible encoded payload

Detected by automated pattern matching (rule EN-001) with medium confidence. May be a false positive.

High-entropy string (4.7 bits/char) — possible encoded payload

Detected by automated pattern matching (rule EN-001) with medium confidence. May be a false positive.

High-entropy string (4.8 bits/char) — possible encoded payload

Detected by automated pattern matching (rule EN-001) with medium confidence. May be a false positive.

High-entropy string (5.0 bits/char) — possible encoded payload

Detected by automated pattern matching (rule EN-001) with medium confidence. May be a false positive.

High-entropy string (4.6 bits/char) — possible encoded payload

Detected by automated pattern matching (rule EN-001) with medium confidence. May be a false positive.

High-entropy string (4.6 bits/char) — possible encoded payload

Detected by automated pattern matching (rule EN-001) with medium confidence. May be a false positive.

High-entropy string (4.7 bits/char) — possible encoded payload

Detected by automated pattern matching (rule EN-001) with medium confidence. May be a false positive.

High-entropy string (4.6 bits/char) — possible encoded payload

Detected by automated pattern matching (rule EN-001) with medium confidence. May be a false positive.

High-entropy string (4.6 bits/char) — possible encoded payload

Detected by automated pattern matching (rule EN-001) with medium confidence. May be a false positive.

High-entropy string (4.6 bits/char) — possible encoded payload

Detected by automated pattern matching (rule EN-001) with medium confidence. May be a false positive.

High-entropy string (4.8 bits/char) — possible encoded payload

Detected by automated pattern matching (rule EN-001) with medium confidence. May be a false positive.

High-entropy string (4.7 bits/char) — possible encoded payload

Detected by automated pattern matching (rule EN-001) with medium confidence. May be a false positive.

High-entropy string (4.7 bits/char) — possible encoded payload

Detected by automated pattern matching (rule EN-001) with medium confidence. May be a false positive.

High-entropy string (5.5 bits/char) — possible encoded payload

Detected by automated pattern matching (rule EN-001) with medium confidence. May be a false positive.

High-entropy string (5.2 bits/char) — possible encoded payload

Detected by automated pattern matching (rule EN-001) with medium confidence. May be a false positive.

High-entropy string (4.9 bits/char) — possible encoded payload

Detected by automated pattern matching (rule EN-001) with medium confidence. May be a false positive.

High-entropy string (4.9 bits/char) — possible encoded payload

Detected by automated pattern matching (rule EN-001) with medium confidence. May be a false positive.

High-entropy string (5.0 bits/char) — possible encoded payload

Detected by automated pattern matching (rule EN-001) with medium confidence. May be a false positive.

High-entropy string (4.9 bits/char) — possible encoded payload

Detected by automated pattern matching (rule EN-001) with medium confidence. May be a false positive.

High-entropy string (4.8 bits/char) — possible encoded payload

Detected by automated pattern matching (rule EN-001) with medium confidence. May be a false positive.

High-entropy string (4.7 bits/char) — possible encoded payload

Detected by automated pattern matching (rule EN-001) with medium confidence. May be a false positive.

High-entropy string (5.1 bits/char) — possible encoded payload

Detected by automated pattern matching (rule EN-001) with medium confidence. May be a false positive.

High-entropy string (4.7 bits/char) — possible encoded payload

Detected by automated pattern matching (rule EN-001) with medium confidence. May be a false positive.

JavaScript fetch() call

Detected by automated pattern matching (rule NS-003) with medium confidence. May be a false positive.

    852:     const color = this.getSeverityColor(severity);
    853:     
>>> 854:     await fetch(webhook, {
    855:       method: 'POST',
    856:       headers: { 'Content-Type': 'application/json' },

High-entropy string (4.6 bits/char) — possible encoded payload

Detected by automated pattern matching (rule EN-001) with medium confidence. May be a false positive.

High-entropy string (4.6 bits/char) — possible encoded payload

Detected by automated pattern matching (rule EN-001) with medium confidence. May be a false positive.

High-entropy string (4.6 bits/char) — possible encoded payload

Detected by automated pattern matching (rule EN-001) with medium confidence. May be a false positive.

High-entropy string (4.5 bits/char) — possible encoded payload

Detected by automated pattern matching (rule EN-001) with medium confidence. May be a false positive.

High-entropy string (4.6 bits/char) — possible encoded payload

Detected by automated pattern matching (rule EN-001) with medium confidence. May be a false positive.

High-entropy string (4.5 bits/char) — possible encoded payload

Detected by automated pattern matching (rule EN-001) with medium confidence. May be a false positive.

Python requests library HTTP call

Detected by automated pattern matching (rule NS-001) with medium confidence. May be a false positive.

    387: def extract_from_api(url, headers=None, params=None):
    388:     """Extrai dados de API REST"""
>>> 389:     response = requests.get(url, headers=headers, params=params)
    390:     response.raise_for_status()
    391:     return response.json()

High-entropy string (4.8 bits/char) — possible encoded payload

Detected by automated pattern matching (rule EN-001) with medium confidence. May be a false positive.

High-entropy string (4.5 bits/char) — possible encoded payload

Detected by automated pattern matching (rule EN-001) with medium confidence. May be a false positive.

High-entropy string (4.6 bits/char) — possible encoded payload

Detected by automated pattern matching (rule EN-001) with medium confidence. May be a false positive.

JavaScript fetch() call

Detected by automated pattern matching (rule NS-003) with medium confidence. May be a false positive.

    112: → Severity: High
    113: → Guideline: "Configure caching explicitly (fetch uncached por padrão!)"
>>> 114: → Code Good: fetch(url, { cache: 'force-cache' })
    115: ```
    116: 

High-entropy string (4.6 bits/char) — possible encoded payload

Detected by automated pattern matching (rule EN-001) with medium confidence. May be a false positive.

High-entropy string (4.6 bits/char) — possible encoded payload

Detected by automated pattern matching (rule EN-001) with medium confidence. May be a false positive.

JavaScript fetch() call

Detected by automated pattern matching (rule NS-003) with medium confidence. May be a false positive.

    1: No,Category,Issue,Keywords,Platform,Description,Do,Don't,Code Example Good,Code Example Bad,Severity
>>> 2: 1,Async Waterfall,Defer Await,async await defer branch,React/Next.js,Move await into branches where actually used to avoid blocking unused code paths,Move await operations into branches where they're needed,Await at top of function blocking all branches,"if (skip) return { skipped: true }; const data = await fetch()","const data = await fetch(); if (skip) return { skipped: true }",Critical
    3: 2,Async Waterfall,Promise.all Parallel,promise all parallel concurrent,React/Next.js,Execute independent async operations concurrently using Promise.all(),Use Promise.all() for independent operations,Sequential await for independent operations,"const [user, posts] = await Promise.all([fetchUser(), fetchPosts()])","const user = await fetchUser(); const posts = await fetchPosts()",Critical
    4: 3,Async Waterfall,Dependency Parallelization,better-all dependency parallel,React/Next.js,Use better-all for operations with partial dependencies to maximize parallelism,Use better-all to start each task at earliest possible moment,Wait for unrelated data before starting dependent fetch,"await all({ user() {}, config() {}, profile() { return fetch((await this.$.user).id) } })","const [user, config] = await Promise.all([...]); const profile = await fetchProfile(user.id)",Critical

JavaScript fetch() call

Detected by automated pattern matching (rule NS-003) with medium confidence. May be a false positive.

    2: 1,Async Waterfall,Defer Await,async await defer branch,React/Next.js,Move await into branches where actually used to avoid blocking unused code paths,Move await operations into branches where they're needed,Await at top of function blocking all branches,"if (skip) return { skipped: true }; const data = await fetch()","const data = await fetch(); if (skip) return { skipped: true }",Critical
    3: 2,Async Waterfall,Promise.all Parallel,promise all parallel concurrent,React/Next.js,Execute independent async operations concurrently using Promise.all(),Use Promise.all() for independent operations,Sequential await for independent operations,"const [user, posts] = await Promise.all([fetchUser(), fetchPosts()])","const user = await fetchUser(); const posts = await fetchPosts()",Critical
>>> 4: 3,Async Waterfall,Dependency Parallelization,better-all dependency parallel,React/Next.js,Use better-all for operations with partial dependencies to maximize parallelism,Use better-all to start each task at earliest possible moment,Wait for unrelated data before starting dependent fetch,"await all({ user() {}, config() {}, profile() { return fetch((await this.$.user).id) } })","const [user, config] = await Promise.all([...]); const profile = await fetchProfile(user.id)",Critical
    5: 4,Async Waterfall,API Route Optimization,api route waterfall promise,React/Next.js,In API routes start independent operations immediately even if not awaited yet,Start promises early and await late,Sequential awaits in API handlers,"const sessionP = auth(); const configP = fetchConfig(); const session = await sessionP","const session = await auth(); const config = await fetchConfig()",Critical
    6: 5,Async Waterfall,Suspense Boundaries,suspense streaming boundary,React/Next.js,Use Suspense to show wrapper UI faster while data loads,Wrap async components in Suspense boundaries,Await data blocking entire page render,"<Suspense fallback={<Skeleton />}><DataDisplay /></Suspense>","const data = await fetchData(); return <DataDisplay data={data} />",High

JavaScript fetch() call

Detected by automated pattern matching (rule NS-003) with medium confidence. May be a false positive.

    15: 14,Server,Parallel Fetching,parallel fetch component composition,React/Next.js,Restructure components to parallelize data fetching in RSC,Use component composition for parallel fetches,Sequential fetches in parent component,"<Header /><Sidebar /> // both fetch in parallel","const header = await fetchHeader(); return <><div>{header}</div><Sidebar /></>",Critical
    16: 15,Server,After Non-blocking,after non-blocking logging,React/Next.js,Use Next.js after() to schedule work after response is sent,Use after() for logging/analytics,Block response for non-critical operations,"after(async () => { await logAction() }); return Response.json(data)","await logAction(); return Response.json(data)",Medium
>>> 17: 16,Client,SWR Deduplication,swr dedup cache revalidate,React/Next.js,Use SWR for automatic request deduplication and caching,Use useSWR for client data fetching,Manual fetch in useEffect,"const { data } = useSWR('/api/users', fetcher)","useEffect(() => { fetch('/api/users').then(setUsers) }, [])",Medium-High
    18: 17,Client,Event Listener Dedup,event listener deduplicate global,React/Next.js,Share global event listeners across component instances,Use useSWRSubscription for shared listeners,Register listener per component instance,"useSWRSubscription('global-keydown', () => { window.addEventListener... })","useEffect(() => { window.addEventListener('keydown', handler) }, [])",Low
    19: 18,Rerender,Defer State Reads,state read callback subscription,React/Next.js,Don't subscribe to state only used in callbacks,Read state on-demand in callbacks,Subscribe to state used only in handlers,"const handleClick = () => { const params = new URLSearchParams(location.search) }","const params = useSearchParams(); const handleClick = () => { params.get('ref') }",Medium

High-entropy string (4.6 bits/char) — possible encoded payload

Detected by automated pattern matching (rule EN-001) with medium confidence. May be a false positive.

High-entropy string (4.7 bits/char) — possible encoded payload

Detected by automated pattern matching (rule EN-001) with medium confidence. May be a false positive.

High-entropy string (4.7 bits/char) — possible encoded payload

Detected by automated pattern matching (rule EN-001) with medium confidence. May be a false positive.

High-entropy string (4.9 bits/char) — possible encoded payload

Detected by automated pattern matching (rule EN-001) with medium confidence. May be a false positive.

High-entropy string (4.7 bits/char) — possible encoded payload

Detected by automated pattern matching (rule EN-001) with medium confidence. May be a false positive.

High-entropy string (4.6 bits/char) — possible encoded payload

Detected by automated pattern matching (rule EN-001) with medium confidence. May be a false positive.

High-entropy string (4.8 bits/char) — possible encoded payload

Detected by automated pattern matching (rule EN-001) with medium confidence. May be a false positive.

High-entropy string (4.9 bits/char) — possible encoded payload

Detected by automated pattern matching (rule EN-001) with medium confidence. May be a false positive.

High-entropy string (4.7 bits/char) — possible encoded payload

Detected by automated pattern matching (rule EN-001) with medium confidence. May be a false positive.

High-entropy string (4.9 bits/char) — possible encoded payload

Detected by automated pattern matching (rule EN-001) with medium confidence. May be a false positive.

High-entropy string (4.9 bits/char) — possible encoded payload

Detected by automated pattern matching (rule EN-001) with medium confidence. May be a false positive.

High-entropy string (4.6 bits/char) — possible encoded payload

Detected by automated pattern matching (rule EN-001) with medium confidence. May be a false positive.

High-entropy string (4.9 bits/char) — possible encoded payload

Detected by automated pattern matching (rule EN-001) with medium confidence. May be a false positive.

High-entropy string (5.0 bits/char) — possible encoded payload

Detected by automated pattern matching (rule EN-001) with medium confidence. May be a false positive.

High-entropy string (4.9 bits/char) — possible encoded payload

Detected by automated pattern matching (rule EN-001) with medium confidence. May be a false positive.

High-entropy string (5.0 bits/char) — possible encoded payload

Detected by automated pattern matching (rule EN-001) with medium confidence. May be a false positive.

High-entropy string (4.9 bits/char) — possible encoded payload

Detected by automated pattern matching (rule EN-001) with medium confidence. May be a false positive.

JavaScript fetch() call

Detected by automated pattern matching (rule NS-003) with medium confidence. May be a false positive.

    94: ```csv
    95: Configure caching explicitly
>>> 96: fetch() is UNCACHED by default in v15!
    97: Do: fetch(url, { cache: 'force-cache' })
    98: Don't: fetch(url) // Uncached!

JavaScript fetch() call

Detected by automated pattern matching (rule NS-003) with medium confidence. May be a false positive.

    95: Configure caching explicitly
    96: fetch() is UNCACHED by default in v15!
>>> 97: Do: fetch(url, { cache: 'force-cache' })
    98: Don't: fetch(url) // Uncached!
    99: Severity: High

JavaScript fetch() call

Detected by automated pattern matching (rule NS-003) with medium confidence. May be a false positive.

    96: fetch() is UNCACHED by default in v15!
    97: Do: fetch(url, { cache: 'force-cache' })
>>> 98: Don't: fetch(url) // Uncached!
    99: Severity: High
    100: ```

High-entropy string (5.3 bits/char) — possible encoded payload

Detected by automated pattern matching (rule EN-001) with medium confidence. May be a false positive.

High-entropy string (4.6 bits/char) — possible encoded payload

Detected by automated pattern matching (rule EN-001) with medium confidence. May be a false positive.