Back to Code Review Pipeline

Security Report

Code Review Pipeline

v1.1.16 v1.1.10 v1.1.9 v1.1.8 v1.1.7 v1.1.6 v1.1.5 v1.1.4 v1.1.3 v1.1.2 v1.1.1 v1.1.0 v1.0.4 v1.0.3 v1.0.2 v1.0.1 v1.3.0 v1.0.0 v1.4.0 v1.2.0
Pass
Version v1.1.16 Scanned 11 May 2026 at 06:28 Scanner v2.8.0

Summary

Detected

  • Services:
  • Permissions: filesystem:read, network:ollama.com
  • Data Handling: pii

Undeclared

All items declared

Warnings

No warnings

Findings (8)

Compliance

info GDPR undeclared
compliance-gdpr
prompts/security-report.md:65

"Flag any findings that may be relevant to compliance frameworks (SOC 2, GDPR, PCI-DSS, HIPAA) based "

This content references a regulatory or compliance framework. This is informational — no action needed unless the skrpt processes regulated data.

info HIPAA undeclared
compliance-hipaa
prompts/security-report.md:65

"Flag any findings that may be relevant to compliance frameworks (SOC 2, GDPR, PCI-DSS, HIPAA) based "

This content references a regulatory or compliance framework. This is informational — no action needed unless the skrpt processes regulated data.

info SOC-2 undeclared
compliance-soc2
prompts/security-report.md:65

"Flag any findings that may be relevant to compliance frameworks (SOC 2, GDPR, PCI-DSS, HIPAA) based "

This content references a regulatory or compliance framework. This is informational — no action needed unless the skrpt processes regulated data.

info PCI-DSS undeclared
compliance-pci-dss
prompts/security-report.md:65

"Flag any findings that may be relevant to compliance frameworks (SOC 2, GDPR, PCI-DSS, HIPAA) based "

This content references a regulatory or compliance framework. This is informational — no action needed unless the skrpt processes regulated data.

Credentials

info env:GITHUB_TOKEN undeclared
credential-env-var
services/github-mcp.md:44

"{GITHUB_TOKEN}"

This file references the environment variable GITHUB_TOKEN. If this is a credential (API key, token, secret), declare it in requires.data_handling.

Permissions

info filesystem:read declared
mcp-file-read
services/github-mcp.md:59

"get_file_contents"

This content references filesystem read access. If intentional, declare filesystem:read in requires.permissions.

info network:ollama.com declared
external-url
services/ollama-local.md:19

"https://ollama.com"

Wrap reference URLs in backticks (`url`) or a blockquote (> line) to mark them as illustrative content

Data Handling

info pii declared
pii-explicit-mention
skills/security-scanning.md:50

"PII"

This content handles personally identifiable information (names, emails, addresses). Declare pii in requires.data_handling so users are informed before import.