Home / nearai / ironclaw
Repository Analysis

nearai/ironclaw

IronClaw is an Agent OS focused on privacy, security and extensibility

8.3 Low AI signal View on GitHub
8.3
Adjusted Score
8.3
Raw Score
100%
Time Factor
2026-05-30
Last Push
12,375
Stars
Rust
Language
748,248
Lines of Code
1541
Files
3447
Pattern Hits
2026-05-31
Scan Date

Score History

Severity Breakdown

CRITICAL 5HIGH 100MEDIUM 1124LOW 2218

Pattern Findings

3447 matches across 17 categories. Click a row to expand file-level details.

Decorative Section Separators1094 hits · 3507 pts
SeverityFileLineSnippet
MEDIUMbuild.rs20 // ── Git build metadata ─────────────────────────────────────────────
MEDIUMbuild.rs23 // ── Embed registry manifests ────────────────────────────────────────
MEDIUMbuild.rs26 // ── Embed bundled skills ────────────────────────────────────────────
MEDIUMbuild.rs29 // ── Build Telegram channel WASM ─────────────────────────────────────
MEDIUMrelease-plz.toml6# ── Main binary ─────────────────────────────────────────────
MEDIUMrelease-plz.toml14# ── Internal crates (not useful standalone) ─────────────────
MEDIUMtools-src/portfolio/src/live_tests.rs202// ── NEAR live tests (hit FastNEAR + Intear, no API key needed) ─────
MEDIUMtools-src/portfolio/src/indexer/near.rs76// ── FastNEAR response types ────────────────────────────────────────
MEDIUMtools-src/portfolio/src/indexer/near.rs119// ── Intear token price types (`/list-token-price` shape) ───────────
MEDIUMtools-src/portfolio/src/indexer/near.rs134// ── Parsers (pure functions, no I/O) ───────────────────────────────
MEDIUMtools-src/portfolio/src/indexer/near.rs366// ── WASM scan (production path) ────────────────────────────────────
MEDIUMtools-src/portfolio/src/indexer/near.rs442// ── Tests ──────────────────────────────────────────────────────────
MEDIUMcrates/ironclaw_safety/src/policy.rs309 // ── A. Regex backtracking / performance guards ───────────────
MEDIUMcrates/ironclaw_safety/src/policy.rs450 // ── B. Unicode edge cases ────────────────────────────────────
MEDIUMcrates/ironclaw_safety/src/policy.rs509 // ── C. Control character variants ────────────────────────────
MEDIUMcrates/ironclaw_safety/src/sanitizer.rs440 // ── A. Regex backtracking / performance guards ───────────────
MEDIUMcrates/ironclaw_safety/src/sanitizer.rs531 // ── B. Unicode edge cases ────────────────────────────────────
MEDIUMcrates/ironclaw_safety/src/sanitizer.rs661 // ── C. Control character variants ────────────────────────────
MEDIUMcrates/ironclaw_safety/src/lib.rs532 // ── Truncation at multi-byte UTF-8 boundaries ───────────────
MEDIUMcrates/ironclaw_safety/src/lib.rs615 // ── Truncation must not bypass safety checks ───────────────
MEDIUMcrates/ironclaw_safety/src/validator.rs478 // ── A. Performance guards ────────────────────────────────────
MEDIUMcrates/ironclaw_safety/src/validator.rs538 // ── B. Unicode edge cases ────────────────────────────────────
MEDIUMcrates/ironclaw_safety/src/validator.rs742 // ── C. Control character variants ────────────────────────────
MEDIUMcrates/ironclaw_safety/src/credential_detect.rs152 // ── Header name exact match ────────────────────────────────────────
MEDIUMcrates/ironclaw_safety/src/credential_detect.rs190 // ── Header name substring match ────────────────────────────────────
MEDIUMcrates/ironclaw_safety/src/credential_detect.rs212 // ── Header value prefix match ──────────────────────────────────────
MEDIUMcrates/ironclaw_safety/src/credential_detect.rs234 // ── Array-format headers ───────────────────────────────────────────
MEDIUMcrates/ironclaw_safety/src/credential_detect.rs256 // ── URL query parameter detection ──────────────────────────────────
MEDIUMcrates/ironclaw_safety/src/credential_detect.rs294 // ── False positive checks ──────────────────────────────────────────
MEDIUMcrates/ironclaw_safety/src/credential_detect.rs353 // ── URL userinfo detection ─────────────────────────────────────────
MEDIUMcrates/ironclaw_safety/src/credential_detect.rs388 // ── B. Unicode edge cases ────────────────────────────────────
MEDIUMcrates/ironclaw_safety/src/credential_detect.rs501 // ── C. Control character variants ────────────────────────────
MEDIUMcrates/ironclaw_safety/src/leak_detector.rs19//! ┌─────────────────────────────────────────────────────────────────────────────┐
MEDIUMcrates/ironclaw_safety/src/leak_detector.rs27//! └─────────────────────────────────────────────────────────────────────────────┘
MEDIUMcrates/ironclaw_safety/src/leak_detector.rs29//! ┌─────────────────────────────────────────────────────────────────────────────┐
MEDIUMcrates/ironclaw_safety/src/leak_detector.rs38//! └─────────────────────────────────────────────────────────────────────────────┘
MEDIUMcrates/ironclaw_safety/src/leak_detector.rs869 // ── OpenRouter, Anthropic OAuth, Telegram, Groq patterns ────────
MEDIUMcrates/ironclaw_safety/src/leak_detector.rs1006 // ── A. Regex backtracking / performance guards ───────────────
MEDIUMcrates/ironclaw_safety/src/leak_detector.rs1314 // ── B. Unicode edge cases ────────────────────────────────────
MEDIUMcrates/ironclaw_safety/src/leak_detector.rs1410 // ── C. Control character variants ────────────────────────────
MEDIUMcrates/ironclaw_engine/orchestrator/default.py34# ── Helper functions (self-modifiable glue) ──────────────────
MEDIUMcrates/ironclaw_engine/orchestrator/default.py374# ── Skill selection and injection (self-modifiable) ────────
MEDIUMcrates/ironclaw_engine/orchestrator/default.py727# ── Main execution loop ─────────────────────────────────────
MEDIUMcrates/ironclaw_engine/src/lib.rs36// ── Re-exports: types ───────────────────────────────────────
MEDIUMcrates/ironclaw_engine/src/lib.rs58// ── Re-exports: traits ──────────────────────────────────────
MEDIUMcrates/ironclaw_engine/src/lib.rs65// ── Re-exports: capability ────────────────────────────────────
MEDIUMcrates/ironclaw_engine/src/lib.rs72// ── Re-exports: gate ─────────────────────────────────────────
MEDIUMcrates/ironclaw_engine/src/lib.rs82// ── Re-exports: runtime ───────────────────────────────────────
MEDIUMcrates/ironclaw_engine/src/lib.rs102// ── Re-exports: executor ──────────────────────────────────────
MEDIUMcrates/ironclaw_engine/src/lib.rs106// ── Re-exports: memory ────────────────────────────────────────
MEDIUMcrates/ironclaw_engine/src/lib.rs111// ── Re-exports: reliability ──────────────────────────────────
MEDIUMcrates/ironclaw_engine/src/lib.rs115// ── Re-exports: workspace mounts ─────────────────────────────
MEDIUMcrates/ironclaw_engine/src/lib.rs121// ── Test utilities ──────────────────────────────────────────
MEDIUMcrates/ironclaw_engine/src/types/thread.rs37// ── State machine ───────────────────────────────────────────
MEDIUMcrates/ironclaw_engine/src/types/thread.rs100// ── Thread type ─────────────────────────────────────────────
MEDIUMcrates/ironclaw_engine/src/types/thread.rs113// ── Thread configuration ────────────────────────────────────
MEDIUMcrates/ironclaw_engine/src/types/thread.rs200// ── Thread ──────────────────────────────────────────────────
MEDIUMcrates/ironclaw_engine/src/types/thread.rs418 // ── State machine tests ─────────────────────────────────
MEDIUMcrates/ironclaw_engine/src/types/thread.rs508 // ── Thread lifecycle tests ──────────────────────────────
MEDIUMcrates/ironclaw_engine/src/types/thread.rs572 // ── Title derivation ─────────────────────────────────────
1034 more matches not shown…
Over-Commented Block1240 hits · 1184 pts
SeverityFileLineSnippet
LOWbuild.rs1//! Build script: compile Telegram channel WASM from source.
LOW.config/nextest.toml1# Cross-binary parallel test runner config for cargo-nextest.
LOWchannels-src/discord/src/lib.rs1//! Discord Gateway/Webhook channel for IronClaw.
LOWchannels-src/feishu/build.sh1#!/usr/bin/env bash
LOWchannels-src/feishu/src/lib.rs1// Feishu API types have fields reserved for future use.
LOWchannels-src/telegram/build.sh1#!/usr/bin/env bash
LOWchannels-src/telegram/src/lib.rs1// Telegram API types have fields reserved for future use (entities, reply threading, etc.)
LOWchannels-src/telegram/src/lib.rs341struct TelegramConfig {
LOWchannels-src/telegram/src/lib.rs361 /// Whether to respond to all group messages (not just mentions).
LOWchannels-src/telegram/src/lib.rs1821}
LOWchannels-src/slack/build.sh1#!/usr/bin/env bash
LOWchannels-src/slack/src/lib.rs1//! Slack Events API channel for IronClaw.
LOWchannels-src/whatsapp/src/lib.rs1// WhatsApp API types have fields reserved for future use (contacts, statuses, etc.)
LOWchannels-src/whatsapp/src/lib.rs521 channel_host::LogLevel::Info,
LOWtools-src/google-docs/src/types.rs1//! Types for Google Docs API requests and responses.
LOWtools-src/google-docs/src/types.rs81 /// Make text bold.
LOWtools-src/google-docs/src/lib.rs1//! Google Docs WASM Tool for IronClaw.
LOWtools-src/google-docs/src/lib.rs21//! - `format_paragraph`: Set heading level, alignment, spacing
LOWtools-src/google-calendar/src/types.rs1//! Types for Google Calendar API requests and responses.
LOWtools-src/google-calendar/src/types.rs41
LOWtools-src/google-calendar/src/types.rs61 end_datetime: Option<String>,
LOWtools-src/google-calendar/src/types.rs81 /// The event ID to update.
LOWtools-src/google-calendar/src/lib.rs1//! Google Calendar WASM Tool for IronClaw.
LOWtools-src/github/src/lib.rs1//! GitHub WASM Tool for IronClaw.
LOWtools-src/google-sheets/src/types.rs1//! Types for Google Sheets API requests and responses.
LOWtools-src/google-sheets/src/types.rs121 bold: Option<bool>,
LOWtools-src/google-sheets/src/lib.rs1//! Google Sheets WASM Tool for IronClaw.
LOWtools-src/google-sheets/src/lib.rs21//! - `add_sheet`: Add a new sheet (tab)
LOWtools-src/google-drive/src/types.rs1//! Types for Google Drive API requests and responses.
LOWtools-src/google-drive/src/types.rs21 /// "'folderId' in parents", "sharedWithMe = true".
LOWtools-src/google-drive/src/types.rs61 /// Upload a new file (text content).
LOWtools-src/google-drive/src/types.rs81 file_id: String,
LOWtools-src/google-drive/src/lib.rs1//! Google Drive WASM Tool for IronClaw.
LOWtools-src/google-drive/src/lib.rs21//! - `trash_file`: Move to trash
LOWtools-src/telegram/src/session.rs1use serde::{Deserialize, Serialize};
LOWtools-src/telegram/src/types.rs1//! Types for the Telegram user-mode tool (MTProto direct).
LOWtools-src/telegram/src/lib.rs1//! Telegram User-Mode WASM Tool for IronClaw.
LOWtools-src/telegram/src/lib.rs21//! at `telegram/session.json`. The agent should save updated session data after
LOWtools-src/portfolio/src/format.rs1//! Deterministic output formatters.
LOWtools-src/portfolio/src/widget.rs1//! `format_widget` operation — build the `projects/<id>/widgets/state.json`
LOWtools-src/portfolio/src/lib.rs1// M1 scaffold: several types/methods are reserved for M2+ stages and
LOWtools-src/portfolio/src/lib.rs21//! Internal layout (one module per stage):
LOWtools-src/portfolio/src/lib.rs61 #[serde(rename = "scan")]
LOWtools-src/portfolio/src/lib.rs81 /// near-lending-yield, near-lp-yield).
LOWtools-src/portfolio/src/live_tests.rs1//! Live integration tests that hit real external APIs.
LOWtools-src/portfolio/src/replay_tests.rs1//! Replay-style tests driven by YAML scenarios under `scenarios/`.
LOWtools-src/portfolio/src/intents/bundling.rs1//! Multi-leg intent bundling.
LOWtools-src/portfolio/src/intents/solver.rs1//! NEAR Intents solver client.
LOWtools-src/portfolio/src/intents/solver.rs301 /// Live integration test against the real NEAR Intents solver
LOWtools-src/portfolio/src/intents/mod.rs1//! Intents stage — translate a `MovementPlan` into an unsigned NEAR
LOWtools-src/portfolio/src/analyzer/mod.rs1//! Analyzer stage — classify raw positions against the embedded
LOWtools-src/portfolio/src/indexer/near_replay.rs1//! `near-replay` indexer source — read recorded FastNEAR + Intear
LOWtools-src/portfolio/src/indexer/dune.rs1//! Dune Sim REST client + response parser.
LOWtools-src/portfolio/src/indexer/dune.rs21//! activity / position summary across supported chains. Used as a
LOWtools-src/portfolio/src/indexer/dune.rs121 deserializer.deserialize_any(StringOrNumber)
LOWtools-src/portfolio/src/indexer/dune.rs141 /// e.g. "ethereum", "base", "arbitrum"
LOWtools-src/portfolio/src/indexer/dune.rs181 #[serde(default)]
LOWtools-src/portfolio/src/indexer/dune.rs541 }
LOWtools-src/portfolio/src/indexer/dune.rs561 /// that Dune's API surface has drifted from what M2 pinned and
LOWtools-src/portfolio/src/indexer/fixture.rs1//! Fixture indexer backend.
1180 more matches not shown…
Hyper-Verbose Identifiers627 hits · 565 pts
SeverityFileLineSnippet
LOWcrates/ironclaw_gateway/static/js/core/onboarding.js490function showSetupCardForExtension(data) {
LOWcrates/ironclaw_gateway/static/js/core/init-auth.js498function updateRestartButtonVisibility() {
LOWcrates/ironclaw_gateway/static/js/core/gateway-tee.js3function startGatewayStatusPolling() {
LOWcrates/ironclaw_gateway/static/js/core/gateway-tee.js13function refreshLegacyRoutinesPresence() {
LOWcrates/ironclaw_gateway/static/js/core/history.js336function createToolCallsSummaryElement(toolCalls) {
LOWcrates/ironclaw_gateway/static/js/core/history.js340function createActivityGroupFromHistory(toolCalls) {
LOWcrates/ironclaw_gateway/static/js/core/tool-activity.js3function formatToolActivityDurationMs(durationMs) {
LOWcrates/ironclaw_gateway/static/js/core/tool-activity.js11function truncateToolActivityResult(text) {
LOWcrates/ironclaw_gateway/static/js/core/tool-activity.js45function createToolActivitySummary(toolCount, totalDurationMs, includeDuration) {
LOWcrates/ironclaw_gateway/static/js/core/tool-activity.js65function setToolActivityCardExpanded(rendered, expanded) {
LOWcrates/ironclaw_gateway/static/js/core/tool-activity.js71function applyToolActivityCardState(rendered, options) {
LOWcrates/ironclaw_gateway/static/js/core/tool-activity.js188function createActivityGroupFromEntries(entries, options) {
LOWcrates/ironclaw_gateway/static/js/core/tool-activity.js232function createToolActivityController(options) {
LOWcrates/ironclaw_gateway/static/js/core/tool-activity.js296 function getOrCreateGroup() {
LOWcrates/ironclaw_gateway/static/js/core/tool-activity.js476function getOrCreateActivityGroup() {
LOWcrates/ironclaw_gateway/static/js/core/tool-activity.js514function shouldShowChannelConnectedMessage(extensionName, success) {
LOWcrates/ironclaw_gateway/static/js/core/routing.js62function normalizeTabForEngineMode(tab) {
LOWcrates/ironclaw_gateway/static/js/surfaces/projects.js528function renderMissionProgressMarkup(progress) {
LOWcrates/ironclaw_gateway/static/js/surfaces/projects.js534function renderMissionProgressCell(missionId) {
LOWcrates/ironclaw_gateway/static/js/surfaces/projects.js540function renderMissionThreadProgress(threadId) {
LOWcrates/ironclaw_gateway/static/js/surfaces/projects.js551function haveMissionThreadsChanged(previousMission, nextMission) {
LOWcrates/ironclaw_gateway/static/js/surfaces/projects.js610function fetchMissionDetailForProgress(missionId, options = {}) {
LOWcrates/ironclaw_gateway/static/js/surfaces/projects.js634function refreshPersistentActivityBar() {
LOWcrates/ironclaw_gateway/static/js/surfaces/projects.js657function getTrackedActiveMissionIds() {
LOWcrates/ironclaw_gateway/static/js/surfaces/projects.js661function scheduleActiveMissionMappingRefresh() {
LOWcrates/ironclaw_gateway/static/js/surfaces/projects.js674function scheduleMissionProgressViewsRefresh() {
LOWcrates/ironclaw_gateway/static/js/surfaces/projects.js683function refreshMissionProgressViews() {
LOWcrates/ironclaw_gateway/static/js/surfaces/projects.js1009function renderMissionBriefSection(section) {
LOWcrates/ironclaw_gateway/static/js/surfaces/projects.js1114function parseApproachHistoryRecord(text) {
LOWcrates/ironclaw_gateway/static/js/surfaces/projects.js1160function renderApproachHistoryCard(entryText, index, isLatest) {
LOWcrates/ironclaw_gateway/static/js/surfaces/logs.js29function rememberLogEntryForDownload(entry) {
LOWcrates/ironclaw_gateway/static/js/surfaces/logs.js36function serializeLogEntriesAsJsonl(entries) {
LOWcrates/ironclaw_gateway/static/js/surfaces/chat.js343function createGeneratedImageElement(dataUrl, path, eventId) {
LOWcrates/ironclaw_gateway/static/js/surfaces/chat.js373function isSafeGeneratedImageDataUrl(dataUrl) {
LOWcrates/ironclaw_gateway/static/js/surfaces/chat.js377function hasRenderedGeneratedImage(container, eventId) {
LOWcrates/ironclaw_gateway/static/js/surfaces/chat.js423function getRememberedGeneratedImage(threadId, eventId) {
LOWcrates/ironclaw_gateway/static/js/surfaces/chat.js430function resolveGeneratedImageForRender(threadId, image) {
LOWcrates/ironclaw_gateway/static/js/surfaces/chat.js492function getSlashAutocompleteItems() {
LOWcrates/ironclaw_gateway/static/js/surfaces/chat.js795function parseAttachmentAttributes(rawAttrs) {
LOW…ates/ironclaw_gateway/static/js/surfaces/extensions.js43function renderAvailableExtensionCard(entry) {
LOW…ates/ironclaw_gateway/static/js/surfaces/extensions.js519function refreshCurrentSettingsTab() {
LOW…ates/ironclaw_gateway/static/js/surfaces/extensions.js644function basicConfigureValidationError(field, value) {
LOW…ates/ironclaw_gateway/static/js/surfaces/extensions.js729function appendConfigureFieldGroup(form, fields, items, kind, optionalGroup) {
LOW…ates/ironclaw_gateway/static/js/surfaces/extensions.js884function renderInteractiveLoginPanel(name) {
LOW…ates/ironclaw_gateway/static/js/surfaces/extensions.js919function interactiveLoginDefaultLabel(name, interactiveLogin) {
LOW…ates/ironclaw_gateway/static/js/surfaces/extensions.js924function interactiveLoginWaitingLabel(name) {
LOW…ates/ironclaw_gateway/static/js/surfaces/extensions.js929function interactiveLoginStatusText(name, res) {
LOW…ates/ironclaw_gateway/static/js/surfaces/extensions.js949function getInteractiveLoginButton(overlay) {
LOW…ates/ironclaw_gateway/static/js/surfaces/extensions.js957function updateInteractiveLoginPanel(overlay, res) {
LOW…ates/ironclaw_gateway/static/js/surfaces/extensions.js979function maybeOpenInteractiveLoginUrl(name, overlay, res) {
LOW…ates/ironclaw_gateway/static/js/surfaces/extensions.js994function interactiveLoginPollDelayMs(status) {
LOW…ates/ironclaw_gateway/static/js/surfaces/extensions.js1110function clearConfigureInlineError(overlay) {
LOW…ates/ironclaw_gateway/static/js/surfaces/extensions.js1239function cancelAuthFromConfigureModal(overlay) {
LOWcrates/ironclaw_gateway/static/js/surfaces/settings.js242function renderStructuredSettingsInto(container, settingsDefs, settings, activeValues) {
LOWcrates/ironclaw_gateway/static/js/surfaces/settings.js304function renderStructuredSettingsRow(def, value, activeValue) {
LOWtests/test-pages/cnn/source.html1559 function setupRequestAnimationFrame() {
LOWtests/test-pages/cnn/source.html3783 function deleteIrrelevantUIDCookies(relevant) {
LOWtests/e2e/conftest.py135def _reserve_loopback_sockets(count: int) -> list[socket.socket]:
LOWtests/e2e/conftest.py392def reset_fake_telegram_state(request):
LOWtests/e2e/conftest.py555async def hosted_oauth_refresh_server(
567 more matches not shown…
Cross-Language Confusion73 hits · 279 pts
SeverityFileLineSnippet
HIGHtests/e2e/mock_llm.py732 " var skills = (data && data.skills) || [];\n"
HIGHtests/e2e/mock_llm.py763 " 'Failed to load skills: ' + (e && e.message ? e.message : e) +\n"
HIGHtests/e2e/helpers.py410 threadId: typeof currentThreadId !== 'undefined' ? currentThreadId : null,
HIGHtests/e2e/helpers.py411 pendingId: typeof _nextPendingId !== 'undefined' ? _nextPendingId : null,
HIGHtests/e2e/helpers.py435 if (!pendingThreadId || pendingId === null || pendingId === undefined) return true;
HIGHtests/e2e/helpers.py435 if (!pendingThreadId || pendingId === null || pendingId === undefined) return true;
HIGHtests/e2e/helpers.py448 text: ((content && content.innerText) || last.innerText || '').trim(),
HIGHtests/e2e/helpers.py456 const text = ((content && content.innerText) || last.innerText || '').trim();
HIGHtests/e2e/helpers.py457 if (text.length > 0 && pendingForThisSendCleared()) {
HIGHtests/e2e/helpers.py458 if (expectedContains && text.includes(expectedContains)) {
HIGHtests/e2e/helpers.py469 return null;
HIGHtests/e2e/scenarios/test_v2_engine_auth_flow.py792 text: ((content && content.innerText) || last.innerText || '').trim(),
HIGHtests/e2e/scenarios/test_v2_engine_auth_flow.py797 if (assistants.length > assistantCount && input && !input.disabled) {
HIGHtests/e2e/scenarios/test_v2_engine_auth_flow.py800 const text = ((content && content.innerText) || last.innerText || '').trim();
HIGHtests/e2e/scenarios/test_v2_engine_auth_flow.py808 return null;
HIGHtests/e2e/scenarios/test_v2_engine_auth_flow.py855 text: (tool && tool.textContent || '').trim(),
HIGHtests/e2e/scenarios/test_csp.py50 found.push(tag + id + cls + '[' + attr + ']');
HIGHtests/e2e/scenarios/test_pending_user_messages.py37 previous = await page.evaluate("() => currentThreadId || null")
HIGHtests/e2e/scenarios/test_pending_user_messages.py40 "(prev) => !!currentThreadId && currentThreadId !== prev",
HIGHtests/e2e/scenarios/test_pending_user_messages.py138 return pending && pending.some(p => p.content === {unique_msg!r});
HIGHtests/e2e/scenarios/test_pending_user_messages.py203 return pending && pending.some((p) =>
HIGHtests/e2e/scenarios/test_pending_user_messages.py218 const lastUser = users.length ? users[users.length - 1] : null;
HIGHtests/e2e/scenarios/test_pending_user_messages.py276 if (arr && arr.some(p => p.content === args.msg)) return false;
HIGHtests/e2e/scenarios/test_pending_user_messages.py353 return card && card.offsetParent !== null;
HIGHtests/e2e/scenarios/test_pending_user_messages.py353 return card && card.offsetParent !== null;
HIGHtests/e2e/scenarios/test_v2_activity_shell.py71 " return !!el && el.textContent.trim().length > 0;"
HIGH…ts/e2e/scenarios/test_routines_tab_after_v2_upgrade.py39 return tab && tab.style.display !== 'none';
HIGH…ts/e2e/scenarios/test_routines_tab_after_v2_upgrade.py57 return tab && tab.style.display === 'none';
HIGH…ts/e2e/scenarios/test_routines_tab_after_v2_upgrade.py75 return tab && tab.style.display !== 'none';
HIGH…ts/e2e/scenarios/test_routines_tab_after_v2_upgrade.py211 return tab && tab.style.display === 'none';
HIGH…ts/e2e/scenarios/test_routines_tab_after_v2_upgrade.py278 visible: tab && tab.style.display !== 'none',
HIGHtests/e2e/scenarios/test_extensions.py1503 await page.wait_for_function("() => window._lastOpenedUrl !== null && window._lastOpenedUrl !== undefined", timeout=
HIGHtests/e2e/scenarios/test_extensions.py725 "() => window._lastOpenedUrl !== null && window._lastOpenedUrl !== undefined",
HIGHtests/e2e/scenarios/test_extensions.py916 await page.wait_for_function("() => window._lastOpenedUrl !== null && window._lastOpenedUrl !== undefined", timeout=
HIGHtests/e2e/scenarios/test_extensions.py1620 await page.evaluate("window._openedUrl = null; window.open = (url) => { window._openedUrl = url; }")
HIGHtests/e2e/scenarios/test_extensions.py1645 await page.evaluate("window._openedUrl = null; window.open = (url) => { window._openedUrl = url; return null; }")
HIGHtests/e2e/scenarios/test_extensions.py1204 handleOnboardingState({ extension_name: 'telegram', state: 'auth_required', instructions: 'pending', auth_ur
HIGHtests/e2e/scenarios/test_dom_resource_limits.py149 await page.evaluate("if (eventSource) { eventSource.close(); eventSource = null; }")
HIGHtests/e2e/scenarios/test_dom_resource_limits.py197 return el ? el.className : null;
HIGHtests/e2e/scenarios/test_dom_resource_limits.py216 events.push({ type: 'job_status', data: { job_id: jobId }, ts: Date.now() });
HIGHtests/e2e/scenarios/test_dom_resource_limits.py254 events.push({ type: 'job_status', data: { job_id: jobId }, ts: Date.now() });
HIGHtests/e2e/scenarios/test_dom_resource_limits.py307 return content && content.innerText.trim().length > 0;
HIGHtests/e2e/scenarios/test_telegram_hot_activation.py309 auth_url: null,
HIGHtests/e2e/scenarios/test_telegram_hot_activation.py334 auth_url: null,
HIGHtests/e2e/scenarios/test_telegram_hot_activation.py396 thread_id: null,
HIGHtests/e2e/scenarios/test_telegram_hot_activation.py463 auth_url: null,
HIGHtests/e2e/scenarios/test_telegram_hot_activation.py614 auth_url: null,
HIGHtests/e2e/scenarios/test_message_persistence.py491 "() => typeof eventSource !== 'undefined' && eventSource && sseHasConnectedBefore === true",
HIGHtests/e2e/scenarios/test_message_persistence.py264 return el && el.classList.contains('expanded');
HIGHtests/e2e/scenarios/test_v2_auth_oauth_matrix.py742 window.__openedOauthUrls.push(url);
HIGHtests/e2e/scenarios/test_chat.py671 "() => stagedAttachments.length === 5 && window.__alerts.length >= 1",
HIGHtests/e2e/scenarios/test_chat.py710 "() => stagedAttachments.length === 2 && window.__alerts.length >= 1",
HIGHtests/e2e/scenarios/test_chat.py109 const lastUser = users.length ? users[users.length - 1] : null;
HIGHtests/e2e/scenarios/test_chat.py110 if (!lastUser) return null;
HIGHtests/e2e/scenarios/test_chat.py116 contentText: ((content && content.innerText) || '').trim(),
HIGHtests/e2e/scenarios/test_chat.py169 currentThreadId = null;
HIGHtests/e2e/scenarios/test_chat.py288 window._copiedText = null;
HIGHtests/e2e/scenarios/test_chat.py320 const btn = lastUser && lastUser.querySelector('.message-copy-btn');
HIGHtests/e2e/scenarios/test_chat.py477 const lastUser = users.length ? users[users.length - 1] : null;
HIGHtests/e2e/scenarios/test_chat.py478 if (!lastUser) return null;
13 more matches not shown…
Verbosity Indicators100 hits · 175 pts
SeverityFileLineSnippet
LOWchannels-src/discord/src/lib.rs1529 // Step 1: Open (or reuse) a DM channel with the target user.
LOWchannels-src/discord/src/lib.rs1558 // Step 2: Send the message to the DM channel.
LOWchannels-src/telegram/src/lib.rs1129 // Step 1: Call getFile to get file_path
LOWchannels-src/telegram/src/lib.rs1173 // Step 2: Download the actual file bytes
LOWtools-src/telegram/src/lib.rs168 // Step 1: DH auth key exchange
LOWtools-src/telegram/src/lib.rs175 // Step 2: send verification code
LOWtools-src/telegram/src/auth.rs19 // Step 1: generate nonce, send ReqPqMulti
LOWtools-src/telegram/src/auth.rs27 // Step 2: factorize PQ, RSA encrypt, send ReqDhParams
LOWtools-src/telegram/src/auth.rs35 // Step 3: compute DH g_b, send SetClientDhParams
LOWtools-src/portfolio/src/live_tests.rs135 // Step 1: Fetch balances from Dune
LOWtools-src/portfolio/src/live_tests.rs157 // Step 2: Classify through analyzer
LOWtools-src/portfolio/src/live_tests.rs167 // Step 3: Run strategy proposals
LOWtools-src/portfolio/src/live_tests.rs272 // Step 1: Fetch from FastNEAR + Intear
LOWtools-src/portfolio/src/live_tests.rs287 // Step 2: Classify through analyzer
LOWtools-src/portfolio/src/live_tests.rs297 // Step 3: Run strategy proposals (include NEAR-specific strategies)
LOWtools-src/portfolio/src/live_tests.rs333 // Step 4: Build intents for ready proposals
LOWtools-src/portfolio/src/indexer/dune.rs329 // Step 1: balances
LOWtools-src/portfolio/src/indexer/dune.rs346 // Step 2: positions/activity (best-effort enrichment)
LOWcrates/ironclaw_llm/src/openai_codex_session.rs289 // Step 1: Request device code
LOWcrates/ironclaw_llm/src/openai_codex_session.rs331 // Step 2: Display code to user
LOWcrates/ironclaw_llm/src/openai_codex_session.rs352 // Step 3: Poll for authorization code
LOWcrates/ironclaw_llm/src/openai_codex_session.rs420 // Step 4: Exchange authorization code for tokens (form-encoded, per Auth0 spec)
LOWcrates/ironclaw_llm/src/recording.rs1231 // Step 0: user_input "Do something"
LOWcrates/ironclaw_llm/src/recording.rs1232 // Step 1: text response
LOWcrates/ironclaw_llm/src/recording.rs1233 // Step 2: text response (no new user_input since no new user messages)
LOWcrates/ironclaw_llm/src/github_copilot_auth.rs295 // Step 1: Exchange the OAuth token for a Copilot session token.
LOWcrates/ironclaw_llm/src/github_copilot_auth.rs299 // Step 2: Verify the session token works against the models endpoint.
LOWtests/e2e_wasm_portfolio.rs344 // Step 1: scan the fixture address. The scan response is
LOWtests/e2e_wasm_portfolio.rs346 // Step 2: propose with the classified positions from step 1.
LOWtests/e2e_wasm_portfolio.rs417 // Step 1: LLM calls scan
LOWtests/e2e_wasm_portfolio.rs435 // Step 2: LLM calls propose with the scan results
LOWtests/e2e_wasm_portfolio.rs460 // Step 3: LLM summarizes
LOWtests/e2e_wasm_portfolio.rs569 // Step 1: scan root.near
LOWtests/e2e_wasm_portfolio.rs587 // Step 2: propose with empty positions (wallet
LOWtests/e2e_wasm_portfolio.rs614 // Step 3: summary
LOWtests/skill_credential_injection.rs600 // Step 1: Parse skill YAML (like skill discovery)
LOWtests/skill_credential_injection.rs623 // Step 2: Validate
LOWtests/skill_credential_injection.rs633 // Step 3: Build LoadedSkill and register (same code path as app.rs)
LOWtests/skill_credential_injection.rs643 // Step 4: Verify registry state
LOWtests/skill_credential_injection.rs651 // Step 5: HttpTool integration
LOWtests/staging_regression_fixes.rs325 // Step 1: write the user's MCP config via the public API path the rest of
LOWtests/staging_regression_fixes.rs332 // Step 2: load it back the same way the job tool now does.
LOWtests/staging_regression_fixes.rs340 // Step 3: serialize to the JSON shape the orchestrator consumes.
LOW…e/scenarios/test_routine_oauth_credential_injection.py30 # Step 1: Ensure gmail is installed and authenticated
LOW…e/scenarios/test_routine_oauth_credential_injection.py56 # Step 2: Navigate browser to routines tab and create a routine
LOW…e/scenarios/test_routine_oauth_credential_injection.py70 # Step 3: Create a routine that calls gmail tool
LOW…e/scenarios/test_routine_oauth_credential_injection.py90 # Step 4: Trigger the routine manually
LOW…e/scenarios/test_routine_oauth_credential_injection.py102 # Step 5: Verify execution succeeded
LOWtests/e2e/scenarios/test_v2_engine_auth_flow.py1761 # Step 1: Send message triggering the github skill
LOWtests/e2e/scenarios/test_v2_engine_auth_flow.py1772 # Step 2: Wait for auth prompt — verifies NeedAuthentication triggered.
LOWtests/e2e/scenarios/test_v2_engine_auth_flow.py1784 # Step 3: Submit a token
LOWtests/e2e/scenarios/test_v2_engine_auth_flow.py1793 # Step 4: Wait for the retry — the token submission triggers a retry
LOWtests/e2e/scenarios/test_v2_engine_auth_flow.py1810 # Step 5: Verify the token was stored and the retry happened
LOWtests/e2e/scenarios/test_v2_kernel_auth_gateway_flow.py445 # Step 1: Trigger auth flow
LOWtests/e2e/scenarios/test_v2_kernel_auth_gateway_flow.py459 # Step 2: Wait for auth prompt / pending gate
LOWtests/e2e/scenarios/test_v2_kernel_auth_gateway_flow.py462 # Step 3: Submit token via the gate-resolve API endpoint
LOWtests/e2e/scenarios/test_v2_kernel_auth_gateway_flow.py483 # Step 4: Verify the auth flow completes — send another message
LOWtests/e2e/scenarios/test_routine_full_job.py144 # Step 1: Create full_job routine via chat
LOWtests/e2e/scenarios/test_routine_full_job.py155 # Step 2: Trigger the routine
LOWtests/e2e/scenarios/test_routine_full_job.py161 # Step 3: Wait for the run to complete
40 more matches not shown…
Cross-File Repetition26 hits · 130 pts
SeverityFileLineSnippet
HIGHtests/e2e/helpers.py0selector => { const input = document.queryselector(selector); return !!input && !input.disabled; }
HIGHtests/e2e/scenarios/test_mission_gmail_3133.py0selector => { const input = document.queryselector(selector); return !!input && !input.disabled; }
HIGHtests/e2e/scenarios/test_owner_scope.py0selector => { const input = document.queryselector(selector); return !!input && !input.disabled; }
HIGHtests/e2e/scenarios/test_ownership_model.py0selector => { const input = document.queryselector(selector); return !!input && !input.disabled; }
HIGHtests/e2e/scenarios/test_wasm_lifecycle.py0get a specific extension from the extensions list, or none.
HIGHtests/e2e/scenarios/test_extension_oauth.py0get a specific extension from the extensions list, or none.
HIGHtests/e2e/scenarios/test_oauth_url_parameters.py0get a specific extension from the extensions list, or none.
HIGHtests/e2e/scenarios/test_mcp_auth_flow.py0get a specific extension from the extensions list, or none.
HIGHtests/e2e/scenarios/test_v2_engine_tool_lifecycle.py0forward llvm coverage env vars from outer environment.
HIGHtests/e2e/scenarios/test_v2_engine_auth_flow.py0forward llvm coverage env vars from outer environment.
HIGHtests/e2e/scenarios/test_v2_engine_error_handling.py0forward llvm coverage env vars from outer environment.
HIGHtests/e2e/scenarios/test_v2_engine_oauth_google.py0forward llvm coverage env vars from outer environment.
HIGHtests/e2e/scenarios/test_v2_engine_approval_flow.py0forward llvm coverage env vars from outer environment.
HIGHtests/e2e/scenarios/test_dom_resource_limits.py0() => { window.__testactiveintervals = new set(); const origset = window.setinterval; const origclear = window.clearinte
HIGHtests/e2e/scenarios/test_dom_resource_limits.py0() => { window.__testactiveintervals = new set(); const origset = window.setinterval; const origclear = window.clearinte
HIGHtests/e2e/scenarios/test_dom_resource_limits.py0() => { window.__testactiveintervals = new set(); const origset = window.setinterval; const origclear = window.clearinte
HIGHtests/e2e/scenarios/test_v2_auth_oauth_matrix.py0select user_id, expires_at, updated_at from secrets where name = ? order by updated_at desc limit 1
HIGHtests/e2e/scenarios/test_v2_engine_oauth_google.py0select user_id, expires_at, updated_at from secrets where name = ? order by updated_at desc limit 1
HIGHtests/e2e/scenarios/test_oauth_refresh.py0select user_id, expires_at, updated_at from secrets where name = ? order by updated_at desc limit 1
HIGHtests/e2e/scenarios/test_v2_auth_oauth_matrix.py0update secrets set expires_at = strftime('%y-%m-%dt%h:%m:%fz', 'now', '-1 hour') where user_id = ? and name = ?
HIGHtests/e2e/scenarios/test_v2_engine_oauth_google.py0update secrets set expires_at = strftime('%y-%m-%dt%h:%m:%fz', 'now', '-1 hour') where user_id = ? and name = ?
HIGHtests/e2e/scenarios/test_oauth_refresh.py0update secrets set expires_at = strftime('%y-%m-%dt%h:%m:%fz', 'now', '-1 hour') where user_id = ? and name = ?
HIGHscripts/auth_live_canary/run_live_canary.py0update secrets set expires_at = strftime('%y-%m-%dt%h:%m:%fz', 'now', '-1 hour') where user_id = ? and name = ?
HIGHtests/e2e/scenarios/test_chat.py0() => ({ staged: stagedattachments.length, previews: document.queryselectorall('#image-preview-strip .attachment-preview
HIGHtests/e2e/scenarios/test_chat.py0() => ({ staged: stagedattachments.length, previews: document.queryselectorall('#image-preview-strip .attachment-preview
HIGHtests/e2e/scenarios/test_chat.py0() => ({ staged: stagedattachments.length, previews: document.queryselectorall('#image-preview-strip .attachment-preview
Excessive Try-Catch Wrapping93 hits · 89 pts
SeverityFileLineSnippet
LOWcrates/ironclaw_engine/src/executor/scripting.rs3459except Exception as e:
LOWcrates/ironclaw_engine/src/executor/scripting.rs3507except Exception as e:
LOWcrates/ironclaw_engine/src/executor/scripting.rs3530except Exception as e:
LOWcrates/ironclaw_engine/src/executor/scripting.rs3553except Exception as e:
LOWcrates/ironclaw_engine/src/executor/scripting.rs3590except Exception as e:
LOWcrates/ironclaw_engine/src/executor/scripting.rs3686except Exception as e:
LOWcrates/ironclaw_engine/src/executor/scripting.rs3789except Exception as e:
LOWcrates/ironclaw_engine/src/executor/scripting.rs3862except Exception as e:
LOWtests/e2e/conftest.py45except Exception:
LOWtests/e2e/conftest.py104 except Exception:
LOWtests/e2e/conftest.py144 except Exception:
LOWtests/e2e/live_harness.py147 except Exception:
LOWtests/e2e/fake_telegram_api.py105 except Exception:
LOWtests/e2e/scenarios/test_v2_engine_auth_cancel.py235 except Exception:
LOWtests/e2e/scenarios/test_v2_engine_auth_flow.py687 except Exception:
LOWtests/e2e/scenarios/test_v2_kernel_auth_gateway_flow.py275 except Exception:
LOWtests/e2e/scenarios/test_message_persistence.py315 except Exception:
LOWtests/e2e/scenarios/test_message_persistence.py447 except Exception:
MEDIUMtests/e2e/scenarios/test_v2_auth_oauth_matrix.py62def _drain_pipes():
LOWtests/e2e/scenarios/test_v2_auth_oauth_matrix.py101 except Exception:
LOWtests/e2e/scenarios/test_v2_auth_oauth_matrix.py1353 except Exception:
LOWtests/e2e/scenarios/test_v2_auth_oauth_matrix.py484 except Exception:
LOWtests/e2e/scenarios/test_v2_auth_oauth_matrix.py488 except Exception:
LOWtests/e2e/scenarios/test_v2_auth_oauth_matrix.py492 except Exception:
LOWtests/e2e/scenarios/test_v2_auth_oauth_matrix.py619 except Exception:
LOWtests/e2e/scenarios/test_v2_auth_oauth_matrix.py636 except Exception:
LOWtests/e2e/scenarios/test_plan_mode.py74 except Exception:
LOWtests/e2e/scenarios/test_plan_mode.py180 except Exception:
LOWtests/e2e/scenarios/test_v2_engine_approval_flow.py221 except Exception as e:
LOWtests/e2e/scenarios/test_skill_oauth_flow.py193 except Exception:
LOWdocs/plans/2026-02-24-e2e-infrastructure.md692 except Exception:
LOWdocs/plans/2026-02-24-e2e-infrastructure.md711 except Exception:
LOWscripts/auth_live_canary/run_live_canary.py548 except Exception:
LOWscripts/auth_live_canary/run_live_canary.py564 except Exception:
LOWscripts/auth_live_canary/run_live_canary.py623 except Exception as exc:
LOWscripts/auth_live_canary/run_live_canary.py629 except Exception:
LOWscripts/auth_live_canary/run_live_canary.py639 except Exception:
LOWscripts/auth_live_canary/run_live_canary.py648 except Exception:
LOWscripts/auth_live_canary/run_live_canary.py250 except Exception as exc: # noqa: BLE001
LOWscripts/auth_live_canary/run_live_canary.py256 except Exception: # noqa: BLE001
LOWscripts/auth_live_canary/run_live_canary.py670 except Exception:
LOWscripts/auth_live_canary/run_live_canary.py679 except Exception:
LOWscripts/auth_live_canary/run_live_canary.py694 except Exception as exc:
LOWscripts/auth_live_canary/run_live_canary.py717 except Exception:
LOWscripts/auth_live_canary/run_live_canary.py728 except Exception:
LOWscripts/auth_live_canary/run_live_canary.py759 except Exception:
LOWscripts/auth_live_canary/run_live_canary.py766 except Exception:
LOWscripts/auth_live_canary/run_live_canary.py879 except Exception as exc: # noqa: BLE001
LOWscripts/auth_live_canary/run_live_canary.py885 except Exception:
LOWscripts/auth_live_canary/run_live_canary.py1087 except Exception as exc:
LOWscripts/auth_live_canary/run_live_canary.py1129 except Exception as exc:
LOW…pts/auth_live_canary/bootstrap_google_storage_state.py89 except Exception as exc:
LOWscripts/live_canary/common.py389 except Exception: # noqa: BLE001
LOWscripts/live_canary/common.py513 except Exception:
MEDIUMscripts/live_canary/common.py383def _drain() -> None:
LOWscripts/workflow_canary/run_workflow_canary.py254 except Exception:
LOWscripts/workflow_canary/run_workflow_canary.py415 except Exception:
LOWscripts/workflow_canary/run_workflow_canary.py506 except Exception as exc:
MEDIUMscripts/workflow_canary/run_workflow_canary.py246def _drain() -> None:
LOWscripts/workflow_canary/telegram_mock.py153 except Exception:
33 more matches not shown…
Unused Imports71 hits · 66 pts
SeverityFileLineSnippet
LOWtests/e2e/live_harness.py35
LOWtests/e2e/scenarios/test_v2_engine_tool_lifecycle.py25
LOW…e/scenarios/test_routine_oauth_credential_injection.py13
LOW…e/scenarios/test_routine_oauth_credential_injection.py16
LOWtests/e2e/scenarios/test_channel_approval_gates.py21
LOWtests/e2e/scenarios/test_channel_approval_gates.py30
LOWtests/e2e/scenarios/test_mission_gmail_3133.py68
LOWtests/e2e/scenarios/test_html_injection.py3
LOWtests/e2e/scenarios/test_connection.py3
LOWtests/e2e/scenarios/test_connection.py4
LOWtests/e2e/scenarios/test_dom_resource_limits.py8
LOWtests/e2e/scenarios/test_chat.py11
LOWtests/e2e/scenarios/test_v2_engine_error_handling.py30
LOWtests/e2e/scenarios/test_oauth_credential_fallback.py16
LOWtests/e2e/scenarios/test_plan_mode.py8
LOWtests/e2e/scenarios/test_plan_mode.py8
LOWtests/e2e/scenarios/test_widget_customization.py37
LOWtests/e2e/scenarios/test_auth_no_duplicate_response.py33
LOWtests/e2e/scenarios/test_v2_engine_approval_flow.py18
LOWtests/e2e/scenarios/test_skill_oauth_flow.py20
LOWtests/e2e/scenarios/test_skill_oauth_flow.py20
LOWtests/e2e/scenarios/test_skill_oauth_flow.py30
LOWscripts/check_gateway_boundaries.py58
LOWscripts/auth_live_canary/run_live_canary.py20
LOW…pts/auth_live_canary/bootstrap_google_storage_state.py29
LOWscripts/live_canary/auth_registry.py1
LOWscripts/live_canary/auth_runtime.py1
LOWscripts/live_canary/common.py1
LOWscripts/telegram_smoke/run_smoke.py11
LOWscripts/workflow_canary/gmail_mock.py25
LOWscripts/workflow_canary/run_workflow_canary.py22
LOWscripts/workflow_canary/run_workflow_canary.py39
LOWscripts/workflow_canary/hn_mock.py26
LOWscripts/workflow_canary/telegram_mock.py31
LOWscripts/workflow_canary/telegram_mock.py36
LOWscripts/workflow_canary/sheets_mock.py32
LOWscripts/workflow_canary/telegram_setup.py12
LOWscripts/workflow_canary/web_search_mock.py20
LOWscripts/workflow_canary/routines.py18
LOWscripts/workflow_canary/calendar_mock.py36
LOWscripts/workflow_canary/scenarios/crm_tracker.py25
LOW…ripts/workflow_canary/scenarios/telegram_round_trip.py19
LOWscripts/workflow_canary/scenarios/auth_recovery.py23
LOWscripts/workflow_canary/scenarios/log_assertions.py15
LOW…kflow_canary/scenarios/manual_trigger_from_telegram.py20
LOW…workflow_canary/scenarios/idempotent_disable_enable.py15
LOWscripts/workflow_canary/scenarios/dedup_cooldown.py27
LOWscripts/workflow_canary/scenarios/manual_trigger.py23
LOW…w_canary/scenarios/routine_visibility_from_telegram.py19
LOWscripts/workflow_canary/scenarios/periodic_reminder.py29
LOWscripts/workflow_canary/scenarios/hn_monitor.py24
LOW…ripts/workflow_canary/scenarios/first_immediate_run.py13
LOWscripts/workflow_canary/scenarios/nl_schedule_update.py27
LOWscripts/workflow_canary/scenarios/_common.py28
LOWscripts/workflow_canary/scenarios/_common.py31
LOWscripts/workflow_canary/scenarios/bug_logger.py26
LOW…/workflow_canary/scenarios/telegram_channel_install.py13
LOWscripts/workflow_canary/scenarios/lifecycle.py22
LOWscripts/workflow_canary/scenarios/calendar_prep.py27
LOWscripts/workflow_canary/scenarios/tool_install_chat.py48
11 more matches not shown…
Deep Nesting63 hits · 55 pts
SeverityFileLineSnippet
LOWcrates/ironclaw_engine/orchestrator/default.py38
LOWcrates/ironclaw_engine/orchestrator/default.py101
LOWcrates/ironclaw_engine/orchestrator/default.py730
LOWtests/e2e/conftest.py80
LOWtests/e2e/conftest.py424
LOWtests/e2e/conftest.py455
LOWtests/e2e/conftest.py555
LOWtests/e2e/conftest.py661
LOWtests/e2e/conftest.py759
LOWtests/e2e/conftest.py856
LOWtests/e2e/conftest.py1066
LOWtests/e2e/conftest.py1258
LOWtests/e2e/conftest.py1383
LOWtests/e2e/conftest.py1562
LOWtests/e2e/live_llm_proxy.py186
LOWtests/e2e/live_llm_proxy.py266
LOWtests/e2e/live_harness.py85
LOWtests/e2e/mock_llm.py797
LOWtests/e2e/mock_llm.py1056
LOWtests/e2e/mock_llm.py1353
LOWtests/e2e/mock_llm.py1404
LOWtests/e2e/mock_llm.py1438
LOWtests/e2e/mock_llm.py1849
LOWtests/e2e/scenarios/test_mission_gmail_3133.py159
LOWtests/e2e/scenarios/test_mission_gmail_3133.py244
LOWtests/e2e/scenarios/test_v2_engine_auth_flow.py553
LOWtests/e2e/scenarios/test_v2_kernel_auth_gateway_flow.py509
LOWtests/e2e/scenarios/test_tool_execution.py24
LOWtests/e2e/scenarios/test_message_persistence.py46
LOWtests/e2e/scenarios/test_v2_auth_oauth_matrix.py81
LOWtests/e2e/scenarios/test_v2_auth_oauth_matrix.py1155
LOWtests/e2e/scenarios/test_v2_engine_error_handling.py175
LOWtests/e2e/scenarios/test_v2_engine_oauth_google.py272
LOWtests/e2e/scenarios/test_oauth_refresh.py105
LOWtests/e2e/scenarios/test_oauth_refresh.py131
LOWtests/e2e/scenarios/test_auth_no_duplicate_response.py250
LOWtests/e2e/scenarios/test_auth_no_duplicate_response.py262
LOWtests/e2e/scenarios/test_v2_engine_approval_flow.py229
LOWtests/e2e/scenarios/test_skill_oauth_flow.py111
LOWscripts/check_gateway_boundaries.py130
LOWscripts/check_gateway_boundaries.py301
LOWscripts/check_gateway_boundaries.py334
LOWscripts/check_no_panics.py52
LOWscripts/check_no_panics.py169
LOWscripts/live_canary/auth_registry.py214
LOWscripts/workflow_canary/scenarios/crm_tracker.py120
LOW…ripts/workflow_canary/scenarios/telegram_round_trip.py65
LOWscripts/workflow_canary/scenarios/auth_recovery.py80
LOWscripts/workflow_canary/scenarios/auth_recovery.py86
LOW…kflow_canary/scenarios/manual_trigger_from_telegram.py84
LOWscripts/workflow_canary/scenarios/manual_trigger.py43
LOW…w_canary/scenarios/routine_visibility_from_telegram.py81
LOWscripts/workflow_canary/scenarios/hn_monitor.py74
LOWscripts/workflow_canary/scenarios/_common.py61
LOWscripts/workflow_canary/scenarios/calendar_prep.py80
LOWscripts/workflow_canary/scenarios/tool_install_chat.py237
LOWscripts/workflow_canary/scenarios/tool_install_chat.py305
LOWscripts/workflow_canary/scenarios/tool_install_chat.py252
LOWscripts/workflow_canary/scenarios/tool_install_chat.py308
LOWscripts/slack_smoke/run_smoke.py102
3 more matches not shown…
Hallucination Indicators5 hits · 50 pts
SeverityFileLineSnippet
CRITICALtests/test-pages/cnn/source.html3944 window.ClickTaleSettings.ChangeMonitor.PII.Attributes.push({
CRITICALtests/test-pages/cnn/source.html3965 window.ClickTaleSettings.ChangeMonitor.PII.Text.push({
CRITICALsrc/app.rs653 self.config.llm.nearai.base_url.clone(),
CRITICALsrc/app.rs654 self.config.llm.nearai.api_key.as_ref().map(|s| {
CRITICALsrc/app.rs669 .unwrap_or_else(|| self.config.llm.nearai.model.clone());
Self-Referential Comments14 hits · 45 pts
SeverityFileLineSnippet
MEDIUMtests/e2e/scenarios/test_v2_engine_auth_flow.py1756 # Create a fresh thread
MEDIUMtests/e2e/scenarios/test_v2_engine_auth_flow.py1837 # Create a fresh thread (credential stored from previous test)
MEDIUMtests/e2e/scenarios/test_pending_user_messages.py326 # Create a new empty thread
MEDIUMtests/e2e/scenarios/test_tool_permissions.py159 # Create a fresh browser context (new session — no shared cookies/storage)
MEDIUMtests/e2e/scenarios/test_v2_engine_error_handling.py243 # Create a fresh thread
MEDIUMtests/e2e/scenarios/test_v2_engine_error_handling.py301 # Create a fresh thread
MEDIUMtests/e2e/scenarios/test_v2_engine_oauth_google.py566 # Create a fresh thread
MEDIUMtests/e2e/scenarios/test_v2_engine_oauth_google.py617 # Create a fresh thread
MEDIUMtests/e2e/scenarios/test_v2_engine_oauth_google.py662 # Create a fresh thread
MEDIUMtests/e2e/scenarios/test_v2_engine_oauth_google.py793 # Create a fresh thread
MEDIUMtests/e2e/scenarios/test_skill_oauth_flow.py221 # Create a thread and ask for secrets
MEDIUM.github/workflows/release.yml448 # Create a GitHub Release while uploading all files to it
MEDIUM.github/workflows/release-plz.yml46 # Create a PR with the new versions and changelog, preparing the next release.
MEDIUMsrc/db/migration_fixup.rs485 # This file is the immutability guard for released migrations. The\n\
AI Slop Vocabulary10 hits · 26 pts
SeverityFileLineSnippet
MEDIUMtools-src/portfolio/scenarios/smoke-single-usdc.yaml29 # captured `positions` variable by the test harness.
MEDIUMtests/skill_chain_load_lifecycle.rs219 #[ignore = "v2 path needs a multi-turn TraceLlm harness to observe \
MEDIUMtests/test-pages/cnn/source.html3380 new Image().src = prefix + '//tapestry.tapad.com/tapestry/1?ta_partner_id=1969&amp;ta_redirect=' + prefix + enco
MEDIUMtests/e2e/scenarios/test_mission_gmail_3133.py290 # to a direct fire so the test stays robust to LLM phrasing
MEDIUMtests/e2e/scenarios/test_extensions.py1"""Scenario: Extensions tab – comprehensive UI coverage.
MEDIUMtests/e2e/scenarios/test_tool_approval.py228 # Trigger a real HTTP tool call that pauses for approval in this test harness.
MEDIUMscripts/live-canary/test_emit_results_json.py314 # Generic env-var / assignment shapes the persona harness
MEDIUM.github/workflows/live-canary.yml507 # Real third-party credentials forwarded into the persona harness.
MEDIUM.github/workflows/live-canary.yml508 # The harness reads these env vars per
MEDIUM.github/workflows/nearai-bench.yml6# harness against the PR's ironclaw SHA, runs the suite, compares against
Fake / Example Data15 hits · 14 pts
SeverityFileLineSnippet
LOWchannels-src/whatsapp/src/lib.rs986 "name": "John Doe"
LOWcrates/ironclaw_engine/src/executor/scripting.rs2893 &serde_json::json!({"to": "user@example.com"}),
LOWcrates/ironclaw_gateway/static/admin/admin.js351 html += '<div class="form-group"><label>Display Name</label><input type="text" id="new-user-name" placeholder="Jane
LOWtests/admin_system_prompt.rs64 prompt.contains("Acme Corp"),
LOWtests/admin_system_prompt.rs97 !prompt.contains("Acme Corp"),
LOWtests/wasm_channel_integration.rs427 .with_user_name("John Doe")
LOWtests/wasm_channel_integration.rs434 assert_eq!(messages[0].user_name, Some("John Doe".to_string()));
LOWtests/e2e/mock_llm.py341 "Acme Corp",
LOWdocs/extensions/google/slides.md73- _"Replace all occurrences of '[COMPANY]' with 'Acme Corp' across the deck"_
LOWsrc/tools/wasm/wrapper.rs3694 "description": "lorem ipsum dolor sit amet consectetur adipiscing elit"
LOWsrc/tools/wasm/wrapper.rs3694 "description": "lorem ipsum dolor sit amet consectetur adipiscing elit"
LOWsrc/workspace/mod.rs3214 std::iter::repeat_n("lorem ipsum dolor sit amet ", 500).collect::<String>();
LOWsrc/workspace/mod.rs3214 std::iter::repeat_n("lorem ipsum dolor sit amet ", 500).collect::<String>();
LOWsrc/channels/wasm/host.rs795 .with_user_name("John Doe")
LOWsrc/channels/wasm/host.rs802 assert_eq!(messages[0].user_name, Some("John Doe".to_string()));
Example Usage Blocks7 hits · 10 pts
SeverityFileLineSnippet
LOWinfra/runner/seed-runner-db.sh6# Usage:
LOWscripts/replay-snap.sh10# Usage:
LOWscripts/build-wasm-extensions.sh11# Usage:
LOWscripts/check-i18n-parity.sh10# Usage:
LOWscripts/reborn-e2e-rust.sh5# Usage:
LOWscripts/dev-setup.sh7# Usage:
LOWscripts/coverage.sh4# Usage:
Redundant / Tautological Comments5 hits · 8 pts
SeverityFileLineSnippet
LOWtests/e2e/scenarios/test_tool_permissions.py57 # Set echo to a known initial state via REST
LOWtests/e2e/scenarios/test_tool_permissions.py149 # Set echo to always_allow via REST
LOWtests/e2e/scenarios/test_v2_engine_oauth_google.py735 # Check if a google-related secret exists in the DB (from OAuth or paste flow)
LOWtests/e2e/scenarios/test_skill_oauth_flow.py433 # Check if any auth-related events were emitted. The credential gate
LOWscripts/check-boundaries.sh163 # Check if the file actually connects to a database (imports DB types
Slop Phrases3 hits · 5 pts
SeverityFileLineSnippet
MEDIUMcrates/ironclaw_engine/src/executor/orchestrator.rs3602 r#"signals_tool_intent("Let me know if you need anything.")"#
MEDIUMcrates/ironclaw_llm/src/smart_routing.rs875 "i'm unable to",
MEDIUMcrates/ironclaw_llm/src/reasoning.rs3229 "Let me know if you need anything."
Magic Placeholder Names1 hit · 5 pts
SeverityFileLineSnippet
HIGHdocs/capabilities/mcp.md85 --env MINTLIFY_API_KEY=your_api_key