app-scaffolding
Fail
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: HIGHCREDENTIALS_UNSAFE
Full Analysis
- [CREDENTIALS_UNSAFE] (HIGH): Hardcoded database credentials found in assets/app-template/config.py. Evidence:
database_url: str = "postgresql+asyncpg://user:password@localhost:5432/appdb". Risk: Use of hardcoded credentials in configuration files can lead to unauthorized access if deployed to production without environment variable overrides.
Recommendations
- AI detected serious security threats
Audit Metadata