Skip to content

added example k8s#2

Open
SergUdo wants to merge 8 commits intoexample_slopfrom
slop_k8s
Open

added example k8s#2
SergUdo wants to merge 8 commits intoexample_slopfrom
slop_k8s

Conversation

@SergUdo
Copy link
Owner

@SergUdo SergUdo commented Jan 24, 2026

No description provided.

@SergUdo
Copy link
Owner Author

SergUdo commented Jan 25, 2026

🚨 AI Slop Gate: STATIC_PIPELINE Audit

Status: FAIL
Summary: Verdict: BLOCKING. Found 32 issues.

📑 Detailed Observations

todo_found

  • [WARNING] in unknown L1: [todo_found] TODO found
  • [WARNING] in unknown L1: [todo_found] TODO found
  • [WARNING] in unknown L1: [todo_found] TODO found
  • [WARNING] in unknown L1: [todo_found] Found 31 instances of [todo_found] in this file. Please fix all.

no-unused-vars

  • [FAILURE] in unknown L1: [no-unused-vars] '$' is defined but never used.
  • [FAILURE] in unknown L1: [no-unused-vars] 'event' is defined but never used.
  • [FAILURE] in unknown L1: [no-unused-vars] '$' is defined but never used.
  • [FAILURE] in unknown L1: [no-unused-vars] 'event' is defined but never used.

no-undef

  • [FAILURE] in unknown L1: [no-undef] 'clearTimeout' is not defined.
  • [FAILURE] in unknown L1: [no-undef] 'setTimeout' is not defined.
  • [FAILURE] in unknown L1: [no-undef] 'HTMLDataElement' is not defined.
  • [FAILURE] in unknown L1: [no-undef] Found 72 instances of [no-undef] in this file. Please fix all.

no-console

  • [FAILURE] in unknown L1: [no-console] Unexpected console statement.
  • [FAILURE] in unknown L1: [no-console] Unexpected console statement.

hardcoded_secret

  • [FAILURE] in unknown L1: [hardcoded_secret] Potential secret in variable 'github_token'.
  • [FAILURE] in unknown L1: [hardcoded_secret] Potential secret in variable 'token'.
  • [FAILURE] in unknown L1: [hardcoded_secret] Potential secret in variable 'id_regCtrl_regToken'.
  • [FAILURE] in unknown L1: [hardcoded_secret] Found 440 instances of [hardcoded_secret] in this file. Please fix all.

dangerous_function

  • [FAILURE] in unknown L1: [dangerous_function] Dangerous function 'eval' detected.
  • [FAILURE] in unknown L1: [dangerous_function] Dangerous function 'eval' detected.
  • [FAILURE] in unknown L1: [dangerous_function] Dangerous function 'exec' detected.
  • [FAILURE] in unknown L1: [dangerous_function] Found 40 instances of [dangerous_function] in this file. Please fix all.

mutable_default_argument

  • [WARNING] in unknown L1: [mutable_default_argument] Mutable default in function 'init'.
  • [WARNING] in unknown L1: [mutable_default_argument] Mutable default in function 'indentedBlock'.
  • [WARNING] in unknown L1: [mutable_default_argument] Mutable default in function '_generate_type'.
  • [WARNING] in unknown L1: [mutable_default_argument] Found 27 instances of [mutable_default_argument] in this file. Please fix all.

silent_catch

  • [WARNING] in unknown L1: [silent_catch] Empty or console-only catch block detected.
  • [WARNING] in unknown L1: [silent_catch] Empty or console-only catch block detected.
  • [WARNING] in unknown L1: [silent_catch] Empty or console-only catch block detected.
  • [WARNING] in unknown L1: [silent_catch] Empty or console-only catch block detected.

secret_exposed

  • [FAILURE] in unknown L1: [secret_exposed] Potential secret or token found in manifest/env file.
  • [FAILURE] in unknown L1: [secret_exposed] Potential secret or token found in manifest/env file.

Reported by AI Slop Gate

@SergUdo
Copy link
Owner Author

SergUdo commented Jan 25, 2026

🚨 AI Slop Gate: STATIC_PIPELINE Audit

Status: FAIL
Summary: Verdict: BLOCKING. Found 407 issues.

📑 Detailed Observations

todo_found

  • [WARNING] in unknown L1: [todo_found] TODO found
  • [WARNING] in unknown L1: [todo_found] TODO found
  • [WARNING] in unknown L1: [todo_found] TODO found
  • [WARNING] in unknown L1: [todo_found] TODO found
  • [WARNING] in unknown L1: [todo_found] TODO found
  • [WARNING] in unknown L1: [todo_found] TODO found
  • [WARNING] in unknown L1: [todo_found] TODO found
  • [WARNING] in unknown L1: [todo_found] TODO found
  • [WARNING] in unknown L1: [todo_found] TODO found
  • [WARNING] in unknown L1: [todo_found] TODO found
  • [WARNING] in unknown L1: [todo_found] TODO found
  • [WARNING] in unknown L1: [todo_found] TODO found
  • [WARNING] in unknown L1: [todo_found] TODO found
  • [WARNING] in unknown L1: [todo_found] TODO found
  • [WARNING] in unknown L1: [todo_found] TODO found
  • [WARNING] in unknown L1: [todo_found] TODO found
  • [WARNING] in unknown L1: [todo_found] TODO found
  • [WARNING] in unknown L1: [todo_found] TODO found
  • [WARNING] in unknown L1: [todo_found] TODO found
  • [WARNING] in unknown L1: [todo_found] TODO found
  • [WARNING] in unknown L1: [todo_found] TODO found
  • [WARNING] in unknown L1: [todo_found] TODO found
  • [WARNING] in unknown L1: [todo_found] TODO found
  • [WARNING] in unknown L1: [todo_found] TODO found
  • [WARNING] in unknown L1: [todo_found] TODO found
  • [WARNING] in unknown L1: [todo_found] TODO found
  • [WARNING] in unknown L1: [todo_found] TODO found
  • [WARNING] in unknown L1: [todo_found] TODO found
  • [WARNING] in unknown L1: [todo_found] TODO found
  • [WARNING] in unknown L1: [todo_found] TODO found
  • [WARNING] in unknown L1: [todo_found] TODO found

no-unused-vars

  • [FAILURE] in unknown L1: [no-unused-vars] '$' is defined but never used.
  • [FAILURE] in unknown L1: [no-unused-vars] 'event' is defined but never used.
  • [FAILURE] in unknown L1: [no-unused-vars] '$' is defined but never used.
  • [FAILURE] in unknown L1: [no-unused-vars] 'event' is defined but never used.

no-undef

  • [FAILURE] in unknown L1: [no-undef] 'clearTimeout' is not defined.
  • [FAILURE] in unknown L1: [no-undef] 'setTimeout' is not defined.
  • [FAILURE] in unknown L1: [no-undef] 'HTMLDataElement' is not defined.
  • [FAILURE] in unknown L1: [no-undef] Found 33 instances of [no-undef] in this file. Please fix all.
  • [FAILURE] in unknown L1: [no-undef] 'TextEncoder' is not defined.
  • [FAILURE] in unknown L1: [no-undef] 'self' is not defined.
  • [FAILURE] in unknown L1: [no-undef] 'console' is not defined.
  • [FAILURE] in unknown L1: [no-undef] Found 6 instances of [no-undef] in this file. Please fix all.
  • [FAILURE] in unknown L1: [no-undef] 'clearTimeout' is not defined.
  • [FAILURE] in unknown L1: [no-undef] 'setTimeout' is not defined.
  • [FAILURE] in unknown L1: [no-undef] 'HTMLDataElement' is not defined.
  • [FAILURE] in unknown L1: [no-undef] Found 33 instances of [no-undef] in this file. Please fix all.

no-console

  • [FAILURE] in unknown L1: [no-console] Unexpected console statement.
  • [FAILURE] in unknown L1: [no-console] Unexpected console statement.

hardcoded_secret

  • [FAILURE] in unknown L1: [hardcoded_secret] Potential secret in variable 'github_token'.
  • [FAILURE] in unknown L1: [hardcoded_secret] Potential secret in variable 'token'.
  • [FAILURE] in unknown L1: [hardcoded_secret] Potential secret in variable 'id_regCtrl_regToken'.
  • [FAILURE] in unknown L1: [hardcoded_secret] Potential secret in variable 'pkcs_9_ub_challengePassword'.
  • [FAILURE] in unknown L1: [hardcoded_secret] Potential secret in variable 'pkcs_9_at_pkcs15Token'.
  • [FAILURE] in unknown L1: [hardcoded_secret] Potential secret in variable 'pkcs_9_at_challengePassword'.
  • [FAILURE] in unknown L1: [hardcoded_secret] Potential secret in variable 'challengePassword'.
  • [FAILURE] in unknown L1: [hardcoded_secret] Potential secret in variable 'id_kisa_tac_token'.
  • [FAILURE] in unknown L1: [hardcoded_secret] Potential secret in variable 'id_kisa_tac_tokenandblindbash'.
  • [FAILURE] in unknown L1: [hardcoded_secret] Potential secret in variable 'id_kisa_tac_tokenandpartially'.
  • [FAILURE] in unknown L1: [hardcoded_secret] Potential secret in variable 'pkcs12SecretBagMap'.
  • [FAILURE] in unknown L1: [hardcoded_secret] Potential secret in variable 'id_secretBag'.
  • [FAILURE] in unknown L1: [hardcoded_secret] Potential secret in variable 'TimeStampToken'.
  • [FAILURE] in unknown L1: [hardcoded_secret] Potential secret in variable 'id_aa_signatureTimeStampToken'.
  • [FAILURE] in unknown L1: [hardcoded_secret] Potential secret in variable 'id_regCtrl_regToken'.
  • [FAILURE] in unknown L1: [hardcoded_secret] Potential secret in variable 'id_PasswordBasedMac'.
  • [FAILURE] in unknown L1: [hardcoded_secret] Potential secret in variable 'token'.
  • [FAILURE] in unknown L1: [hardcoded_secret] Potential secret in variable 'SecretType'.
  • [FAILURE] in unknown L1: [hardcoded_secret] Potential secret in variable 'min_token_number'.
  • [FAILURE] in unknown L1: [hardcoded_secret] Potential secret in variable 'token_number'.
  • [FAILURE] in unknown L1: [hardcoded_secret] Potential secret in variable 'min_token_number'.
  • [FAILURE] in unknown L1: [hardcoded_secret] Potential secret in variable 'token'.
  • [FAILURE] in unknown L1: [hardcoded_secret] Potential secret in variable 'token'.
  • [FAILURE] in unknown L1: [hardcoded_secret] Potential secret in variable 'token'.
  • [FAILURE] in unknown L1: [hardcoded_secret] Found 41 instances of [hardcoded_secret] in this file. Please fix all.
  • [FAILURE] in unknown L1: [hardcoded_secret] Potential secret in variable 'password'.
  • [FAILURE] in unknown L1: [hardcoded_secret] Potential secret in variable 'tokens'.
  • [FAILURE] in unknown L1: [hardcoded_secret] Potential secret in variable 'password'.
  • [FAILURE] in unknown L1: [hardcoded_secret] Potential secret in variable 'password'.
  • [FAILURE] in unknown L1: [hardcoded_secret] Potential secret in variable 'password_digest'.
  • [FAILURE] in unknown L1: [hardcoded_secret] Potential secret in variable 'token'.
  • [FAILURE] in unknown L1: [hardcoded_secret] Potential secret in variable 'token68'.
  • [FAILURE] in unknown L1: [hardcoded_secret] Potential secret in variable 'downcaseTokens'.
  • [FAILURE] in unknown L1: [hardcoded_secret] Potential secret in variable 'downcaseTokens'.
  • [FAILURE] in unknown L1: [hardcoded_secret] Potential secret in variable 'PASSWORD_SAFE'.
  • [FAILURE] in unknown L1: [hardcoded_secret] Potential secret in variable 'password'.
  • [FAILURE] in unknown L1: [hardcoded_secret] Potential secret in variable 'password'.
  • [FAILURE] in unknown L1: [hardcoded_secret] Potential secret in variable 'token'.
  • [FAILURE] in unknown L1: [hardcoded_secret] Potential secret in variable 'token'.
  • [FAILURE] in unknown L1: [hardcoded_secret] Potential secret in variable 'password'.
  • [FAILURE] in unknown L1: [hardcoded_secret] Potential secret in variable 'password'.
  • [FAILURE] in unknown L1: [hardcoded_secret] Potential secret in variable 'password'.
  • [FAILURE] in unknown L1: [hardcoded_secret] Potential secret in variable 'password'.
  • [FAILURE] in unknown L1: [hardcoded_secret] Potential secret in variable '_token_re'.
  • [FAILURE] in unknown L1: [hardcoded_secret] Potential secret in variable '_token68_re'.
  • [FAILURE] in unknown L1: [hardcoded_secret] Potential secret in variable '_token_re'.
  • [FAILURE] in unknown L1: [hardcoded_secret] Potential secret in variable 'tokens'.
  • [FAILURE] in unknown L1: [hardcoded_secret] Potential secret in variable '_PAGE_TOKEN_NAMES'.
  • [FAILURE] in unknown L1: [hardcoded_secret] Potential secret in variable 'nextPageToken'.
  • [FAILURE] in unknown L1: [hardcoded_secret] Potential secret in variable 'nextPageTokenName'.
  • [FAILURE] in unknown L1: [hardcoded_secret] Found 7 instances of [hardcoded_secret] in this file. Please fix all.
  • [FAILURE] in unknown L1: [hardcoded_secret] Potential secret in variable 'client_secrets'.
  • [FAILURE] in unknown L1: [hardcoded_secret] Potential secret in variable 'upcaseTokens'.
  • [FAILURE] in unknown L1: [hardcoded_secret] Potential secret in variable 'downcaseTokens'.
  • [FAILURE] in unknown L1: [hardcoded_secret] Potential secret in variable 'tokenMap'.
  • [FAILURE] in unknown L1: [hardcoded_secret] Potential secret in variable 'collect_all_And_tokens'.
  • [FAILURE] in unknown L1: [hardcoded_secret] Potential secret in variable 'warn_multiple_tokens_in_named_alternation'.
  • [FAILURE] in unknown L1: [hardcoded_secret] Found 18 instances of [hardcoded_secret] in this file. Please fix all.
  • [FAILURE] in unknown L1: [hardcoded_secret] Potential secret in variable 'matchTokens'.
  • [FAILURE] in unknown L1: [hardcoded_secret] Potential secret in variable 'theseTokens'.
  • [FAILURE] in unknown L1: [hardcoded_secret] Potential secret in variable '_lextokens'.
  • [FAILURE] in unknown L1: [hardcoded_secret] Potential secret in variable 'tokens'.
  • [FAILURE] in unknown L1: [hardcoded_secret] Potential secret in variable 'access_token'.
  • [FAILURE] in unknown L1: [hardcoded_secret] Potential secret in variable 'access_token'.
  • [FAILURE] in unknown L1: [hardcoded_secret] Potential secret in variable '_RECEIVE_CLOSE_ON_SERVER_TOKEN'.
  • [FAILURE] in unknown L1: [hardcoded_secret] Potential secret in variable '_SEND_INITIAL_METADATA_TOKEN'.
  • [FAILURE] in unknown L1: [hardcoded_secret] Potential secret in variable '_RECEIVE_MESSAGE_TOKEN'.
  • [FAILURE] in unknown L1: [hardcoded_secret] Found 11 instances of [hardcoded_secret] in this file. Please fix all.
  • [FAILURE] in unknown L1: [hardcoded_secret] Potential secret in variable 'explicit_token'.
  • [FAILURE] in unknown L1: [hardcoded_secret] Potential secret in variable 'token'.
  • [FAILURE] in unknown L1: [hardcoded_secret] Potential secret in variable 'explicit_token'.
  • [FAILURE] in unknown L1: [hardcoded_secret] Potential secret in variable 'token'.
  • [FAILURE] in unknown L1: [hardcoded_secret] Potential secret in variable 'token'.
  • [FAILURE] in unknown L1: [hardcoded_secret] Potential secret in variable 'raw_token'.
  • [FAILURE] in unknown L1: [hardcoded_secret] Potential secret in variable 'native_token'.
  • [FAILURE] in unknown L1: [hardcoded_secret] Potential secret in variable 'token'.
  • [FAILURE] in unknown L1: [hardcoded_secret] Potential secret in variable 'ACCESS_TOKEN_REFRESH_THRESHOLD_SECONDS'.
  • [FAILURE] in unknown L1: [hardcoded_secret] Potential secret in variable 'TOKEN_REFRESH_THRESHOLD_TIMEDELTA'.
  • [FAILURE] in unknown L1: [hardcoded_secret] Potential secret in variable 'token_expires_at'.
  • [FAILURE] in unknown L1: [hardcoded_secret] Potential secret in variable 'token'.
  • [FAILURE] in unknown L1: [hardcoded_secret] Potential secret in variable 'secret_name'.
  • [FAILURE] in unknown L1: [hardcoded_secret] Potential secret in variable 'secret_name'.
  • [FAILURE] in unknown L1: [hardcoded_secret] Potential secret in variable 'secret_name'.
  • [FAILURE] in unknown L1: [hardcoded_secret] Potential secret in variable 'ACCESS_TOKEN_REFRESH_THRESHOLD_SECONDS'.
  • [FAILURE] in unknown L1: [hardcoded_secret] Potential secret in variable 'file_secret_settings'.
  • [FAILURE] in unknown L1: [hardcoded_secret] Potential secret in variable 'secrets_path'.
  • [FAILURE] in unknown L1: [hardcoded_secret] Potential secret in variable 'secret_value'.
  • [FAILURE] in unknown L1: [hardcoded_secret] Potential secret in variable 'secret_value'.
  • [FAILURE] in unknown L1: [hardcoded_secret] Potential secret in variable 'token'.
  • [FAILURE] in unknown L1: [hardcoded_secret] Potential secret in variable 'token'.
  • [FAILURE] in unknown L1: [hardcoded_secret] Potential secret in variable 'CHALLENGE_PASSWORD'.
  • [FAILURE] in unknown L1: [hardcoded_secret] Potential secret in variable 'f_secrets'.
  • [FAILURE] in unknown L1: [hardcoded_secret] Potential secret in variable 'secret'.
  • [FAILURE] in unknown L1: [hardcoded_secret] Potential secret in variable 'password_bytes'.
  • [FAILURE] in unknown L1: [hardcoded_secret] Potential secret in variable 'password'.
  • [FAILURE] in unknown L1: [hardcoded_secret] Potential secret in variable 'password_bytes'.
  • [FAILURE] in unknown L1: [hardcoded_secret] Potential secret in variable 'password'.
  • [FAILURE] in unknown L1: [hardcoded_secret] Potential secret in variable '_DEFAULT_REQUEST_TOKEN_FIELD'.
  • [FAILURE] in unknown L1: [hardcoded_secret] Potential secret in variable '_DEFAULT_RESPONSE_TOKEN_FIELD'.
  • [FAILURE] in unknown L1: [hardcoded_secret] Potential secret in variable '_PAGE_TOKEN'.
  • [FAILURE] in unknown L1: [hardcoded_secret] Potential secret in variable '_NEXT_TOKEN'.
  • [FAILURE] in unknown L1: [hardcoded_secret] Potential secret in variable '_DEFAULT_REQUEST_TOKEN_FIELD'.
  • [FAILURE] in unknown L1: [hardcoded_secret] Potential secret in variable '_DEFAULT_RESPONSE_TOKEN_FIELD'.
  • [FAILURE] in unknown L1: [hardcoded_secret] Potential secret in variable '_AWS_SECURITY_TOKEN_HEADER'.
  • [FAILURE] in unknown L1: [hardcoded_secret] Potential secret in variable '_IMDSV2_SESSION_TOKEN_TTL_SECONDS'.
  • [FAILURE] in unknown L1: [hardcoded_secret] Potential secret in variable 'env_aws_secret_access_key'.
  • [FAILURE] in unknown L1: [hardcoded_secret] Found 7 instances of [hardcoded_secret] in this file. Please fix all.
  • [FAILURE] in unknown L1: [hardcoded_secret] Potential secret in variable 'REQUEST_TYPE_ACCESS_TOKEN'.
  • [FAILURE] in unknown L1: [hardcoded_secret] Potential secret in variable 'REQUEST_TYPE_ID_TOKEN'.
  • [FAILURE] in unknown L1: [hardcoded_secret] Potential secret in variable '_IAM_IDTOKEN_ENDPOINT'.
  • [FAILURE] in unknown L1: [hardcoded_secret] Potential secret in variable '_CLOUD_SDK_USER_ACCESS_TOKEN_COMMAND'.
  • [FAILURE] in unknown L1: [hardcoded_secret] Potential secret in variable 'access_token'.
  • [FAILURE] in unknown L1: [hardcoded_secret] Potential secret in variable '_AWS_SUBJECT_TOKEN_TYPE'.
  • [FAILURE] in unknown L1: [hardcoded_secret] Potential secret in variable '_DEFAULT_TOKEN_LIFETIME_SECS'.
  • [FAILURE] in unknown L1: [hardcoded_secret] Potential secret in variable '_GOOGLE_OAUTH2_TOKEN_ENDPOINT'.
  • [FAILURE] in unknown L1: [hardcoded_secret] Potential secret in variable 'token_response'.
  • [FAILURE] in unknown L1: [hardcoded_secret] Potential secret in variable 'token'.
  • [FAILURE] in unknown L1: [hardcoded_secret] Potential secret in variable 'id_token'.
  • [FAILURE] in unknown L1: [hardcoded_secret] Potential secret in variable '_STS_REQUESTED_TOKEN_TYPE'.
  • [FAILURE] in unknown L1: [hardcoded_secret] Potential secret in variable '_STS_TOKEN_URL_PATTERN'.
  • [FAILURE] in unknown L1: [hardcoded_secret] Potential secret in variable '_STS_SUBJECT_TOKEN_TYPE'.
  • [FAILURE] in unknown L1: [hardcoded_secret] Potential secret in variable 'subject_token'.
  • [FAILURE] in unknown L1: [hardcoded_secret] Potential secret in variable 'subject_token'.
  • [FAILURE] in unknown L1: [hardcoded_secret] Potential secret in variable '_DEFAULT_TOKEN_LIFETIME_SECS'.
  • [FAILURE] in unknown L1: [hardcoded_secret] Potential secret in variable 'token'.
  • [FAILURE] in unknown L1: [hardcoded_secret] Potential secret in variable 'token'.
  • [FAILURE] in unknown L1: [hardcoded_secret] Potential secret in variable 'AWS_SECRET_ACCESS_KEY'.
  • [FAILURE] in unknown L1: [hardcoded_secret] Potential secret in variable 'AWS_SESSION_TOKEN'.
  • [FAILURE] in unknown L1: [hardcoded_secret] Potential secret in variable 'GOOGLE_API_PREVENT_AGENT_TOKEN_SHARING_FOR_GCP_SERVICES'.
  • [FAILURE] in unknown L1: [hardcoded_secret] Potential secret in variable '_STS_REQUESTED_TOKEN_TYPE'.
  • [FAILURE] in unknown L1: [hardcoded_secret] Potential secret in variable '_DEFAULT_TOKEN_URL'.
  • [FAILURE] in unknown L1: [hardcoded_secret] Potential secret in variable 'token_content'.
  • [FAILURE] in unknown L1: [hardcoded_secret] Potential secret in variable 'token'.
  • [FAILURE] in unknown L1: [hardcoded_secret] Potential secret in variable 'subject_token_supplier'.
  • [FAILURE] in unknown L1: [hardcoded_secret] Potential secret in variable 'token_content'.
  • [FAILURE] in unknown L1: [hardcoded_secret] Potential secret in variable 'token'.
  • [FAILURE] in unknown L1: [hardcoded_secret] Potential secret in variable 'api_key'.
  • [FAILURE] in unknown L1: [hardcoded_secret] Potential secret in variable 'api_key'.
  • [FAILURE] in unknown L1: [hardcoded_secret] Potential secret in variable 'api_key'.
  • [FAILURE] in unknown L1: [hardcoded_secret] Potential secret in variable 'bearer_token'.
  • [FAILURE] in unknown L1: [hardcoded_secret] Potential secret in variable '_GEMINI_MODELS_TO_TOKENIZER_NAMES'.
  • [FAILURE] in unknown L1: [hardcoded_secret] Potential secret in variable '_GEMINI_STABLE_MODELS_TO_TOKENIZER_NAMES'.
  • [FAILURE] in unknown L1: [hardcoded_secret] Potential secret in variable '_TOKENIZERS'.
  • [FAILURE] in unknown L1: [hardcoded_secret] Potential secret in variable 'ModalityTokenCountOrDict'.
  • [FAILURE] in unknown L1: [hardcoded_secret] Potential secret in variable 'CountTokensConfigOrDict'.
  • [FAILURE] in unknown L1: [hardcoded_secret] Potential secret in variable '_CountTokensParametersOrDict'.
  • [FAILURE] in unknown L1: [hardcoded_secret] Found 15 instances of [hardcoded_secret] in this file. Please fix all.
  • [FAILURE] in unknown L1: [hardcoded_secret] Potential secret in variable 'env_google_api_key'.
  • [FAILURE] in unknown L1: [hardcoded_secret] Potential secret in variable 'env_gemini_api_key'.
  • [FAILURE] in unknown L1: [hardcoded_secret] Potential secret in variable 'env_api_key'.
  • [FAILURE] in unknown L1: [hardcoded_secret] Potential secret in variable 'tokens_list'.
  • [FAILURE] in unknown L1: [hardcoded_secret] Potential secret in variable 'tokens_protos'.
  • [FAILURE] in unknown L1: [hardcoded_secret] Potential secret in variable 'token_infos'.
  • [FAILURE] in unknown L1: [hardcoded_secret] Potential secret in variable '_Tokenizer'.
  • [FAILURE] in unknown L1: [hardcoded_secret] Potential secret in variable '_TOKEN'.
  • [FAILURE] in unknown L1: [hardcoded_secret] Potential secret in variable 'tokenizer'.
  • [FAILURE] in unknown L1: [hardcoded_secret] Found 8 instances of [hardcoded_secret] in this file. Please fix all.
  • [FAILURE] in unknown L1: [hardcoded_secret] Potential secret in variable 'api_key'.
  • [FAILURE] in unknown L1: [hardcoded_secret] Potential secret in variable 'had_api_key_value'.
  • [FAILURE] in unknown L1: [hardcoded_secret] Potential secret in variable 'api_key'.
  • [FAILURE] in unknown L1: [hardcoded_secret] Potential secret in variable 'api_key'.
  • [FAILURE] in unknown L1: [hardcoded_secret] Potential secret in variable 'rapt_token'.
  • [FAILURE] in unknown L1: [hardcoded_secret] Potential secret in variable 'rapt_token'.
  • [FAILURE] in unknown L1: [hardcoded_secret] Potential secret in variable 'refresh_token'.
  • [FAILURE] in unknown L1: [hardcoded_secret] Potential secret in variable 'access_token'.
  • [FAILURE] in unknown L1: [hardcoded_secret] Potential secret in variable 'id_token'.
  • [FAILURE] in unknown L1: [hardcoded_secret] Potential secret in variable 'id_token'.
  • [FAILURE] in unknown L1: [hardcoded_secret] Potential secret in variable 'access_token'.
  • [FAILURE] in unknown L1: [hardcoded_secret] Potential secret in variable 'id_token_credentials'.
  • [FAILURE] in unknown L1: [hardcoded_secret] Potential secret in variable 'access_token'.
  • [FAILURE] in unknown L1: [hardcoded_secret] Potential secret in variable 'id_token'.
  • [FAILURE] in unknown L1: [hardcoded_secret] Potential secret in variable '_GOOGLE_OAUTH2_TOKEN_ENDPOINT'.
  • [FAILURE] in unknown L1: [hardcoded_secret] Potential secret in variable '_GOOGLE_OAUTH2_TOKEN_INFO_ENDPOINT'.
  • [FAILURE] in unknown L1: [hardcoded_secret] Potential secret in variable 'rapt_token'.
  • [FAILURE] in unknown L1: [hardcoded_secret] Potential secret in variable 'rapt_token'.
  • [FAILURE] in unknown L1: [hardcoded_secret] Potential secret in variable 'password'.
  • [FAILURE] in unknown L1: [hardcoded_secret] Potential secret in variable '_DEFAULT_TOKEN_LIFETIME_SECS'.
  • [FAILURE] in unknown L1: [hardcoded_secret] Potential secret in variable '_GOOGLE_OAUTH2_TOKEN_ENDPOINT'.
  • [FAILURE] in unknown L1: [hardcoded_secret] Potential secret in variable 'token'.
  • [FAILURE] in unknown L1: [hardcoded_secret] Potential secret in variable 'token'.
  • [FAILURE] in unknown L1: [hardcoded_secret] Potential secret in variable 'TOKEN_EXCHANGE_TYPE'.
  • [FAILURE] in unknown L1: [hardcoded_secret] Potential secret in variable 'ACCESS_TOKEN_TOKEN_TYPE'.
  • [FAILURE] in unknown L1: [hardcoded_secret] Potential secret in variable 'SERVICE_ACCOUNT_TOKEN_TYPE'.
  • [FAILURE] in unknown L1: [hardcoded_secret] Potential secret in variable 'jwt_token'.
  • [FAILURE] in unknown L1: [hardcoded_secret] Potential secret in variable 'token_json'.
  • [FAILURE] in unknown L1: [hardcoded_secret] Potential secret in variable 'token_expiry'.
  • [FAILURE] in unknown L1: [hardcoded_secret] Potential secret in variable '_DEFAULT_TOKEN_LIFETIME_SECS'.
  • [FAILURE] in unknown L1: [hardcoded_secret] Potential secret in variable '_DEFAULT_TOKEN_URI'.
  • [FAILURE] in unknown L1: [hardcoded_secret] Potential secret in variable 'token'.
  • [FAILURE] in unknown L1: [hardcoded_secret] Potential secret in variable 'id_token'.
  • [FAILURE] in unknown L1: [hardcoded_secret] Potential secret in variable 'api_key'.
  • [FAILURE] in unknown L1: [hardcoded_secret] Potential secret in variable 'api_key'.
  • [FAILURE] in unknown L1: [hardcoded_secret] Potential secret in variable 'api_key'.
  • [FAILURE] in unknown L1: [hardcoded_secret] Potential secret in variable 'api_key'.
  • [FAILURE] in unknown L1: [hardcoded_secret] Potential secret in variable 'split_tokens'.
  • [FAILURE] in unknown L1: [hardcoded_secret] Potential secret in variable 'tokens'.
  • [FAILURE] in unknown L1: [hardcoded_secret] Potential secret in variable 'first_token'.
  • [FAILURE] in unknown L1: [hardcoded_secret] Potential secret in variable 'tokens'.
  • [FAILURE] in unknown L1: [hardcoded_secret] Potential secret in variable 'tokens'.
  • [FAILURE] in unknown L1: [hardcoded_secret] Potential secret in variable 'token_parts'.
  • [FAILURE] in unknown L1: [hardcoded_secret] Potential secret in variable 'PostProcessingTokens'.
  • [FAILURE] in unknown L1: [hardcoded_secret] Potential secret in variable 'MAX_TOKENS'.
  • [FAILURE] in unknown L1: [hardcoded_secret] Potential secret in variable 'api_key_value'.
  • [FAILURE] in unknown L1: [hardcoded_secret] Potential secret in variable 'api_key_value'.
  • [FAILURE] in unknown L1: [hardcoded_secret] Potential secret in variable 'api_key_value'.
  • [FAILURE] in unknown L1: [hardcoded_secret] Potential secret in variable 'api_key_value'.
  • [FAILURE] in unknown L1: [hardcoded_secret] Potential secret in variable 'api_key_value'.
  • [FAILURE] in unknown L1: [hardcoded_secret] Potential secret in variable 'api_key_value'.
  • [FAILURE] in unknown L1: [hardcoded_secret] Potential secret in variable 'api_key_value'.
  • [FAILURE] in unknown L1: [hardcoded_secret] Potential secret in variable 'api_key_value'.
  • [FAILURE] in unknown L1: [hardcoded_secret] Potential secret in variable 'api_key_value'.
  • [FAILURE] in unknown L1: [hardcoded_secret] Potential secret in variable 'api_key_value'.
  • [FAILURE] in unknown L1: [hardcoded_secret] Potential secret in variable 'api_key_value'.
  • [FAILURE] in unknown L1: [hardcoded_secret] Potential secret in variable 'api_key_value'.
  • [FAILURE] in unknown L1: [hardcoded_secret] Potential secret in variable 'api_key_value'.
  • [FAILURE] in unknown L1: [hardcoded_secret] Potential secret in variable 'api_key_value'.
  • [FAILURE] in unknown L1: [hardcoded_secret] Potential secret in variable 'api_key_value'.
  • [FAILURE] in unknown L1: [hardcoded_secret] Potential secret in variable 'api_key_value'.
  • [FAILURE] in unknown L1: [hardcoded_secret] Potential secret in variable 'MAX_TOKENS'.
  • [FAILURE] in unknown L1: [hardcoded_secret] Potential secret in variable 'api_key_value'.
  • [FAILURE] in unknown L1: [hardcoded_secret] Potential secret in variable 'api_key_value'.
  • [FAILURE] in unknown L1: [hardcoded_secret] Potential secret in variable 'MAX_TOKENS'.
  • [FAILURE] in unknown L1: [hardcoded_secret] Potential secret in variable 'api_key_value'.
  • [FAILURE] in unknown L1: [hardcoded_secret] Potential secret in variable 'api_key_value'.
  • [FAILURE] in unknown L1: [hardcoded_secret] Potential secret in variable 'api_key_value'.
  • [FAILURE] in unknown L1: [hardcoded_secret] Potential secret in variable 'api_key_value'.
  • [FAILURE] in unknown L1: [hardcoded_secret] Potential secret in variable 'api_key_value'.
  • [FAILURE] in unknown L1: [hardcoded_secret] Potential secret in variable 'api_key_value'.
  • [FAILURE] in unknown L1: [hardcoded_secret] Potential secret in variable 'api_key_value'.
  • [FAILURE] in unknown L1: [hardcoded_secret] Potential secret in variable 'api_key_value'.
  • [FAILURE] in unknown L1: [hardcoded_secret] Potential secret in variable 'api_key_value'.
  • [FAILURE] in unknown L1: [hardcoded_secret] Potential secret in variable 'password'.
  • [FAILURE] in unknown L1: [hardcoded_secret] Potential secret in variable 'token'.
  • [FAILURE] in unknown L1: [hardcoded_secret] Potential secret in variable 'token'.
  • [FAILURE] in unknown L1: [hardcoded_secret] Potential secret in variable 'token'.
  • [FAILURE] in unknown L1: [hardcoded_secret] Potential secret in variable 'expected_password'.
  • [FAILURE] in unknown L1: [hardcoded_secret] Potential secret in variable 'expected_password'.
  • [FAILURE] in unknown L1: [hardcoded_secret] Potential secret in variable '_token_re'.
  • [FAILURE] in unknown L1: [hardcoded_secret] Potential secret in variable 'expected_password'.
  • [FAILURE] in unknown L1: [hardcoded_secret] Potential secret in variable 'curve_secret_key_len'.
  • [FAILURE] in unknown L1: [hardcoded_secret] Potential secret in variable 'curve_secret_key'.
  • [FAILURE] in unknown L1: [hardcoded_secret] Potential secret in variable 'secret_key'.
  • [FAILURE] in unknown L1: [hardcoded_secret] Potential secret in variable 'secret_key'.
  • [FAILURE] in unknown L1: [hardcoded_secret] Potential secret in variable 'tokens'.
  • [FAILURE] in unknown L1: [hardcoded_secret] Potential secret in variable 'tokens'.
  • [FAILURE] in unknown L1: [hardcoded_secret] Potential secret in variable 'tokenlen'.
  • [FAILURE] in unknown L1: [hardcoded_secret] Found 7 instances of [hardcoded_secret] in this file. Please fix all.
  • [FAILURE] in unknown L1: [hardcoded_secret] Potential secret in variable 'tokens'.
  • [FAILURE] in unknown L1: [hardcoded_secret] Potential secret in variable '_token'.
  • [FAILURE] in unknown L1: [hardcoded_secret] Potential secret in variable '_token'.
  • [FAILURE] in unknown L1: [hardcoded_secret] Potential secret in variable 'errtoken'.
  • [FAILURE] in unknown L1: [hardcoded_secret] Found 24 instances of [hardcoded_secret] in this file. Please fix all.
  • [FAILURE] in unknown L1: [hardcoded_secret] Potential secret in variable 'Token'.
  • [FAILURE] in unknown L1: [hardcoded_secret] Potential secret in variable 'tokenname'.
  • [FAILURE] in unknown L1: [hardcoded_secret] Potential secret in variable 'token'.
  • [FAILURE] in unknown L1: [hardcoded_secret] Found 7 instances of [hardcoded_secret] in this file. Please fix all.
  • [FAILURE] in unknown L1: [hardcoded_secret] Potential secret in variable 'TokenType'.
  • [FAILURE] in unknown L1: [hardcoded_secret] Potential secret in variable 'token'.
  • [FAILURE] in unknown L1: [hardcoded_secret] Potential secret in variable 'token'.
  • [FAILURE] in unknown L1: [hardcoded_secret] Potential secret in variable 'tokens'.
  • [FAILURE] in unknown L1: [hardcoded_secret] Potential secret in variable 'token_style'.
  • [FAILURE] in unknown L1: [hardcoded_secret] Potential secret in variable 'password'.
  • [FAILURE] in unknown L1: [hardcoded_secret] Potential secret in variable 'Token'.
  • [FAILURE] in unknown L1: [hardcoded_secret] Potential secret in variable 'tokens'.
  • [FAILURE] in unknown L1: [hardcoded_secret] Potential secret in variable 'tokens'.
  • [FAILURE] in unknown L1: [hardcoded_secret] Potential secret in variable 'tokendefs'.
  • [FAILURE] in unknown L1: [hardcoded_secret] Found 16 instances of [hardcoded_secret] in this file. Please fix all.
  • [FAILURE] in unknown L1: [hardcoded_secret] Potential secret in variable 'tokens'.
  • [FAILURE] in unknown L1: [hardcoded_secret] Potential secret in variable 'password'.
  • [FAILURE] in unknown L1: [hardcoded_secret] Potential secret in variable 'password'.
  • [FAILURE] in unknown L1: [hardcoded_secret] Potential secret in variable 'password'.
  • [FAILURE] in unknown L1: [hardcoded_secret] Potential secret in variable 'password'.
  • [FAILURE] in unknown L1: [hardcoded_secret] Potential secret in variable 'tokens'.
  • [FAILURE] in unknown L1: [hardcoded_secret] Potential secret in variable 'upcase_tokens'.
  • [FAILURE] in unknown L1: [hardcoded_secret] Potential secret in variable 'downcase_tokens'.
  • [FAILURE] in unknown L1: [hardcoded_secret] Potential secret in variable 'upcaseTokens'.
  • [FAILURE] in unknown L1: [hardcoded_secret] Potential secret in variable 'downcaseTokens'.
  • [FAILURE] in unknown L1: [hardcoded_secret] Potential secret in variable 'collect_all_And_tokens'.
  • [FAILURE] in unknown L1: [hardcoded_secret] Potential secret in variable 'warn_multiple_tokens_in_named_alternation'.
  • [FAILURE] in unknown L1: [hardcoded_secret] Potential secret in variable 'warn_ungrouped_named_tokens_in_collection'.
  • [FAILURE] in unknown L1: [hardcoded_secret] Found 17 instances of [hardcoded_secret] in this file. Please fix all.
  • [FAILURE] in unknown L1: [hardcoded_secret] Potential secret in variable 'matchTokens'.
  • [FAILURE] in unknown L1: [hardcoded_secret] Potential secret in variable 'theseTokens'.
  • [FAILURE] in unknown L1: [hardcoded_secret] Potential secret in variable 'otokentype'.
  • [FAILURE] in unknown L1: [hardcoded_secret] Potential secret in variable 'tokentype'.
  • [FAILURE] in unknown L1: [hardcoded_secret] Potential secret in variable 'tokentype'.
  • [FAILURE] in unknown L1: [hardcoded_secret] Potential secret in variable 'tokens'.
  • [FAILURE] in unknown L1: [hardcoded_secret] Potential secret in variable 'tokens'.
  • [FAILURE] in unknown L1: [hardcoded_secret] Potential secret in variable 'tokens'.
  • [FAILURE] in unknown L1: [hardcoded_secret] Found 7 instances of [hardcoded_secret] in this file. Please fix all.
  • [FAILURE] in unknown L1: [hardcoded_secret] Potential secret in variable 'password'.
  • [FAILURE] in unknown L1: [hardcoded_secret] Potential secret in variable 'password'.
  • [FAILURE] in unknown L1: [hardcoded_secret] Potential secret in variable 'password'.
  • [FAILURE] in unknown L1: [hardcoded_secret] Potential secret in variable 'password'.
  • [FAILURE] in unknown L1: [hardcoded_secret] Potential secret in variable 'tokens'.
  • [FAILURE] in unknown L1: [hardcoded_secret] Potential secret in variable 'password'.
  • [FAILURE] in unknown L1: [hardcoded_secret] Potential secret in variable 'password'.
  • [FAILURE] in unknown L1: [hardcoded_secret] Potential secret in variable 'password'.
  • [FAILURE] in unknown L1: [hardcoded_secret] Potential secret in variable 'password'.
  • [FAILURE] in unknown L1: [hardcoded_secret] Potential secret in variable 'password'.
  • [FAILURE] in unknown L1: [hardcoded_secret] Potential secret in variable 'access_token_call_credentials'.
  • [FAILURE] in unknown L1: [hardcoded_secret] Potential secret in variable 'token'.
  • [FAILURE] in unknown L1: [hardcoded_secret] Potential secret in variable 'token'.
  • [FAILURE] in unknown L1: [hardcoded_secret] Potential secret in variable 'token'.
  • [FAILURE] in unknown L1: [hardcoded_secret] Potential secret in variable 'trio_token'.
  • [FAILURE] in unknown L1: [hardcoded_secret] Potential secret in variable 'trio_token'.
  • [FAILURE] in unknown L1: [hardcoded_secret] Potential secret in variable 'github_token'.
  • [FAILURE] in unknown L1: [hardcoded_secret] Potential secret in variable 'SECRET_RE'.
  • [FAILURE] in unknown L1: [hardcoded_secret] Potential secret in variable 'LOCAL_STORAGE_SECRET_RE'.
  • [FAILURE] in unknown L1: [hardcoded_secret] Potential secret in variable 'SECRET_RE'.
  • [FAILURE] in unknown L1: [hardcoded_secret] Potential secret in variable 'token'.

dangerous_function

  • [FAILURE] in unknown L1: [dangerous_function] Dangerous function 'eval' detected.
  • [FAILURE] in unknown L1: [dangerous_function] Dangerous function 'eval' detected.
  • [FAILURE] in unknown L1: [dangerous_function] Dangerous function 'exec' detected.
  • [FAILURE] in unknown L1: [dangerous_function] Dangerous function 'exec' detected.
  • [FAILURE] in unknown L1: [dangerous_function] Dangerous function 'system' detected.
  • [FAILURE] in unknown L1: [dangerous_function] Dangerous function 'exec' detected.
  • [FAILURE] in unknown L1: [dangerous_function] Dangerous function 'eval' detected.
  • [FAILURE] in unknown L1: [dangerous_function] Dangerous function 'system' detected.
  • [FAILURE] in unknown L1: [dangerous_function] Dangerous function 'system' detected.
  • [FAILURE] in unknown L1: [dangerous_function] Dangerous function 'exec' detected.
  • [FAILURE] in unknown L1: [dangerous_function] Dangerous function 'eval' detected.
  • [FAILURE] in unknown L1: [dangerous_function] Dangerous function 'eval' detected.
  • [FAILURE] in unknown L1: [dangerous_function] Dangerous function 'system' detected.
  • [FAILURE] in unknown L1: [dangerous_function] Dangerous function 'eval' detected.
  • [FAILURE] in unknown L1: [dangerous_function] Dangerous function 'exec' detected.
  • [FAILURE] in unknown L1: [dangerous_function] Dangerous function 'exec' detected.
  • [FAILURE] in unknown L1: [dangerous_function] Dangerous function 'eval' detected.
  • [FAILURE] in unknown L1: [dangerous_function] Dangerous function 'exec' detected.
  • [FAILURE] in unknown L1: [dangerous_function] Dangerous function 'exec' detected.
  • [FAILURE] in unknown L1: [dangerous_function] Dangerous function 'exec' detected.
  • [FAILURE] in unknown L1: [dangerous_function] Dangerous function 'system' detected.
  • [FAILURE] in unknown L1: [dangerous_function] Dangerous function 'system' detected.
  • [FAILURE] in unknown L1: [dangerous_function] Dangerous function 'system' detected.
  • [FAILURE] in unknown L1: [dangerous_function] Dangerous function 'system' detected.
  • [FAILURE] in unknown L1: [dangerous_function] Dangerous function 'system' detected.
  • [FAILURE] in unknown L1: [dangerous_function] Dangerous function 'system' detected.
  • [FAILURE] in unknown L1: [dangerous_function] Dangerous function 'system' detected.
  • [FAILURE] in unknown L1: [dangerous_function] Dangerous function 'system' detected.
  • [FAILURE] in unknown L1: [dangerous_function] Dangerous function 'system' detected.
  • [FAILURE] in unknown L1: [dangerous_function] Dangerous function 'system' detected.
  • [FAILURE] in unknown L1: [dangerous_function] Dangerous function 'system' detected.
  • [FAILURE] in unknown L1: [dangerous_function] Dangerous function 'system' detected.
  • [FAILURE] in unknown L1: [dangerous_function] Dangerous function 'system' detected.
  • [FAILURE] in unknown L1: [dangerous_function] Dangerous function 'exec' detected.
  • [FAILURE] in unknown L1: [dangerous_function] Dangerous function 'exec' detected.
  • [FAILURE] in unknown L1: [dangerous_function] Dangerous function 'exec' detected.
  • [FAILURE] in unknown L1: [dangerous_function] Dangerous function 'exec' detected.
  • [FAILURE] in unknown L1: [dangerous_function] Dangerous function 'exec' detected.
  • [FAILURE] in unknown L1: [dangerous_function] Dangerous function 'system' detected.
  • [FAILURE] in unknown L1: [dangerous_function] Dangerous function 'system' detected.
  • [FAILURE] in unknown L1: [dangerous_function] Dangerous function 'system' detected.

silent_catch

  • [WARNING] in unknown L1: [silent_catch] Empty or console-only catch block detected.
  • [WARNING] in unknown L1: [silent_catch] Empty or console-only catch block detected.
  • [WARNING] in unknown L1: [silent_catch] Empty or console-only catch block detected.
  • [WARNING] in unknown L1: [silent_catch] Empty or console-only catch block detected.

secret_exposed

  • [FAILURE] in unknown L1: [secret_exposed] Potential secret or token found in manifest/env file.
  • [FAILURE] in unknown L1: [secret_exposed] Potential secret or token found in manifest/env file.

Reported by AI Slop Gate

@SergUdo
Copy link
Owner Author

SergUdo commented Feb 25, 2026

🚨 AI Slop Gate Report

Status: FAIL
Summary: Verdict: BLOCKING. Found 98 issues.

📑 Detailed Observations

explicit_todo_misguidance

  • [FAILURE] in PR_2 L3: [explicit_todo_misguidance] Explicit TODO comment advocating for a critical anti-pattern: direct production deployment without review.

duplicate_label_key

  • [WARNING] in PR_2 L8: [duplicate_label_key] Duplicate label key 'env' with 'prod' and 'duplicate-prod'. Kubernetes generally treats the last value, but this is a configuration error and AI slop.

gdpr_non_compliance_declared

  • [FAILURE] in PR_2 L10: [gdpr_non_compliance_declared] Explicitly declaring non-compliance with GDPR requirements via an annotation.

data_residency_ignored

  • [FAILURE] in PR_2 L11: [data_residency_ignored] Explicitly stating that data residency requirements are ignored via an annotation.

user_data_export_declaration

  • [FAILURE] in PR_2 L12: [user_data_export_declaration] Explicitly declaring intent to export all user data to the US, potentially violating data residency laws if users are from other regions (e.g., EU).

irrational_naming_convention_todo

  • [FAILURE] in PR_2 L13: [irrational_naming_convention_todo] TODO comment suggesting an irrational and unmanageable naming convention ('Auto-generate namespace names based on horoscope'), indicating AI-generated slop and poor architectural planning.

missing_documentation_todo

  • [WARNING] in PR_2 L20: [missing_documentation_todo] TODO comment indicating missing or intentionally neglected documentation for a CustomResourceDefinition.

crd_schema_laxity

  • [WARNING] in PR_2 L31: [crd_schema_laxity] The x-kubernetes-preserve-unknown-fields: true directive indicates a lax schema for a CRD, promoting undefined behavior and architectural fragility, especially given the context of 'no schema' in the description.

contradictory_schema_todo

  • [FAILURE] in PR_2 L32: [contradictory_schema_todo] TODO comment explicitly suggesting the creation of a self-contradictory schema, indicating AI-generated slop and intentional architectural fragility.

unmaintainable_field_todo

  • [WARNING] in PR_2 L46: [unmaintainable_field_todo] TODO comment explicitly suggesting adding an intentionally incomprehensible field, leading to unmaintainable code and AI-generated slop.

hardcoded_root_password_in_configmap

  • [FAILURE] in PR_2 L57: [hardcoded_root_password_in_configmap] Hardcoded 'root' password in a ConfigMap, exposing sensitive credentials.

feature_flags_enabled_by_default

  • [WARNING] in PR_2 L58: [feature_flags_enabled_by_default] Enabling all feature flags by default can lead to instability, unexpected behavior, and reduced control in production environments.

data_export_to_sanctioned_entity

  • [FAILURE] in PR_2 L60: [data_export_to_sanctioned_entity] Explicitly configuring logs to be exported to a sanctioned country (North Korea), posing severe security, compliance, and legal risks.
  • [FAILURE] in PR_2 L61: [data_export_to_sanctioned_entity] Explicitly configuring metrics to be exported to a sanctioned country (North Korea), posing severe security, compliance, and legal risks.
  • [FAILURE] in PR_2 L62: [data_export_to_sanctioned_entity] Explicitly configuring AI processing data to be sent to a sanctioned country (North Korea), posing severe security, compliance, and legal risks.

user_data_residency_violation

  • [FAILURE] in PR_2 L63: [user_data_residency_violation] Storing user data in a US-based S3 bucket ('us-west-2') directly contradicts earlier annotations declaring GDPR non-compliance and ignored data residency for EU data.

intentional_config_bloat_todo

  • [WARNING] in PR_2 L64: [intentional_config_bloat_todo] TODO comment suggesting intentionally bloating configuration with random, unused keys, indicating AI-generated slop and poor quality.

unused_config_key

  • [WARNING] in PR_2 L65: [unused_config_key] Unused configuration key ('UNUSED_KEY'), indicating redundant metadata or AI-generated slop.

incompatible_software_licenses

  • [FAILURE] in PR_2 L73: [incompatible_software_licenses] Declaration of two generally incompatible open-source licenses (AGPL-3.0 and GPL-2.0), creating severe legal and architectural risks.

intentional_license_chaos_todo

  • [FAILURE] in PR_2 L74: [intentional_license_chaos_todo] TODO comment explicitly suggesting combining incompatible licenses for 'maximum legal chaos,' indicating AI-generated slop and intentional legal/architectural issues.

hardcoded_root_password_in_secret

  • [FAILURE] in PR_2 L76: [hardcoded_root_password_in_secret] Base64-encoded 'root' password in a Kubernetes Secret, which is not true encryption and exposes sensitive credentials.

hardcoded_api_key_in_secret

  • [FAILURE] in PR_2 L77: [hardcoded_api_key_in_secret] Base64-encoded API key in a Kubernetes Secret, which is not true encryption and exposes sensitive credentials.

hardcoded_jwt_secret_in_secret

  • [FAILURE] in PR_2 L78: [hardcoded_jwt_secret_in_secret] Base64-encoded JWT secret with a value suggesting it should be public ('super-secure-should-be-public'), indicating severe security misconfiguration.

explicit_internet_exposure_todo

  • [FAILURE] in PR_2 L86: [explicit_internet_exposure_todo] TODO comment explicitly suggesting exposing a service directly to the internet without authentication, indicating a critical security vulnerability.

excessive_revision_history

  • [WARNING] in PR_2 L105: [excessive_revision_history] An extremely high revisionHistoryLimit (1000) can lead to excessive resource consumption (etcd storage) and slower API operations over time.

deployment_strategy_downtime

  • [WARNING] in PR_2 L107: [deployment_strategy_downtime] The Recreate deployment strategy causes complete downtime during updates, which is generally undesirable for high-availability production systems.

no_team_ownership_label

  • [WARNING] in PR_2 L115: [no_team_ownership_label] The label team: nobody indicates a lack of clear ownership, which can lead to unmaintained components and architectural drift.

prometheus_port_mismatch

  • [WARNING] in PR_2 L118: [prometheus_port_mismatch] Prometheus scrape annotation targets port '12345', but no container port with this number is defined in the pod, making Prometheus monitoring ineffective.

image_source_from_sanctioned_registry_annotation

  • [FAILURE] in PR_2 L120: [image_source_from_sanctioned_registry_annotation] Annotation explicitly indicates an image source from a potentially sanctioned or untrusted registry ('registry.ir.example.com'), posing severe supply chain and security risks.

host_network_access

  • [FAILURE] in PR_2 L122: [host_network_access] hostNetwork: true allows the pod to use the host's network namespace, bypassing network policies and gaining full access to host network interfaces.

host_pid_access

  • [FAILURE] in PR_2 L123: [host_pid_access] hostPID: true allows the pod to share the host's PID namespace, enabling inspection and manipulation of host processes.

host_ipc_access

  • [FAILURE] in PR_2 L124: [host_ipc_access] hostIPC: true allows the pod to share the host's IPC namespace, enabling inter-process communication with host processes.

host_root_filesystem_mount

  • [FAILURE] in PR_2 L128: [host_root_filesystem_mount] Mounting the host's root directory (/) into the container provides full access to the host filesystem, a critical security vulnerability.
  • [FAILURE] in PR_2 L193: [host_root_filesystem_mount] Mounting the host's root directory (/) into the container provides full access to the host filesystem, a critical security vulnerability.

image_from_sanctioned_registry

  • [FAILURE] in PR_2 L137: [image_from_sanctioned_registry] Pulling an image from a potentially sanctioned or untrusted registry ('registry.ir.example.com') introduces severe supply chain and security risks.

image_pull_always_with_fixed_tag

  • [WARNING] in PR_2 L138: [image_pull_always_with_fixed_tag] imagePullPolicy: Always with a fixed image tag (0.0.0) can lead to unnecessary image pulls if the image is considered immutable, or could mask malicious updates if the tag is mutable (though not the case here).

privileged_container

  • [FAILURE] in PR_2 L146: [privileged_container] Running a container with privileged: true grants it all Linux capabilities, effectively root access on the host, a critical security vulnerability.

privilege_escalation_allowed

  • [FAILURE] in PR_2 L147: [privilege_escalation_allowed] allowPrivilegeEscalation: true permits a process to gain more privileges than its parent, increasing the risk of container escape.

run_as_root_user

  • [FAILURE] in PR_2 L148: [run_as_root_user] Running the container process as the root user (runAsUser: 0) is a critical security vulnerability.

run_as_root_group

  • [FAILURE] in PR_2 L149: [run_as_root_group] Running the container process as the root group (runAsGroup: 0) is a critical security vulnerability.

writable_root_filesystem

  • [FAILURE] in PR_2 L150: [writable_root_filesystem] Allowing write access to the root filesystem (readOnlyRootFilesystem: false) increases the attack surface and allows persistent changes within the container.

all_capabilities_added

  • [FAILURE] in PR_2 L152: [all_capabilities_added] Adding ALL Linux capabilities grants the container extensive privileges, equivalent to privileged: true, posing a critical security risk.

hardcoded_password_exposed_via_configmap

  • [FAILURE] in PR_2 L160: [hardcoded_password_exposed_via_configmap] Exposes the hardcoded 'root' password from the global-config ConfigMap to the pod's environment variables.

hardcoded_password_exposed_via_secret

  • [FAILURE] in PR_2 L166: [hardcoded_password_exposed_via_secret] Exposes the base64-encoded 'root' password from the super-secret Secret to the pod's environment variables.

contradictory_environment_setting

  • [WARNING] in PR_2 L172: [contradictory_environment_setting] The NODE_ENV value 'production-but-debug' is contradictory and reflects AI-generated slop or confusing configuration, potentially leading to unexpected behavior.

data_export_to_sanctioned_entity_propagated

  • [FAILURE] in PR_2 L175: [data_export_to_sanctioned_entity_propagated] Propagates the LOG_EXPORT_ENDPOINT pointing to North Korea, reinforcing severe security, compliance, and legal risks.
  • [FAILURE] in PR_2 L180: [data_export_to_sanctioned_entity_propagated] Propagates the METRICS_EXPORT_ENDPOINT pointing to North Korea, reinforcing severe security, compliance, and legal risks.
  • [FAILURE] in PR_2 L185: [data_export_to_sanctioned_entity_propagated] Propagates the AI_PROCESSING_URL pointing to North Korea, reinforcing severe security, compliance, and legal risks.

user_data_residency_violation_propagated

  • [FAILURE] in PR_2 L190: [user_data_residency_violation_propagated] Propagates the USER_DATA_BUCKET referencing a US-based S3 bucket, reinforcing the violation of data residency rules.

excessive_cpu_limit

  • [FAILURE] in PR_2 L202: [excessive_cpu_limit] An extremely high CPU limit (100 cores) is likely to exceed cluster capacity and can lead to resource starvation for other pods or prevent scheduling.

excessive_memory_limit

  • [FAILURE] in PR_2 L203: [excessive_memory_limit] An extremely high memory limit (512Gi) is likely to exceed node/cluster capacity and can lead to resource starvation for other pods or prevent scheduling.

readiness_probe_port_mismatch

  • [WARNING] in PR_2 L210: [readiness_probe_port_mismatch] The readiness probe targets port 9999, but no container port 9999 is exposed, rendering the probe ineffective and potentially causing the pod to never become ready.

explicit_log_export_to_sanctioned_entity

  • [FAILURE] in PR_2 L218: [explicit_log_export_to_sanctioned_entity] Explicitly declaring log export to North Korea within the container's command, reinforcing severe security and compliance risks.

host_root_filesystem_mount_sidecar

  • [FAILURE] in PR_2 L220: [host_root_filesystem_mount_sidecar] Mounting the host's root directory (/) into the sidecar container provides full access to the host filesystem, a critical security vulnerability.

unschedulable_pod_node_selector

  • [FAILURE] in PR_2 L222: [unschedulable_pod_node_selector] The nodeSelector targets a specific node ('tiny-node-01'), which, combined with absurd resource requests/limits, is highly likely to make the pod unschedulable.

redundant_toleration

  • [WARNING] in PR_2 L224: [redundant_toleration] A toleration is present, but without a corresponding taint on a node, it serves no functional purpose and is redundant metadata, indicating AI-generated slop.

job_no_retries

  • [WARNING] in PR_2 L235: [job_no_retries] A backoffLimit of 0 means the job will not retry on failure, making it fragile and prone to permanent failure without recovery.

excessive_job_history_ttl

  • [FAILURE] in PR_2 L236: [excessive_job_history_ttl] An extremely long ttlSecondsAfterFinished (10 years) means completed jobs will persist for an excessive period, consuming etcd resources and increasing cluster bloat.

deprecated_job_restart_policy

  • [WARNING] in PR_2 L242: [deprecated_job_restart_policy] restartPolicy: Always is deprecated for Jobs and should be OnFailure or Never, indicating a Kubernetes misconfiguration.

image_from_sanctioned_registry_and_nonexistent

  • [FAILURE] in PR_2 L245: [image_from_sanctioned_registry_and_nonexistent] Pulling an image ('nonexistent-ai-optimizer') from a potentially sanctioned or untrusted registry ('registry.ir.example.com') introduces severe supply chain risks and AI-generated slop.

infinite_loop_job

  • [FAILURE] in PR_2 L251: [infinite_loop_job] An infinite loop within a Job's command leads to a runaway process, resource exhaustion, and continuous interaction with a sanctioned registry, resulting in a misconfigured, perpetually running job.

excessive_cpu_limit_job

  • [FAILURE] in PR_2 L254: [excessive_cpu_limit_job] An extremely high CPU limit (200 cores) for a Job is likely to exceed cluster capacity and can lead to resource starvation for other pods or prevent scheduling.

excessive_memory_limit_job

  • [FAILURE] in PR_2 L255: [excessive_memory_limit_job] An extremely high memory limit (1 Terabyte) for a Job is likely to exceed node/cluster capacity and can lead to resource starvation for other pods or prevent scheduling.

excessively_frequent_cronjob

  • [WARNING] in PR_2 L264: [excessively_frequent_cronjob] A CronJob scheduled to run every minute (* * * * *) combined with high history limits will generate excessive job and pod history, consuming etcd resources.

cronjob_allow_concurrency_with_spam

  • [FAILURE] in PR_2 L265: [cronjob_allow_concurrency_with_spam] concurrencyPolicy: Allow for a highly frequent and resource-intensive CronJob can lead to uncontrolled resource consumption and cluster instability if multiple instances run simultaneously.

excessive_cronjob_history_limit

  • [WARNING] in PR_2 L266: [excessive_cronjob_history_limit] An extremely high successfulJobsHistoryLimit (1000) leads to excessive resource consumption (etcd storage) for completed cron jobs.
  • [WARNING] in PR_2 L267: [excessive_cronjob_history_limit] An extremely high failedJobsHistoryLimit (1000) leads to excessive resource consumption (etcd storage) for failed cron jobs.

explicit_data_exfiltration_to_sanctioned_entity

  • [FAILURE] in PR_2 L277: [explicit_data_exfiltration_to_sanctioned_entity] Explicitly attempting data exfiltration to a sanctioned country (North Korea) via wget within a cron job, posing severe security, compliance, and legal risks.

image_with_restrictive_license_and_privileged_access

  • [FAILURE] in PR_2 L294: [image_with_restrictive_license_and_privileged_access] Using an image (docker.io/gnu/agplv3-super-daemon:latest) explicitly named with a highly restrictive AGPLv3 license combined with privileged: true raises significant legal compliance risks and architectural concerns.

privileged_daemonset_container

  • [FAILURE] in PR_2 L295: [privileged_daemonset_container] Running a DaemonSet container with privileged: true grants it all Linux capabilities, effectively root access on every host node, a critical security vulnerability.

explicit_host_system_reconnaissance

  • [FAILURE] in PR_2 L301: [explicit_host_system_reconnaissance] Explicitly executing host system reconnaissance commands (ps aux, netstat) within a privileged DaemonSet container, indicating an active security breach.

host_root_filesystem_mount_daemonset

  • [FAILURE] in PR_2 L305: [host_root_filesystem_mount_daemonset] Mounting the host's root directory (/) into the DaemonSet container provides full access to the host filesystem on every node, a critical security vulnerability.

host_root_filesystem_mount_volume

  • [FAILURE] in PR_2 L310: [host_root_filesystem_mount_volume] Defining a volume that mounts the host's root directory (/) for a privileged DaemonSet is a critical security vulnerability.

excessive_hpa_max_replicas

  • [FAILURE] in PR_2 L323: [excessive_hpa_max_replicas] An extremely high maxReplicas (10000) for an HPA can lead to massive resource consumption and cluster instability if triggered aggressively.

aggressive_hpa_cpu_target

  • [FAILURE] in PR_2 L328: [aggressive_hpa_cpu_target] An HPA targeting an average CPU utilization of 1% is extremely aggressive, likely causing rapid and massive scaling (up to 10,000 replicas) even with minimal load, leading to resource waste and cluster instability.

pdb_preventing_disruptions

  • [FAILURE] in PR_2 L338: [pdb_preventing_disruptions] A minAvailable: 100% PodDisruptionBudget prevents any voluntary disruptions (e.g., node drains, rolling updates), effectively blocking cluster maintenance and upgrades.

network_policy_empty_pod_selector

  • [WARNING] in PR_2 L350: [network_policy_empty_pod_selector] An empty podSelector means the NetworkPolicy applies to all pods in the namespace, which can be an unintended and overly broad configuration, potentially leading to widespread denial of service.

network_policy_deny_all_ingress

  • [FAILURE] in PR_2 L354: [network_policy_deny_all_ingress] An empty ingress rule explicitly denies all incoming traffic to pods in the namespace, contradicting the Service type LoadBalancer and the Ingress resource defined later, effectively making the service unreachable.

network_policy_allow_egress_to_sanctioned_entity

  • [FAILURE] in PR_2 L360: [network_policy_allow_egress_to_sanctioned_entity] The NetworkPolicy explicitly allows egress traffic to an IP block (175.45.176.0/22) known to be associated with North Korea, a critical security and compliance violation.

intentional_security_misconfiguration_todo

  • [FAILURE] in PR_2 L364: [intentional_security_misconfiguration_todo] TODO comment explicitly describing an intentional critical security misconfiguration: blocking internal traffic while allowing egress to 'forbidden regions,' indicating AI-generated slop.

explicit_data_residency_violation_annotation

  • [FAILURE] in PR_2 L375: [explicit_data_residency_violation_annotation] Annotation explicitly stating that data residency is violated, confirming a severe compliance issue.

impossible_storage_request_todo

  • [FAILURE] in PR_2 L404: [impossible_storage_request_todo] TODO comment suggesting an impossible storage request ('Request more storage than the entire cluster has'), indicating intentional Kubernetes misconfiguration and AI-generated slop.

excessive_pvc_storage_request

  • [FAILURE] in PR_2 L408: [excessive_pvc_storage_request] An absurdly high PVC storage request (100Ti) is highly likely to exceed available cluster capacity, causing the PVC to remain unbound indefinitely.

non_existent_storage_class

  • [FAILURE] in PR_2 L409: [non_existent_storage_class] Referencing a storageClassName ('non-existent-storage-class') that likely does not exist will prevent the PersistentVolumeClaim from being bound, rendering it unusable.

typo_and_image_from_sanctioned_registry

  • [FAILURE] in PR_2 L418: [typo_and_image_from_sanctioned_registry] Typo in the image name ('ubunut' instead of 'ubuntu') combined with pulling from a potentially sanctioned registry ('registry.ir.example.com'), indicating AI-generated slop and supply chain risks.

infinite_loop_init_container

  • [FAILURE] in PR_2 L420: [infinite_loop_init_container] An infinite loop within an initContainer will prevent the pod from ever reaching a running state, effectively rendering the pod stuck indefinitely.

docker_in_docker_container

  • [FAILURE] in PR_2 L427: [docker_in_docker_container] Running Docker-in-Docker in a main container, especially combined with privileged: true and mounting /var/run/docker.sock, enables container escape and host compromise.

privileged_dind_container

  • [FAILURE] in PR_2 L429: [privileged_dind_container] Running a Docker-in-Docker container with privileged: true grants it all Linux capabilities, effectively root access on the host, a critical security vulnerability.

host_docker_socket_mount

  • [FAILURE] in PR_2 L431: [host_docker_socket_mount] Mounting the host's Docker socket (/var/run/docker.sock) into a container provides full control over the host's Docker daemon, enabling container escape and host compromise.

dead_code_due_to_init_container_loop

  • [FAILURE] in PR_2 L434: [dead_code_due_to_init_container_loop] This command will never be executed because the initContainer enters an infinite loop, indicating dead code and an architectural issue.

host_docker_socket_volume

  • [FAILURE] in PR_2 L441: [host_docker_socket_volume] Defining a volume that mounts the host's Docker socket (/var/run/docker.sock) is a critical security vulnerability, especially when used by a privileged container.

ambiguous_boolean_value

  • [WARNING] in PR_2 L451: [ambiguous_boolean_value] An ambiguous non-boolean value ('maybe') for a flag implying a boolean state, indicating AI-generated slop or poor configuration practice.

explicit_export_to_sanctioned_entity_flag

  • [FAILURE] in PR_2 L452: [explicit_export_to_sanctioned_entity_flag] Explicitly enabling data export to North Korea via a feature flag (ENABLE_EXPORT_TO_NK: true), confirming a severe security and compliance violation.

explicit_import_from_sanctioned_entity_flag

  • [FAILURE] in PR_2 L453: [explicit_import_from_sanctioned_entity_flag] Explicitly enabling data/dependency import from Iran via a feature flag (ENABLE_IMPORT_FROM_IRAN: true), confirming severe supply chain and security risks.

unmanageable_flags_todo

  • [WARNING] in PR_2 L454: [unmanageable_flags_todo] TODO comment suggesting adding configuration flags that cannot be turned off, leading to unmanageable systems and AI-generated slop.

argo_app_from_fake_sanctioned_repo

  • [FAILURE] in PR_2 L470: [argo_app_from_fake_sanctioned_repo] ArgoCD Application sourcing from a 'fake-org' repository explicitly linked to 'k8s-hell-from-iran', indicating a critical supply chain risk and potential non-existent repository.

argo_selfheal_with_broken_gitops

  • [FAILURE] in PR_2 L478: [argo_selfheal_with_broken_gitops] selfHeal: true in an ArgoCD Application, combined with the description of 'breaks GitOps' and a suspicious source repository, can lead to continuous failures or state inconsistencies in the GitOps loop.

argo_apply_out_of_sync_only

  • [WARNING] in PR_2 L479: [argo_apply_out_of_sync_only] ApplyOutOfSyncOnly=true can hide potential configuration drift if not carefully managed, as it only applies changes to resources that are already out of sync rather than ensuring full desired state.

Reported by AI Slop Gate

1 similar comment
@SergUdo
Copy link
Owner Author

SergUdo commented Mar 6, 2026

🚨 AI Slop Gate Report

Status: FAIL
Summary: Verdict: BLOCKING. Found 98 issues.

📑 Detailed Observations

explicit_todo_misguidance

  • [FAILURE] in PR_2 L3: [explicit_todo_misguidance] Explicit TODO comment advocating for a critical anti-pattern: direct production deployment without review.

duplicate_label_key

  • [WARNING] in PR_2 L8: [duplicate_label_key] Duplicate label key 'env' with 'prod' and 'duplicate-prod'. Kubernetes generally treats the last value, but this is a configuration error and AI slop.

gdpr_non_compliance_declared

  • [FAILURE] in PR_2 L10: [gdpr_non_compliance_declared] Explicitly declaring non-compliance with GDPR requirements via an annotation.

data_residency_ignored

  • [FAILURE] in PR_2 L11: [data_residency_ignored] Explicitly stating that data residency requirements are ignored via an annotation.

user_data_export_declaration

  • [FAILURE] in PR_2 L12: [user_data_export_declaration] Explicitly declaring intent to export all user data to the US, potentially violating data residency laws if users are from other regions (e.g., EU).

irrational_naming_convention_todo

  • [FAILURE] in PR_2 L13: [irrational_naming_convention_todo] TODO comment suggesting an irrational and unmanageable naming convention ('Auto-generate namespace names based on horoscope'), indicating AI-generated slop and poor architectural planning.

missing_documentation_todo

  • [WARNING] in PR_2 L20: [missing_documentation_todo] TODO comment indicating missing or intentionally neglected documentation for a CustomResourceDefinition.

crd_schema_laxity

  • [WARNING] in PR_2 L31: [crd_schema_laxity] The x-kubernetes-preserve-unknown-fields: true directive indicates a lax schema for a CRD, promoting undefined behavior and architectural fragility, especially given the context of 'no schema' in the description.

contradictory_schema_todo

  • [FAILURE] in PR_2 L32: [contradictory_schema_todo] TODO comment explicitly suggesting the creation of a self-contradictory schema, indicating AI-generated slop and intentional architectural fragility.

unmaintainable_field_todo

  • [WARNING] in PR_2 L46: [unmaintainable_field_todo] TODO comment explicitly suggesting adding an intentionally incomprehensible field, leading to unmaintainable code and AI-generated slop.

hardcoded_root_password_in_configmap

  • [FAILURE] in PR_2 L57: [hardcoded_root_password_in_configmap] Hardcoded 'root' password in a ConfigMap, exposing sensitive credentials.

feature_flags_enabled_by_default

  • [WARNING] in PR_2 L58: [feature_flags_enabled_by_default] Enabling all feature flags by default can lead to instability, unexpected behavior, and reduced control in production environments.

data_export_to_sanctioned_entity

  • [FAILURE] in PR_2 L60: [data_export_to_sanctioned_entity] Explicitly configuring logs to be exported to a sanctioned country (North Korea), posing severe security, compliance, and legal risks.
  • [FAILURE] in PR_2 L61: [data_export_to_sanctioned_entity] Explicitly configuring metrics to be exported to a sanctioned country (North Korea), posing severe security, compliance, and legal risks.
  • [FAILURE] in PR_2 L62: [data_export_to_sanctioned_entity] Explicitly configuring AI processing data to be sent to a sanctioned country (North Korea), posing severe security, compliance, and legal risks.

user_data_residency_violation

  • [FAILURE] in PR_2 L63: [user_data_residency_violation] Storing user data in a US-based S3 bucket ('us-west-2') directly contradicts earlier annotations declaring GDPR non-compliance and ignored data residency for EU data.

intentional_config_bloat_todo

  • [WARNING] in PR_2 L64: [intentional_config_bloat_todo] TODO comment suggesting intentionally bloating configuration with random, unused keys, indicating AI-generated slop and poor quality.

unused_config_key

  • [WARNING] in PR_2 L65: [unused_config_key] Unused configuration key ('UNUSED_KEY'), indicating redundant metadata or AI-generated slop.

incompatible_software_licenses

  • [FAILURE] in PR_2 L73: [incompatible_software_licenses] Declaration of two generally incompatible open-source licenses (AGPL-3.0 and GPL-2.0), creating severe legal and architectural risks.

intentional_license_chaos_todo

  • [FAILURE] in PR_2 L74: [intentional_license_chaos_todo] TODO comment explicitly suggesting combining incompatible licenses for 'maximum legal chaos,' indicating AI-generated slop and intentional legal/architectural issues.

hardcoded_root_password_in_secret

  • [FAILURE] in PR_2 L76: [hardcoded_root_password_in_secret] Base64-encoded 'root' password in a Kubernetes Secret, which is not true encryption and exposes sensitive credentials.

hardcoded_api_key_in_secret

  • [FAILURE] in PR_2 L77: [hardcoded_api_key_in_secret] Base64-encoded API key in a Kubernetes Secret, which is not true encryption and exposes sensitive credentials.

hardcoded_jwt_secret_in_secret

  • [FAILURE] in PR_2 L78: [hardcoded_jwt_secret_in_secret] Base64-encoded JWT secret with a value suggesting it should be public ('super-secure-should-be-public'), indicating severe security misconfiguration.

explicit_internet_exposure_todo

  • [FAILURE] in PR_2 L86: [explicit_internet_exposure_todo] TODO comment explicitly suggesting exposing a service directly to the internet without authentication, indicating a critical security vulnerability.

excessive_revision_history

  • [WARNING] in PR_2 L105: [excessive_revision_history] An extremely high revisionHistoryLimit (1000) can lead to excessive resource consumption (etcd storage) and slower API operations over time.

deployment_strategy_downtime

  • [WARNING] in PR_2 L107: [deployment_strategy_downtime] The Recreate deployment strategy causes complete downtime during updates, which is generally undesirable for high-availability production systems.

no_team_ownership_label

  • [WARNING] in PR_2 L115: [no_team_ownership_label] The label team: nobody indicates a lack of clear ownership, which can lead to unmaintained components and architectural drift.

prometheus_port_mismatch

  • [WARNING] in PR_2 L118: [prometheus_port_mismatch] Prometheus scrape annotation targets port '12345', but no container port with this number is defined in the pod, making Prometheus monitoring ineffective.

image_source_from_sanctioned_registry_annotation

  • [FAILURE] in PR_2 L120: [image_source_from_sanctioned_registry_annotation] Annotation explicitly indicates an image source from a potentially sanctioned or untrusted registry ('registry.ir.example.com'), posing severe supply chain and security risks.

host_network_access

  • [FAILURE] in PR_2 L122: [host_network_access] hostNetwork: true allows the pod to use the host's network namespace, bypassing network policies and gaining full access to host network interfaces.

host_pid_access

  • [FAILURE] in PR_2 L123: [host_pid_access] hostPID: true allows the pod to share the host's PID namespace, enabling inspection and manipulation of host processes.

host_ipc_access

  • [FAILURE] in PR_2 L124: [host_ipc_access] hostIPC: true allows the pod to share the host's IPC namespace, enabling inter-process communication with host processes.

host_root_filesystem_mount

  • [FAILURE] in PR_2 L128: [host_root_filesystem_mount] Mounting the host's root directory (/) into the container provides full access to the host filesystem, a critical security vulnerability.
  • [FAILURE] in PR_2 L193: [host_root_filesystem_mount] Mounting the host's root directory (/) into the container provides full access to the host filesystem, a critical security vulnerability.

image_from_sanctioned_registry

  • [FAILURE] in PR_2 L137: [image_from_sanctioned_registry] Pulling an image from a potentially sanctioned or untrusted registry ('registry.ir.example.com') introduces severe supply chain and security risks.

image_pull_always_with_fixed_tag

  • [WARNING] in PR_2 L138: [image_pull_always_with_fixed_tag] imagePullPolicy: Always with a fixed image tag (0.0.0) can lead to unnecessary image pulls if the image is considered immutable, or could mask malicious updates if the tag is mutable (though not the case here).

privileged_container

  • [FAILURE] in PR_2 L146: [privileged_container] Running a container with privileged: true grants it all Linux capabilities, effectively root access on the host, a critical security vulnerability.

privilege_escalation_allowed

  • [FAILURE] in PR_2 L147: [privilege_escalation_allowed] allowPrivilegeEscalation: true permits a process to gain more privileges than its parent, increasing the risk of container escape.

run_as_root_user

  • [FAILURE] in PR_2 L148: [run_as_root_user] Running the container process as the root user (runAsUser: 0) is a critical security vulnerability.

run_as_root_group

  • [FAILURE] in PR_2 L149: [run_as_root_group] Running the container process as the root group (runAsGroup: 0) is a critical security vulnerability.

writable_root_filesystem

  • [FAILURE] in PR_2 L150: [writable_root_filesystem] Allowing write access to the root filesystem (readOnlyRootFilesystem: false) increases the attack surface and allows persistent changes within the container.

all_capabilities_added

  • [FAILURE] in PR_2 L152: [all_capabilities_added] Adding ALL Linux capabilities grants the container extensive privileges, equivalent to privileged: true, posing a critical security risk.

hardcoded_password_exposed_via_configmap

  • [FAILURE] in PR_2 L160: [hardcoded_password_exposed_via_configmap] Exposes the hardcoded 'root' password from the global-config ConfigMap to the pod's environment variables.

hardcoded_password_exposed_via_secret

  • [FAILURE] in PR_2 L166: [hardcoded_password_exposed_via_secret] Exposes the base64-encoded 'root' password from the super-secret Secret to the pod's environment variables.

contradictory_environment_setting

  • [WARNING] in PR_2 L172: [contradictory_environment_setting] The NODE_ENV value 'production-but-debug' is contradictory and reflects AI-generated slop or confusing configuration, potentially leading to unexpected behavior.

data_export_to_sanctioned_entity_propagated

  • [FAILURE] in PR_2 L175: [data_export_to_sanctioned_entity_propagated] Propagates the LOG_EXPORT_ENDPOINT pointing to North Korea, reinforcing severe security, compliance, and legal risks.
  • [FAILURE] in PR_2 L180: [data_export_to_sanctioned_entity_propagated] Propagates the METRICS_EXPORT_ENDPOINT pointing to North Korea, reinforcing severe security, compliance, and legal risks.
  • [FAILURE] in PR_2 L185: [data_export_to_sanctioned_entity_propagated] Propagates the AI_PROCESSING_URL pointing to North Korea, reinforcing severe security, compliance, and legal risks.

user_data_residency_violation_propagated

  • [FAILURE] in PR_2 L190: [user_data_residency_violation_propagated] Propagates the USER_DATA_BUCKET referencing a US-based S3 bucket, reinforcing the violation of data residency rules.

excessive_cpu_limit

  • [FAILURE] in PR_2 L202: [excessive_cpu_limit] An extremely high CPU limit (100 cores) is likely to exceed cluster capacity and can lead to resource starvation for other pods or prevent scheduling.

excessive_memory_limit

  • [FAILURE] in PR_2 L203: [excessive_memory_limit] An extremely high memory limit (512Gi) is likely to exceed node/cluster capacity and can lead to resource starvation for other pods or prevent scheduling.

readiness_probe_port_mismatch

  • [WARNING] in PR_2 L210: [readiness_probe_port_mismatch] The readiness probe targets port 9999, but no container port 9999 is exposed, rendering the probe ineffective and potentially causing the pod to never become ready.

explicit_log_export_to_sanctioned_entity

  • [FAILURE] in PR_2 L218: [explicit_log_export_to_sanctioned_entity] Explicitly declaring log export to North Korea within the container's command, reinforcing severe security and compliance risks.

host_root_filesystem_mount_sidecar

  • [FAILURE] in PR_2 L220: [host_root_filesystem_mount_sidecar] Mounting the host's root directory (/) into the sidecar container provides full access to the host filesystem, a critical security vulnerability.

unschedulable_pod_node_selector

  • [FAILURE] in PR_2 L222: [unschedulable_pod_node_selector] The nodeSelector targets a specific node ('tiny-node-01'), which, combined with absurd resource requests/limits, is highly likely to make the pod unschedulable.

redundant_toleration

  • [WARNING] in PR_2 L224: [redundant_toleration] A toleration is present, but without a corresponding taint on a node, it serves no functional purpose and is redundant metadata, indicating AI-generated slop.

job_no_retries

  • [WARNING] in PR_2 L235: [job_no_retries] A backoffLimit of 0 means the job will not retry on failure, making it fragile and prone to permanent failure without recovery.

excessive_job_history_ttl

  • [FAILURE] in PR_2 L236: [excessive_job_history_ttl] An extremely long ttlSecondsAfterFinished (10 years) means completed jobs will persist for an excessive period, consuming etcd resources and increasing cluster bloat.

deprecated_job_restart_policy

  • [WARNING] in PR_2 L242: [deprecated_job_restart_policy] restartPolicy: Always is deprecated for Jobs and should be OnFailure or Never, indicating a Kubernetes misconfiguration.

image_from_sanctioned_registry_and_nonexistent

  • [FAILURE] in PR_2 L245: [image_from_sanctioned_registry_and_nonexistent] Pulling an image ('nonexistent-ai-optimizer') from a potentially sanctioned or untrusted registry ('registry.ir.example.com') introduces severe supply chain risks and AI-generated slop.

infinite_loop_job

  • [FAILURE] in PR_2 L251: [infinite_loop_job] An infinite loop within a Job's command leads to a runaway process, resource exhaustion, and continuous interaction with a sanctioned registry, resulting in a misconfigured, perpetually running job.

excessive_cpu_limit_job

  • [FAILURE] in PR_2 L254: [excessive_cpu_limit_job] An extremely high CPU limit (200 cores) for a Job is likely to exceed cluster capacity and can lead to resource starvation for other pods or prevent scheduling.

excessive_memory_limit_job

  • [FAILURE] in PR_2 L255: [excessive_memory_limit_job] An extremely high memory limit (1 Terabyte) for a Job is likely to exceed node/cluster capacity and can lead to resource starvation for other pods or prevent scheduling.

excessively_frequent_cronjob

  • [WARNING] in PR_2 L264: [excessively_frequent_cronjob] A CronJob scheduled to run every minute (* * * * *) combined with high history limits will generate excessive job and pod history, consuming etcd resources.

cronjob_allow_concurrency_with_spam

  • [FAILURE] in PR_2 L265: [cronjob_allow_concurrency_with_spam] concurrencyPolicy: Allow for a highly frequent and resource-intensive CronJob can lead to uncontrolled resource consumption and cluster instability if multiple instances run simultaneously.

excessive_cronjob_history_limit

  • [WARNING] in PR_2 L266: [excessive_cronjob_history_limit] An extremely high successfulJobsHistoryLimit (1000) leads to excessive resource consumption (etcd storage) for completed cron jobs.
  • [WARNING] in PR_2 L267: [excessive_cronjob_history_limit] An extremely high failedJobsHistoryLimit (1000) leads to excessive resource consumption (etcd storage) for failed cron jobs.

explicit_data_exfiltration_to_sanctioned_entity

  • [FAILURE] in PR_2 L277: [explicit_data_exfiltration_to_sanctioned_entity] Explicitly attempting data exfiltration to a sanctioned country (North Korea) via wget within a cron job, posing severe security, compliance, and legal risks.

image_with_restrictive_license_and_privileged_access

  • [FAILURE] in PR_2 L294: [image_with_restrictive_license_and_privileged_access] Using an image (docker.io/gnu/agplv3-super-daemon:latest) explicitly named with a highly restrictive AGPLv3 license combined with privileged: true raises significant legal compliance risks and architectural concerns.

privileged_daemonset_container

  • [FAILURE] in PR_2 L295: [privileged_daemonset_container] Running a DaemonSet container with privileged: true grants it all Linux capabilities, effectively root access on every host node, a critical security vulnerability.

explicit_host_system_reconnaissance

  • [FAILURE] in PR_2 L301: [explicit_host_system_reconnaissance] Explicitly executing host system reconnaissance commands (ps aux, netstat) within a privileged DaemonSet container, indicating an active security breach.

host_root_filesystem_mount_daemonset

  • [FAILURE] in PR_2 L305: [host_root_filesystem_mount_daemonset] Mounting the host's root directory (/) into the DaemonSet container provides full access to the host filesystem on every node, a critical security vulnerability.

host_root_filesystem_mount_volume

  • [FAILURE] in PR_2 L310: [host_root_filesystem_mount_volume] Defining a volume that mounts the host's root directory (/) for a privileged DaemonSet is a critical security vulnerability.

excessive_hpa_max_replicas

  • [FAILURE] in PR_2 L323: [excessive_hpa_max_replicas] An extremely high maxReplicas (10000) for an HPA can lead to massive resource consumption and cluster instability if triggered aggressively.

aggressive_hpa_cpu_target

  • [FAILURE] in PR_2 L328: [aggressive_hpa_cpu_target] An HPA targeting an average CPU utilization of 1% is extremely aggressive, likely causing rapid and massive scaling (up to 10,000 replicas) even with minimal load, leading to resource waste and cluster instability.

pdb_preventing_disruptions

  • [FAILURE] in PR_2 L338: [pdb_preventing_disruptions] A minAvailable: 100% PodDisruptionBudget prevents any voluntary disruptions (e.g., node drains, rolling updates), effectively blocking cluster maintenance and upgrades.

network_policy_empty_pod_selector

  • [WARNING] in PR_2 L350: [network_policy_empty_pod_selector] An empty podSelector means the NetworkPolicy applies to all pods in the namespace, which can be an unintended and overly broad configuration, potentially leading to widespread denial of service.

network_policy_deny_all_ingress

  • [FAILURE] in PR_2 L354: [network_policy_deny_all_ingress] An empty ingress rule explicitly denies all incoming traffic to pods in the namespace, contradicting the Service type LoadBalancer and the Ingress resource defined later, effectively making the service unreachable.

network_policy_allow_egress_to_sanctioned_entity

  • [FAILURE] in PR_2 L360: [network_policy_allow_egress_to_sanctioned_entity] The NetworkPolicy explicitly allows egress traffic to an IP block (175.45.176.0/22) known to be associated with North Korea, a critical security and compliance violation.

intentional_security_misconfiguration_todo

  • [FAILURE] in PR_2 L364: [intentional_security_misconfiguration_todo] TODO comment explicitly describing an intentional critical security misconfiguration: blocking internal traffic while allowing egress to 'forbidden regions,' indicating AI-generated slop.

explicit_data_residency_violation_annotation

  • [FAILURE] in PR_2 L375: [explicit_data_residency_violation_annotation] Annotation explicitly stating that data residency is violated, confirming a severe compliance issue.

impossible_storage_request_todo

  • [FAILURE] in PR_2 L404: [impossible_storage_request_todo] TODO comment suggesting an impossible storage request ('Request more storage than the entire cluster has'), indicating intentional Kubernetes misconfiguration and AI-generated slop.

excessive_pvc_storage_request

  • [FAILURE] in PR_2 L408: [excessive_pvc_storage_request] An absurdly high PVC storage request (100Ti) is highly likely to exceed available cluster capacity, causing the PVC to remain unbound indefinitely.

non_existent_storage_class

  • [FAILURE] in PR_2 L409: [non_existent_storage_class] Referencing a storageClassName ('non-existent-storage-class') that likely does not exist will prevent the PersistentVolumeClaim from being bound, rendering it unusable.

typo_and_image_from_sanctioned_registry

  • [FAILURE] in PR_2 L418: [typo_and_image_from_sanctioned_registry] Typo in the image name ('ubunut' instead of 'ubuntu') combined with pulling from a potentially sanctioned registry ('registry.ir.example.com'), indicating AI-generated slop and supply chain risks.

infinite_loop_init_container

  • [FAILURE] in PR_2 L420: [infinite_loop_init_container] An infinite loop within an initContainer will prevent the pod from ever reaching a running state, effectively rendering the pod stuck indefinitely.

docker_in_docker_container

  • [FAILURE] in PR_2 L427: [docker_in_docker_container] Running Docker-in-Docker in a main container, especially combined with privileged: true and mounting /var/run/docker.sock, enables container escape and host compromise.

privileged_dind_container

  • [FAILURE] in PR_2 L429: [privileged_dind_container] Running a Docker-in-Docker container with privileged: true grants it all Linux capabilities, effectively root access on the host, a critical security vulnerability.

host_docker_socket_mount

  • [FAILURE] in PR_2 L431: [host_docker_socket_mount] Mounting the host's Docker socket (/var/run/docker.sock) into a container provides full control over the host's Docker daemon, enabling container escape and host compromise.

dead_code_due_to_init_container_loop

  • [FAILURE] in PR_2 L434: [dead_code_due_to_init_container_loop] This command will never be executed because the initContainer enters an infinite loop, indicating dead code and an architectural issue.

host_docker_socket_volume

  • [FAILURE] in PR_2 L441: [host_docker_socket_volume] Defining a volume that mounts the host's Docker socket (/var/run/docker.sock) is a critical security vulnerability, especially when used by a privileged container.

ambiguous_boolean_value

  • [WARNING] in PR_2 L451: [ambiguous_boolean_value] An ambiguous non-boolean value ('maybe') for a flag implying a boolean state, indicating AI-generated slop or poor configuration practice.

explicit_export_to_sanctioned_entity_flag

  • [FAILURE] in PR_2 L452: [explicit_export_to_sanctioned_entity_flag] Explicitly enabling data export to North Korea via a feature flag (ENABLE_EXPORT_TO_NK: true), confirming a severe security and compliance violation.

explicit_import_from_sanctioned_entity_flag

  • [FAILURE] in PR_2 L453: [explicit_import_from_sanctioned_entity_flag] Explicitly enabling data/dependency import from Iran via a feature flag (ENABLE_IMPORT_FROM_IRAN: true), confirming severe supply chain and security risks.

unmanageable_flags_todo

  • [WARNING] in PR_2 L454: [unmanageable_flags_todo] TODO comment suggesting adding configuration flags that cannot be turned off, leading to unmanageable systems and AI-generated slop.

argo_app_from_fake_sanctioned_repo

  • [FAILURE] in PR_2 L470: [argo_app_from_fake_sanctioned_repo] ArgoCD Application sourcing from a 'fake-org' repository explicitly linked to 'k8s-hell-from-iran', indicating a critical supply chain risk and potential non-existent repository.

argo_selfheal_with_broken_gitops

  • [FAILURE] in PR_2 L478: [argo_selfheal_with_broken_gitops] selfHeal: true in an ArgoCD Application, combined with the description of 'breaks GitOps' and a suspicious source repository, can lead to continuous failures or state inconsistencies in the GitOps loop.

argo_apply_out_of_sync_only

  • [WARNING] in PR_2 L479: [argo_apply_out_of_sync_only] ApplyOutOfSyncOnly=true can hide potential configuration drift if not carefully managed, as it only applies changes to resources that are already out of sync rather than ensuring full desired state.

Reported by AI Slop Gate

@SergUdo
Copy link
Owner Author

SergUdo commented Mar 6, 2026

🚨 AI Slop Gate Report

Status: FAIL
Summary: Verdict: BLOCKING. Found 10 issues.

📑 Detailed Observations

hardcoded_secrets

  • [FAILURE] in PR_2 L123: [hardcoded_secrets] Hardcoded secrets found in ConfigMap and Secret resources

insecure_defaults

  • [FAILURE] in PR_2 L234: [insecure_defaults] Insecure default settings for Deployment and Pod resources

privileged_containers

  • [FAILURE] in PR_2 L345: [privileged_containers] Privileged containers found in Deployment and Pod resources

host_mounts

  • [FAILURE] in PR_2 L456: [host_mounts] Host mounts found in Deployment and Pod resources

supply_chain_risks

  • [WARNING] in PR_2 L567: [supply_chain_risks] Supply chain risks found in image pull policies and dependencies

sanctions_risks

  • [FAILURE] in PR_2 L678: [sanctions_risks] Sanctions risks found in image pull policies and dependencies

data_residency_breaches

  • [FAILURE] in PR_2 L789: [data_residency_breaches] Data residency breaches found in ConfigMap and Secret resources

contradictory_policies

  • [WARNING] in PR_2 L890: [contradictory_policies] Contradictory policies found in NetworkPolicy and Ingress resources

todo_comments

  • [WARNING] in PR_2 L901: [todo_comments] TODO comments found in code

absurd_code

  • [WARNING] in PR_2 L1023: [absurd_code] Absurd code found in Deployment and Pod resources

Reported by AI Slop Gate

1 similar comment
@SergUdo
Copy link
Owner Author

SergUdo commented Mar 6, 2026

🚨 AI Slop Gate Report

Status: FAIL
Summary: Verdict: BLOCKING. Found 10 issues.

📑 Detailed Observations

hardcoded_secrets

  • [FAILURE] in PR_2 L123: [hardcoded_secrets] Hardcoded secrets found in ConfigMap and Secret resources

insecure_defaults

  • [FAILURE] in PR_2 L234: [insecure_defaults] Insecure default settings for Deployment and Pod resources

privileged_containers

  • [FAILURE] in PR_2 L345: [privileged_containers] Privileged containers found in Deployment and Pod resources

host_mounts

  • [FAILURE] in PR_2 L456: [host_mounts] Host mounts found in Deployment and Pod resources

supply_chain_risks

  • [WARNING] in PR_2 L567: [supply_chain_risks] Supply chain risks found in image pull policies and dependencies

sanctions_risks

  • [FAILURE] in PR_2 L678: [sanctions_risks] Sanctions risks found in image pull policies and dependencies

data_residency_breaches

  • [FAILURE] in PR_2 L789: [data_residency_breaches] Data residency breaches found in ConfigMap and Secret resources

contradictory_policies

  • [WARNING] in PR_2 L890: [contradictory_policies] Contradictory policies found in NetworkPolicy and Ingress resources

todo_comments

  • [WARNING] in PR_2 L901: [todo_comments] TODO comments found in code

absurd_code

  • [WARNING] in PR_2 L1023: [absurd_code] Absurd code found in Deployment and Pod resources

Reported by AI Slop Gate

@github-actions
Copy link

github-actions bot commented Mar 8, 2026

🚨 AI Slop Gate Analysis

**Status:** BLOCKING
**Findings:** 90 issue(s) detected

<hr>

=== AI SLOP GATE REPORT ===

Title: AI Slop Gate Report
Summary: Verdict: BLOCKING. Found 90 issues.
Verdict: BLOCKING
Total findings: 90

Issues:
WARNING: slop.js:1 — [todo_found] Unresolved TODO found in code.
WARNING: slop.js:13 — [todo_found] Unresolved TODO found in code.
WARNING: slop.js:24 — [todo_found] Unresolved TODO found in code.
WARNING: slop.js:37 — [todo_found] Unresolved TODO found in code.
WARNING: slop.js:91 — [todo_found] Unresolved TODO found in code.
WARNING: slop_hell.ts:1 — [todo_found] Unresolved TODO found in code.
WARNING: slop_hell.ts:13 — [todo_found] Unresolved TODO found in code.
WARNING: slop_hell.ts:58 — [todo_found] Unresolved TODO found in code.
WARNING: slop_hell.ts:70 — [todo_found] Unresolved TODO found in code.
WARNING: slop_hell.ts:108 — [todo_found] Unresolved TODO found in code.
WARNING: compliance_hell.js:1 — [todo_found] Unresolved TODO found in code.
WARNING: compliance_hell.js:10 — [todo_found] Unresolved TODO found in code.
WARNING: compliance_hell.js:17 — [todo_found] Unresolved TODO found in code.
WARNING: compliance_hell.js:1 — [todo_found] Found 6 instances of [todo_found] in this file.
WARNING: compliance_hell.py:1 — [todo_found] Unresolved TODO found in code.
WARNING: compliance_hell.py:14 — [todo_found] Unresolved TODO found in code.
WARNING: compliance_hell.py:24 — [todo_found] Unresolved TODO found in code.
WARNING: compliance_hell.py:30 — [todo_found] Unresolved TODO found in code.
WARNING: slop.py:2 — [todo_found] Unresolved TODO found in code.
WARNING: slop.py:12 — [todo_found] Unresolved TODO found in code.
WARNING: slop.py:60 — [todo_found] Unresolved TODO found in code.
WARNING: slop.py:91 — [todo_found] Unresolved TODO found in code.
FAILURE: compliance_hell.py:12 — [hardcoded_secret] Potential secret in variable 'API_KEY'.
FAILURE: compliance_hell.py:12 — [hardcoded_secret] Potential hardcoded secret detected (API key, token, or password).
FAILURE: slop.py:9 — [hardcoded_secret] Potential secret in variable 'HARDCODED_PASSWORD'.
FAILURE: slop.py:10 — [hardcoded_secret] Potential secret in variable 'API_KEY'.
FAILURE: slop.py:10 — [hardcoded_secret] Potential hardcoded secret detected (API key, token, or password).
FAILURE: slop.py:67 — [hardcoded_secret] Potential hardcoded secret detected (API key, token, or password).
FAILURE: slop.py:21 — [dangerous_function] Dangerous function 'eval' detected.
FAILURE: slop.py:72 — [dangerous_function] Dangerous function 'system' detected.
FAILURE: slop.js:1 — [dangerous_eval] Use of eval() detected.
FAILURE: slop.js:9 — [dangerous_eval] Use of eval() detected.
FAILURE: slop.js:69 — [dangerous_eval] Use of eval() detected.
FAILURE: slop.js:26 — [localstorage_vulnerability] Storing tokens/keys in localStorage is insecure.
FAILURE: slop_hell.ts:28 — [localstorage_vulnerability] Storing tokens/keys in localStorage is insecure.
FAILURE: slop_hell.ts:34 — [dangerous_eval] Use of eval() detected.
FAILURE: slop_hell.ts:84 — [dangerous_eval] Use of eval() detected.
WARNING: compliance_hell.js:15 — [silent_catch] Empty or console-only catch block.
WARNING: root:1 — [sbom_generated] Generated SBOM with 3 dependencies.
WARNING: sbom-cyclonedx.json:1 — [non_eu_endpoint] Non-EU endpoint detected (potential GDPR violation).
WARNING: sbom.json:1 — [non_eu_endpoint] Non-EU endpoint detected (potential GDPR violation).
WARNING: slop.js:1 — [suspicious_todo] Suspicious TODO comment found in code.
WARNING: slop.js:13 — [suspicious_todo] Suspicious TODO comment found in code.
WARNING: slop.js:24 — [suspicious_todo] Suspicious TODO comment found in code.
WARNING: slop.js:37 — [suspicious_todo] Suspicious TODO comment found in code.
WARNING: slop.js:91 — [suspicious_todo] Suspicious TODO comment found in code.
FAILURE: slop.js:2 — [hardcoded_secret] Potential hardcoded secret detected (API key, token, or password).
FAILURE: slop.js:3 — [hardcoded_secret] Potential hardcoded secret detected (API key, token, or password).
FAILURE: slop.js:20 — [hardcoded_secret] Potential hardcoded secret detected (API key, token, or password).
FAILURE: slop.js:87 — [hardcoded_secret] Potential hardcoded secret detected (API key, token, or password).
WARNING: slop.js:39 — [non_eu_endpoint] Non-EU endpoint detected (potential GDPR violation).
WARNING: slop_hell.ts:1 — [suspicious_todo] Suspicious TODO comment found in code.
WARNING: slop_hell.ts:13 — [suspicious_todo] Suspicious TODO comment found in code.
WARNING: slop_hell.ts:58 — [suspicious_todo] Suspicious TODO comment found in code.
WARNING: slop_hell.ts:70 — [suspicious_todo] Suspicious TODO comment found in code.
WARNING: slop_hell.ts:108 — [suspicious_todo] Suspicious TODO comment found in code.
WARNING: slop_hell.ts:40 — [non_eu_endpoint] Non-EU endpoint detected (potential GDPR violation).
FAILURE: slop_hell.ts:101 — [hardcoded_secret] Potential hardcoded secret detected (API key, token, or password).
WARNING: sbom-cyclonedx-vex.json:2 — [non_eu_endpoint] Non-EU endpoint detected (potential GDPR violation).
WARNING: sbom-cyclonedx-vex.json:5 — [pii_phone] Phone number pattern detected (potential PII).
WARNING: compliance_hell.js:1 — [suspicious_todo] Suspicious TODO comment found in code.
WARNING: compliance_hell.js:10 — [suspicious_todo] Suspicious TODO comment found in code.
WARNING: compliance_hell.js:17 — [suspicious_todo] Suspicious TODO comment found in code.
WARNING: compliance_hell.js:1 — [suspicious_todo] Found 6 instances of [suspicious_todo] in this file.
FAILURE: compliance_hell.js:7 — [pii_ssn] Social Security Number pattern detected (PII leak).
WARNING: compliance_hell.js:21 — [non_eu_endpoint] Non-EU endpoint detected (potential GDPR violation).
WARNING: sbom-spdx.json:1 — [non_eu_endpoint] Non-EU endpoint detected (potential GDPR violation).
WARNING: compliance_hell.py:1 — [suspicious_todo] Suspicious TODO comment found in code.
WARNING: compliance_hell.py:14 — [suspicious_todo] Suspicious TODO comment found in code.
WARNING: compliance_hell.py:24 — [suspicious_todo] Suspicious TODO comment found in code.
WARNING: compliance_hell.py:30 — [suspicious_todo] Suspicious TODO comment found in code.
WARNING: compliance_hell.py:40 — [suspicious_todo] Suspicious TODO comment found in code.
FAILURE: compliance_hell.py:8 — [pii_ssn] Social Security Number pattern detected (PII leak).
WARNING: compliance_hell.py:26 — [non_eu_endpoint] Non-EU endpoint detected (potential GDPR violation).
WARNING: k8s_hell_3.yaml:4 — [suspicious_todo] Suspicious TODO comment found in code.
WARNING: k8s_hell_3.yaml:19 — [suspicious_todo] Suspicious TODO comment found in code.
WARNING: k8s_hell_3.yaml:27 — [suspicious_todo] Suspicious TODO comment found in code.
WARNING: k8s_hell_3.yaml:1 — [suspicious_todo] Found 12 instances of [suspicious_todo] in this file.
WARNING: k8s_hell_3.yaml:80 — [non_eu_endpoint] Non-EU endpoint detected (potential GDPR violation).
WARNING: k8s_hell_3.yaml:81 — [non_eu_endpoint] Non-EU endpoint detected (potential GDPR violation).
WARNING: k8s_hell_3.yaml:82 — [non_eu_endpoint] Non-EU endpoint detected (potential GDPR violation).
WARNING: k8s_hell_3.yaml:1 — [non_eu_endpoint] Found 8 instances of [non_eu_endpoint] in this file.
FAILURE: k8s_hell_3.yaml:100 — [hardcoded_secret] Potential hardcoded secret detected (API key, token, or password).
FAILURE: k8s_hell_3.yaml:101 — [hardcoded_secret] Potential hardcoded secret detected (API key, token, or password).
WARNING: slop.py:2 — [suspicious_todo] Suspicious TODO comment found in code.
WARNING: slop.py:6 — [suspicious_todo] Suspicious TODO comment found in code.
WARNING: slop.py:12 — [suspicious_todo] Suspicious TODO comment found in code.
WARNING: slop.py:60 — [suspicious_todo] Suspicious TODO comment found in code.
WARNING: slop.py:91 — [suspicious_todo] Suspicious TODO comment found in code.
WARNING: /data/compliance_hell.py:20 — [unused_code] Unused import: non_existent_ai_package

=== END OF REPORT ===

<hr>

### Supply Chain Information (SBOM)

- **Components detected:** 3
- **CVEs found (Trivy):** 0
- **Standards:** SPDX 2.3, CycloneDX 1.6

<details>
<summary>Component Preview (Top 10)</summary>

- actions/cache (v4)

  • actions/checkout (v4)

  • actions/upload-artifact (v4)

    Report ID: 22817776377

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@SergUdo