npm - @clear-capabilities/agentic-security-scanner - Versions diffs - 0.78.0 → 0.80.0 - Mend

@clear-capabilities/agentic-security-scanner 0.78.0 → 0.80.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (126) hide show

package/bin/.agentic-security/findings.json +16 -16
package/bin/.agentic-security/last-scan.json +16 -16
package/bin/.agentic-security/last-scan.json.sig +1 -1
package/bin/.agentic-security/scan-history.json +51 -0
package/bin/.agentic-security/streak.json +5 -5
package/bin/agentic-security.js +22 -7
package/dist/178.index.js +1 -1
package/dist/333.index.js +283 -0
package/dist/384.index.js +1 -1
package/dist/476.index.js +5 -5
package/dist/637.index.js +1 -1
package/dist/700.index.js +138 -0
package/dist/718.index.js +53 -0
package/dist/838.index.js +1 -1
package/dist/985.index.js +95 -1
package/dist/agentic-security.mjs +83 -83
package/dist/agentic-security.mjs.sha256 +1 -1
package/package.json +6 -4
package/src/.agentic-security/findings.json +29799 -7803
package/src/.agentic-security/last-scan.json +29799 -7803
package/src/.agentic-security/last-scan.json.sig +1 -1
package/src/.agentic-security/scan-history.json +5119 -2611
package/src/.agentic-security/streak.json +6 -6
package/src/dataflow/.agentic-security/findings.json +2879 -308
package/src/dataflow/.agentic-security/last-scan.json +2879 -308
package/src/dataflow/.agentic-security/last-scan.json.sig +1 -1
package/src/dataflow/.agentic-security/scan-history.json +68 -520
package/src/dataflow/.agentic-security/streak.json +6 -7
package/src/dataflow/cross-service-taint.js +201 -0
package/src/dataflow/engine.js +52 -8
package/src/dataflow/formal-verify.js +204 -0
package/src/dataflow/ifds-precise.js +222 -0
package/src/dataflow/k2-summary-cache.js +153 -0
package/src/dataflow/lib-taint-summaries.js +198 -0
package/src/dataflow/privacy-taint.js +205 -0
package/src/dataflow/smt-feasibility.js +189 -0
package/src/engine.js +890 -132
package/src/integrations/index.js +2 -1
package/src/ir/.agentic-security/findings.json +240 -6
package/src/ir/.agentic-security/last-scan.json +240 -6
package/src/ir/.agentic-security/last-scan.json.sig +1 -1
package/src/ir/.agentic-security/scan-history.json +16 -594
package/src/ir/.agentic-security/streak.json +8 -9
package/src/ir/callgraph.js +27 -7
package/src/ir/cpp-preprocessor.js +142 -0
package/src/ir/csharp-ir.js +604 -0
package/src/ir/universal-ir.js +403 -0
package/src/llm-validator/index.js +7 -5
package/src/mcp/.agentic-security/findings.json +8632 -0
package/src/mcp/.agentic-security/last-scan.json +8632 -0
package/src/mcp/.agentic-security/last-scan.json.sig +1 -0
package/src/mcp/.agentic-security/scan-history.json +143 -0
package/src/mcp/.agentic-security/streak.json +20 -0
package/src/mcp/audit.js +5 -0
package/src/mcp/tools.js +90 -1
package/src/posture/.agentic-security/findings.json +16809 -4367
package/src/posture/.agentic-security/last-scan.json +16809 -4367
package/src/posture/.agentic-security/last-scan.json.sig +1 -1
package/src/posture/.agentic-security/scan-history.json +6689 -177
package/src/posture/.agentic-security/streak.json +8 -7
package/src/posture/api-contract.js +193 -0
package/src/posture/attack-taxonomy.js +227 -0
package/src/posture/calibration-drift.js +2 -1
package/src/posture/calibration.js +3 -2
package/src/posture/compliance-policy.js +218 -0
package/src/posture/composite-risk.js +122 -0
package/src/posture/csharp-analysis.js +330 -0
package/src/posture/exploit-bundle.js +210 -0
package/src/posture/federated-learning.js +172 -0
package/src/posture/fix-history.js +8 -2
package/src/posture/license-attributions.js +94 -0
package/src/posture/license-graph.js +238 -0
package/src/posture/pqc-migration-plan.js +158 -0
package/src/posture/profile.js +4 -5
package/src/posture/reachability-filter.js +33 -2
package/src/posture/realtime-cve-monitor.js +214 -0
package/src/posture/rule-overrides.js +2 -3
package/src/posture/rule-pack-signing.js +2 -3
package/src/posture/rule-synthesis.js +5 -6
package/src/posture/runtime-correlation.js +174 -0
package/src/posture/sbom-diff.js +171 -0
package/src/posture/sca-policy.js +235 -0
package/src/posture/sca-upgrade.js +259 -0
package/src/posture/security-trend.js +4 -7
package/src/posture/state-dir.js +124 -0
package/src/posture/streak.js +3 -0
package/src/posture/suppressions.js +5 -8
package/src/posture/threat-model-auto.js +268 -0
package/src/posture/triage-learning.js +170 -0
package/src/posture/triage.js +29 -6
package/src/posture/validator-metrics.js +3 -6
package/src/sast/.agentic-security/findings.json +996 -32
package/src/sast/.agentic-security/last-scan.json +996 -32
package/src/sast/.agentic-security/last-scan.json.sig +1 -1
package/src/sast/.agentic-security/scan-history.json +565 -32
package/src/sast/.agentic-security/streak.json +10 -8
package/src/sast/_secret-entropy.js +145 -0
package/src/sast/cloud-iam.js +312 -0
package/src/sast/cpp.js +138 -4
package/src/sast/crypto-protocol.js +388 -0
package/src/sast/csharp-tokenizer.js +392 -0
package/src/sast/csharp.js +924 -138
package/src/sast/dapp-frontend.js +200 -0
package/src/sast/db-taint.js +24 -0
package/src/sast/k8s-admission.js +271 -0
package/src/sast/llm-app.js +272 -0
package/src/sast/ml-supply-chain.js +259 -0
package/src/sast/mobile.js +224 -0
package/src/sast/post-quantum-crypto.js +348 -0
package/src/sast/rust.js +26 -0
package/src/sast/web3-advanced.js +375 -0
package/src/sca/.agentic-security/findings.json +6044 -171
package/src/sca/.agentic-security/last-scan.json +6044 -171
package/src/sca/.agentic-security/last-scan.json.sig +1 -1
package/src/sca/.agentic-security/scan-history.json +83 -6
package/src/sca/.agentic-security/streak.json +9 -9
package/src/sca/CLAUDE.md +161 -0
package/src/sca/binary-metadata.js +146 -0
package/src/sca/py-package-functions.js +118 -0
package/src/sca/sigstore-verify.js +215 -0
package/src/sca/vendor-detect.js +53 -0
package/src/report/.agentic-security/findings.json +0 -80
package/src/report/.agentic-security/last-scan.json +0 -80
package/src/report/.agentic-security/last-scan.json.sig +0 -1
package/src/report/.agentic-security/scan-history.json +0 -35
package/src/report/.agentic-security/streak.json +0 -22

package/src/sast/.agentic-security/scan-history.json CHANGED Viewed

@@ -1,6 +1,6 @@
 [
   {
-    "timestamp": "2026-05-26T16:30:07.351Z",
+    "timestamp": "2026-05-28T21:53:59.953Z",
     "label": "scan",
     "total": 17,
     "critical": 0,
@@ -29,7 +29,7 @@
     ]
   },
   {
-    "timestamp": "2026-05-26T16:34:28.797Z",
+    "timestamp": "2026-05-28T21:55:15.110Z",
     "label": "scan",
     "total": 17,
     "critical": 0,
@@ -58,7 +58,7 @@
     ]
   },
   {
-    "timestamp": "2026-05-27T01:10:20.082Z",
+    "timestamp": "2026-05-28T21:55:49.362Z",
     "label": "scan",
     "total": 17,
     "critical": 0,
@@ -87,7 +87,7 @@
     ]
   },
   {
-    "timestamp": "2026-05-27T03:05:16.971Z",
+    "timestamp": "2026-05-28T21:56:14.244Z",
     "label": "scan",
     "total": 17,
     "critical": 0,
@@ -116,7 +116,7 @@
     ]
   },
   {
-    "timestamp": "2026-05-27T03:18:22.550Z",
+    "timestamp": "2026-05-28T21:56:19.253Z",
     "label": "scan",
     "total": 17,
     "critical": 0,
@@ -145,13 +145,13 @@
     ]
   },
   {
-    "timestamp": "2026-05-27T09:09:50.637Z",
+    "timestamp": "2026-05-29T06:46:02.197Z",
     "label": "scan",
-    "total": 17,
+    "total": 18,
     "critical": 0,
     "high": 0,
     "medium": 2,
-    "low": 15,
+    "low": 16,
     "kev": 0,
     "ids": [
       "authz:authz.js:33:AuthZ__jwt_verify_called_without_algorithms_allow_list",
@@ -162,6 +162,7 @@
       "llm-owasp:llm-owasp.js:181:llm01-dynamic-system:fstring",
       "llm-owasp:llm-owasp.js:182:llm01-dynamic-system:template",
       "llm-owasp:llm-owasp.js:183:llm10-no-token-budget",
+      "llm-redteam:noPromptInjectionDefense:llm-app.js:104",
       "prompt-tpl:llm-owasp.js:125:Prompt_Template__user_input_interpolated_into_prompt_string_",
       "spec-drift:rate-limit-impl:rate-limit.js:34",
       "spec-drift:rate-limit-impl:rate-limit.js:77",
@@ -174,13 +175,13 @@
     ]
   },
   {
-    "timestamp": "2026-05-27T09:10:10.121Z",
+    "timestamp": "2026-05-29T06:48:50.278Z",
     "label": "scan",
-    "total": 17,
+    "total": 18,
     "critical": 0,
     "high": 0,
     "medium": 2,
-    "low": 15,
+    "low": 16,
     "kev": 0,
     "ids": [
       "authz:authz.js:33:AuthZ__jwt_verify_called_without_algorithms_allow_list",
@@ -191,6 +192,7 @@
       "llm-owasp:llm-owasp.js:181:llm01-dynamic-system:fstring",
       "llm-owasp:llm-owasp.js:182:llm01-dynamic-system:template",
       "llm-owasp:llm-owasp.js:183:llm10-no-token-budget",
+      "llm-redteam:noPromptInjectionDefense:llm-app.js:104",
       "prompt-tpl:llm-owasp.js:125:Prompt_Template__user_input_interpolated_into_prompt_string_",
       "spec-drift:rate-limit-impl:rate-limit.js:34",
       "spec-drift:rate-limit-impl:rate-limit.js:77",
@@ -203,13 +205,13 @@
     ]
   },
   {
-    "timestamp": "2026-05-27T09:12:25.348Z",
+    "timestamp": "2026-05-29T14:13:35.120Z",
     "label": "scan",
-    "total": 17,
+    "total": 18,
     "critical": 0,
     "high": 0,
     "medium": 2,
-    "low": 15,
+    "low": 16,
     "kev": 0,
     "ids": [
       "authz:authz.js:33:AuthZ__jwt_verify_called_without_algorithms_allow_list",
@@ -220,6 +222,7 @@
       "llm-owasp:llm-owasp.js:181:llm01-dynamic-system:fstring",
       "llm-owasp:llm-owasp.js:182:llm01-dynamic-system:template",
       "llm-owasp:llm-owasp.js:183:llm10-no-token-budget",
+      "llm-redteam:noPromptInjectionDefense:llm-app.js:104",
       "prompt-tpl:llm-owasp.js:125:Prompt_Template__user_input_interpolated_into_prompt_string_",
       "spec-drift:rate-limit-impl:rate-limit.js:34",
       "spec-drift:rate-limit-impl:rate-limit.js:77",
@@ -232,13 +235,13 @@
     ]
   },
   {
-    "timestamp": "2026-05-27T09:17:13.165Z",
+    "timestamp": "2026-05-29T14:26:21.588Z",
     "label": "scan",
-    "total": 17,
+    "total": 18,
     "critical": 0,
     "high": 0,
     "medium": 2,
-    "low": 15,
+    "low": 16,
     "kev": 0,
     "ids": [
       "authz:authz.js:33:AuthZ__jwt_verify_called_without_algorithms_allow_list",
@@ -249,6 +252,7 @@
       "llm-owasp:llm-owasp.js:181:llm01-dynamic-system:fstring",
       "llm-owasp:llm-owasp.js:182:llm01-dynamic-system:template",
       "llm-owasp:llm-owasp.js:183:llm10-no-token-budget",
+      "llm-redteam:noPromptInjectionDefense:llm-app.js:104",
       "prompt-tpl:llm-owasp.js:125:Prompt_Template__user_input_interpolated_into_prompt_string_",
       "spec-drift:rate-limit-impl:rate-limit.js:34",
       "spec-drift:rate-limit-impl:rate-limit.js:77",
@@ -261,13 +265,13 @@
     ]
   },
   {
-    "timestamp": "2026-05-27T09:21:04.965Z",
+    "timestamp": "2026-05-29T14:27:33.225Z",
     "label": "scan",
-    "total": 17,
+    "total": 18,
     "critical": 0,
     "high": 0,
     "medium": 2,
-    "low": 15,
+    "low": 16,
     "kev": 0,
     "ids": [
       "authz:authz.js:33:AuthZ__jwt_verify_called_without_algorithms_allow_list",
@@ -278,6 +282,7 @@
       "llm-owasp:llm-owasp.js:181:llm01-dynamic-system:fstring",
       "llm-owasp:llm-owasp.js:182:llm01-dynamic-system:template",
       "llm-owasp:llm-owasp.js:183:llm10-no-token-budget",
+      "llm-redteam:noPromptInjectionDefense:llm-app.js:104",
       "prompt-tpl:llm-owasp.js:125:Prompt_Template__user_input_interpolated_into_prompt_string_",
       "spec-drift:rate-limit-impl:rate-limit.js:34",
       "spec-drift:rate-limit-impl:rate-limit.js:77",
@@ -290,13 +295,13 @@
     ]
   },
   {
-    "timestamp": "2026-05-27T09:21:46.189Z",
+    "timestamp": "2026-05-29T14:30:05.515Z",
     "label": "scan",
-    "total": 17,
+    "total": 18,
     "critical": 0,
     "high": 0,
     "medium": 2,
-    "low": 15,
+    "low": 16,
     "kev": 0,
     "ids": [
       "authz:authz.js:33:AuthZ__jwt_verify_called_without_algorithms_allow_list",
@@ -307,6 +312,7 @@
       "llm-owasp:llm-owasp.js:181:llm01-dynamic-system:fstring",
       "llm-owasp:llm-owasp.js:182:llm01-dynamic-system:template",
       "llm-owasp:llm-owasp.js:183:llm10-no-token-budget",
+      "llm-redteam:noPromptInjectionDefense:llm-app.js:104",
       "prompt-tpl:llm-owasp.js:125:Prompt_Template__user_input_interpolated_into_prompt_string_",
       "spec-drift:rate-limit-impl:rate-limit.js:34",
       "spec-drift:rate-limit-impl:rate-limit.js:77",
@@ -319,13 +325,13 @@
     ]
   },
   {
-    "timestamp": "2026-05-27T09:24:34.687Z",
+    "timestamp": "2026-05-29T15:08:40.086Z",
     "label": "scan",
-    "total": 17,
+    "total": 18,
     "critical": 0,
     "high": 0,
     "medium": 2,
-    "low": 15,
+    "low": 16,
     "kev": 0,
     "ids": [
       "authz:authz.js:33:AuthZ__jwt_verify_called_without_algorithms_allow_list",
@@ -336,6 +342,7 @@
       "llm-owasp:llm-owasp.js:181:llm01-dynamic-system:fstring",
       "llm-owasp:llm-owasp.js:182:llm01-dynamic-system:template",
       "llm-owasp:llm-owasp.js:183:llm10-no-token-budget",
+      "llm-redteam:noPromptInjectionDefense:llm-app.js:104",
       "prompt-tpl:llm-owasp.js:125:Prompt_Template__user_input_interpolated_into_prompt_string_",
       "spec-drift:rate-limit-impl:rate-limit.js:34",
       "spec-drift:rate-limit-impl:rate-limit.js:77",
@@ -348,13 +355,13 @@
     ]
   },
   {
-    "timestamp": "2026-05-27T09:43:08.807Z",
+    "timestamp": "2026-05-29T15:10:05.268Z",
     "label": "scan",
-    "total": 17,
+    "total": 19,
     "critical": 0,
     "high": 0,
     "medium": 2,
-    "low": 15,
+    "low": 17,
     "kev": 0,
     "ids": [
       "authz:authz.js:33:AuthZ__jwt_verify_called_without_algorithms_allow_list",
@@ -365,6 +372,8 @@
       "llm-owasp:llm-owasp.js:181:llm01-dynamic-system:fstring",
       "llm-owasp:llm-owasp.js:182:llm01-dynamic-system:template",
       "llm-owasp:llm-owasp.js:183:llm10-no-token-budget",
+      "llm-redteam:noPromptInjectionDefense:llm-app.js:104",
+      "prompt-tpl:k8s-admission.js:140:Prompt_Template__user_input_interpolated_into_prompt_string_",
       "prompt-tpl:llm-owasp.js:125:Prompt_Template__user_input_interpolated_into_prompt_string_",
       "spec-drift:rate-limit-impl:rate-limit.js:34",
       "spec-drift:rate-limit-impl:rate-limit.js:77",
@@ -377,16 +386,538 @@
     ]
   },
   {
-    "timestamp": "2026-05-27T09:43:30.205Z",
+    "timestamp": "2026-05-29T15:12:36.888Z",
     "label": "scan",
-    "total": 17,
+    "total": 19,
     "critical": 0,
     "high": 0,
     "medium": 2,
-    "low": 15,
+    "low": 17,
+    "kev": 0,
+    "ids": [
+      "authz:authz.js:33:AuthZ__jwt_verify_called_without_algorithms_allow_list",
+      "client-side:CLIENT_EVAL:client-side.js:135",
+      "client-side:CLIENT_EVAL:client-side.js:139",
+      "client-side:CLIENT_EVAL:client-side.js:140",
+      "llm-owasp:llm-owasp.js:180:llm01-dynamic-system:concat",
+      "llm-owasp:llm-owasp.js:181:llm01-dynamic-system:fstring",
+      "llm-owasp:llm-owasp.js:182:llm01-dynamic-system:template",
+      "llm-owasp:llm-owasp.js:183:llm10-no-token-budget",
+      "llm-redteam:noPromptInjectionDefense:llm-app.js:104",
+      "prompt-tpl:k8s-admission.js:139:Prompt_Template__user_input_interpolated_into_prompt_string_",
+      "prompt-tpl:llm-owasp.js:125:Prompt_Template__user_input_interpolated_into_prompt_string_",
+      "spec-drift:rate-limit-impl:rate-limit.js:34",
+      "spec-drift:rate-limit-impl:rate-limit.js:77",
+      "ssrf-meta-hardcoded:go-extended.js:39",
+      "ssrf-meta-hardcoded:python-sinks.js:186",
+      "ssrf-meta-hardcoded:ssrf-cloud-metadata.js:15",
+      "ssrf-meta-hardcoded:ssrf-cloud-metadata.js:48",
+      "ssrf-meta-hardcoded:ssrf-cloud-metadata.js:73",
+      "zip-slip:zip-slip.js:192:node-entry"
+    ]
+  },
+  {
+    "timestamp": "2026-05-29T15:12:45.140Z",
+    "label": "scan",
+    "total": 19,
+    "critical": 0,
+    "high": 0,
+    "medium": 2,
+    "low": 17,
+    "kev": 0,
+    "ids": [
+      "authz:authz.js:33:AuthZ__jwt_verify_called_without_algorithms_allow_list",
+      "client-side:CLIENT_EVAL:client-side.js:135",
+      "client-side:CLIENT_EVAL:client-side.js:139",
+      "client-side:CLIENT_EVAL:client-side.js:140",
+      "llm-owasp:llm-owasp.js:180:llm01-dynamic-system:concat",
+      "llm-owasp:llm-owasp.js:181:llm01-dynamic-system:fstring",
+      "llm-owasp:llm-owasp.js:182:llm01-dynamic-system:template",
+      "llm-owasp:llm-owasp.js:183:llm10-no-token-budget",
+      "llm-redteam:noPromptInjectionDefense:llm-app.js:104",
+      "prompt-tpl:k8s-admission.js:139:Prompt_Template__user_input_interpolated_into_prompt_string_",
+      "prompt-tpl:llm-owasp.js:125:Prompt_Template__user_input_interpolated_into_prompt_string_",
+      "spec-drift:rate-limit-impl:rate-limit.js:34",
+      "spec-drift:rate-limit-impl:rate-limit.js:77",
+      "ssrf-meta-hardcoded:go-extended.js:39",
+      "ssrf-meta-hardcoded:python-sinks.js:186",
+      "ssrf-meta-hardcoded:ssrf-cloud-metadata.js:15",
+      "ssrf-meta-hardcoded:ssrf-cloud-metadata.js:48",
+      "ssrf-meta-hardcoded:ssrf-cloud-metadata.js:73",
+      "zip-slip:zip-slip.js:192:node-entry"
+    ]
+  },
+  {
+    "timestamp": "2026-05-29T15:12:52.802Z",
+    "label": "scan",
+    "total": 19,
+    "critical": 0,
+    "high": 0,
+    "medium": 2,
+    "low": 17,
+    "kev": 0,
+    "ids": [
+      "authz:authz.js:33:AuthZ__jwt_verify_called_without_algorithms_allow_list",
+      "client-side:CLIENT_EVAL:client-side.js:135",
+      "client-side:CLIENT_EVAL:client-side.js:139",
+      "client-side:CLIENT_EVAL:client-side.js:140",
+      "llm-owasp:llm-owasp.js:180:llm01-dynamic-system:concat",
+      "llm-owasp:llm-owasp.js:181:llm01-dynamic-system:fstring",
+      "llm-owasp:llm-owasp.js:182:llm01-dynamic-system:template",
+      "llm-owasp:llm-owasp.js:183:llm10-no-token-budget",
+      "llm-redteam:noPromptInjectionDefense:llm-app.js:104",
+      "prompt-tpl:k8s-admission.js:139:Prompt_Template__user_input_interpolated_into_prompt_string_",
+      "prompt-tpl:llm-owasp.js:125:Prompt_Template__user_input_interpolated_into_prompt_string_",
+      "spec-drift:rate-limit-impl:rate-limit.js:34",
+      "spec-drift:rate-limit-impl:rate-limit.js:77",
+      "ssrf-meta-hardcoded:go-extended.js:39",
+      "ssrf-meta-hardcoded:python-sinks.js:186",
+      "ssrf-meta-hardcoded:ssrf-cloud-metadata.js:15",
+      "ssrf-meta-hardcoded:ssrf-cloud-metadata.js:48",
+      "ssrf-meta-hardcoded:ssrf-cloud-metadata.js:73",
+      "zip-slip:zip-slip.js:192:node-entry"
+    ]
+  },
+  {
+    "timestamp": "2026-05-29T15:13:01.692Z",
+    "label": "scan",
+    "total": 19,
+    "critical": 0,
+    "high": 0,
+    "medium": 2,
+    "low": 17,
+    "kev": 0,
+    "ids": [
+      "authz:authz.js:33:AuthZ__jwt_verify_called_without_algorithms_allow_list",
+      "client-side:CLIENT_EVAL:client-side.js:135",
+      "client-side:CLIENT_EVAL:client-side.js:139",
+      "client-side:CLIENT_EVAL:client-side.js:140",
+      "llm-owasp:llm-owasp.js:180:llm01-dynamic-system:concat",
+      "llm-owasp:llm-owasp.js:181:llm01-dynamic-system:fstring",
+      "llm-owasp:llm-owasp.js:182:llm01-dynamic-system:template",
+      "llm-owasp:llm-owasp.js:183:llm10-no-token-budget",
+      "llm-redteam:noPromptInjectionDefense:llm-app.js:104",
+      "prompt-tpl:k8s-admission.js:139:Prompt_Template__user_input_interpolated_into_prompt_string_",
+      "prompt-tpl:llm-owasp.js:125:Prompt_Template__user_input_interpolated_into_prompt_string_",
+      "spec-drift:rate-limit-impl:rate-limit.js:34",
+      "spec-drift:rate-limit-impl:rate-limit.js:77",
+      "ssrf-meta-hardcoded:go-extended.js:39",
+      "ssrf-meta-hardcoded:python-sinks.js:186",
+      "ssrf-meta-hardcoded:ssrf-cloud-metadata.js:15",
+      "ssrf-meta-hardcoded:ssrf-cloud-metadata.js:48",
+      "ssrf-meta-hardcoded:ssrf-cloud-metadata.js:73",
+      "zip-slip:zip-slip.js:192:node-entry"
+    ]
+  },
+  {
+    "timestamp": "2026-05-29T16:09:42.230Z",
+    "label": "scan",
+    "total": 21,
+    "critical": 0,
+    "high": 0,
+    "medium": 2,
+    "low": 19,
+    "kev": 0,
+    "ids": [
+      "authz:authz.js:33:AuthZ__jwt_verify_called_without_algorithms_allow_list",
+      "authz:crypto-protocol.js:329:AuthZ__jwt_verify_called_without_algorithms_allow_list",
+      "authz:crypto-protocol.js:330:AuthZ__jwt_verify_called_without_algorithms_allow_list",
+      "client-side:CLIENT_EVAL:client-side.js:135",
+      "client-side:CLIENT_EVAL:client-side.js:139",
+      "client-side:CLIENT_EVAL:client-side.js:140",
+      "llm-owasp:llm-owasp.js:180:llm01-dynamic-system:concat",
+      "llm-owasp:llm-owasp.js:181:llm01-dynamic-system:fstring",
+      "llm-owasp:llm-owasp.js:182:llm01-dynamic-system:template",
+      "llm-owasp:llm-owasp.js:183:llm10-no-token-budget",
+      "llm-redteam:noPromptInjectionDefense:llm-app.js:104",
+      "prompt-tpl:k8s-admission.js:139:Prompt_Template__user_input_interpolated_into_prompt_string_",
+      "prompt-tpl:llm-owasp.js:125:Prompt_Template__user_input_interpolated_into_prompt_string_",
+      "spec-drift:rate-limit-impl:rate-limit.js:34",
+      "spec-drift:rate-limit-impl:rate-limit.js:77",
+      "ssrf-meta-hardcoded:go-extended.js:39",
+      "ssrf-meta-hardcoded:python-sinks.js:186",
+      "ssrf-meta-hardcoded:ssrf-cloud-metadata.js:15",
+      "ssrf-meta-hardcoded:ssrf-cloud-metadata.js:48",
+      "ssrf-meta-hardcoded:ssrf-cloud-metadata.js:73",
+      "zip-slip:zip-slip.js:192:node-entry"
+    ]
+  },
+  {
+    "timestamp": "2026-05-29T16:12:29.038Z",
+    "label": "scan",
+    "total": 21,
+    "critical": 0,
+    "high": 0,
+    "medium": 2,
+    "low": 19,
+    "kev": 0,
+    "ids": [
+      "authz:authz.js:33:AuthZ__jwt_verify_called_without_algorithms_allow_list",
+      "authz:crypto-protocol.js:332:AuthZ__jwt_verify_called_without_algorithms_allow_list",
+      "authz:crypto-protocol.js:333:AuthZ__jwt_verify_called_without_algorithms_allow_list",
+      "client-side:CLIENT_EVAL:client-side.js:135",
+      "client-side:CLIENT_EVAL:client-side.js:139",
+      "client-side:CLIENT_EVAL:client-side.js:140",
+      "llm-owasp:llm-owasp.js:180:llm01-dynamic-system:concat",
+      "llm-owasp:llm-owasp.js:181:llm01-dynamic-system:fstring",
+      "llm-owasp:llm-owasp.js:182:llm01-dynamic-system:template",
+      "llm-owasp:llm-owasp.js:183:llm10-no-token-budget",
+      "llm-redteam:noPromptInjectionDefense:llm-app.js:104",
+      "prompt-tpl:k8s-admission.js:139:Prompt_Template__user_input_interpolated_into_prompt_string_",
+      "prompt-tpl:llm-owasp.js:125:Prompt_Template__user_input_interpolated_into_prompt_string_",
+      "spec-drift:rate-limit-impl:rate-limit.js:34",
+      "spec-drift:rate-limit-impl:rate-limit.js:77",
+      "ssrf-meta-hardcoded:go-extended.js:39",
+      "ssrf-meta-hardcoded:python-sinks.js:186",
+      "ssrf-meta-hardcoded:ssrf-cloud-metadata.js:15",
+      "ssrf-meta-hardcoded:ssrf-cloud-metadata.js:48",
+      "ssrf-meta-hardcoded:ssrf-cloud-metadata.js:73",
+      "zip-slip:zip-slip.js:192:node-entry"
+    ]
+  },
+  {
+    "timestamp": "2026-05-29T16:13:59.607Z",
+    "label": "scan",
+    "total": 21,
+    "critical": 0,
+    "high": 0,
+    "medium": 2,
+    "low": 19,
+    "kev": 0,
+    "ids": [
+      "authz:authz.js:33:AuthZ__jwt_verify_called_without_algorithms_allow_list",
+      "authz:crypto-protocol.js:332:AuthZ__jwt_verify_called_without_algorithms_allow_list",
+      "authz:crypto-protocol.js:333:AuthZ__jwt_verify_called_without_algorithms_allow_list",
+      "client-side:CLIENT_EVAL:client-side.js:135",
+      "client-side:CLIENT_EVAL:client-side.js:139",
+      "client-side:CLIENT_EVAL:client-side.js:140",
+      "llm-owasp:llm-owasp.js:180:llm01-dynamic-system:concat",
+      "llm-owasp:llm-owasp.js:181:llm01-dynamic-system:fstring",
+      "llm-owasp:llm-owasp.js:182:llm01-dynamic-system:template",
+      "llm-owasp:llm-owasp.js:183:llm10-no-token-budget",
+      "llm-redteam:noPromptInjectionDefense:llm-app.js:104",
+      "prompt-tpl:k8s-admission.js:139:Prompt_Template__user_input_interpolated_into_prompt_string_",
+      "prompt-tpl:llm-owasp.js:125:Prompt_Template__user_input_interpolated_into_prompt_string_",
+      "spec-drift:rate-limit-impl:rate-limit.js:34",
+      "spec-drift:rate-limit-impl:rate-limit.js:77",
+      "ssrf-meta-hardcoded:go-extended.js:39",
+      "ssrf-meta-hardcoded:python-sinks.js:186",
+      "ssrf-meta-hardcoded:ssrf-cloud-metadata.js:15",
+      "ssrf-meta-hardcoded:ssrf-cloud-metadata.js:48",
+      "ssrf-meta-hardcoded:ssrf-cloud-metadata.js:73",
+      "zip-slip:zip-slip.js:192:node-entry"
+    ]
+  },
+  {
+    "timestamp": "2026-05-29T16:32:06.484Z",
+    "label": "scan",
+    "total": 21,
+    "critical": 0,
+    "high": 0,
+    "medium": 2,
+    "low": 19,
+    "kev": 0,
+    "ids": [
+      "authz:authz.js:33:AuthZ__jwt_verify_called_without_algorithms_allow_list",
+      "authz:crypto-protocol.js:332:AuthZ__jwt_verify_called_without_algorithms_allow_list",
+      "authz:crypto-protocol.js:333:AuthZ__jwt_verify_called_without_algorithms_allow_list",
+      "client-side:CLIENT_EVAL:client-side.js:135",
+      "client-side:CLIENT_EVAL:client-side.js:139",
+      "client-side:CLIENT_EVAL:client-side.js:140",
+      "llm-owasp:llm-owasp.js:180:llm01-dynamic-system:concat",
+      "llm-owasp:llm-owasp.js:181:llm01-dynamic-system:fstring",
+      "llm-owasp:llm-owasp.js:182:llm01-dynamic-system:template",
+      "llm-owasp:llm-owasp.js:183:llm10-no-token-budget",
+      "llm-redteam:noPromptInjectionDefense:llm-app.js:104",
+      "prompt-tpl:k8s-admission.js:139:Prompt_Template__user_input_interpolated_into_prompt_string_",
+      "prompt-tpl:llm-owasp.js:125:Prompt_Template__user_input_interpolated_into_prompt_string_",
+      "spec-drift:rate-limit-impl:rate-limit.js:34",
+      "spec-drift:rate-limit-impl:rate-limit.js:77",
+      "ssrf-meta-hardcoded:go-extended.js:39",
+      "ssrf-meta-hardcoded:python-sinks.js:186",
+      "ssrf-meta-hardcoded:ssrf-cloud-metadata.js:15",
+      "ssrf-meta-hardcoded:ssrf-cloud-metadata.js:48",
+      "ssrf-meta-hardcoded:ssrf-cloud-metadata.js:73",
+      "zip-slip:zip-slip.js:192:node-entry"
+    ]
+  },
+  {
+    "timestamp": "2026-05-29T16:33:51.164Z",
+    "label": "scan",
+    "total": 21,
+    "critical": 0,
+    "high": 0,
+    "medium": 2,
+    "low": 19,
+    "kev": 0,
+    "ids": [
+      "authz:authz.js:33:AuthZ__jwt_verify_called_without_algorithms_allow_list",
+      "authz:crypto-protocol.js:332:AuthZ__jwt_verify_called_without_algorithms_allow_list",
+      "authz:crypto-protocol.js:333:AuthZ__jwt_verify_called_without_algorithms_allow_list",
+      "client-side:CLIENT_EVAL:client-side.js:135",
+      "client-side:CLIENT_EVAL:client-side.js:139",
+      "client-side:CLIENT_EVAL:client-side.js:140",
+      "llm-owasp:llm-owasp.js:180:llm01-dynamic-system:concat",
+      "llm-owasp:llm-owasp.js:181:llm01-dynamic-system:fstring",
+      "llm-owasp:llm-owasp.js:182:llm01-dynamic-system:template",
+      "llm-owasp:llm-owasp.js:183:llm10-no-token-budget",
+      "llm-redteam:noPromptInjectionDefense:llm-app.js:104",
+      "prompt-tpl:k8s-admission.js:139:Prompt_Template__user_input_interpolated_into_prompt_string_",
+      "prompt-tpl:llm-owasp.js:125:Prompt_Template__user_input_interpolated_into_prompt_string_",
+      "spec-drift:rate-limit-impl:rate-limit.js:34",
+      "spec-drift:rate-limit-impl:rate-limit.js:77",
+      "ssrf-meta-hardcoded:go-extended.js:39",
+      "ssrf-meta-hardcoded:python-sinks.js:186",
+      "ssrf-meta-hardcoded:ssrf-cloud-metadata.js:15",
+      "ssrf-meta-hardcoded:ssrf-cloud-metadata.js:48",
+      "ssrf-meta-hardcoded:ssrf-cloud-metadata.js:73",
+      "zip-slip:zip-slip.js:192:node-entry"
+    ]
+  },
+  {
+    "timestamp": "2026-05-29T17:02:03.828Z",
+    "label": "scan",
+    "total": 21,
+    "critical": 0,
+    "high": 0,
+    "medium": 2,
+    "low": 19,
+    "kev": 0,
+    "ids": [
+      "authz:authz.js:33:AuthZ__jwt_verify_called_without_algorithms_allow_list",
+      "authz:crypto-protocol.js:332:AuthZ__jwt_verify_called_without_algorithms_allow_list",
+      "authz:crypto-protocol.js:333:AuthZ__jwt_verify_called_without_algorithms_allow_list",
+      "client-side:CLIENT_EVAL:client-side.js:135",
+      "client-side:CLIENT_EVAL:client-side.js:139",
+      "client-side:CLIENT_EVAL:client-side.js:140",
+      "llm-owasp:llm-owasp.js:180:llm01-dynamic-system:concat",
+      "llm-owasp:llm-owasp.js:181:llm01-dynamic-system:fstring",
+      "llm-owasp:llm-owasp.js:182:llm01-dynamic-system:template",
+      "llm-owasp:llm-owasp.js:183:llm10-no-token-budget",
+      "llm-redteam:noPromptInjectionDefense:llm-app.js:104",
+      "prompt-tpl:k8s-admission.js:139:Prompt_Template__user_input_interpolated_into_prompt_string_",
+      "prompt-tpl:llm-owasp.js:125:Prompt_Template__user_input_interpolated_into_prompt_string_",
+      "spec-drift:rate-limit-impl:rate-limit.js:34",
+      "spec-drift:rate-limit-impl:rate-limit.js:77",
+      "ssrf-meta-hardcoded:go-extended.js:39",
+      "ssrf-meta-hardcoded:python-sinks.js:186",
+      "ssrf-meta-hardcoded:ssrf-cloud-metadata.js:15",
+      "ssrf-meta-hardcoded:ssrf-cloud-metadata.js:48",
+      "ssrf-meta-hardcoded:ssrf-cloud-metadata.js:73",
+      "zip-slip:zip-slip.js:192:node-entry"
+    ]
+  },
+  {
+    "timestamp": "2026-05-29T17:02:12.361Z",
+    "label": "scan",
+    "total": 21,
+    "critical": 0,
+    "high": 0,
+    "medium": 2,
+    "low": 19,
+    "kev": 0,
+    "ids": [
+      "authz:authz.js:33:AuthZ__jwt_verify_called_without_algorithms_allow_list",
+      "authz:crypto-protocol.js:332:AuthZ__jwt_verify_called_without_algorithms_allow_list",
+      "authz:crypto-protocol.js:333:AuthZ__jwt_verify_called_without_algorithms_allow_list",
+      "client-side:CLIENT_EVAL:client-side.js:135",
+      "client-side:CLIENT_EVAL:client-side.js:139",
+      "client-side:CLIENT_EVAL:client-side.js:140",
+      "llm-owasp:llm-owasp.js:180:llm01-dynamic-system:concat",
+      "llm-owasp:llm-owasp.js:181:llm01-dynamic-system:fstring",
+      "llm-owasp:llm-owasp.js:182:llm01-dynamic-system:template",
+      "llm-owasp:llm-owasp.js:183:llm10-no-token-budget",
+      "llm-redteam:noPromptInjectionDefense:llm-app.js:104",
+      "prompt-tpl:k8s-admission.js:139:Prompt_Template__user_input_interpolated_into_prompt_string_",
+      "prompt-tpl:llm-owasp.js:125:Prompt_Template__user_input_interpolated_into_prompt_string_",
+      "spec-drift:rate-limit-impl:rate-limit.js:34",
+      "spec-drift:rate-limit-impl:rate-limit.js:77",
+      "ssrf-meta-hardcoded:go-extended.js:39",
+      "ssrf-meta-hardcoded:python-sinks.js:186",
+      "ssrf-meta-hardcoded:ssrf-cloud-metadata.js:15",
+      "ssrf-meta-hardcoded:ssrf-cloud-metadata.js:48",
+      "ssrf-meta-hardcoded:ssrf-cloud-metadata.js:73",
+      "zip-slip:zip-slip.js:192:node-entry"
+    ]
+  },
+  {
+    "timestamp": "2026-05-29T17:02:20.453Z",
+    "label": "scan",
+    "total": 21,
+    "critical": 0,
+    "high": 0,
+    "medium": 2,
+    "low": 19,
+    "kev": 0,
+    "ids": [
+      "authz:authz.js:33:AuthZ__jwt_verify_called_without_algorithms_allow_list",
+      "authz:crypto-protocol.js:332:AuthZ__jwt_verify_called_without_algorithms_allow_list",
+      "authz:crypto-protocol.js:333:AuthZ__jwt_verify_called_without_algorithms_allow_list",
+      "client-side:CLIENT_EVAL:client-side.js:135",
+      "client-side:CLIENT_EVAL:client-side.js:139",
+      "client-side:CLIENT_EVAL:client-side.js:140",
+      "llm-owasp:llm-owasp.js:180:llm01-dynamic-system:concat",
+      "llm-owasp:llm-owasp.js:181:llm01-dynamic-system:fstring",
+      "llm-owasp:llm-owasp.js:182:llm01-dynamic-system:template",
+      "llm-owasp:llm-owasp.js:183:llm10-no-token-budget",
+      "llm-redteam:noPromptInjectionDefense:llm-app.js:104",
+      "prompt-tpl:k8s-admission.js:139:Prompt_Template__user_input_interpolated_into_prompt_string_",
+      "prompt-tpl:llm-owasp.js:125:Prompt_Template__user_input_interpolated_into_prompt_string_",
+      "spec-drift:rate-limit-impl:rate-limit.js:34",
+      "spec-drift:rate-limit-impl:rate-limit.js:77",
+      "ssrf-meta-hardcoded:go-extended.js:39",
+      "ssrf-meta-hardcoded:python-sinks.js:186",
+      "ssrf-meta-hardcoded:ssrf-cloud-metadata.js:15",
+      "ssrf-meta-hardcoded:ssrf-cloud-metadata.js:48",
+      "ssrf-meta-hardcoded:ssrf-cloud-metadata.js:73",
+      "zip-slip:zip-slip.js:192:node-entry"
+    ]
+  },
+  {
+    "timestamp": "2026-05-29T17:03:04.332Z",
+    "label": "scan",
+    "total": 21,
+    "critical": 0,
+    "high": 0,
+    "medium": 2,
+    "low": 19,
+    "kev": 0,
+    "ids": [
+      "authz:authz.js:33:AuthZ__jwt_verify_called_without_algorithms_allow_list",
+      "authz:crypto-protocol.js:332:AuthZ__jwt_verify_called_without_algorithms_allow_list",
+      "authz:crypto-protocol.js:333:AuthZ__jwt_verify_called_without_algorithms_allow_list",
+      "client-side:CLIENT_EVAL:client-side.js:135",
+      "client-side:CLIENT_EVAL:client-side.js:139",
+      "client-side:CLIENT_EVAL:client-side.js:140",
+      "llm-owasp:llm-owasp.js:180:llm01-dynamic-system:concat",
+      "llm-owasp:llm-owasp.js:181:llm01-dynamic-system:fstring",
+      "llm-owasp:llm-owasp.js:182:llm01-dynamic-system:template",
+      "llm-owasp:llm-owasp.js:183:llm10-no-token-budget",
+      "llm-redteam:noPromptInjectionDefense:llm-app.js:104",
+      "prompt-tpl:k8s-admission.js:139:Prompt_Template__user_input_interpolated_into_prompt_string_",
+      "prompt-tpl:llm-owasp.js:125:Prompt_Template__user_input_interpolated_into_prompt_string_",
+      "spec-drift:rate-limit-impl:rate-limit.js:34",
+      "spec-drift:rate-limit-impl:rate-limit.js:77",
+      "ssrf-meta-hardcoded:go-extended.js:39",
+      "ssrf-meta-hardcoded:python-sinks.js:186",
+      "ssrf-meta-hardcoded:ssrf-cloud-metadata.js:15",
+      "ssrf-meta-hardcoded:ssrf-cloud-metadata.js:48",
+      "ssrf-meta-hardcoded:ssrf-cloud-metadata.js:73",
+      "zip-slip:zip-slip.js:192:node-entry"
+    ]
+  },
+  {
+    "timestamp": "2026-05-29T17:03:11.818Z",
+    "label": "scan",
+    "total": 21,
+    "critical": 0,
+    "high": 0,
+    "medium": 2,
+    "low": 19,
+    "kev": 0,
+    "ids": [
+      "authz:authz.js:33:AuthZ__jwt_verify_called_without_algorithms_allow_list",
+      "authz:crypto-protocol.js:332:AuthZ__jwt_verify_called_without_algorithms_allow_list",
+      "authz:crypto-protocol.js:333:AuthZ__jwt_verify_called_without_algorithms_allow_list",
+      "client-side:CLIENT_EVAL:client-side.js:135",
+      "client-side:CLIENT_EVAL:client-side.js:139",
+      "client-side:CLIENT_EVAL:client-side.js:140",
+      "llm-owasp:llm-owasp.js:180:llm01-dynamic-system:concat",
+      "llm-owasp:llm-owasp.js:181:llm01-dynamic-system:fstring",
+      "llm-owasp:llm-owasp.js:182:llm01-dynamic-system:template",
+      "llm-owasp:llm-owasp.js:183:llm10-no-token-budget",
+      "llm-redteam:noPromptInjectionDefense:llm-app.js:104",
+      "prompt-tpl:k8s-admission.js:139:Prompt_Template__user_input_interpolated_into_prompt_string_",
+      "prompt-tpl:llm-owasp.js:125:Prompt_Template__user_input_interpolated_into_prompt_string_",
+      "spec-drift:rate-limit-impl:rate-limit.js:34",
+      "spec-drift:rate-limit-impl:rate-limit.js:77",
+      "ssrf-meta-hardcoded:go-extended.js:39",
+      "ssrf-meta-hardcoded:python-sinks.js:186",
+      "ssrf-meta-hardcoded:ssrf-cloud-metadata.js:15",
+      "ssrf-meta-hardcoded:ssrf-cloud-metadata.js:48",
+      "ssrf-meta-hardcoded:ssrf-cloud-metadata.js:73",
+      "zip-slip:zip-slip.js:192:node-entry"
+    ]
+  },
+  {
+    "timestamp": "2026-05-29T17:03:19.497Z",
+    "label": "scan",
+    "total": 21,
+    "critical": 0,
+    "high": 0,
+    "medium": 2,
+    "low": 19,
+    "kev": 0,
+    "ids": [
+      "authz:authz.js:33:AuthZ__jwt_verify_called_without_algorithms_allow_list",
+      "authz:crypto-protocol.js:332:AuthZ__jwt_verify_called_without_algorithms_allow_list",
+      "authz:crypto-protocol.js:333:AuthZ__jwt_verify_called_without_algorithms_allow_list",
+      "client-side:CLIENT_EVAL:client-side.js:135",
+      "client-side:CLIENT_EVAL:client-side.js:139",
+      "client-side:CLIENT_EVAL:client-side.js:140",
+      "llm-owasp:llm-owasp.js:180:llm01-dynamic-system:concat",
+      "llm-owasp:llm-owasp.js:181:llm01-dynamic-system:fstring",
+      "llm-owasp:llm-owasp.js:182:llm01-dynamic-system:template",
+      "llm-owasp:llm-owasp.js:183:llm10-no-token-budget",
+      "llm-redteam:noPromptInjectionDefense:llm-app.js:104",
+      "prompt-tpl:k8s-admission.js:139:Prompt_Template__user_input_interpolated_into_prompt_string_",
+      "prompt-tpl:llm-owasp.js:125:Prompt_Template__user_input_interpolated_into_prompt_string_",
+      "spec-drift:rate-limit-impl:rate-limit.js:34",
+      "spec-drift:rate-limit-impl:rate-limit.js:77",
+      "ssrf-meta-hardcoded:go-extended.js:39",
+      "ssrf-meta-hardcoded:python-sinks.js:186",
+      "ssrf-meta-hardcoded:ssrf-cloud-metadata.js:15",
+      "ssrf-meta-hardcoded:ssrf-cloud-metadata.js:48",
+      "ssrf-meta-hardcoded:ssrf-cloud-metadata.js:73",
+      "zip-slip:zip-slip.js:192:node-entry"
+    ]
+  },
+  {
+    "timestamp": "2026-05-29T17:04:00.294Z",
+    "label": "scan",
+    "total": 21,
+    "critical": 0,
+    "high": 0,
+    "medium": 2,
+    "low": 19,
+    "kev": 0,
+    "ids": [
+      "authz:authz.js:33:AuthZ__jwt_verify_called_without_algorithms_allow_list",
+      "authz:crypto-protocol.js:332:AuthZ__jwt_verify_called_without_algorithms_allow_list",
+      "authz:crypto-protocol.js:333:AuthZ__jwt_verify_called_without_algorithms_allow_list",
+      "client-side:CLIENT_EVAL:client-side.js:135",
+      "client-side:CLIENT_EVAL:client-side.js:139",
+      "client-side:CLIENT_EVAL:client-side.js:140",
+      "llm-owasp:llm-owasp.js:180:llm01-dynamic-system:concat",
+      "llm-owasp:llm-owasp.js:181:llm01-dynamic-system:fstring",
+      "llm-owasp:llm-owasp.js:182:llm01-dynamic-system:template",
+      "llm-owasp:llm-owasp.js:183:llm10-no-token-budget",
+      "llm-redteam:noPromptInjectionDefense:llm-app.js:104",
+      "prompt-tpl:k8s-admission.js:139:Prompt_Template__user_input_interpolated_into_prompt_string_",
+      "prompt-tpl:llm-owasp.js:125:Prompt_Template__user_input_interpolated_into_prompt_string_",
+      "spec-drift:rate-limit-impl:rate-limit.js:34",
+      "spec-drift:rate-limit-impl:rate-limit.js:77",
+      "ssrf-meta-hardcoded:go-extended.js:39",
+      "ssrf-meta-hardcoded:python-sinks.js:186",
+      "ssrf-meta-hardcoded:ssrf-cloud-metadata.js:15",
+      "ssrf-meta-hardcoded:ssrf-cloud-metadata.js:48",
+      "ssrf-meta-hardcoded:ssrf-cloud-metadata.js:73",
+      "zip-slip:zip-slip.js:192:node-entry"
+    ]
+  },
+  {
+    "timestamp": "2026-05-29T17:04:08.176Z",
+    "label": "scan",
+    "total": 21,
+    "critical": 0,
+    "high": 0,
+    "medium": 2,
+    "low": 19,
     "kev": 0,
     "ids": [
       "authz:authz.js:33:AuthZ__jwt_verify_called_without_algorithms_allow_list",
+      "authz:crypto-protocol.js:332:AuthZ__jwt_verify_called_without_algorithms_allow_list",
+      "authz:crypto-protocol.js:333:AuthZ__jwt_verify_called_without_algorithms_allow_list",
       "client-side:CLIENT_EVAL:client-side.js:135",
       "client-side:CLIENT_EVAL:client-side.js:139",
       "client-side:CLIENT_EVAL:client-side.js:140",
@@ -394,6 +925,8 @@
       "llm-owasp:llm-owasp.js:181:llm01-dynamic-system:fstring",
       "llm-owasp:llm-owasp.js:182:llm01-dynamic-system:template",
       "llm-owasp:llm-owasp.js:183:llm10-no-token-budget",
+      "llm-redteam:noPromptInjectionDefense:llm-app.js:104",
+      "prompt-tpl:k8s-admission.js:139:Prompt_Template__user_input_interpolated_into_prompt_string_",
       "prompt-tpl:llm-owasp.js:125:Prompt_Template__user_input_interpolated_into_prompt_string_",
       "spec-drift:rate-limit-impl:rate-limit.js:34",
       "spec-drift:rate-limit-impl:rate-limit.js:77",