🔒 [Automated] Security Scan Findings #35
Description
🔒 Automated Security Scan Report
This is an automated security scan from openclaw-security, an open-source tool that scans public GitHub repositories for common security issues.
Summary
- Scan Date: 2026-03-22T06:42:02+08:00
- Issues Found: 143
- Confidence Threshold: 3/5
Findings
{"findings":[
{"id":0,"type":"PRIVATE_KEY","file":"/root/.openclaw/workspace/security-scanner/work/WhyNotHugo_django-afip/tests/test_taxpayer.py","line":20,"confidence":5},
{"id":1,"type":"PRIVATE_KEY","file":"/root/.openclaw/workspace/security-scanner/work/WhyNotHugo_django-afip/tests/test_taxpayer.py","line":48,"confidence":5},
{"id":2,"type":"PRIVATE_KEY","file":"/root/.openclaw/workspace/security-scanner/work/WhyNotHugo_django-afip/tests/test_admin.py","line":103,"confidence":5},
{"id":0,"type":"VULNERABLE_DEP","package":"requests","version":"2.31.0","affected":"<2.31.0","cve":"CVE-2023-32681","severity":"HIGH","file":"/root/.openclaw/workspace/security-scanner/work/DoubleGremlin181_DoubleGremlin181/requirements.txt","confidence":5},
{"id":0,"type":"COMMAND_INJECTION","file":"/root/.openclaw/workspace/security-scanner/work/0610840119_iptv-api/tkinter_ui/default.py","line":571,"confidence":4},
{"id":1,"type":"COMMAND_INJECTION","file":"/root/.openclaw/workspace/security-scanner/work/0610840119_iptv-api/tkinter_ui/subscribe.py","line":57,"confidence":4},
{"id":2,"type":"DANGEROUS_PATTERN","file":"/root/.openclaw/workspace/security-scanner/work/0610840119_iptv-api/utils/speed.py","line":187,"confidence":4},
{"id":3,"type":"DANGEROUS_PATTERN","file":"/root/.openclaw/workspace/security-scanner/work/0610840119_iptv-api/utils/speed.py","line":225,"confidence":4},
{"id":4,"type":"PICKLE_LOADS","file":"/root/.openclaw/workspace/security-scanner/work/0610840119_iptv-api/utils/channel.py","line":120,"confidence":5},
{"id":5,"type":"PICKLE_LOADS","file":"/root/.openclaw/workspace/security-scanner/work/0610840119_iptv-api/updates/hotel/request.py","line":46,"confidence":5},
{"id":6,"type":"PICKLE_LOADS","file":"/root/.openclaw/workspace/security-scanner/work/0610840119_iptv-api/updates/multicast/request.py","line":52,"confidence":5},
{"id":7,"type":"PICKLE_LOADS","file":"/root/.openclaw/workspace/security-scanner/work/0610840119_iptv-api/updates/fofa/request.py","line":65,"confidence":5},
{"id":0,"type":"SQL_INJECTION","file":"/root/.openclaw/workspace/security-scanner/work/DaleStudy_leetcode-study/combination-sum/se6816.java","line":36,"confidence":4},
{"id":1,"type":"SQL_INJECTION","file":"/root/.openclaw/workspace/security-scanner/work/DaleStudy_leetcode-study/combination-sum/se6816.java","line":38,"confidence":4},
{"id":0,"type":"DANGEROUS_PATTERN","file":"/root/.openclaw/workspace/security-scanner/work/indmdev_Free-Telegram-Store-Bot/InDMDevDB.py","line":223,"confidence":4},
{"id":1,"type":"DANGEROUS_PATTERN","file":"/root/.openclaw/workspace/security-scanner/work/indmdev_Free-Telegram-Store-Bot/InDMDevDB.py","line":230,"confidence":4},
{"id":2,"type":"DANGEROUS_PATTERN","file":"/root/.openclaw/workspace/security-scanner/work/indmdev_Free-Telegram-Store-Bot/InDMDevDB.py","line":237,"confidence":4},
{"id":3,"type":"DANGEROUS_PATTERN","file":"/root/.openclaw/workspace/security-scanner/work/indmdev_Free-Telegram-Store-Bot/InDMDevDB.py","line":244,"confiNotes
- This is an automated scan - please verify findings manually
- Some findings may be false positives (test files, example code, etc.)
- Secrets shown are masked for security
- If this is a false positive, please let us know so we can improve the scanner
Tool
Repository: https://github.com/uesugil/openclaw-security
This issue was created automatically by a security scanning bot. If you believe this is incorrect, please comment and we'll investigate.