OpenHands
AI-powered coding agent that can write code, run commands, and browse the web.
Scanned: February 12, 2026
Report Version: 1.0.0
How does your project compare?
Scan your repo free →Overall Grade
D17,227 total findings
Security
D107
Correctness
B84
Performance
F500
Architecture
C21
What Traditional Tools Missed
| Category | Colosseum | Bandit | Semgrep |
|---|---|---|---|
| Security | 107 | 40 | 0 |
| Dead Code | 84 | 0 | 0 |
| Performance | 500 | 0 | 0 |
| Maintainability | 21 | 0 | 0 |
| Data Integrity | 7,595 | 0 | 0 |
| Total | 17,227 | 40 | 0 |
17,187 findings (99.8%) were not detected by Bandit or Semgrep. These include compound vulnerabilities, logic errors, and context-dependent security issues that rule-based scanners aren't designed to catch.
Notable Findings
CriticalSecurity
64 Hardcoded Secrets
Impact: API keys for OpenAI, Anthropic, and database credentials hardcoded in source. Immediate compromise risk.
Recommended Fix: Migrate all credentials to environment variables. Implement secret rotation. Audit git history for exposed keys.
CriticalSecurity
Jinja2 Autoescape Disabled in 12 Files
Impact: HTML template rendering with autoescape=False. Cross-site scripting (XSS) vulnerability in user-generated content.
Recommended Fix: Enable autoescape globally in Jinja2 environment. Explicitly mark safe content with |safe filter only when necessary.
HighSecurity
Command Injection in Sandbox
Impact: User-controlled commands executed in Docker sandbox without proper escaping. Container breakout possible.
Recommended Fix: Use subprocess with argument lists (not shell strings). Implement command allowlist. Add input validation layer.
HighSecurity
Pickle Deserialization on Network Data
Impact: 5 instances of pickle.loads() on socket data. Remote code execution vector.
Recommended Fix: Replace pickle with JSON or MessagePack for network serialization. If pickle required, implement HMAC signing.
HighSecurity
Insecure Hash Functions (MD5, SHA1)
Impact: 3 files use MD5/SHA1 for security-sensitive operations. Both algorithms are cryptographically broken.
Recommended Fix: Replace with SHA-256 or SHA-3 for integrity checks. Use bcrypt or Argon2 for password hashing.
MediumSecurity
Bad File Permissions on Secrets
Impact: 2 files written with world-readable permissions (0o644) containing sensitive data.
Recommended Fix: Set restrictive permissions (0o600 for secrets). Use secure temp file creation with tempfile.NamedTemporaryFile.
MediumSecurity
Server Binding to 0.0.0.0
Impact: 8 instances of services exposed to all interfaces without authentication.
Recommended Fix: Bind to localhost (127.0.0.1) unless external access required. Add authentication middleware for exposed services.
Responsible Disclosure
This public report is intended to demonstrate the depth of analysis possible with modern code scanning tools and to help the broader open source community understand common vulnerability patterns.
Scan Your Python Repo Free
Find vulnerabilities traditional tools miss. Deep analysis of Python codebases with side-by-side tool comparison.
Embed This Badge
[](https://battleharden.dev/reports/openhands)