{ "version": "1.6.0", "scoring_model": "v4.3", "scoring_version": "4.3", "timestamp": "2026-04-10T23:11:18.728206+00:00", "target_path": "C:\\Users\\gilad\\Projects\\warden\\gallery\\repos\\metagpt", "file_counts": { "python": 890, "js": 23, "other": 0 }, "coverage_warning": false, "score": { "total": 11, "max": 100, "level": "UNGOVERNED", "raw_total": 27, "raw_max": 235, "dimensions": { "D1": { "name": "Tool Inventory", "raw": 6, "max": 25, "pct": 24 }, "D2": { "name": "Risk Detection", "raw": 0, "max": 20, "pct": 0 }, "D3": { "name": "Policy Coverage", "raw": 1, "max": 20, "pct": 5 }, "D4": { "name": "Credential Management", "raw": 1, "max": 20, "pct": 5 }, "D5": { "name": "Log Hygiene", "raw": 1, "max": 10, "pct": 10 }, "D6": { "name": "Framework Coverage", "raw": 2, "max": 5, "pct": 40 }, "D7": { "name": "Human-in-the-Loop", "raw": 2, "max": 15, "pct": 13 }, "D8": { "name": "Agent Identity", "raw": 0, "max": 15, "pct": 0 }, "D9": { "name": "Threat Detection", "raw": 1, "max": 20, "pct": 5 }, "D10": { "name": "Prompt Security", "raw": 0, "max": 15, "pct": 0 }, "D11": { "name": "Cloud / Platform", "raw": 1, "max": 10, "pct": 10 }, "D12": { "name": "LLM Observability", "raw": 2, "max": 10, "pct": 20 }, "D13": { "name": "Data Recovery", "raw": 2, "max": 10, "pct": 20 }, "D14": { "name": "Compliance Maturity", "raw": 4, "max": 10, "pct": 40 }, "D15": { "name": "Post-Exec Verification", "raw": 3, "max": 10, "pct": 30 }, "D16": { "name": "Data Flow Governance", "raw": 0, "max": 10, "pct": 0 }, "D17": { "name": "Adversarial Resilience", "raw": 1, "max": 10, "pct": 10 } } }, "findings": [ { "layer": 1, "scanner": "code_analyzer", "file": "C:\\Users\\gilad\\Projects\\warden\\gallery\\repos\\metagpt\\setup.py", "line": 18, "severity": "MEDIUM", "dimension": "D5", "message": "print() used instead of structured logging", "remediation": "Use logging.* or structlog.* for structured, searchable logs", "compliance": {} }, { "layer": 1, "scanner": "code_analyzer", "file": "C:\\Users\\gilad\\Projects\\warden\\gallery\\repos\\metagpt\\examples\\dalle_gpt4v_agent.py", "line": 5, "severity": "MEDIUM", "dimension": "D12", "message": "Hardcoded model name: 'set `model: \"gpt-4-vision-preview\"` in `config2.yaml` first' — no routing/fallback", "remediation": "Use model routing or configuration instead of hardcoded names", "compliance": {} }, { "layer": 1, "scanner": "code_analyzer", "file": "C:\\Users\\gilad\\Projects\\warden\\gallery\\repos\\metagpt\\examples\\debate_simple.py", "line": 17, "severity": "MEDIUM", "dimension": "D12", "message": "Hardcoded model name: 'gpt-3.5-turbo' — no routing/fallback", "remediation": "Use model routing or configuration instead of hardcoded names", "compliance": {} }, { "layer": 1, "scanner": "code_analyzer", "file": "C:\\Users\\gilad\\Projects\\warden\\gallery\\repos\\metagpt\\examples\\debate_simple.py", "line": 19, "severity": "MEDIUM", "dimension": "D12", "message": "Hardcoded model name: 'gpt-4-turbo' — no routing/fallback", "remediation": "Use model routing or configuration instead of hardcoded names", "compliance": {} }, { "layer": 1, "scanner": "code_analyzer", "file": "C:\\Users\\gilad\\Projects\\warden\\gallery\\repos\\metagpt\\examples\\research.py", "line": 12, "severity": "MEDIUM", "dimension": "D5", "message": "print() used instead of structured logging", "remediation": "Use logging.* or structlog.* for structured, searchable logs", "compliance": {} }, { "layer": 1, "scanner": "code_analyzer", "file": "C:\\Users\\gilad\\Projects\\warden\\gallery\\repos\\metagpt\\examples\\search_enhanced_qa.py", "line": 23, "severity": "MEDIUM", "dimension": "D5", "message": "print() used instead of structured logging", "remediation": "Use logging.* or structlog.* for structured, searchable logs", "compliance": {} }, { "layer": 1, "scanner": "code_analyzer", "file": "C:\\Users\\gilad\\Projects\\warden\\gallery\\repos\\metagpt\\examples\\stream_output_via_api.py", "line": 26, "severity": "MEDIUM", "dimension": "D5", "message": "print() used instead of structured logging", "remediation": "Use logging.* or structlog.* for structured, searchable logs", "compliance": {} }, { "layer": 1, "scanner": "code_analyzer", "file": "C:\\Users\\gilad\\Projects\\warden\\gallery\\repos\\metagpt\\examples\\write_novel.py", "line": 57, "severity": "MEDIUM", "dimension": "D5", "message": "print() used instead of structured logging", "remediation": "Use logging.* or structlog.* for structured, searchable logs", "compliance": {} }, { "layer": 1, "scanner": "code_analyzer", "file": "C:\\Users\\gilad\\Projects\\warden\\gallery\\repos\\metagpt\\examples\\aflow\\optimize.py", "line": 84, "severity": "MEDIUM", "dimension": "D12", "message": "Hardcoded model name: 'claude-3-5-sonnet-20240620' — no routing/fallback", "remediation": "Use model routing or configuration instead of hardcoded names", "compliance": {} }, { "layer": 1, "scanner": "code_analyzer", "file": "C:\\Users\\gilad\\Projects\\warden\\gallery\\repos\\metagpt\\examples\\aflow\\optimize.py", "line": 90, "severity": "MEDIUM", "dimension": "D12", "message": "Hardcoded model name: 'gpt-4o-mini' — no routing/fallback", "remediation": "Use model routing or configuration instead of hardcoded names", "compliance": {} }, { "layer": 1, "scanner": "code_analyzer", "file": "C:\\Users\\gilad\\Projects\\warden\\gallery\\repos\\metagpt\\examples\\di\\custom_tool.py", "line": 14, "severity": "CRITICAL", "dimension": "D2", "message": "Tool function without input validation", "remediation": "Add input validation (pydantic, jsonschema, or manual checks)", "compliance": { "owasp_llm": "LLM01" } }, { "layer": 1, "scanner": "code_analyzer", "file": "C:\\Users\\gilad\\Projects\\warden\\gallery\\repos\\metagpt\\examples\\di\\InfiAgent-DABench\\DABench.py", "line": 240, "severity": "HIGH", "dimension": "D9", "message": "Empty exception handler — errors silently swallowed", "remediation": "Log the exception or handle it explicitly", "compliance": {} }, { "layer": 1, "scanner": "code_analyzer", "file": "C:\\Users\\gilad\\Projects\\warden\\gallery\\repos\\metagpt\\examples\\rag\\rag_pipeline.py", "line": 243, "severity": "MEDIUM", "dimension": "D12", "message": "Hardcoded model name: 'RAG pipeline.\n\n Note:\n 1. If `use_llm_ranker` is True, then it will use LLM Reranker to get better result, but it is not always guaranteed that the output will be parseable for reranking,\n prefer `gpt-4-turbo`, otherwise might encounter `IndexError: list index out of range` or `ValueError: invalid literal for int() with base 10`.\n ' — no routing/fallback", "remediation": "Use model routing or configuration instead of hardcoded names", "compliance": {} }, { "layer": 1, "scanner": "code_analyzer", "file": "C:\\Users\\gilad\\Projects\\warden\\gallery\\repos\\metagpt\\examples\\spo\\optimize.py", "line": 11, "severity": "MEDIUM", "dimension": "D12", "message": "Hardcoded model name: 'claude-3-5-sonnet-20240620' — no routing/fallback", "remediation": "Use model routing or configuration instead of hardcoded names", "compliance": {} }, { "layer": 1, "scanner": "code_analyzer", "file": "C:\\Users\\gilad\\Projects\\warden\\gallery\\repos\\metagpt\\examples\\spo\\optimize.py", "line": 13, "severity": "MEDIUM", "dimension": "D12", "message": "Hardcoded model name: 'gpt-4o-mini' — no routing/fallback", "remediation": "Use model routing or configuration instead of hardcoded names", "compliance": {} }, { "layer": 1, "scanner": "code_analyzer", "file": "C:\\Users\\gilad\\Projects\\warden\\gallery\\repos\\metagpt\\examples\\spo\\optimize.py", "line": 15, "severity": "MEDIUM", "dimension": "D12", "message": "Hardcoded model name: 'gpt-4o-mini' — no routing/fallback", "remediation": "Use model routing or configuration instead of hardcoded names", "compliance": {} }, { "layer": 1, "scanner": "code_analyzer", "file": "C:\\Users\\gilad\\Projects\\warden\\gallery\\repos\\metagpt\\examples\\werewolf_game\\evals\\utils.py", "line": 44, "severity": "MEDIUM", "dimension": "D12", "message": "Hardcoded model name: 'gpt-4 may update over time' — no routing/fallback", "remediation": "Use model routing or configuration instead of hardcoded names", "compliance": {} }, { "layer": 1, "scanner": "code_analyzer", "file": "C:\\Users\\gilad\\Projects\\warden\\gallery\\repos\\metagpt\\examples\\werewolf_game\\evals\\utils.py", "line": 85, "severity": "MEDIUM", "dimension": "D5", "message": "print() used instead of structured logging", "remediation": "Use logging.* or structlog.* for structured, searchable logs", "compliance": {} }, { "layer": 1, "scanner": "code_analyzer", "file": "C:\\Users\\gilad\\Projects\\warden\\gallery\\repos\\metagpt\\metagpt\\logs.py", "line": 153, "severity": "MEDIUM", "dimension": "D5", "message": "print() used instead of structured logging", "remediation": "Use logging.* or structlog.* for structured, searchable logs", "compliance": {} }, { "layer": 1, "scanner": "code_analyzer", "file": "C:\\Users\\gilad\\Projects\\warden\\gallery\\repos\\metagpt\\metagpt\\software_company.py", "line": 127, "severity": "MEDIUM", "dimension": "D12", "message": "Hardcoded model name: '# Full Example: https://github.com/geekan/MetaGPT/blob/main/config/config2.example.yaml\n# Reflected Code: https://github.com/geekan/MetaGPT/blob/main/metagpt/config2.py\n# Config Docs: https://docs.deepwisdom.ai/main/en/guide/get_started/configuration.html\nllm:\n api_type: \"openai\" # or azure / ollama / groq etc.\n model: \"gpt-4-turbo\" # or gpt-3.5-turbo\n base_url: \"https://api.openai.com/v1\" # or forward url / other llm url\n api_key: \"YOUR_API_KEY\"\n' — no routing/fallback", "remediation": "Use model routing or configuration instead of hardcoded names", "compliance": {} }, { "layer": 1, "scanner": "code_analyzer", "file": "C:\\Users\\gilad\\Projects\\warden\\gallery\\repos\\metagpt\\metagpt\\software_company.py", "line": 149, "severity": "MEDIUM", "dimension": "D5", "message": "print() used instead of structured logging", "remediation": "Use logging.* or structlog.* for structured, searchable logs", "compliance": {} }, { "layer": 1, "scanner": "code_analyzer", "file": "C:\\Users\\gilad\\Projects\\warden\\gallery\\repos\\metagpt\\metagpt\\software_company.py", "line": 153, "severity": "MEDIUM", "dimension": "D5", "message": "print() used instead of structured logging", "remediation": "Use logging.* or structlog.* for structured, searchable logs", "compliance": {} }, { "layer": 1, "scanner": "code_analyzer", "file": "C:\\Users\\gilad\\Projects\\warden\\gallery\\repos\\metagpt\\metagpt\\document_store\\milvus_store.py", "line": 73, "severity": "MEDIUM", "dimension": "D5", "message": "print() used instead of structured logging", "remediation": "Use logging.* or structlog.* for structured, searchable logs", "compliance": {} }, { "layer": 1, "scanner": "code_analyzer", "file": "C:\\Users\\gilad\\Projects\\warden\\gallery\\repos\\metagpt\\metagpt\\environment\\android\\android_ext_env.py", "line": 374, "severity": "MEDIUM", "dimension": "D5", "message": "print() used instead of structured logging", "remediation": "Use logging.* or structlog.* for structured, searchable logs", "compliance": {} }, { "layer": 1, "scanner": "code_analyzer", "file": "C:\\Users\\gilad\\Projects\\warden\\gallery\\repos\\metagpt\\metagpt\\environment\\android\\text_icon_localization.py", "line": 268, "severity": "MEDIUM", "dimension": "D5", "message": "print() used instead of structured logging", "remediation": "Use logging.* or structlog.* for structured, searchable logs", "compliance": {} }, { "layer": 1, "scanner": "code_analyzer", "file": "C:\\Users\\gilad\\Projects\\warden\\gallery\\repos\\metagpt\\metagpt\\ext\\aflow\\benchmark\\math.py", "line": 49, "severity": "HIGH", "dimension": "D9", "message": "Empty exception handler — errors silently swallowed", "remediation": "Log the exception or handle it explicitly", "compliance": {} }, { "layer": 1, "scanner": "code_analyzer", "file": "C:\\Users\\gilad\\Projects\\warden\\gallery\\repos\\metagpt\\metagpt\\ext\\aflow\\benchmark\\math.py", "line": 54, "severity": "HIGH", "dimension": "D9", "message": "Empty exception handler — errors silently swallowed", "remediation": "Log the exception or handle it explicitly", "compliance": {} }, { "layer": 1, "scanner": "code_analyzer", "file": "C:\\Users\\gilad\\Projects\\warden\\gallery\\repos\\metagpt\\metagpt\\ext\\aflow\\benchmark\\math.py", "line": 73, "severity": "HIGH", "dimension": "D9", "message": "Empty exception handler — errors silently swallowed", "remediation": "Log the exception or handle it explicitly", "compliance": {} }, { "layer": 1, "scanner": "code_analyzer", "file": "C:\\Users\\gilad\\Projects\\warden\\gallery\\repos\\metagpt\\metagpt\\ext\\aflow\\benchmark\\math.py", "line": 82, "severity": "HIGH", "dimension": "D9", "message": "Empty exception handler — errors silently swallowed", "remediation": "Log the exception or handle it explicitly", "compliance": {} }, { "layer": 1, "scanner": "code_analyzer", "file": "C:\\Users\\gilad\\Projects\\warden\\gallery\\repos\\metagpt\\metagpt\\ext\\aflow\\benchmark\\math.py", "line": 92, "severity": "HIGH", "dimension": "D9", "message": "Empty exception handler — errors silently swallowed", "remediation": "Log the exception or handle it explicitly", "compliance": {} }, { "layer": 1, "scanner": "code_analyzer", "file": "C:\\Users\\gilad\\Projects\\warden\\gallery\\repos\\metagpt\\metagpt\\ext\\aflow\\benchmark\\math.py", "line": 98, "severity": "HIGH", "dimension": "D9", "message": "Empty exception handler — errors silently swallowed", "remediation": "Log the exception or handle it explicitly", "compliance": {} }, { "layer": 1, "scanner": "code_analyzer", "file": "C:\\Users\\gilad\\Projects\\warden\\gallery\\repos\\metagpt\\metagpt\\ext\\aflow\\scripts\\interface.py", "line": 44, "severity": "MEDIUM", "dimension": "D12", "message": "Hardcoded model name: 'gpt-4o-mini' — no routing/fallback", "remediation": "Use model routing or configuration instead of hardcoded names", "compliance": {} }, { "layer": 1, "scanner": "code_analyzer", "file": "C:\\Users\\gilad\\Projects\\warden\\gallery\\repos\\metagpt\\metagpt\\ext\\android_assistant\\actions\\parse_record.py", "line": 110, "severity": "MEDIUM", "dimension": "D12", "message": "Hardcoded model name: 'Waiting for GPT-4V to generate documentation for the element ' — no routing/fallback", "remediation": "Use model routing or configuration instead of hardcoded names", "compliance": {} }, { "layer": 1, "scanner": "code_analyzer", "file": "C:\\Users\\gilad\\Projects\\warden\\gallery\\repos\\metagpt\\metagpt\\ext\\cr\\actions\\code_review.py", "line": 126, "severity": "HIGH", "dimension": "D9", "message": "Empty exception handler — errors silently swallowed", "remediation": "Log the exception or handle it explicitly", "compliance": {} }, { "layer": 1, "scanner": "code_analyzer", "file": "C:\\Users\\gilad\\Projects\\warden\\gallery\\repos\\metagpt\\metagpt\\ext\\sela\\experimenter.py", "line": 136, "severity": "MEDIUM", "dimension": "D5", "message": "print() used instead of structured logging", "remediation": "Use logging.* or structlog.* for structured, searchable logs", "compliance": {} }, { "layer": 1, "scanner": "code_analyzer", "file": "C:\\Users\\gilad\\Projects\\warden\\gallery\\repos\\metagpt\\metagpt\\ext\\sela\\experimenter.py", "line": 138, "severity": "MEDIUM", "dimension": "D5", "message": "print() used instead of structured logging", "remediation": "Use logging.* or structlog.* for structured, searchable logs", "compliance": {} }, { "layer": 1, "scanner": "code_analyzer", "file": "C:\\Users\\gilad\\Projects\\warden\\gallery\\repos\\metagpt\\metagpt\\ext\\sela\\utils.py", "line": 60, "severity": "MEDIUM", "dimension": "D5", "message": "print() used instead of structured logging", "remediation": "Use logging.* or structlog.* for structured, searchable logs", "compliance": {} }, { "layer": 1, "scanner": "code_analyzer", "file": "C:\\Users\\gilad\\Projects\\warden\\gallery\\repos\\metagpt\\metagpt\\ext\\sela\\utils.py", "line": 118, "severity": "MEDIUM", "dimension": "D5", "message": "print() used instead of structured logging", "remediation": "Use logging.* or structlog.* for structured, searchable logs", "compliance": {} }, { "layer": 1, "scanner": "code_analyzer", "file": "C:\\Users\\gilad\\Projects\\warden\\gallery\\repos\\metagpt\\metagpt\\ext\\sela\\utils.py", "line": 119, "severity": "MEDIUM", "dimension": "D5", "message": "print() used instead of structured logging", "remediation": "Use logging.* or structlog.* for structured, searchable logs", "compliance": {} }, { "layer": 1, "scanner": "code_analyzer", "file": "C:\\Users\\gilad\\Projects\\warden\\gallery\\repos\\metagpt\\metagpt\\ext\\sela\\data\\custom_task.py", "line": 73, "severity": "MEDIUM", "dimension": "D5", "message": "print() used instead of structured logging", "remediation": "Use logging.* or structlog.* for structured, searchable logs", "compliance": {} }, { "layer": 1, "scanner": "code_analyzer", "file": "C:\\Users\\gilad\\Projects\\warden\\gallery\\repos\\metagpt\\metagpt\\ext\\sela\\data\\dataset.py", "line": 194, "severity": "MEDIUM", "dimension": "D5", "message": "print() used instead of structured logging", "remediation": "Use logging.* or structlog.* for structured, searchable logs", "compliance": {} }, { "layer": 1, "scanner": "code_analyzer", "file": "C:\\Users\\gilad\\Projects\\warden\\gallery\\repos\\metagpt\\metagpt\\ext\\sela\\data\\dataset.py", "line": 289, "severity": "MEDIUM", "dimension": "D5", "message": "print() used instead of structured logging", "remediation": "Use logging.* or structlog.* for structured, searchable logs", "compliance": {} }, { "layer": 1, "scanner": "code_analyzer", "file": "C:\\Users\\gilad\\Projects\\warden\\gallery\\repos\\metagpt\\metagpt\\ext\\sela\\data\\dataset.py", "line": 292, "severity": "MEDIUM", "dimension": "D5", "message": "print() used instead of structured logging", "remediation": "Use logging.* or structlog.* for structured, searchable logs", "compliance": {} }, { "layer": 1, "scanner": "code_analyzer", "file": "C:\\Users\\gilad\\Projects\\warden\\gallery\\repos\\metagpt\\metagpt\\ext\\sela\\data\\dataset.py", "line": 294, "severity": "MEDIUM", "dimension": "D5", "message": "print() used instead of structured logging", "remediation": "Use logging.* or structlog.* for structured, searchable logs", "compliance": {} }, { "layer": 1, "scanner": "code_analyzer", "file": "C:\\Users\\gilad\\Projects\\warden\\gallery\\repos\\metagpt\\metagpt\\ext\\sela\\data\\dataset.py", "line": 298, "severity": "MEDIUM", "dimension": "D5", "message": "print() used instead of structured logging", "remediation": "Use logging.* or structlog.* for structured, searchable logs", "compliance": {} }, { "layer": 1, "scanner": "code_analyzer", "file": "C:\\Users\\gilad\\Projects\\warden\\gallery\\repos\\metagpt\\metagpt\\ext\\sela\\evaluation\\visualize_mcts.py", "line": 142, "severity": "MEDIUM", "dimension": "D5", "message": "print() used instead of structured logging", "remediation": "Use logging.* or structlog.* for structured, searchable logs", "compliance": {} }, { "layer": 1, "scanner": "code_analyzer", "file": "C:\\Users\\gilad\\Projects\\warden\\gallery\\repos\\metagpt\\metagpt\\ext\\sela\\runner\\aide.py", "line": 30, "severity": "MEDIUM", "dimension": "D5", "message": "print() used instead of structured logging", "remediation": "Use logging.* or structlog.* for structured, searchable logs", "compliance": {} }, { "layer": 1, "scanner": "code_analyzer", "file": "C:\\Users\\gilad\\Projects\\warden\\gallery\\repos\\metagpt\\metagpt\\ext\\sela\\runner\\aide.py", "line": 31, "severity": "MEDIUM", "dimension": "D5", "message": "print() used instead of structured logging", "remediation": "Use logging.* or structlog.* for structured, searchable logs", "compliance": {} }, { "layer": 1, "scanner": "code_analyzer", "file": "C:\\Users\\gilad\\Projects\\warden\\gallery\\repos\\metagpt\\metagpt\\ext\\sela\\runner\\aide.py", "line": 35, "severity": "MEDIUM", "dimension": "D5", "message": "print() used instead of structured logging", "remediation": "Use logging.* or structlog.* for structured, searchable logs", "compliance": {} }, { "layer": 1, "scanner": "code_analyzer", "file": "C:\\Users\\gilad\\Projects\\warden\\gallery\\repos\\metagpt\\metagpt\\ext\\sela\\runner\\mcts.py", "line": 49, "severity": "MEDIUM", "dimension": "D5", "message": "print() used instead of structured logging", "remediation": "Use logging.* or structlog.* for structured, searchable logs", "compliance": {} }, { "layer": 1, "scanner": "code_analyzer", "file": "C:\\Users\\gilad\\Projects\\warden\\gallery\\repos\\metagpt\\metagpt\\ext\\sela\\runner\\random_search.py", "line": 40, "severity": "MEDIUM", "dimension": "D5", "message": "print() used instead of structured logging", "remediation": "Use logging.* or structlog.* for structured, searchable logs", "compliance": {} }, { "layer": 1, "scanner": "code_analyzer", "file": "C:\\Users\\gilad\\Projects\\warden\\gallery\\repos\\metagpt\\metagpt\\ext\\sela\\runner\\runner.py", "line": 41, "severity": "MEDIUM", "dimension": "D5", "message": "print() used instead of structured logging", "remediation": "Use logging.* or structlog.* for structured, searchable logs", "compliance": {} }, { "layer": 1, "scanner": "code_analyzer", "file": "C:\\Users\\gilad\\Projects\\warden\\gallery\\repos\\metagpt\\metagpt\\ext\\sela\\search\\tree_search.py", "line": 377, "severity": "MEDIUM", "dimension": "D5", "message": "print() used instead of structured logging", "remediation": "Use logging.* or structlog.* for structured, searchable logs", "compliance": {} }, { "layer": 1, "scanner": "code_analyzer", "file": "C:\\Users\\gilad\\Projects\\warden\\gallery\\repos\\metagpt\\metagpt\\ext\\spo\\app.py", "line": 119, "severity": "MEDIUM", "dimension": "D12", "message": "Hardcoded model name: 'claude-3-5-sonnet-20240620' — no routing/fallback", "remediation": "Use model routing or configuration instead of hardcoded names", "compliance": {} }, { "layer": 1, "scanner": "code_analyzer", "file": "C:\\Users\\gilad\\Projects\\warden\\gallery\\repos\\metagpt\\metagpt\\ext\\spo\\app.py", "line": 119, "severity": "MEDIUM", "dimension": "D12", "message": "Hardcoded model name: 'gpt-4o' — no routing/fallback", "remediation": "Use model routing or configuration instead of hardcoded names", "compliance": {} }, { "layer": 1, "scanner": "code_analyzer", "file": "C:\\Users\\gilad\\Projects\\warden\\gallery\\repos\\metagpt\\metagpt\\ext\\spo\\app.py", "line": 119, "severity": "MEDIUM", "dimension": "D12", "message": "Hardcoded model name: 'gpt-4o-mini' — no routing/fallback", "remediation": "Use model routing or configuration instead of hardcoded names", "compliance": {} }, { "layer": 1, "scanner": "code_analyzer", "file": "C:\\Users\\gilad\\Projects\\warden\\gallery\\repos\\metagpt\\metagpt\\ext\\spo\\app.py", "line": 124, "severity": "MEDIUM", "dimension": "D12", "message": "Hardcoded model name: 'gpt-4o-mini' — no routing/fallback", "remediation": "Use model routing or configuration instead of hardcoded names", "compliance": {} }, { "layer": 1, "scanner": "code_analyzer", "file": "C:\\Users\\gilad\\Projects\\warden\\gallery\\repos\\metagpt\\metagpt\\ext\\spo\\app.py", "line": 124, "severity": "MEDIUM", "dimension": "D12", "message": "Hardcoded model name: 'claude-3-5-sonnet-20240620' — no routing/fallback", "remediation": "Use model routing or configuration instead of hardcoded names", "compliance": {} }, { "layer": 1, "scanner": "code_analyzer", "file": "C:\\Users\\gilad\\Projects\\warden\\gallery\\repos\\metagpt\\metagpt\\ext\\spo\\app.py", "line": 124, "severity": "MEDIUM", "dimension": "D12", "message": "Hardcoded model name: 'gpt-4o' — no routing/fallback", "remediation": "Use model routing or configuration instead of hardcoded names", "compliance": {} }, { "layer": 1, "scanner": "code_analyzer", "file": "C:\\Users\\gilad\\Projects\\warden\\gallery\\repos\\metagpt\\metagpt\\ext\\spo\\app.py", "line": 129, "severity": "MEDIUM", "dimension": "D12", "message": "Hardcoded model name: 'gpt-4o-mini' — no routing/fallback", "remediation": "Use model routing or configuration instead of hardcoded names", "compliance": {} }, { "layer": 1, "scanner": "code_analyzer", "file": "C:\\Users\\gilad\\Projects\\warden\\gallery\\repos\\metagpt\\metagpt\\ext\\spo\\app.py", "line": 129, "severity": "MEDIUM", "dimension": "D12", "message": "Hardcoded model name: 'claude-3-5-sonnet-20240620' — no routing/fallback", "remediation": "Use model routing or configuration instead of hardcoded names", "compliance": {} }, { "layer": 1, "scanner": "code_analyzer", "file": "C:\\Users\\gilad\\Projects\\warden\\gallery\\repos\\metagpt\\metagpt\\ext\\spo\\app.py", "line": 129, "severity": "MEDIUM", "dimension": "D12", "message": "Hardcoded model name: 'gpt-4o' — no routing/fallback", "remediation": "Use model routing or configuration instead of hardcoded names", "compliance": {} }, { "layer": 1, "scanner": "code_analyzer", "file": "C:\\Users\\gilad\\Projects\\warden\\gallery\\repos\\metagpt\\metagpt\\ext\\spo\\utils\\llm_client.py", "line": 89, "severity": "MEDIUM", "dimension": "D12", "message": "Hardcoded model name: 'gpt-4o' — no routing/fallback", "remediation": "Use model routing or configuration instead of hardcoded names", "compliance": {} }, { "layer": 1, "scanner": "code_analyzer", "file": "C:\\Users\\gilad\\Projects\\warden\\gallery\\repos\\metagpt\\metagpt\\ext\\spo\\utils\\llm_client.py", "line": 90, "severity": "MEDIUM", "dimension": "D12", "message": "Hardcoded model name: 'gpt-4o-mini' — no routing/fallback", "remediation": "Use model routing or configuration instead of hardcoded names", "compliance": {} }, { "layer": 1, "scanner": "code_analyzer", "file": "C:\\Users\\gilad\\Projects\\warden\\gallery\\repos\\metagpt\\metagpt\\ext\\spo\\utils\\llm_client.py", "line": 91, "severity": "MEDIUM", "dimension": "D12", "message": "Hardcoded model name: 'gpt-4o-mini' — no routing/fallback", "remediation": "Use model routing or configuration instead of hardcoded names", "compliance": {} }, { "layer": 1, "scanner": "code_analyzer", "file": "C:\\Users\\gilad\\Projects\\warden\\gallery\\repos\\metagpt\\metagpt\\ext\\stanford_town\\actions\\agent_chat_sum_rel.py", "line": 17, "severity": "HIGH", "dimension": "D9", "message": "Empty exception handler — errors silently swallowed", "remediation": "Log the exception or handle it explicitly", "compliance": {} }, { "layer": 1, "scanner": "code_analyzer", "file": "C:\\Users\\gilad\\Projects\\warden\\gallery\\repos\\metagpt\\metagpt\\ext\\stanford_town\\actions\\decide_to_talk.py", "line": 17, "severity": "HIGH", "dimension": "D9", "message": "Empty exception handler — errors silently swallowed", "remediation": "Log the exception or handle it explicitly", "compliance": {} }, { "layer": 1, "scanner": "code_analyzer", "file": "C:\\Users\\gilad\\Projects\\warden\\gallery\\repos\\metagpt\\metagpt\\ext\\stanford_town\\actions\\gen_iter_chat_utt.py", "line": 19, "severity": "HIGH", "dimension": "D9", "message": "Empty exception handler — errors silently swallowed", "remediation": "Log the exception or handle it explicitly", "compliance": {} }, { "layer": 1, "scanner": "code_analyzer", "file": "C:\\Users\\gilad\\Projects\\warden\\gallery\\repos\\metagpt\\metagpt\\ext\\stanford_town\\actions\\new_decomp_schedule.py", "line": 31, "severity": "HIGH", "dimension": "D9", "message": "Empty exception handler — errors silently swallowed", "remediation": "Log the exception or handle it explicitly", "compliance": {} }, { "layer": 1, "scanner": "code_analyzer", "file": "C:\\Users\\gilad\\Projects\\warden\\gallery\\repos\\metagpt\\metagpt\\ext\\stanford_town\\actions\\summarize_conv.py", "line": 17, "severity": "HIGH", "dimension": "D9", "message": "Empty exception handler — errors silently swallowed", "remediation": "Log the exception or handle it explicitly", "compliance": {} }, { "layer": 1, "scanner": "code_analyzer", "file": "C:\\Users\\gilad\\Projects\\warden\\gallery\\repos\\metagpt\\metagpt\\provider\\base_llm.py", "line": 325, "severity": "MEDIUM", "dimension": "D12", "message": "Hardcoded model name: 'Set model and return self. For example, `with_model(\"gpt-3.5-turbo\")`.' — no routing/fallback", "remediation": "Use model routing or configuration instead of hardcoded names", "compliance": {} }, { "layer": 1, "scanner": "code_analyzer", "file": "C:\\Users\\gilad\\Projects\\warden\\gallery\\repos\\metagpt\\metagpt\\provider\\constant.py", "line": 35, "severity": "MEDIUM", "dimension": "D12", "message": "Hardcoded model name: 'gpt-4o' — no routing/fallback", "remediation": "Use model routing or configuration instead of hardcoded names", "compliance": {} }, { "layer": 1, "scanner": "code_analyzer", "file": "C:\\Users\\gilad\\Projects\\warden\\gallery\\repos\\metagpt\\metagpt\\provider\\constant.py", "line": 36, "severity": "MEDIUM", "dimension": "D12", "message": "Hardcoded model name: 'gpt-4o-mini' — no routing/fallback", "remediation": "Use model routing or configuration instead of hardcoded names", "compliance": {} }, { "layer": 1, "scanner": "code_analyzer", "file": "C:\\Users\\gilad\\Projects\\warden\\gallery\\repos\\metagpt\\metagpt\\provider\\constant.py", "line": 37, "severity": "MEDIUM", "dimension": "D12", "message": "Hardcoded model name: 'openai/gpt-4o' — no routing/fallback", "remediation": "Use model routing or configuration instead of hardcoded names", "compliance": {} }, { "layer": 1, "scanner": "code_analyzer", "file": "C:\\Users\\gilad\\Projects\\warden\\gallery\\repos\\metagpt\\metagpt\\provider\\constant.py", "line": 40, "severity": "MEDIUM", "dimension": "D12", "message": "Hardcoded model name: 'claude-3-5-sonnet-v2' — no routing/fallback", "remediation": "Use model routing or configuration instead of hardcoded names", "compliance": {} }, { "layer": 1, "scanner": "code_analyzer", "file": "C:\\Users\\gilad\\Projects\\warden\\gallery\\repos\\metagpt\\metagpt\\provider\\constant.py", "line": 43, "severity": "MEDIUM", "dimension": "D12", "message": "Hardcoded model name: 'anthropic/claude-3.5-sonnet' — no routing/fallback", "remediation": "Use model routing or configuration instead of hardcoded names", "compliance": {} }, { "layer": 1, "scanner": "code_analyzer", "file": "C:\\Users\\gilad\\Projects\\warden\\gallery\\repos\\metagpt\\metagpt\\provider\\constant.py", "line": 44, "severity": "MEDIUM", "dimension": "D12", "message": "Hardcoded model name: 'anthropic/claude-3.7-sonnet' — no routing/fallback", "remediation": "Use model routing or configuration instead of hardcoded names", "compliance": {} }, { "layer": 1, "scanner": "code_analyzer", "file": "C:\\Users\\gilad\\Projects\\warden\\gallery\\repos\\metagpt\\metagpt\\provider\\general_api_base.py", "line": 89, "severity": "MEDIUM", "dimension": "D5", "message": "print() used instead of structured logging", "remediation": "Use logging.* or structlog.* for structured, searchable logs", "compliance": {} }, { "layer": 1, "scanner": "code_analyzer", "file": "C:\\Users\\gilad\\Projects\\warden\\gallery\\repos\\metagpt\\metagpt\\provider\\general_api_base.py", "line": 96, "severity": "MEDIUM", "dimension": "D5", "message": "print() used instead of structured logging", "remediation": "Use logging.* or structlog.* for structured, searchable logs", "compliance": {} }, { "layer": 1, "scanner": "code_analyzer", "file": "C:\\Users\\gilad\\Projects\\warden\\gallery\\repos\\metagpt\\metagpt\\provider\\general_api_base.py", "line": 102, "severity": "MEDIUM", "dimension": "D5", "message": "print() used instead of structured logging", "remediation": "Use logging.* or structlog.* for structured, searchable logs", "compliance": {} }, { "layer": 1, "scanner": "code_analyzer", "file": "C:\\Users\\gilad\\Projects\\warden\\gallery\\repos\\metagpt\\metagpt\\provider\\bedrock\\utils.py", "line": 40, "severity": "MEDIUM", "dimension": "D12", "message": "Hardcoded model name: 'anthropic.claude-3-sonnet-20240229-v1:0' — no routing/fallback", "remediation": "Use model routing or configuration instead of hardcoded names", "compliance": {} }, { "layer": 1, "scanner": "code_analyzer", "file": "C:\\Users\\gilad\\Projects\\warden\\gallery\\repos\\metagpt\\metagpt\\provider\\bedrock\\utils.py", "line": 41, "severity": "MEDIUM", "dimension": "D12", "message": "Hardcoded model name: 'anthropic.claude-3-sonnet-20240229-v1:0:28k' — no routing/fallback", "remediation": "Use model routing or configuration instead of hardcoded names", "compliance": {} }, { "layer": 1, "scanner": "code_analyzer", "file": "C:\\Users\\gilad\\Projects\\warden\\gallery\\repos\\metagpt\\metagpt\\provider\\bedrock\\utils.py", "line": 42, "severity": "MEDIUM", "dimension": "D12", "message": "Hardcoded model name: 'anthropic.claude-3-sonnet-20240229-v1:0:200k' — no routing/fallback", "remediation": "Use model routing or configuration instead of hardcoded names", "compliance": {} }, { "layer": 1, "scanner": "code_analyzer", "file": "C:\\Users\\gilad\\Projects\\warden\\gallery\\repos\\metagpt\\metagpt\\provider\\bedrock\\utils.py", "line": 44, "severity": "MEDIUM", "dimension": "D12", "message": "Hardcoded model name: 'anthropic.claude-3-haiku-20240307-v1:0' — no routing/fallback", "remediation": "Use model routing or configuration instead of hardcoded names", "compliance": {} }, { "layer": 1, "scanner": "code_analyzer", "file": "C:\\Users\\gilad\\Projects\\warden\\gallery\\repos\\metagpt\\metagpt\\provider\\bedrock\\utils.py", "line": 45, "severity": "MEDIUM", "dimension": "D12", "message": "Hardcoded model name: 'anthropic.claude-3-haiku-20240307-v1:0:48k' — no routing/fallback", "remediation": "Use model routing or configuration instead of hardcoded names", "compliance": {} }, { "layer": 1, "scanner": "code_analyzer", "file": "C:\\Users\\gilad\\Projects\\warden\\gallery\\repos\\metagpt\\metagpt\\provider\\bedrock\\utils.py", "line": 46, "severity": "MEDIUM", "dimension": "D12", "message": "Hardcoded model name: 'anthropic.claude-3-haiku-20240307-v1:0:200k' — no routing/fallback", "remediation": "Use model routing or configuration instead of hardcoded names", "compliance": {} }, { "layer": 1, "scanner": "code_analyzer", "file": "C:\\Users\\gilad\\Projects\\warden\\gallery\\repos\\metagpt\\metagpt\\provider\\bedrock\\utils.py", "line": 48, "severity": "MEDIUM", "dimension": "D12", "message": "Hardcoded model name: 'anthropic.claude-3-opus-20240229-v1:0' — no routing/fallback", "remediation": "Use model routing or configuration instead of hardcoded names", "compliance": {} }, { "layer": 1, "scanner": "code_analyzer", "file": "C:\\Users\\gilad\\Projects\\warden\\gallery\\repos\\metagpt\\metagpt\\provider\\bedrock\\utils.py", "line": 50, "severity": "MEDIUM", "dimension": "D12", "message": "Hardcoded model name: 'anthropic.claude-3-5-sonnet-20240620-v1:0' — no routing/fallback", "remediation": "Use model routing or configuration instead of hardcoded names", "compliance": {} }, { "layer": 1, "scanner": "code_analyzer", "file": "C:\\Users\\gilad\\Projects\\warden\\gallery\\repos\\metagpt\\metagpt\\provider\\bedrock\\utils.py", "line": 51, "severity": "MEDIUM", "dimension": "D12", "message": "Hardcoded model name: 'anthropic.claude-3-5-sonnet-20241022-v2:0' — no routing/fallback", "remediation": "Use model routing or configuration instead of hardcoded names", "compliance": {} }, { "layer": 1, "scanner": "code_analyzer", "file": "C:\\Users\\gilad\\Projects\\warden\\gallery\\repos\\metagpt\\metagpt\\provider\\bedrock\\utils.py", "line": 52, "severity": "MEDIUM", "dimension": "D12", "message": "Hardcoded model name: 'us.anthropic.claude-3-5-sonnet-20241022-v2:0' — no routing/fallback", "remediation": "Use model routing or configuration instead of hardcoded names", "compliance": {} }, { "layer": 1, "scanner": "code_analyzer", "file": "C:\\Users\\gilad\\Projects\\warden\\gallery\\repos\\metagpt\\metagpt\\provider\\bedrock\\utils.py", "line": 54, "severity": "MEDIUM", "dimension": "D12", "message": "Hardcoded model name: 'us.anthropic.claude-3-7-sonnet-20250219-v1:0' — no routing/fallback", "remediation": "Use model routing or configuration instead of hardcoded names", "compliance": {} }, { "layer": 1, "scanner": "code_analyzer", "file": "C:\\Users\\gilad\\Projects\\warden\\gallery\\repos\\metagpt\\metagpt\\provider\\bedrock\\utils.py", "line": 55, "severity": "MEDIUM", "dimension": "D12", "message": "Hardcoded model name: 'anthropic.claude-3-7-sonnet-20250219-v1:0' — no routing/fallback", "remediation": "Use model routing or configuration instead of hardcoded names", "compliance": {} }, { "layer": 1, "scanner": "code_analyzer", "file": "C:\\Users\\gilad\\Projects\\warden\\gallery\\repos\\metagpt\\metagpt\\roles\\teacher.py", "line": 46, "severity": "MEDIUM", "dimension": "D5", "message": "print() used instead of structured logging", "remediation": "Use logging.* or structlog.* for structured, searchable logs", "compliance": {} }, { "layer": 1, "scanner": "code_analyzer", "file": "C:\\Users\\gilad\\Projects\\warden\\gallery\\repos\\metagpt\\metagpt\\roles\\di\\data_analyst.py", "line": 110, "severity": "MEDIUM", "dimension": "D5", "message": "print() used instead of structured logging", "remediation": "Use logging.* or structlog.* for structured, searchable logs", "compliance": {} }, { "layer": 1, "scanner": "code_analyzer", "file": "C:\\Users\\gilad\\Projects\\warden\\gallery\\repos\\metagpt\\metagpt\\roles\\di\\data_analyst.py", "line": 140, "severity": "MEDIUM", "dimension": "D5", "message": "print() used instead of structured logging", "remediation": "Use logging.* or structlog.* for structured, searchable logs", "compliance": {} }, { "layer": 1, "scanner": "code_analyzer", "file": "C:\\Users\\gilad\\Projects\\warden\\gallery\\repos\\metagpt\\metagpt\\roles\\di\\data_interpreter.py", "line": 135, "severity": "MEDIUM", "dimension": "D5", "message": "print() used instead of structured logging", "remediation": "Use logging.* or structlog.* for structured, searchable logs", "compliance": {} }, { "layer": 1, "scanner": "code_analyzer", "file": "C:\\Users\\gilad\\Projects\\warden\\gallery\\repos\\metagpt\\metagpt\\roles\\di\\data_interpreter.py", "line": 188, "severity": "MEDIUM", "dimension": "D5", "message": "print() used instead of structured logging", "remediation": "Use logging.* or structlog.* for structured, searchable logs", "compliance": {} }, { "layer": 1, "scanner": "code_analyzer", "file": "C:\\Users\\gilad\\Projects\\warden\\gallery\\repos\\metagpt\\metagpt\\strategy\\base.py", "line": 107, "severity": "MEDIUM", "dimension": "D5", "message": "print() used instead of structured logging", "remediation": "Use logging.* or structlog.* for structured, searchable logs", "compliance": {} }, { "layer": 1, "scanner": "code_analyzer", "file": "C:\\Users\\gilad\\Projects\\warden\\gallery\\repos\\metagpt\\metagpt\\strategy\\base.py", "line": 109, "severity": "MEDIUM", "dimension": "D5", "message": "print() used instead of structured logging", "remediation": "Use logging.* or structlog.* for structured, searchable logs", "compliance": {} }, { "layer": 1, "scanner": "code_analyzer", "file": "C:\\Users\\gilad\\Projects\\warden\\gallery\\repos\\metagpt\\metagpt\\strategy\\thinking_command.py", "line": 110, "severity": "MEDIUM", "dimension": "D5", "message": "print() used instead of structured logging", "remediation": "Use logging.* or structlog.* for structured, searchable logs", "compliance": {} }, { "layer": 1, "scanner": "code_analyzer", "file": "C:\\Users\\gilad\\Projects\\warden\\gallery\\repos\\metagpt\\metagpt\\tools\\metagpt_oas3_api_svc.py", "line": 23, "severity": "MEDIUM", "dimension": "D5", "message": "print() used instead of structured logging", "remediation": "Use logging.* or structlog.* for structured, searchable logs", "compliance": {} }, { "layer": 1, "scanner": "code_analyzer", "file": "C:\\Users\\gilad\\Projects\\warden\\gallery\\repos\\metagpt\\metagpt\\tools\\tool_recommend.py", "line": 157, "severity": "MEDIUM", "dimension": "D5", "message": "print() used instead of structured logging", "remediation": "Use logging.* or structlog.* for structured, searchable logs", "compliance": {} }, { "layer": 1, "scanner": "code_analyzer", "file": "C:\\Users\\gilad\\Projects\\warden\\gallery\\repos\\metagpt\\metagpt\\tools\\tool_registry.py", "line": 57, "severity": "HIGH", "dimension": "D9", "message": "Empty exception handler — errors silently swallowed", "remediation": "Log the exception or handle it explicitly", "compliance": {} }, { "layer": 1, "scanner": "code_analyzer", "file": "C:\\Users\\gilad\\Projects\\warden\\gallery\\repos\\metagpt\\metagpt\\tools\\libs\\email_login.py", "line": 27, "severity": "CRITICAL", "dimension": "D2", "message": "Tool function without input validation", "remediation": "Add input validation (pydantic, jsonschema, or manual checks)", "compliance": { "owasp_llm": "LLM01" } }, { "layer": 1, "scanner": "code_analyzer", "file": "C:\\Users\\gilad\\Projects\\warden\\gallery\\repos\\metagpt\\metagpt\\tools\\libs\\git.py", "line": 96, "severity": "CRITICAL", "dimension": "D2", "message": "Tool function without input validation", "remediation": "Add input validation (pydantic, jsonschema, or manual checks)", "compliance": { "owasp_llm": "LLM01" } }, { "layer": 1, "scanner": "code_analyzer", "file": "C:\\Users\\gilad\\Projects\\warden\\gallery\\repos\\metagpt\\metagpt\\tools\\libs\\gpt_v_generator.py", "line": 46, "severity": "MEDIUM", "dimension": "D12", "message": "Hardcoded model name: 'gpt-4-vision-preview' — no routing/fallback", "remediation": "Use model routing or configuration instead of hardcoded names", "compliance": {} }, { "layer": 1, "scanner": "code_analyzer", "file": "C:\\Users\\gilad\\Projects\\warden\\gallery\\repos\\metagpt\\metagpt\\tools\\libs\\linter.py", "line": 222, "severity": "MEDIUM", "dimension": "D5", "message": "print() used instead of structured logging", "remediation": "Use logging.* or structlog.* for structured, searchable logs", "compliance": {} }, { "layer": 1, "scanner": "code_analyzer", "file": "C:\\Users\\gilad\\Projects\\warden\\gallery\\repos\\metagpt\\metagpt\\tools\\libs\\linter.py", "line": 229, "severity": "MEDIUM", "dimension": "D5", "message": "print() used instead of structured logging", "remediation": "Use logging.* or structlog.* for structured, searchable logs", "compliance": {} }, { "layer": 1, "scanner": "code_analyzer", "file": "C:\\Users\\gilad\\Projects\\warden\\gallery\\repos\\metagpt\\metagpt\\tools\\libs\\web_scraping.py", "line": 11, "severity": "CRITICAL", "dimension": "D2", "message": "Tool function without input validation", "remediation": "Add input validation (pydantic, jsonschema, or manual checks)", "compliance": { "owasp_llm": "LLM01" } }, { "layer": 1, "scanner": "code_analyzer", "file": "C:\\Users\\gilad\\Projects\\warden\\gallery\\repos\\metagpt\\metagpt\\tools\\swe_agent_commands\\swe_agent_utils.py", "line": 25, "severity": "MEDIUM", "dimension": "D5", "message": "print() used instead of structured logging", "remediation": "Use logging.* or structlog.* for structured, searchable logs", "compliance": {} }, { "layer": 1, "scanner": "code_analyzer", "file": "C:\\Users\\gilad\\Projects\\warden\\gallery\\repos\\metagpt\\metagpt\\tools\\swe_agent_commands\\_split_string.py", "line": 11, "severity": "MEDIUM", "dimension": "D5", "message": "print() used instead of structured logging", "remediation": "Use logging.* or structlog.* for structured, searchable logs", "compliance": {} }, { "layer": 1, "scanner": "code_analyzer", "file": "C:\\Users\\gilad\\Projects\\warden\\gallery\\repos\\metagpt\\metagpt\\tools\\swe_agent_commands\\_split_string.py", "line": 14, "severity": "MEDIUM", "dimension": "D5", "message": "print() used instead of structured logging", "remediation": "Use logging.* or structlog.* for structured, searchable logs", "compliance": {} }, { "layer": 1, "scanner": "code_analyzer", "file": "C:\\Users\\gilad\\Projects\\warden\\gallery\\repos\\metagpt\\metagpt\\utils\\a11y_tree.py", "line": 240, "severity": "HIGH", "dimension": "D9", "message": "Empty exception handler — errors silently swallowed", "remediation": "Log the exception or handle it explicitly", "compliance": {} }, { "layer": 1, "scanner": "code_analyzer", "file": "C:\\Users\\gilad\\Projects\\warden\\gallery\\repos\\metagpt\\metagpt\\utils\\common.py", "line": 153, "severity": "HIGH", "dimension": "D9", "message": "Empty exception handler — errors silently swallowed", "remediation": "Log the exception or handle it explicitly", "compliance": {} }, { "layer": 1, "scanner": "code_analyzer", "file": "C:\\Users\\gilad\\Projects\\warden\\gallery\\repos\\metagpt\\metagpt\\utils\\common.py", "line": 178, "severity": "HIGH", "dimension": "D9", "message": "Empty exception handler — errors silently swallowed", "remediation": "Log the exception or handle it explicitly", "compliance": {} }, { "layer": 1, "scanner": "code_analyzer", "file": "C:\\Users\\gilad\\Projects\\warden\\gallery\\repos\\metagpt\\metagpt\\utils\\common.py", "line": 189, "severity": "HIGH", "dimension": "D9", "message": "Empty exception handler — errors silently swallowed", "remediation": "Log the exception or handle it explicitly", "compliance": {} }, { "layer": 1, "scanner": "code_analyzer", "file": "C:\\Users\\gilad\\Projects\\warden\\gallery\\repos\\metagpt\\metagpt\\utils\\common.py", "line": 3, "severity": "MEDIUM", "dimension": "D12", "message": "Hardcoded model name: '\n@Time : 2023/4/29 16:07\n@Author : alexanderwu\n@File : common.py\n@Modified By: mashenquan, 2023-11-1. According to Chapter 2.2.2 of RFC 116:\n Add generic class-to-string and object-to-string conversion functionality.\n@Modified By: mashenquan, 2023/11/27. Bug fix: `parse_recipient` failed to parse the recipient in certain GPT-3.5\n responses.\n' — no routing/fallback", "remediation": "Use model routing or configuration instead of hardcoded names", "compliance": {} }, { "layer": 1, "scanner": "code_analyzer", "file": "C:\\Users\\gilad\\Projects\\warden\\gallery\\repos\\metagpt\\metagpt\\utils\\common.py", "line": 341, "severity": "MEDIUM", "dimension": "D5", "message": "print() used instead of structured logging", "remediation": "Use logging.* or structlog.* for structured, searchable logs", "compliance": {} }, { "layer": 1, "scanner": "code_analyzer", "file": "C:\\Users\\gilad\\Projects\\warden\\gallery\\repos\\metagpt\\metagpt\\utils\\common.py", "line": 343, "severity": "MEDIUM", "dimension": "D5", "message": "print() used instead of structured logging", "remediation": "Use logging.* or structlog.* for structured, searchable logs", "compliance": {} }, { "layer": 1, "scanner": "code_analyzer", "file": "C:\\Users\\gilad\\Projects\\warden\\gallery\\repos\\metagpt\\metagpt\\utils\\common.py", "line": 349, "severity": "MEDIUM", "dimension": "D5", "message": "print() used instead of structured logging", "remediation": "Use logging.* or structlog.* for structured, searchable logs", "compliance": {} }, { "layer": 1, "scanner": "code_analyzer", "file": "C:\\Users\\gilad\\Projects\\warden\\gallery\\repos\\metagpt\\metagpt\\utils\\common.py", "line": 351, "severity": "MEDIUM", "dimension": "D5", "message": "print() used instead of structured logging", "remediation": "Use logging.* or structlog.* for structured, searchable logs", "compliance": {} }, { "layer": 1, "scanner": "code_analyzer", "file": "C:\\Users\\gilad\\Projects\\warden\\gallery\\repos\\metagpt\\metagpt\\utils\\common.py", "line": 1182, "severity": "MEDIUM", "dimension": "D5", "message": "print() used instead of structured logging", "remediation": "Use logging.* or structlog.* for structured, searchable logs", "compliance": {} }, { "layer": 1, "scanner": "code_analyzer", "file": "C:\\Users\\gilad\\Projects\\warden\\gallery\\repos\\metagpt\\metagpt\\utils\\custom_decoder.py", "line": 160, "severity": "HIGH", "dimension": "D9", "message": "Empty exception handler — errors silently swallowed", "remediation": "Log the exception or handle it explicitly", "compliance": {} }, { "layer": 1, "scanner": "code_analyzer", "file": "C:\\Users\\gilad\\Projects\\warden\\gallery\\repos\\metagpt\\metagpt\\utils\\git_repository.py", "line": 295, "severity": "MEDIUM", "dimension": "D5", "message": "print() used instead of structured logging", "remediation": "Use logging.* or structlog.* for structured, searchable logs", "compliance": {} }, { "layer": 1, "scanner": "code_analyzer", "file": "C:\\Users\\gilad\\Projects\\warden\\gallery\\repos\\metagpt\\metagpt\\utils\\human_interaction.py", "line": 70, "severity": "HIGH", "dimension": "D9", "message": "Empty exception handler — errors silently swallowed", "remediation": "Log the exception or handle it explicitly", "compliance": {} }, { "layer": 1, "scanner": "code_analyzer", "file": "C:\\Users\\gilad\\Projects\\warden\\gallery\\repos\\metagpt\\metagpt\\utils\\role_zero_utils.py", "line": 128, "severity": "MEDIUM", "dimension": "D5", "message": "print() used instead of structured logging", "remediation": "Use logging.* or structlog.* for structured, searchable logs", "compliance": {} }, { "layer": 1, "scanner": "code_analyzer", "file": "C:\\Users\\gilad\\Projects\\warden\\gallery\\repos\\metagpt\\metagpt\\utils\\stream_pipe.py", "line": 23, "severity": "MEDIUM", "dimension": "D12", "message": "Hardcoded model name: 'gpt-3.5-turbo-0125' — no routing/fallback", "remediation": "Use model routing or configuration instead of hardcoded names", "compliance": {} }, { "layer": 1, "scanner": "code_analyzer", "file": "C:\\Users\\gilad\\Projects\\warden\\gallery\\repos\\metagpt\\metagpt\\utils\\text.py", "line": 12, "severity": "MEDIUM", "dimension": "D12", "message": "Hardcoded model name: 'Reduce the length of concatenated message segments to fit within the maximum token size.\n\n Args:\n msgs: A generator of strings representing progressively shorter valid prompts.\n model_name: The name of the encoding to use. (e.g., \"gpt-3.5-turbo\")\n system_text: The system prompts.\n reserved: The number of reserved tokens.\n\n Returns:\n The concatenated message segments reduced to fit within the maximum token size.\n\n Raises:\n RuntimeError: If it fails to reduce the concatenated message length.\n ' — no routing/fallback", "remediation": "Use model routing or configuration instead of hardcoded names", "compliance": {} }, { "layer": 1, "scanner": "code_analyzer", "file": "C:\\Users\\gilad\\Projects\\warden\\gallery\\repos\\metagpt\\metagpt\\utils\\text.py", "line": 41, "severity": "MEDIUM", "dimension": "D12", "message": "Hardcoded model name: 'Split the text into chunks of a maximum token size.\n\n Args:\n text: The text to split.\n prompt_template: The template for the prompt, containing a single `{}` placeholder. For example, \"### Reference\n{}\".\n model_name: The name of the encoding to use. (e.g., \"gpt-3.5-turbo\")\n system_text: The system prompts.\n reserved: The number of reserved tokens.\n\n Yields:\n The chunk of text.\n ' — no routing/fallback", "remediation": "Use model routing or configuration instead of hardcoded names", "compliance": {} }, { "layer": 1, "scanner": "code_analyzer", "file": "C:\\Users\\gilad\\Projects\\warden\\gallery\\repos\\metagpt\\metagpt\\utils\\token_counter.py", "line": 19, "severity": "MEDIUM", "dimension": "D12", "message": "Hardcoded model name: 'anthropic/claude-3.5-sonnet' — no routing/fallback", "remediation": "Use model routing or configuration instead of hardcoded names", "compliance": {} }, { "layer": 1, "scanner": "code_analyzer", "file": "C:\\Users\\gilad\\Projects\\warden\\gallery\\repos\\metagpt\\metagpt\\utils\\token_counter.py", "line": 20, "severity": "MEDIUM", "dimension": "D12", "message": "Hardcoded model name: 'gpt-3.5-turbo' — no routing/fallback", "remediation": "Use model routing or configuration instead of hardcoded names", "compliance": {} }, { "layer": 1, "scanner": "code_analyzer", "file": "C:\\Users\\gilad\\Projects\\warden\\gallery\\repos\\metagpt\\metagpt\\utils\\token_counter.py", "line": 21, "severity": "MEDIUM", "dimension": "D12", "message": "Hardcoded model name: 'gpt-3.5-turbo-0301' — no routing/fallback", "remediation": "Use model routing or configuration instead of hardcoded names", "compliance": {} }, { "layer": 1, "scanner": "code_analyzer", "file": "C:\\Users\\gilad\\Projects\\warden\\gallery\\repos\\metagpt\\metagpt\\utils\\token_counter.py", "line": 22, "severity": "MEDIUM", "dimension": "D12", "message": "Hardcoded model name: 'gpt-3.5-turbo-0613' — no routing/fallback", "remediation": "Use model routing or configuration instead of hardcoded names", "compliance": {} }, { "layer": 1, "scanner": "code_analyzer", "file": "C:\\Users\\gilad\\Projects\\warden\\gallery\\repos\\metagpt\\metagpt\\utils\\token_counter.py", "line": 23, "severity": "MEDIUM", "dimension": "D12", "message": "Hardcoded model name: 'gpt-3.5-turbo-16k' — no routing/fallback", "remediation": "Use model routing or configuration instead of hardcoded names", "compliance": {} }, { "layer": 1, "scanner": "code_analyzer", "file": "C:\\Users\\gilad\\Projects\\warden\\gallery\\repos\\metagpt\\metagpt\\utils\\token_counter.py", "line": 24, "severity": "MEDIUM", "dimension": "D12", "message": "Hardcoded model name: 'gpt-3.5-turbo-16k-0613' — no routing/fallback", "remediation": "Use model routing or configuration instead of hardcoded names", "compliance": {} }, { "layer": 1, "scanner": "code_analyzer", "file": "C:\\Users\\gilad\\Projects\\warden\\gallery\\repos\\metagpt\\metagpt\\utils\\token_counter.py", "line": 27, "severity": "MEDIUM", "dimension": "D12", "message": "Hardcoded model name: 'gpt-3.5-turbo-1106' — no routing/fallback", "remediation": "Use model routing or configuration instead of hardcoded names", "compliance": {} }, { "layer": 1, "scanner": "code_analyzer", "file": "C:\\Users\\gilad\\Projects\\warden\\gallery\\repos\\metagpt\\metagpt\\utils\\token_counter.py", "line": 28, "severity": "MEDIUM", "dimension": "D12", "message": "Hardcoded model name: 'gpt-3.5-turbo-0125' — no routing/fallback", "remediation": "Use model routing or configuration instead of hardcoded names", "compliance": {} }, { "layer": 1, "scanner": "code_analyzer", "file": "C:\\Users\\gilad\\Projects\\warden\\gallery\\repos\\metagpt\\metagpt\\utils\\token_counter.py", "line": 29, "severity": "MEDIUM", "dimension": "D12", "message": "Hardcoded model name: 'gpt-4-0314' — no routing/fallback", "remediation": "Use model routing or configuration instead of hardcoded names", "compliance": {} }, { "layer": 1, "scanner": "code_analyzer", "file": "C:\\Users\\gilad\\Projects\\warden\\gallery\\repos\\metagpt\\metagpt\\utils\\token_counter.py", "line": 30, "severity": "MEDIUM", "dimension": "D12", "message": "Hardcoded model name: 'gpt-4' — no routing/fallback", "remediation": "Use model routing or configuration instead of hardcoded names", "compliance": {} }, { "layer": 1, "scanner": "code_analyzer", "file": "C:\\Users\\gilad\\Projects\\warden\\gallery\\repos\\metagpt\\metagpt\\utils\\token_counter.py", "line": 31, "severity": "MEDIUM", "dimension": "D12", "message": "Hardcoded model name: 'gpt-4-32k' — no routing/fallback", "remediation": "Use model routing or configuration instead of hardcoded names", "compliance": {} }, { "layer": 1, "scanner": "code_analyzer", "file": "C:\\Users\\gilad\\Projects\\warden\\gallery\\repos\\metagpt\\metagpt\\utils\\token_counter.py", "line": 32, "severity": "MEDIUM", "dimension": "D12", "message": "Hardcoded model name: 'gpt-4-32k-0314' — no routing/fallback", "remediation": "Use model routing or configuration instead of hardcoded names", "compliance": {} }, { "layer": 1, "scanner": "code_analyzer", "file": "C:\\Users\\gilad\\Projects\\warden\\gallery\\repos\\metagpt\\metagpt\\utils\\token_counter.py", "line": 33, "severity": "MEDIUM", "dimension": "D12", "message": "Hardcoded model name: 'gpt-4-0613' — no routing/fallback", "remediation": "Use model routing or configuration instead of hardcoded names", "compliance": {} }, { "layer": 1, "scanner": "code_analyzer", "file": "C:\\Users\\gilad\\Projects\\warden\\gallery\\repos\\metagpt\\metagpt\\utils\\token_counter.py", "line": 34, "severity": "MEDIUM", "dimension": "D12", "message": "Hardcoded model name: 'gpt-4-turbo-preview' — no routing/fallback", "remediation": "Use model routing or configuration instead of hardcoded names", "compliance": {} }, { "layer": 1, "scanner": "code_analyzer", "file": "C:\\Users\\gilad\\Projects\\warden\\gallery\\repos\\metagpt\\metagpt\\utils\\token_counter.py", "line": 35, "severity": "MEDIUM", "dimension": "D12", "message": "Hardcoded model name: 'gpt-4-1106-preview' — no routing/fallback", "remediation": "Use model routing or configuration instead of hardcoded names", "compliance": {} }, { "layer": 1, "scanner": "code_analyzer", "file": "C:\\Users\\gilad\\Projects\\warden\\gallery\\repos\\metagpt\\metagpt\\utils\\token_counter.py", "line": 36, "severity": "MEDIUM", "dimension": "D12", "message": "Hardcoded model name: 'gpt-4-0125-preview' — no routing/fallback", "remediation": "Use model routing or configuration instead of hardcoded names", "compliance": {} }, { "layer": 1, "scanner": "code_analyzer", "file": "C:\\Users\\gilad\\Projects\\warden\\gallery\\repos\\metagpt\\metagpt\\utils\\token_counter.py", "line": 37, "severity": "MEDIUM", "dimension": "D12", "message": "Hardcoded model name: 'gpt-4-turbo' — no routing/fallback", "remediation": "Use model routing or configuration instead of hardcoded names", "compliance": {} }, { "layer": 1, "scanner": "code_analyzer", "file": "C:\\Users\\gilad\\Projects\\warden\\gallery\\repos\\metagpt\\metagpt\\utils\\token_counter.py", "line": 38, "severity": "MEDIUM", "dimension": "D12", "message": "Hardcoded model name: 'gpt-4-turbo-2024-04-09' — no routing/fallback", "remediation": "Use model routing or configuration instead of hardcoded names", "compliance": {} }, { "layer": 1, "scanner": "code_analyzer", "file": "C:\\Users\\gilad\\Projects\\warden\\gallery\\repos\\metagpt\\metagpt\\utils\\token_counter.py", "line": 39, "severity": "MEDIUM", "dimension": "D12", "message": "Hardcoded model name: 'gpt-4-vision-preview' — no routing/fallback", "remediation": "Use model routing or configuration instead of hardcoded names", "compliance": {} }, { "layer": 1, "scanner": "code_analyzer", "file": "C:\\Users\\gilad\\Projects\\warden\\gallery\\repos\\metagpt\\metagpt\\utils\\token_counter.py", "line": 40, "severity": "MEDIUM", "dimension": "D12", "message": "Hardcoded model name: 'gpt-4-1106-vision-preview' — no routing/fallback", "remediation": "Use model routing or configuration instead of hardcoded names", "compliance": {} }, { "layer": 1, "scanner": "code_analyzer", "file": "C:\\Users\\gilad\\Projects\\warden\\gallery\\repos\\metagpt\\metagpt\\utils\\token_counter.py", "line": 41, "severity": "MEDIUM", "dimension": "D12", "message": "Hardcoded model name: 'gpt-4o' — no routing/fallback", "remediation": "Use model routing or configuration instead of hardcoded names", "compliance": {} }, { "layer": 1, "scanner": "code_analyzer", "file": "C:\\Users\\gilad\\Projects\\warden\\gallery\\repos\\metagpt\\metagpt\\utils\\token_counter.py", "line": 42, "severity": "MEDIUM", "dimension": "D12", "message": "Hardcoded model name: 'gpt-4o-mini' — no routing/fallback", "remediation": "Use model routing or configuration instead of hardcoded names", "compliance": {} }, { "layer": 1, "scanner": "code_analyzer", "file": "C:\\Users\\gilad\\Projects\\warden\\gallery\\repos\\metagpt\\metagpt\\utils\\token_counter.py", "line": 43, "severity": "MEDIUM", "dimension": "D12", "message": "Hardcoded model name: 'gpt-4o-mini-2024-07-18' — no routing/fallback", "remediation": "Use model routing or configuration instead of hardcoded names", "compliance": {} }, { "layer": 1, "scanner": "code_analyzer", "file": "C:\\Users\\gilad\\Projects\\warden\\gallery\\repos\\metagpt\\metagpt\\utils\\token_counter.py", "line": 44, "severity": "MEDIUM", "dimension": "D12", "message": "Hardcoded model name: 'gpt-4o-2024-05-13' — no routing/fallback", "remediation": "Use model routing or configuration instead of hardcoded names", "compliance": {} }, { "layer": 1, "scanner": "code_analyzer", "file": "C:\\Users\\gilad\\Projects\\warden\\gallery\\repos\\metagpt\\metagpt\\utils\\token_counter.py", "line": 45, "severity": "MEDIUM", "dimension": "D12", "message": "Hardcoded model name: 'gpt-4o-2024-08-06' — no routing/fallback", "remediation": "Use model routing or configuration instead of hardcoded names", "compliance": {} }, { "layer": 1, "scanner": "code_analyzer", "file": "C:\\Users\\gilad\\Projects\\warden\\gallery\\repos\\metagpt\\metagpt\\utils\\token_counter.py", "line": 55, "severity": "MEDIUM", "dimension": "D12", "message": "Hardcoded model name: 'gemini-1.5-flash' — no routing/fallback", "remediation": "Use model routing or configuration instead of hardcoded names", "compliance": {} }, { "layer": 1, "scanner": "code_analyzer", "file": "C:\\Users\\gilad\\Projects\\warden\\gallery\\repos\\metagpt\\metagpt\\utils\\token_counter.py", "line": 56, "severity": "MEDIUM", "dimension": "D12", "message": "Hardcoded model name: 'gemini-1.5-pro' — no routing/fallback", "remediation": "Use model routing or configuration instead of hardcoded names", "compliance": {} }, { "layer": 1, "scanner": "code_analyzer", "file": "C:\\Users\\gilad\\Projects\\warden\\gallery\\repos\\metagpt\\metagpt\\utils\\token_counter.py", "line": 67, "severity": "MEDIUM", "dimension": "D12", "message": "Hardcoded model name: 'claude-2.0' — no routing/fallback", "remediation": "Use model routing or configuration instead of hardcoded names", "compliance": {} }, { "layer": 1, "scanner": "code_analyzer", "file": "C:\\Users\\gilad\\Projects\\warden\\gallery\\repos\\metagpt\\metagpt\\utils\\token_counter.py", "line": 68, "severity": "MEDIUM", "dimension": "D12", "message": "Hardcoded model name: 'claude-2.1' — no routing/fallback", "remediation": "Use model routing or configuration instead of hardcoded names", "compliance": {} }, { "layer": 1, "scanner": "code_analyzer", "file": "C:\\Users\\gilad\\Projects\\warden\\gallery\\repos\\metagpt\\metagpt\\utils\\token_counter.py", "line": 69, "severity": "MEDIUM", "dimension": "D12", "message": "Hardcoded model name: 'claude-3-sonnet-20240229' — no routing/fallback", "remediation": "Use model routing or configuration instead of hardcoded names", "compliance": {} }, { "layer": 1, "scanner": "code_analyzer", "file": "C:\\Users\\gilad\\Projects\\warden\\gallery\\repos\\metagpt\\metagpt\\utils\\token_counter.py", "line": 70, "severity": "MEDIUM", "dimension": "D12", "message": "Hardcoded model name: 'claude-3-5-sonnet' — no routing/fallback", "remediation": "Use model routing or configuration instead of hardcoded names", "compliance": {} }, { "layer": 1, "scanner": "code_analyzer", "file": "C:\\Users\\gilad\\Projects\\warden\\gallery\\repos\\metagpt\\metagpt\\utils\\token_counter.py", "line": 71, "severity": "MEDIUM", "dimension": "D12", "message": "Hardcoded model name: 'claude-3-5-sonnet-v2' — no routing/fallback", "remediation": "Use model routing or configuration instead of hardcoded names", "compliance": {} }, { "layer": 1, "scanner": "code_analyzer", "file": "C:\\Users\\gilad\\Projects\\warden\\gallery\\repos\\metagpt\\metagpt\\utils\\token_counter.py", "line": 72, "severity": "MEDIUM", "dimension": "D12", "message": "Hardcoded model name: 'claude-3-5-sonnet-20240620' — no routing/fallback", "remediation": "Use model routing or configuration instead of hardcoded names", "compliance": {} }, { "layer": 1, "scanner": "code_analyzer", "file": "C:\\Users\\gilad\\Projects\\warden\\gallery\\repos\\metagpt\\metagpt\\utils\\token_counter.py", "line": 73, "severity": "MEDIUM", "dimension": "D12", "message": "Hardcoded model name: 'claude-3-opus-20240229' — no routing/fallback", "remediation": "Use model routing or configuration instead of hardcoded names", "compliance": {} }, { "layer": 1, "scanner": "code_analyzer", "file": "C:\\Users\\gilad\\Projects\\warden\\gallery\\repos\\metagpt\\metagpt\\utils\\token_counter.py", "line": 74, "severity": "MEDIUM", "dimension": "D12", "message": "Hardcoded model name: 'claude-3-haiku-20240307' — no routing/fallback", "remediation": "Use model routing or configuration instead of hardcoded names", "compliance": {} }, { "layer": 1, "scanner": "code_analyzer", "file": "C:\\Users\\gilad\\Projects\\warden\\gallery\\repos\\metagpt\\metagpt\\utils\\token_counter.py", "line": 75, "severity": "MEDIUM", "dimension": "D12", "message": "Hardcoded model name: 'claude-3-7-sonnet-20250219' — no routing/fallback", "remediation": "Use model routing or configuration instead of hardcoded names", "compliance": {} }, { "layer": 1, "scanner": "code_analyzer", "file": "C:\\Users\\gilad\\Projects\\warden\\gallery\\repos\\metagpt\\metagpt\\utils\\token_counter.py", "line": 78, "severity": "MEDIUM", "dimension": "D12", "message": "Hardcoded model name: 'openai/gpt-4' — no routing/fallback", "remediation": "Use model routing or configuration instead of hardcoded names", "compliance": {} }, { "layer": 1, "scanner": "code_analyzer", "file": "C:\\Users\\gilad\\Projects\\warden\\gallery\\repos\\metagpt\\metagpt\\utils\\token_counter.py", "line": 79, "severity": "MEDIUM", "dimension": "D12", "message": "Hardcoded model name: 'openai/gpt-4-turbo' — no routing/fallback", "remediation": "Use model routing or configuration instead of hardcoded names", "compliance": {} }, { "layer": 1, "scanner": "code_analyzer", "file": "C:\\Users\\gilad\\Projects\\warden\\gallery\\repos\\metagpt\\metagpt\\utils\\token_counter.py", "line": 80, "severity": "MEDIUM", "dimension": "D12", "message": "Hardcoded model name: 'openai/gpt-4o' — no routing/fallback", "remediation": "Use model routing or configuration instead of hardcoded names", "compliance": {} }, { "layer": 1, "scanner": "code_analyzer", "file": "C:\\Users\\gilad\\Projects\\warden\\gallery\\repos\\metagpt\\metagpt\\utils\\token_counter.py", "line": 81, "severity": "MEDIUM", "dimension": "D12", "message": "Hardcoded model name: 'openai/gpt-4o-2024-05-13' — no routing/fallback", "remediation": "Use model routing or configuration instead of hardcoded names", "compliance": {} }, { "layer": 1, "scanner": "code_analyzer", "file": "C:\\Users\\gilad\\Projects\\warden\\gallery\\repos\\metagpt\\metagpt\\utils\\token_counter.py", "line": 82, "severity": "MEDIUM", "dimension": "D12", "message": "Hardcoded model name: 'openai/gpt-4o-mini' — no routing/fallback", "remediation": "Use model routing or configuration instead of hardcoded names", "compliance": {} }, { "layer": 1, "scanner": "code_analyzer", "file": "C:\\Users\\gilad\\Projects\\warden\\gallery\\repos\\metagpt\\metagpt\\utils\\token_counter.py", "line": 83, "severity": "MEDIUM", "dimension": "D12", "message": "Hardcoded model name: 'openai/gpt-4o-mini-2024-07-18' — no routing/fallback", "remediation": "Use model routing or configuration instead of hardcoded names", "compliance": {} }, { "layer": 1, "scanner": "code_analyzer", "file": "C:\\Users\\gilad\\Projects\\warden\\gallery\\repos\\metagpt\\metagpt\\utils\\token_counter.py", "line": 91, "severity": "MEDIUM", "dimension": "D12", "message": "Hardcoded model name: 'openai/gpt-3.5-turbo-0125' — no routing/fallback", "remediation": "Use model routing or configuration instead of hardcoded names", "compliance": {} }, { "layer": 1, "scanner": "code_analyzer", "file": "C:\\Users\\gilad\\Projects\\warden\\gallery\\repos\\metagpt\\metagpt\\utils\\token_counter.py", "line": 92, "severity": "MEDIUM", "dimension": "D12", "message": "Hardcoded model name: 'openai/gpt-4-turbo-preview' — no routing/fallback", "remediation": "Use model routing or configuration instead of hardcoded names", "compliance": {} }, { "layer": 1, "scanner": "code_analyzer", "file": "C:\\Users\\gilad\\Projects\\warden\\gallery\\repos\\metagpt\\metagpt\\utils\\token_counter.py", "line": 95, "severity": "MEDIUM", "dimension": "D12", "message": "Hardcoded model name: 'anthropic/claude-3-opus' — no routing/fallback", "remediation": "Use model routing or configuration instead of hardcoded names", "compliance": {} }, { "layer": 1, "scanner": "code_analyzer", "file": "C:\\Users\\gilad\\Projects\\warden\\gallery\\repos\\metagpt\\metagpt\\utils\\token_counter.py", "line": 96, "severity": "MEDIUM", "dimension": "D12", "message": "Hardcoded model name: 'anthropic.claude-3-5-sonnet-20241022-v2:0' — no routing/fallback", "remediation": "Use model routing or configuration instead of hardcoded names", "compliance": {} }, { "layer": 1, "scanner": "code_analyzer", "file": "C:\\Users\\gilad\\Projects\\warden\\gallery\\repos\\metagpt\\metagpt\\utils\\token_counter.py", "line": 97, "severity": "MEDIUM", "dimension": "D12", "message": "Hardcoded model name: 'us.anthropic.claude-3-5-sonnet-20241022-v2:0' — no routing/fallback", "remediation": "Use model routing or configuration instead of hardcoded names", "compliance": {} }, { "layer": 1, "scanner": "code_analyzer", "file": "C:\\Users\\gilad\\Projects\\warden\\gallery\\repos\\metagpt\\metagpt\\utils\\token_counter.py", "line": 98, "severity": "MEDIUM", "dimension": "D12", "message": "Hardcoded model name: 'anthropic/claude-3.7-sonnet' — no routing/fallback", "remediation": "Use model routing or configuration instead of hardcoded names", "compliance": {} }, { "layer": 1, "scanner": "code_analyzer", "file": "C:\\Users\\gilad\\Projects\\warden\\gallery\\repos\\metagpt\\metagpt\\utils\\token_counter.py", "line": 99, "severity": "MEDIUM", "dimension": "D12", "message": "Hardcoded model name: 'anthropic/claude-3.7-sonnet:beta' — no routing/fallback", "remediation": "Use model routing or configuration instead of hardcoded names", "compliance": {} }, { "layer": 1, "scanner": "code_analyzer", "file": "C:\\Users\\gilad\\Projects\\warden\\gallery\\repos\\metagpt\\metagpt\\utils\\token_counter.py", "line": 100, "severity": "MEDIUM", "dimension": "D12", "message": "Hardcoded model name: 'anthropic/claude-3.7-sonnet:thinking' — no routing/fallback", "remediation": "Use model routing or configuration instead of hardcoded names", "compliance": {} }, { "layer": 1, "scanner": "code_analyzer", "file": "C:\\Users\\gilad\\Projects\\warden\\gallery\\repos\\metagpt\\metagpt\\utils\\token_counter.py", "line": 101, "severity": "MEDIUM", "dimension": "D12", "message": "Hardcoded model name: 'anthropic.claude-3-7-sonnet-20250219-v1:0' — no routing/fallback", "remediation": "Use model routing or configuration instead of hardcoded names", "compliance": {} }, { "layer": 1, "scanner": "code_analyzer", "file": "C:\\Users\\gilad\\Projects\\warden\\gallery\\repos\\metagpt\\metagpt\\utils\\token_counter.py", "line": 102, "severity": "MEDIUM", "dimension": "D12", "message": "Hardcoded model name: 'us.anthropic.claude-3-7-sonnet-20250219-v1:0' — no routing/fallback", "remediation": "Use model routing or configuration instead of hardcoded names", "compliance": {} }, { "layer": 1, "scanner": "code_analyzer", "file": "C:\\Users\\gilad\\Projects\\warden\\gallery\\repos\\metagpt\\metagpt\\utils\\token_counter.py", "line": 103, "severity": "MEDIUM", "dimension": "D12", "message": "Hardcoded model name: 'google/gemini-pro-1.5' — no routing/fallback", "remediation": "Use model routing or configuration instead of hardcoded names", "compliance": {} }, { "layer": 1, "scanner": "code_analyzer", "file": "C:\\Users\\gilad\\Projects\\warden\\gallery\\repos\\metagpt\\metagpt\\utils\\token_counter.py", "line": 252, "severity": "MEDIUM", "dimension": "D12", "message": "Hardcoded model name: 'gpt-4o' — no routing/fallback", "remediation": "Use model routing or configuration instead of hardcoded names", "compliance": {} }, { "layer": 1, "scanner": "code_analyzer", "file": "C:\\Users\\gilad\\Projects\\warden\\gallery\\repos\\metagpt\\metagpt\\utils\\token_counter.py", "line": 253, "severity": "MEDIUM", "dimension": "D12", "message": "Hardcoded model name: 'gpt-4o-2024-05-13' — no routing/fallback", "remediation": "Use model routing or configuration instead of hardcoded names", "compliance": {} }, { "layer": 1, "scanner": "code_analyzer", "file": "C:\\Users\\gilad\\Projects\\warden\\gallery\\repos\\metagpt\\metagpt\\utils\\token_counter.py", "line": 254, "severity": "MEDIUM", "dimension": "D12", "message": "Hardcoded model name: 'gpt-4o-2024-08-06' — no routing/fallback", "remediation": "Use model routing or configuration instead of hardcoded names", "compliance": {} }, { "layer": 1, "scanner": "code_analyzer", "file": "C:\\Users\\gilad\\Projects\\warden\\gallery\\repos\\metagpt\\metagpt\\utils\\token_counter.py", "line": 255, "severity": "MEDIUM", "dimension": "D12", "message": "Hardcoded model name: 'gpt-4o-mini-2024-07-18' — no routing/fallback", "remediation": "Use model routing or configuration instead of hardcoded names", "compliance": {} }, { "layer": 1, "scanner": "code_analyzer", "file": "C:\\Users\\gilad\\Projects\\warden\\gallery\\repos\\metagpt\\metagpt\\utils\\token_counter.py", "line": 256, "severity": "MEDIUM", "dimension": "D12", "message": "Hardcoded model name: 'gpt-4o-mini' — no routing/fallback", "remediation": "Use model routing or configuration instead of hardcoded names", "compliance": {} }, { "layer": 1, "scanner": "code_analyzer", "file": "C:\\Users\\gilad\\Projects\\warden\\gallery\\repos\\metagpt\\metagpt\\utils\\token_counter.py", "line": 257, "severity": "MEDIUM", "dimension": "D12", "message": "Hardcoded model name: 'gpt-4-turbo-2024-04-09' — no routing/fallback", "remediation": "Use model routing or configuration instead of hardcoded names", "compliance": {} }, { "layer": 1, "scanner": "code_analyzer", "file": "C:\\Users\\gilad\\Projects\\warden\\gallery\\repos\\metagpt\\metagpt\\utils\\token_counter.py", "line": 258, "severity": "MEDIUM", "dimension": "D12", "message": "Hardcoded model name: 'gpt-4-0125-preview' — no routing/fallback", "remediation": "Use model routing or configuration instead of hardcoded names", "compliance": {} }, { "layer": 1, "scanner": "code_analyzer", "file": "C:\\Users\\gilad\\Projects\\warden\\gallery\\repos\\metagpt\\metagpt\\utils\\token_counter.py", "line": 259, "severity": "MEDIUM", "dimension": "D12", "message": "Hardcoded model name: 'gpt-4-turbo-preview' — no routing/fallback", "remediation": "Use model routing or configuration instead of hardcoded names", "compliance": {} }, { "layer": 1, "scanner": "code_analyzer", "file": "C:\\Users\\gilad\\Projects\\warden\\gallery\\repos\\metagpt\\metagpt\\utils\\token_counter.py", "line": 260, "severity": "MEDIUM", "dimension": "D12", "message": "Hardcoded model name: 'gpt-4-1106-preview' — no routing/fallback", "remediation": "Use model routing or configuration instead of hardcoded names", "compliance": {} }, { "layer": 1, "scanner": "code_analyzer", "file": "C:\\Users\\gilad\\Projects\\warden\\gallery\\repos\\metagpt\\metagpt\\utils\\token_counter.py", "line": 261, "severity": "MEDIUM", "dimension": "D12", "message": "Hardcoded model name: 'gpt-4-turbo' — no routing/fallback", "remediation": "Use model routing or configuration instead of hardcoded names", "compliance": {} }, { "layer": 1, "scanner": "code_analyzer", "file": "C:\\Users\\gilad\\Projects\\warden\\gallery\\repos\\metagpt\\metagpt\\utils\\token_counter.py", "line": 262, "severity": "MEDIUM", "dimension": "D12", "message": "Hardcoded model name: 'gpt-4-vision-preview' — no routing/fallback", "remediation": "Use model routing or configuration instead of hardcoded names", "compliance": {} }, { "layer": 1, "scanner": "code_analyzer", "file": "C:\\Users\\gilad\\Projects\\warden\\gallery\\repos\\metagpt\\metagpt\\utils\\token_counter.py", "line": 263, "severity": "MEDIUM", "dimension": "D12", "message": "Hardcoded model name: 'gpt-4-1106-vision-preview' — no routing/fallback", "remediation": "Use model routing or configuration instead of hardcoded names", "compliance": {} }, { "layer": 1, "scanner": "code_analyzer", "file": "C:\\Users\\gilad\\Projects\\warden\\gallery\\repos\\metagpt\\metagpt\\utils\\token_counter.py", "line": 264, "severity": "MEDIUM", "dimension": "D12", "message": "Hardcoded model name: 'gpt-4' — no routing/fallback", "remediation": "Use model routing or configuration instead of hardcoded names", "compliance": {} }, { "layer": 1, "scanner": "code_analyzer", "file": "C:\\Users\\gilad\\Projects\\warden\\gallery\\repos\\metagpt\\metagpt\\utils\\token_counter.py", "line": 265, "severity": "MEDIUM", "dimension": "D12", "message": "Hardcoded model name: 'gpt-4-0613' — no routing/fallback", "remediation": "Use model routing or configuration instead of hardcoded names", "compliance": {} }, { "layer": 1, "scanner": "code_analyzer", "file": "C:\\Users\\gilad\\Projects\\warden\\gallery\\repos\\metagpt\\metagpt\\utils\\token_counter.py", "line": 266, "severity": "MEDIUM", "dimension": "D12", "message": "Hardcoded model name: 'gpt-4-32k' — no routing/fallback", "remediation": "Use model routing or configuration instead of hardcoded names", "compliance": {} }, { "layer": 1, "scanner": "code_analyzer", "file": "C:\\Users\\gilad\\Projects\\warden\\gallery\\repos\\metagpt\\metagpt\\utils\\token_counter.py", "line": 267, "severity": "MEDIUM", "dimension": "D12", "message": "Hardcoded model name: 'gpt-4-32k-0613' — no routing/fallback", "remediation": "Use model routing or configuration instead of hardcoded names", "compliance": {} }, { "layer": 1, "scanner": "code_analyzer", "file": "C:\\Users\\gilad\\Projects\\warden\\gallery\\repos\\metagpt\\metagpt\\utils\\token_counter.py", "line": 268, "severity": "MEDIUM", "dimension": "D12", "message": "Hardcoded model name: 'gpt-3.5-turbo-0125' — no routing/fallback", "remediation": "Use model routing or configuration instead of hardcoded names", "compliance": {} }, { "layer": 1, "scanner": "code_analyzer", "file": "C:\\Users\\gilad\\Projects\\warden\\gallery\\repos\\metagpt\\metagpt\\utils\\token_counter.py", "line": 269, "severity": "MEDIUM", "dimension": "D12", "message": "Hardcoded model name: 'gpt-3.5-turbo' — no routing/fallback", "remediation": "Use model routing or configuration instead of hardcoded names", "compliance": {} }, { "layer": 1, "scanner": "code_analyzer", "file": "C:\\Users\\gilad\\Projects\\warden\\gallery\\repos\\metagpt\\metagpt\\utils\\token_counter.py", "line": 270, "severity": "MEDIUM", "dimension": "D12", "message": "Hardcoded model name: 'gpt-3.5-turbo-1106' — no routing/fallback", "remediation": "Use model routing or configuration instead of hardcoded names", "compliance": {} }, { "layer": 1, "scanner": "code_analyzer", "file": "C:\\Users\\gilad\\Projects\\warden\\gallery\\repos\\metagpt\\metagpt\\utils\\token_counter.py", "line": 271, "severity": "MEDIUM", "dimension": "D12", "message": "Hardcoded model name: 'gpt-3.5-turbo-instruct' — no routing/fallback", "remediation": "Use model routing or configuration instead of hardcoded names", "compliance": {} }, { "layer": 1, "scanner": "code_analyzer", "file": "C:\\Users\\gilad\\Projects\\warden\\gallery\\repos\\metagpt\\metagpt\\utils\\token_counter.py", "line": 272, "severity": "MEDIUM", "dimension": "D12", "message": "Hardcoded model name: 'gpt-3.5-turbo-16k' — no routing/fallback", "remediation": "Use model routing or configuration instead of hardcoded names", "compliance": {} }, { "layer": 1, "scanner": "code_analyzer", "file": "C:\\Users\\gilad\\Projects\\warden\\gallery\\repos\\metagpt\\metagpt\\utils\\token_counter.py", "line": 273, "severity": "MEDIUM", "dimension": "D12", "message": "Hardcoded model name: 'gpt-3.5-turbo-0613' — no routing/fallback", "remediation": "Use model routing or configuration instead of hardcoded names", "compliance": {} }, { "layer": 1, "scanner": "code_analyzer", "file": "C:\\Users\\gilad\\Projects\\warden\\gallery\\repos\\metagpt\\metagpt\\utils\\token_counter.py", "line": 274, "severity": "MEDIUM", "dimension": "D12", "message": "Hardcoded model name: 'gpt-3.5-turbo-16k-0613' — no routing/fallback", "remediation": "Use model routing or configuration instead of hardcoded names", "compliance": {} }, { "layer": 1, "scanner": "code_analyzer", "file": "C:\\Users\\gilad\\Projects\\warden\\gallery\\repos\\metagpt\\metagpt\\utils\\token_counter.py", "line": 278, "severity": "MEDIUM", "dimension": "D12", "message": "Hardcoded model name: 'gemini-1.5-flash' — no routing/fallback", "remediation": "Use model routing or configuration instead of hardcoded names", "compliance": {} }, { "layer": 1, "scanner": "code_analyzer", "file": "C:\\Users\\gilad\\Projects\\warden\\gallery\\repos\\metagpt\\metagpt\\utils\\token_counter.py", "line": 279, "severity": "MEDIUM", "dimension": "D12", "message": "Hardcoded model name: 'gemini-1.5-pro' — no routing/fallback", "remediation": "Use model routing or configuration instead of hardcoded names", "compliance": {} }, { "layer": 1, "scanner": "code_analyzer", "file": "C:\\Users\\gilad\\Projects\\warden\\gallery\\repos\\metagpt\\metagpt\\utils\\token_counter.py", "line": 290, "severity": "MEDIUM", "dimension": "D12", "message": "Hardcoded model name: 'claude-2.0' — no routing/fallback", "remediation": "Use model routing or configuration instead of hardcoded names", "compliance": {} }, { "layer": 1, "scanner": "code_analyzer", "file": "C:\\Users\\gilad\\Projects\\warden\\gallery\\repos\\metagpt\\metagpt\\utils\\token_counter.py", "line": 291, "severity": "MEDIUM", "dimension": "D12", "message": "Hardcoded model name: 'claude-2.1' — no routing/fallback", "remediation": "Use model routing or configuration instead of hardcoded names", "compliance": {} }, { "layer": 1, "scanner": "code_analyzer", "file": "C:\\Users\\gilad\\Projects\\warden\\gallery\\repos\\metagpt\\metagpt\\utils\\token_counter.py", "line": 292, "severity": "MEDIUM", "dimension": "D12", "message": "Hardcoded model name: 'claude-3-sonnet-20240229' — no routing/fallback", "remediation": "Use model routing or configuration instead of hardcoded names", "compliance": {} }, { "layer": 1, "scanner": "code_analyzer", "file": "C:\\Users\\gilad\\Projects\\warden\\gallery\\repos\\metagpt\\metagpt\\utils\\token_counter.py", "line": 293, "severity": "MEDIUM", "dimension": "D12", "message": "Hardcoded model name: 'claude-3-opus-20240229' — no routing/fallback", "remediation": "Use model routing or configuration instead of hardcoded names", "compliance": {} }, { "layer": 1, "scanner": "code_analyzer", "file": "C:\\Users\\gilad\\Projects\\warden\\gallery\\repos\\metagpt\\metagpt\\utils\\token_counter.py", "line": 294, "severity": "MEDIUM", "dimension": "D12", "message": "Hardcoded model name: 'claude-3-5-sonnet-20240620' — no routing/fallback", "remediation": "Use model routing or configuration instead of hardcoded names", "compliance": {} }, { "layer": 1, "scanner": "code_analyzer", "file": "C:\\Users\\gilad\\Projects\\warden\\gallery\\repos\\metagpt\\metagpt\\utils\\token_counter.py", "line": 295, "severity": "MEDIUM", "dimension": "D12", "message": "Hardcoded model name: 'claude-3-haiku-20240307' — no routing/fallback", "remediation": "Use model routing or configuration instead of hardcoded names", "compliance": {} }, { "layer": 1, "scanner": "code_analyzer", "file": "C:\\Users\\gilad\\Projects\\warden\\gallery\\repos\\metagpt\\metagpt\\utils\\token_counter.py", "line": 298, "severity": "MEDIUM", "dimension": "D12", "message": "Hardcoded model name: 'openai/gpt-4' — no routing/fallback", "remediation": "Use model routing or configuration instead of hardcoded names", "compliance": {} }, { "layer": 1, "scanner": "code_analyzer", "file": "C:\\Users\\gilad\\Projects\\warden\\gallery\\repos\\metagpt\\metagpt\\utils\\token_counter.py", "line": 299, "severity": "MEDIUM", "dimension": "D12", "message": "Hardcoded model name: 'openai/gpt-4-turbo' — no routing/fallback", "remediation": "Use model routing or configuration instead of hardcoded names", "compliance": {} }, { "layer": 1, "scanner": "code_analyzer", "file": "C:\\Users\\gilad\\Projects\\warden\\gallery\\repos\\metagpt\\metagpt\\utils\\token_counter.py", "line": 300, "severity": "MEDIUM", "dimension": "D12", "message": "Hardcoded model name: 'openai/gpt-4o' — no routing/fallback", "remediation": "Use model routing or configuration instead of hardcoded names", "compliance": {} }, { "layer": 1, "scanner": "code_analyzer", "file": "C:\\Users\\gilad\\Projects\\warden\\gallery\\repos\\metagpt\\metagpt\\utils\\token_counter.py", "line": 301, "severity": "MEDIUM", "dimension": "D12", "message": "Hardcoded model name: 'openai/gpt-4o-2024-05-13' — no routing/fallback", "remediation": "Use model routing or configuration instead of hardcoded names", "compliance": {} }, { "layer": 1, "scanner": "code_analyzer", "file": "C:\\Users\\gilad\\Projects\\warden\\gallery\\repos\\metagpt\\metagpt\\utils\\token_counter.py", "line": 302, "severity": "MEDIUM", "dimension": "D12", "message": "Hardcoded model name: 'openai/gpt-4o-mini' — no routing/fallback", "remediation": "Use model routing or configuration instead of hardcoded names", "compliance": {} }, { "layer": 1, "scanner": "code_analyzer", "file": "C:\\Users\\gilad\\Projects\\warden\\gallery\\repos\\metagpt\\metagpt\\utils\\token_counter.py", "line": 303, "severity": "MEDIUM", "dimension": "D12", "message": "Hardcoded model name: 'openai/gpt-4o-mini-2024-07-18' — no routing/fallback", "remediation": "Use model routing or configuration instead of hardcoded names", "compliance": {} }, { "layer": 1, "scanner": "code_analyzer", "file": "C:\\Users\\gilad\\Projects\\warden\\gallery\\repos\\metagpt\\metagpt\\utils\\token_counter.py", "line": 314, "severity": "MEDIUM", "dimension": "D12", "message": "Hardcoded model name: 'openai/gpt-3.5-turbo-0125' — no routing/fallback", "remediation": "Use model routing or configuration instead of hardcoded names", "compliance": {} }, { "layer": 1, "scanner": "code_analyzer", "file": "C:\\Users\\gilad\\Projects\\warden\\gallery\\repos\\metagpt\\metagpt\\utils\\token_counter.py", "line": 315, "severity": "MEDIUM", "dimension": "D12", "message": "Hardcoded model name: 'openai/gpt-4-turbo-preview' — no routing/fallback", "remediation": "Use model routing or configuration instead of hardcoded names", "compliance": {} }, { "layer": 1, "scanner": "code_analyzer", "file": "C:\\Users\\gilad\\Projects\\warden\\gallery\\repos\\metagpt\\metagpt\\utils\\token_counter.py", "line": 318, "severity": "MEDIUM", "dimension": "D12", "message": "Hardcoded model name: 'anthropic/claude-3-opus' — no routing/fallback", "remediation": "Use model routing or configuration instead of hardcoded names", "compliance": {} }, { "layer": 1, "scanner": "code_analyzer", "file": "C:\\Users\\gilad\\Projects\\warden\\gallery\\repos\\metagpt\\metagpt\\utils\\token_counter.py", "line": 319, "severity": "MEDIUM", "dimension": "D12", "message": "Hardcoded model name: 'anthropic/claude-3.5-sonnet' — no routing/fallback", "remediation": "Use model routing or configuration instead of hardcoded names", "compliance": {} }, { "layer": 1, "scanner": "code_analyzer", "file": "C:\\Users\\gilad\\Projects\\warden\\gallery\\repos\\metagpt\\metagpt\\utils\\token_counter.py", "line": 320, "severity": "MEDIUM", "dimension": "D12", "message": "Hardcoded model name: 'google/gemini-pro-1.5' — no routing/fallback", "remediation": "Use model routing or configuration instead of hardcoded names", "compliance": {} }, { "layer": 1, "scanner": "code_analyzer", "file": "C:\\Users\\gilad\\Projects\\warden\\gallery\\repos\\metagpt\\metagpt\\utils\\token_counter.py", "line": 371, "severity": "MEDIUM", "dimension": "D12", "message": "Hardcoded model name: 'anthropic.claude-3-sonnet-20240229-v1:0' — no routing/fallback", "remediation": "Use model routing or configuration instead of hardcoded names", "compliance": {} }, { "layer": 1, "scanner": "code_analyzer", "file": "C:\\Users\\gilad\\Projects\\warden\\gallery\\repos\\metagpt\\metagpt\\utils\\token_counter.py", "line": 372, "severity": "MEDIUM", "dimension": "D12", "message": "Hardcoded model name: 'anthropic.claude-3-sonnet-20240229-v1:0:28k' — no routing/fallback", "remediation": "Use model routing or configuration instead of hardcoded names", "compliance": {} }, { "layer": 1, "scanner": "code_analyzer", "file": "C:\\Users\\gilad\\Projects\\warden\\gallery\\repos\\metagpt\\metagpt\\utils\\token_counter.py", "line": 373, "severity": "MEDIUM", "dimension": "D12", "message": "Hardcoded model name: 'anthropic.claude-3-sonnet-20240229-v1:0:200k' — no routing/fallback", "remediation": "Use model routing or configuration instead of hardcoded names", "compliance": {} }, { "layer": 1, "scanner": "code_analyzer", "file": "C:\\Users\\gilad\\Projects\\warden\\gallery\\repos\\metagpt\\metagpt\\utils\\token_counter.py", "line": 374, "severity": "MEDIUM", "dimension": "D12", "message": "Hardcoded model name: 'anthropic.claude-3-5-sonnet-20240620-v1:0' — no routing/fallback", "remediation": "Use model routing or configuration instead of hardcoded names", "compliance": {} }, { "layer": 1, "scanner": "code_analyzer", "file": "C:\\Users\\gilad\\Projects\\warden\\gallery\\repos\\metagpt\\metagpt\\utils\\token_counter.py", "line": 375, "severity": "MEDIUM", "dimension": "D12", "message": "Hardcoded model name: 'anthropic.claude-3-haiku-20240307-v1:0' — no routing/fallback", "remediation": "Use model routing or configuration instead of hardcoded names", "compliance": {} }, { "layer": 1, "scanner": "code_analyzer", "file": "C:\\Users\\gilad\\Projects\\warden\\gallery\\repos\\metagpt\\metagpt\\utils\\token_counter.py", "line": 376, "severity": "MEDIUM", "dimension": "D12", "message": "Hardcoded model name: 'anthropic.claude-3-haiku-20240307-v1:0:48k' — no routing/fallback", "remediation": "Use model routing or configuration instead of hardcoded names", "compliance": {} }, { "layer": 1, "scanner": "code_analyzer", "file": "C:\\Users\\gilad\\Projects\\warden\\gallery\\repos\\metagpt\\metagpt\\utils\\token_counter.py", "line": 377, "severity": "MEDIUM", "dimension": "D12", "message": "Hardcoded model name: 'anthropic.claude-3-haiku-20240307-v1:0:200k' — no routing/fallback", "remediation": "Use model routing or configuration instead of hardcoded names", "compliance": {} }, { "layer": 1, "scanner": "code_analyzer", "file": "C:\\Users\\gilad\\Projects\\warden\\gallery\\repos\\metagpt\\metagpt\\utils\\token_counter.py", "line": 379, "severity": "MEDIUM", "dimension": "D12", "message": "Hardcoded model name: 'anthropic.claude-3-opus-20240229-v1:0' — no routing/fallback", "remediation": "Use model routing or configuration instead of hardcoded names", "compliance": {} }, { "layer": 1, "scanner": "code_analyzer", "file": "C:\\Users\\gilad\\Projects\\warden\\gallery\\repos\\metagpt\\metagpt\\utils\\token_counter.py", "line": 380, "severity": "MEDIUM", "dimension": "D12", "message": "Hardcoded model name: 'anthropic.claude-3-5-sonnet-20241022-v2:0' — no routing/fallback", "remediation": "Use model routing or configuration instead of hardcoded names", "compliance": {} }, { "layer": 1, "scanner": "code_analyzer", "file": "C:\\Users\\gilad\\Projects\\warden\\gallery\\repos\\metagpt\\metagpt\\utils\\token_counter.py", "line": 381, "severity": "MEDIUM", "dimension": "D12", "message": "Hardcoded model name: 'us.anthropic.claude-3-5-sonnet-20241022-v2:0' — no routing/fallback", "remediation": "Use model routing or configuration instead of hardcoded names", "compliance": {} }, { "layer": 1, "scanner": "code_analyzer", "file": "C:\\Users\\gilad\\Projects\\warden\\gallery\\repos\\metagpt\\metagpt\\utils\\token_counter.py", "line": 382, "severity": "MEDIUM", "dimension": "D12", "message": "Hardcoded model name: 'anthropic.claude-3-7-sonnet-20250219-v1:0' — no routing/fallback", "remediation": "Use model routing or configuration instead of hardcoded names", "compliance": {} }, { "layer": 1, "scanner": "code_analyzer", "file": "C:\\Users\\gilad\\Projects\\warden\\gallery\\repos\\metagpt\\metagpt\\utils\\token_counter.py", "line": 383, "severity": "MEDIUM", "dimension": "D12", "message": "Hardcoded model name: 'us.anthropic.claude-3-7-sonnet-20250219-v1:0' — no routing/fallback", "remediation": "Use model routing or configuration instead of hardcoded names", "compliance": {} }, { "layer": 1, "scanner": "code_analyzer", "file": "C:\\Users\\gilad\\Projects\\warden\\gallery\\repos\\metagpt\\metagpt\\utils\\token_counter.py", "line": 430, "severity": "MEDIUM", "dimension": "D12", "message": "Hardcoded model name: 'gpt-3.5-turbo-0125' — no routing/fallback", "remediation": "Use model routing or configuration instead of hardcoded names", "compliance": {} }, { "layer": 1, "scanner": "code_analyzer", "file": "C:\\Users\\gilad\\Projects\\warden\\gallery\\repos\\metagpt\\metagpt\\utils\\token_counter.py", "line": 441, "severity": "MEDIUM", "dimension": "D12", "message": "Hardcoded model name: 'gpt-3.5-turbo-0613' — no routing/fallback", "remediation": "Use model routing or configuration instead of hardcoded names", "compliance": {} }, { "layer": 1, "scanner": "code_analyzer", "file": "C:\\Users\\gilad\\Projects\\warden\\gallery\\repos\\metagpt\\metagpt\\utils\\token_counter.py", "line": 442, "severity": "MEDIUM", "dimension": "D12", "message": "Hardcoded model name: 'gpt-3.5-turbo-16k-0613' — no routing/fallback", "remediation": "Use model routing or configuration instead of hardcoded names", "compliance": {} }, { "layer": 1, "scanner": "code_analyzer", "file": "C:\\Users\\gilad\\Projects\\warden\\gallery\\repos\\metagpt\\metagpt\\utils\\token_counter.py", "line": 445, "severity": "MEDIUM", "dimension": "D12", "message": "Hardcoded model name: 'gpt-3.5-turbo-16k' — no routing/fallback", "remediation": "Use model routing or configuration instead of hardcoded names", "compliance": {} }, { "layer": 1, "scanner": "code_analyzer", "file": "C:\\Users\\gilad\\Projects\\warden\\gallery\\repos\\metagpt\\metagpt\\utils\\token_counter.py", "line": 446, "severity": "MEDIUM", "dimension": "D12", "message": "Hardcoded model name: 'gpt-3.5-turbo-1106' — no routing/fallback", "remediation": "Use model routing or configuration instead of hardcoded names", "compliance": {} }, { "layer": 1, "scanner": "code_analyzer", "file": "C:\\Users\\gilad\\Projects\\warden\\gallery\\repos\\metagpt\\metagpt\\utils\\token_counter.py", "line": 447, "severity": "MEDIUM", "dimension": "D12", "message": "Hardcoded model name: 'gpt-3.5-turbo-0125' — no routing/fallback", "remediation": "Use model routing or configuration instead of hardcoded names", "compliance": {} }, { "layer": 1, "scanner": "code_analyzer", "file": "C:\\Users\\gilad\\Projects\\warden\\gallery\\repos\\metagpt\\metagpt\\utils\\token_counter.py", "line": 448, "severity": "MEDIUM", "dimension": "D12", "message": "Hardcoded model name: 'gpt-4-0314' — no routing/fallback", "remediation": "Use model routing or configuration instead of hardcoded names", "compliance": {} }, { "layer": 1, "scanner": "code_analyzer", "file": "C:\\Users\\gilad\\Projects\\warden\\gallery\\repos\\metagpt\\metagpt\\utils\\token_counter.py", "line": 449, "severity": "MEDIUM", "dimension": "D12", "message": "Hardcoded model name: 'gpt-4-32k-0314' — no routing/fallback", "remediation": "Use model routing or configuration instead of hardcoded names", "compliance": {} }, { "layer": 1, "scanner": "code_analyzer", "file": "C:\\Users\\gilad\\Projects\\warden\\gallery\\repos\\metagpt\\metagpt\\utils\\token_counter.py", "line": 450, "severity": "MEDIUM", "dimension": "D12", "message": "Hardcoded model name: 'gpt-4-0613' — no routing/fallback", "remediation": "Use model routing or configuration instead of hardcoded names", "compliance": {} }, { "layer": 1, "scanner": "code_analyzer", "file": "C:\\Users\\gilad\\Projects\\warden\\gallery\\repos\\metagpt\\metagpt\\utils\\token_counter.py", "line": 451, "severity": "MEDIUM", "dimension": "D12", "message": "Hardcoded model name: 'gpt-4-32k-0613' — no routing/fallback", "remediation": "Use model routing or configuration instead of hardcoded names", "compliance": {} }, { "layer": 1, "scanner": "code_analyzer", "file": "C:\\Users\\gilad\\Projects\\warden\\gallery\\repos\\metagpt\\metagpt\\utils\\token_counter.py", "line": 452, "severity": "MEDIUM", "dimension": "D12", "message": "Hardcoded model name: 'gpt-4-turbo' — no routing/fallback", "remediation": "Use model routing or configuration instead of hardcoded names", "compliance": {} }, { "layer": 1, "scanner": "code_analyzer", "file": "C:\\Users\\gilad\\Projects\\warden\\gallery\\repos\\metagpt\\metagpt\\utils\\token_counter.py", "line": 453, "severity": "MEDIUM", "dimension": "D12", "message": "Hardcoded model name: 'gpt-4-turbo-preview' — no routing/fallback", "remediation": "Use model routing or configuration instead of hardcoded names", "compliance": {} }, { "layer": 1, "scanner": "code_analyzer", "file": "C:\\Users\\gilad\\Projects\\warden\\gallery\\repos\\metagpt\\metagpt\\utils\\token_counter.py", "line": 454, "severity": "MEDIUM", "dimension": "D12", "message": "Hardcoded model name: 'gpt-4-0125-preview' — no routing/fallback", "remediation": "Use model routing or configuration instead of hardcoded names", "compliance": {} }, { "layer": 1, "scanner": "code_analyzer", "file": "C:\\Users\\gilad\\Projects\\warden\\gallery\\repos\\metagpt\\metagpt\\utils\\token_counter.py", "line": 455, "severity": "MEDIUM", "dimension": "D12", "message": "Hardcoded model name: 'gpt-4-1106-preview' — no routing/fallback", "remediation": "Use model routing or configuration instead of hardcoded names", "compliance": {} }, { "layer": 1, "scanner": "code_analyzer", "file": "C:\\Users\\gilad\\Projects\\warden\\gallery\\repos\\metagpt\\metagpt\\utils\\token_counter.py", "line": 456, "severity": "MEDIUM", "dimension": "D12", "message": "Hardcoded model name: 'gpt-4-turbo' — no routing/fallback", "remediation": "Use model routing or configuration instead of hardcoded names", "compliance": {} }, { "layer": 1, "scanner": "code_analyzer", "file": "C:\\Users\\gilad\\Projects\\warden\\gallery\\repos\\metagpt\\metagpt\\utils\\token_counter.py", "line": 457, "severity": "MEDIUM", "dimension": "D12", "message": "Hardcoded model name: 'gpt-4-vision-preview' — no routing/fallback", "remediation": "Use model routing or configuration instead of hardcoded names", "compliance": {} }, { "layer": 1, "scanner": "code_analyzer", "file": "C:\\Users\\gilad\\Projects\\warden\\gallery\\repos\\metagpt\\metagpt\\utils\\token_counter.py", "line": 458, "severity": "MEDIUM", "dimension": "D12", "message": "Hardcoded model name: 'gpt-4-1106-vision-preview' — no routing/fallback", "remediation": "Use model routing or configuration instead of hardcoded names", "compliance": {} }, { "layer": 1, "scanner": "code_analyzer", "file": "C:\\Users\\gilad\\Projects\\warden\\gallery\\repos\\metagpt\\metagpt\\utils\\token_counter.py", "line": 459, "severity": "MEDIUM", "dimension": "D12", "message": "Hardcoded model name: 'gpt-4o' — no routing/fallback", "remediation": "Use model routing or configuration instead of hardcoded names", "compliance": {} }, { "layer": 1, "scanner": "code_analyzer", "file": "C:\\Users\\gilad\\Projects\\warden\\gallery\\repos\\metagpt\\metagpt\\utils\\token_counter.py", "line": 460, "severity": "MEDIUM", "dimension": "D12", "message": "Hardcoded model name: 'gpt-4o-2024-05-13' — no routing/fallback", "remediation": "Use model routing or configuration instead of hardcoded names", "compliance": {} }, { "layer": 1, "scanner": "code_analyzer", "file": "C:\\Users\\gilad\\Projects\\warden\\gallery\\repos\\metagpt\\metagpt\\utils\\token_counter.py", "line": 461, "severity": "MEDIUM", "dimension": "D12", "message": "Hardcoded model name: 'gpt-4o-2024-08-06' — no routing/fallback", "remediation": "Use model routing or configuration instead of hardcoded names", "compliance": {} }, { "layer": 1, "scanner": "code_analyzer", "file": "C:\\Users\\gilad\\Projects\\warden\\gallery\\repos\\metagpt\\metagpt\\utils\\token_counter.py", "line": 462, "severity": "MEDIUM", "dimension": "D12", "message": "Hardcoded model name: 'gpt-4o-mini' — no routing/fallback", "remediation": "Use model routing or configuration instead of hardcoded names", "compliance": {} }, { "layer": 1, "scanner": "code_analyzer", "file": "C:\\Users\\gilad\\Projects\\warden\\gallery\\repos\\metagpt\\metagpt\\utils\\token_counter.py", "line": 463, "severity": "MEDIUM", "dimension": "D12", "message": "Hardcoded model name: 'gpt-4o-mini-2024-07-18' — no routing/fallback", "remediation": "Use model routing or configuration instead of hardcoded names", "compliance": {} }, { "layer": 1, "scanner": "code_analyzer", "file": "C:\\Users\\gilad\\Projects\\warden\\gallery\\repos\\metagpt\\metagpt\\utils\\token_counter.py", "line": 471, "severity": "MEDIUM", "dimension": "D12", "message": "Hardcoded model name: 'gpt-3.5-turbo-0301' — no routing/fallback", "remediation": "Use model routing or configuration instead of hardcoded names", "compliance": {} }, { "layer": 1, "scanner": "code_analyzer", "file": "C:\\Users\\gilad\\Projects\\warden\\gallery\\repos\\metagpt\\metagpt\\utils\\token_counter.py", "line": 474, "severity": "MEDIUM", "dimension": "D12", "message": "Hardcoded model name: 'gpt-3.5-turbo' — no routing/fallback", "remediation": "Use model routing or configuration instead of hardcoded names", "compliance": {} }, { "layer": 1, "scanner": "code_analyzer", "file": "C:\\Users\\gilad\\Projects\\warden\\gallery\\repos\\metagpt\\metagpt\\utils\\token_counter.py", "line": 475, "severity": "MEDIUM", "dimension": "D12", "message": "Hardcoded model name: 'Warning: gpt-3.5-turbo may update over time. Returning num tokens assuming gpt-3.5-turbo-0125.' — no routing/fallback", "remediation": "Use model routing or configuration instead of hardcoded names", "compliance": {} }, { "layer": 1, "scanner": "code_analyzer", "file": "C:\\Users\\gilad\\Projects\\warden\\gallery\\repos\\metagpt\\metagpt\\utils\\token_counter.py", "line": 476, "severity": "MEDIUM", "dimension": "D12", "message": "Hardcoded model name: 'gpt-3.5-turbo-0125' — no routing/fallback", "remediation": "Use model routing or configuration instead of hardcoded names", "compliance": {} }, { "layer": 1, "scanner": "code_analyzer", "file": "C:\\Users\\gilad\\Projects\\warden\\gallery\\repos\\metagpt\\metagpt\\utils\\token_counter.py", "line": 477, "severity": "MEDIUM", "dimension": "D12", "message": "Hardcoded model name: 'gpt-4' — no routing/fallback", "remediation": "Use model routing or configuration instead of hardcoded names", "compliance": {} }, { "layer": 1, "scanner": "code_analyzer", "file": "C:\\Users\\gilad\\Projects\\warden\\gallery\\repos\\metagpt\\metagpt\\utils\\token_counter.py", "line": 478, "severity": "MEDIUM", "dimension": "D12", "message": "Hardcoded model name: 'Warning: gpt-4 may update over time. Returning num tokens assuming gpt-4-0613.' — no routing/fallback", "remediation": "Use model routing or configuration instead of hardcoded names", "compliance": {} }, { "layer": 1, "scanner": "code_analyzer", "file": "C:\\Users\\gilad\\Projects\\warden\\gallery\\repos\\metagpt\\metagpt\\utils\\token_counter.py", "line": 479, "severity": "MEDIUM", "dimension": "D12", "message": "Hardcoded model name: 'gpt-4-0613' — no routing/fallback", "remediation": "Use model routing or configuration instead of hardcoded names", "compliance": {} }, { "layer": 1, "scanner": "code_analyzer", "file": "C:\\Users\\gilad\\Projects\\warden\\gallery\\repos\\metagpt\\metagpt\\utils\\token_counter.py", "line": 511, "severity": "MEDIUM", "dimension": "D12", "message": "Hardcoded model name: '\n Returns the number of tokens in a text string.\n\n Args:\n string (str): The text string.\n model (str): The name of the encoding to use. (e.g., \"gpt-3.5-turbo\")\n\n Returns:\n int: The number of tokens in the text string.\n ' — no routing/fallback", "remediation": "Use model routing or configuration instead of hardcoded names", "compliance": {} }, { "layer": 1, "scanner": "code_analyzer", "file": "C:\\Users\\gilad\\Projects\\warden\\gallery\\repos\\metagpt\\metagpt\\environment\\minecraft\\mineflayer\\index.js", "line": 147, "severity": "MEDIUM", "dimension": "D5", "message": "JavaScript: Console logging with potential sensitive data", "remediation": "Use structured logging and redact sensitive fields", "compliance": {} }, { "layer": 4, "scanner": "secrets_scanner", "file": "C:\\Users\\gilad\\Projects\\warden\\gallery\\repos\\metagpt\\config\\examples\\groq-llama3-70b.yaml", "line": 4, "severity": "MEDIUM", "dimension": "D4", "message": "Exposed Generic Secret: api..._KEY", "remediation": "Move to secrets manager or .env file (excluded from VCS)", "compliance": { "eu_ai_act": "Article 15", "owasp_llm": "LLM09" } }, { "layer": 4, "scanner": "secrets_scanner", "file": "C:\\Users\\gilad\\Projects\\warden\\gallery\\repos\\metagpt\\config\\examples\\openai-gpt-4-turbo.yaml", "line": 2, "severity": "MEDIUM", "dimension": "D4", "message": "Exposed Generic Secret: api..._KEY", "remediation": "Move to secrets manager or .env file (excluded from VCS)", "compliance": { "eu_ai_act": "Article 15", "owasp_llm": "LLM09" } }, { "layer": 4, "scanner": "secrets_scanner", "file": "C:\\Users\\gilad\\Projects\\warden\\gallery\\repos\\metagpt\\config\\config2.example.yaml", "line": 4, "severity": "MEDIUM", "dimension": "D4", "message": "Exposed Generic Secret: api..._KEY", "remediation": "Move to secrets manager or .env file (excluded from VCS)", "compliance": { "eu_ai_act": "Article 15", "owasp_llm": "LLM09" } }, { "layer": 4, "scanner": "secrets_scanner", "file": "C:\\Users\\gilad\\Projects\\warden\\gallery\\repos\\metagpt\\config\\config2.example.yaml", "line": 29, "severity": "MEDIUM", "dimension": "D4", "message": "Exposed Generic Secret: api..._KEY", "remediation": "Move to secrets manager or .env file (excluded from VCS)", "compliance": { "eu_ai_act": "Article 15", "owasp_llm": "LLM09" } }, { "layer": 4, "scanner": "secrets_scanner", "file": "C:\\Users\\gilad\\Projects\\warden\\gallery\\repos\\metagpt\\config\\config2.example.yaml", "line": 36, "severity": "MEDIUM", "dimension": "D4", "message": "Exposed Generic Secret: api..._KEY", "remediation": "Move to secrets manager or .env file (excluded from VCS)", "compliance": { "eu_ai_act": "Article 15", "owasp_llm": "LLM09" } }, { "layer": 4, "scanner": "secrets_scanner", "file": "C:\\Users\\gilad\\Projects\\warden\\gallery\\repos\\metagpt\\config\\config2.example.yaml", "line": 43, "severity": "MEDIUM", "dimension": "D4", "message": "Exposed Generic Secret: api..._KEY", "remediation": "Move to secrets manager or .env file (excluded from VCS)", "compliance": { "eu_ai_act": "Article 15", "owasp_llm": "LLM09" } }, { "layer": 4, "scanner": "secrets_scanner", "file": "C:\\Users\\gilad\\Projects\\warden\\gallery\\repos\\metagpt\\config\\config2.example.yaml", "line": 50, "severity": "MEDIUM", "dimension": "D4", "message": "Exposed Generic Secret: api..._KEY", "remediation": "Move to secrets manager or .env file (excluded from VCS)", "compliance": { "eu_ai_act": "Article 15", "owasp_llm": "LLM09" } }, { "layer": 4, "scanner": "secrets_scanner", "file": "C:\\Users\\gilad\\Projects\\warden\\gallery\\repos\\metagpt\\config\\config2.example.yaml", "line": 60, "severity": "MEDIUM", "dimension": "D4", "message": "Exposed Generic Secret: api..._KEY", "remediation": "Move to secrets manager or .env file (excluded from VCS)", "compliance": { "eu_ai_act": "Article 15", "owasp_llm": "LLM09" } }, { "layer": 4, "scanner": "secrets_scanner", "file": "C:\\Users\\gilad\\Projects\\warden\\gallery\\repos\\metagpt\\config\\config2.example.yaml", "line": 74, "severity": "MEDIUM", "dimension": "D4", "message": "Exposed Generic Secret: pas...WORD", "remediation": "Move to secrets manager or .env file (excluded from VCS)", "compliance": { "eu_ai_act": "Article 15", "owasp_llm": "LLM09" } }, { "layer": 4, "scanner": "secrets_scanner", "file": "C:\\Users\\gilad\\Projects\\warden\\gallery\\repos\\metagpt\\config\\config2.example.yaml", "line": 104, "severity": "MEDIUM", "dimension": "D4", "message": "Exposed Generic Secret: api..._KEY", "remediation": "Move to secrets manager or .env file (excluded from VCS)", "compliance": { "eu_ai_act": "Article 15", "owasp_llm": "LLM09" } }, { "layer": 4, "scanner": "secrets_scanner", "file": "C:\\Users\\gilad\\Projects\\warden\\gallery\\repos\\metagpt\\config\\config2.example.yaml", "line": 105, "severity": "MEDIUM", "dimension": "D4", "message": "Exposed Generic Secret: sec...CRET", "remediation": "Move to secrets manager or .env file (excluded from VCS)", "compliance": { "eu_ai_act": "Article 15", "owasp_llm": "LLM09" } }, { "layer": 4, "scanner": "secrets_scanner", "file": "C:\\Users\\gilad\\Projects\\warden\\gallery\\repos\\metagpt\\config\\config2.example.yaml", "line": 110, "severity": "MEDIUM", "dimension": "D4", "message": "Exposed Generic Secret: api..._KEY", "remediation": "Move to secrets manager or .env file (excluded from VCS)", "compliance": { "eu_ai_act": "Article 15", "owasp_llm": "LLM09" } }, { "layer": 4, "scanner": "secrets_scanner", "file": "C:\\Users\\gilad\\Projects\\warden\\gallery\\repos\\metagpt\\config\\examples\\google-gemini.yaml", "line": 3, "severity": "MEDIUM", "dimension": "D4", "message": "Exposed Generic Secret: api..._KEY", "remediation": "Move to secrets manager or .env file (excluded from VCS)", "compliance": { "eu_ai_act": "Article 15", "owasp_llm": "LLM09" } }, { "layer": 4, "scanner": "secrets_scanner", "file": "C:\\Users\\gilad\\Projects\\warden\\gallery\\repos\\metagpt\\config\\examples\\openai-gpt-3.5-turbo.yaml", "line": 2, "severity": "MEDIUM", "dimension": "D4", "message": "Exposed Generic Secret: api..._KEY", "remediation": "Move to secrets manager or .env file (excluded from VCS)", "compliance": { "eu_ai_act": "Article 15", "owasp_llm": "LLM09" } }, { "layer": 4, "scanner": "secrets_scanner", "file": "C:\\Users\\gilad\\Projects\\warden\\gallery\\repos\\metagpt\\config\\config2.yaml", "line": 8, "severity": "MEDIUM", "dimension": "D4", "message": "Exposed Generic Secret: api..._KEY", "remediation": "Move to secrets manager or .env file (excluded from VCS)", "compliance": { "eu_ai_act": "Article 15", "owasp_llm": "LLM09" } }, { "layer": 4, "scanner": "secrets_scanner", "file": "C:\\Users\\gilad\\Projects\\warden\\gallery\\repos\\metagpt\\docs\\README_FR.md", "line": 89, "severity": "MEDIUM", "dimension": "D4", "message": "Exposed Generic Secret: api..._API", "remediation": "Move to secrets manager or .env file (excluded from VCS)", "compliance": { "eu_ai_act": "Article 15", "owasp_llm": "LLM09" } }, { "layer": 4, "scanner": "secrets_scanner", "file": "C:\\Users\\gilad\\Projects\\warden\\gallery\\repos\\metagpt\\config\\examples\\llamaapi-Llama-4-Scout-17B-16E-Instruct-FP8.yaml", "line": 5, "severity": "MEDIUM", "dimension": "D4", "message": "Exposed Generic Secret: api..._KEY", "remediation": "Move to secrets manager or .env file (excluded from VCS)", "compliance": { "eu_ai_act": "Article 15", "owasp_llm": "LLM09" } }, { "layer": 4, "scanner": "secrets_scanner", "file": "C:\\Users\\gilad\\Projects\\warden\\gallery\\repos\\metagpt\\config\\examples\\llamaapi-llama-4-Maverick-17B-128E-Instruct-FP8.yaml", "line": 5, "severity": "MEDIUM", "dimension": "D4", "message": "Exposed Generic Secret: api..._KEY", "remediation": "Move to secrets manager or .env file (excluded from VCS)", "compliance": { "eu_ai_act": "Article 15", "owasp_llm": "LLM09" } }, { "layer": 4, "scanner": "secrets_scanner", "file": "C:\\Users\\gilad\\Projects\\warden\\gallery\\repos\\metagpt\\README.md", "line": 83, "severity": "MEDIUM", "dimension": "D4", "message": "Exposed Generic Secret: api..._KEY", "remediation": "Move to secrets manager or .env file (excluded from VCS)", "compliance": { "eu_ai_act": "Article 15", "owasp_llm": "LLM09" } }, { "layer": 4, "scanner": "secrets_scanner", "file": "C:\\Users\\gilad\\Projects\\warden\\gallery\\repos\\metagpt\\config\\examples\\llamaapi-Llama-3.3-8B-Instruct.yaml", "line": 5, "severity": "MEDIUM", "dimension": "D4", "message": "Exposed Generic Secret: api..._KEY", "remediation": "Move to secrets manager or .env file (excluded from VCS)", "compliance": { "eu_ai_act": "Article 15", "owasp_llm": "LLM09" } }, { "layer": 4, "scanner": "secrets_scanner", "file": "C:\\Users\\gilad\\Projects\\warden\\gallery\\repos\\metagpt\\config\\examples\\llamaapi-Llama-3.3-70B-Instruct.yaml", "line": 5, "severity": "MEDIUM", "dimension": "D4", "message": "Exposed Generic Secret: api..._KEY", "remediation": "Move to secrets manager or .env file (excluded from VCS)", "compliance": { "eu_ai_act": "Article 15", "owasp_llm": "LLM09" } }, { "layer": 4, "scanner": "secrets_scanner", "file": "C:\\Users\\gilad\\Projects\\warden\\gallery\\repos\\metagpt\\config\\examples\\anthropic-claude-3-5-sonnet.yaml", "line": 4, "severity": "MEDIUM", "dimension": "D4", "message": "Exposed Generic Secret: api..._KEY", "remediation": "Move to secrets manager or .env file (excluded from VCS)", "compliance": { "eu_ai_act": "Article 15", "owasp_llm": "LLM09" } }, { "layer": 4, "scanner": "secrets_scanner", "file": "C:\\Users\\gilad\\Projects\\warden\\gallery\\repos\\metagpt\\config\\vault.example.yaml", "line": 20, "severity": "MEDIUM", "dimension": "D4", "message": "Exposed Generic Secret: tok...OKEN", "remediation": "Move to secrets manager or .env file (excluded from VCS)", "compliance": { "eu_ai_act": "Article 15", "owasp_llm": "LLM09" } }, { "layer": 4, "scanner": "secrets_scanner", "file": "C:\\Users\\gilad\\Projects\\warden\\gallery\\repos\\metagpt\\config\\vault.example.yaml", "line": 22, "severity": "MEDIUM", "dimension": "D4", "message": "Exposed Generic Secret: tok...oken", "remediation": "Move to secrets manager or .env file (excluded from VCS)", "compliance": { "eu_ai_act": "Article 15", "owasp_llm": "LLM09" } }, { "layer": 4, "scanner": "secrets_scanner", "file": "C:\\Users\\gilad\\Projects\\warden\\gallery\\repos\\metagpt\\config\\vault.example.yaml", "line": 25, "severity": "MEDIUM", "dimension": "D4", "message": "Exposed Generic Secret: tok...OKEN", "remediation": "Move to secrets manager or .env file (excluded from VCS)", "compliance": { "eu_ai_act": "Article 15", "owasp_llm": "LLM09" } }, { "layer": 4, "scanner": "secrets_scanner", "file": "C:\\Users\\gilad\\Projects\\warden\\gallery\\repos\\metagpt\\config\\vault.example.yaml", "line": 27, "severity": "MEDIUM", "dimension": "D4", "message": "Exposed Generic Secret: tok...oken", "remediation": "Move to secrets manager or .env file (excluded from VCS)", "compliance": { "eu_ai_act": "Article 15", "owasp_llm": "LLM09" } }, { "layer": 4, "scanner": "secrets_scanner", "file": "C:\\Users\\gilad\\Projects\\warden\\gallery\\repos\\metagpt\\config\\vault.example.yaml", "line": 31, "severity": "MEDIUM", "dimension": "D4", "message": "Exposed Generic Secret: api..._KEY", "remediation": "Move to secrets manager or .env file (excluded from VCS)", "compliance": { "eu_ai_act": "Article 15", "owasp_llm": "LLM09" } }, { "layer": 4, "scanner": "secrets_scanner", "file": "C:\\Users\\gilad\\Projects\\warden\\gallery\\repos\\metagpt\\config\\vault.example.yaml", "line": 32, "severity": "MEDIUM", "dimension": "D4", "message": "Exposed Generic Secret: sec...CRET", "remediation": "Move to secrets manager or .env file (excluded from VCS)", "compliance": { "eu_ai_act": "Article 15", "owasp_llm": "LLM09" } }, { "layer": 4, "scanner": "secrets_scanner", "file": "C:\\Users\\gilad\\Projects\\warden\\gallery\\repos\\metagpt\\config\\vault.example.yaml", "line": 35, "severity": "MEDIUM", "dimension": "D4", "message": "Exposed Generic Secret: api...eech", "remediation": "Move to secrets manager or .env file (excluded from VCS)", "compliance": { "eu_ai_act": "Article 15", "owasp_llm": "LLM09" } }, { "layer": 4, "scanner": "secrets_scanner", "file": "C:\\Users\\gilad\\Projects\\warden\\gallery\\repos\\metagpt\\config\\vault.example.yaml", "line": 36, "severity": "MEDIUM", "dimension": "D4", "message": "Exposed Generic Secret: sec...eech", "remediation": "Move to secrets manager or .env file (excluded from VCS)", "compliance": { "eu_ai_act": "Article 15", "owasp_llm": "LLM09" } }, { "layer": 4, "scanner": "secrets_scanner", "file": "C:\\Users\\gilad\\Projects\\warden\\gallery\\repos\\metagpt\\config\\examples\\openrouter-llama3-70b-instruct.yaml", "line": 4, "severity": "MEDIUM", "dimension": "D4", "message": "Exposed Generic Secret: api..._KEY", "remediation": "Move to secrets manager or .env file (excluded from VCS)", "compliance": { "eu_ai_act": "Article 15", "owasp_llm": "LLM09" } }, { "layer": 4, "scanner": "secrets_scanner", "file": "C:\\Users\\gilad\\Projects\\warden\\gallery\\repos\\metagpt\\examples\\aflow\\config2.example.yaml", "line": 5, "severity": "MEDIUM", "dimension": "D4", "message": "Exposed Generic Secret: api...key>", "remediation": "Move to secrets manager or .env file (excluded from VCS)", "compliance": { "eu_ai_act": "Article 15", "owasp_llm": "LLM09" } }, { "layer": 4, "scanner": "secrets_scanner", "file": "C:\\Users\\gilad\\Projects\\warden\\gallery\\repos\\metagpt\\examples\\aflow\\config2.example.yaml", "line": 10, "severity": "MEDIUM", "dimension": "D4", "message": "Exposed Generic Secret: api...key>", "remediation": "Move to secrets manager or .env file (excluded from VCS)", "compliance": { "eu_ai_act": "Article 15", "owasp_llm": "LLM09" } }, { "layer": 4, "scanner": "secrets_scanner", "file": "C:\\Users\\gilad\\Projects\\warden\\gallery\\repos\\metagpt\\examples\\spo\\config2.example.yaml", "line": 5, "severity": "MEDIUM", "dimension": "D4", "message": "Exposed Generic Secret: api...key>", "remediation": "Move to secrets manager or .env file (excluded from VCS)", "compliance": { "eu_ai_act": "Article 15", "owasp_llm": "LLM09" } }, { "layer": 4, "scanner": "secrets_scanner", "file": "C:\\Users\\gilad\\Projects\\warden\\gallery\\repos\\metagpt\\examples\\spo\\config2.example.yaml", "line": 11, "severity": "MEDIUM", "dimension": "D4", "message": "Exposed Generic Secret: api...key>", "remediation": "Move to secrets manager or .env file (excluded from VCS)", "compliance": { "eu_ai_act": "Article 15", "owasp_llm": "LLM09" } }, { "layer": 4, "scanner": "secrets_scanner", "file": "C:\\Users\\gilad\\Projects\\warden\\gallery\\repos\\metagpt\\examples\\spo\\config2.example.yaml", "line": 16, "severity": "MEDIUM", "dimension": "D4", "message": "Exposed Generic Secret: api...key>", "remediation": "Move to secrets manager or .env file (excluded from VCS)", "compliance": { "eu_ai_act": "Article 15", "owasp_llm": "LLM09" } }, { "layer": 4, "scanner": "secrets_scanner", "file": "C:\\Users\\gilad\\Projects\\warden\\gallery\\repos\\metagpt\\examples\\spo\\config2.example.yaml", "line": 21, "severity": "MEDIUM", "dimension": "D4", "message": "Exposed Generic Secret: api...key>", "remediation": "Move to secrets manager or .env file (excluded from VCS)", "compliance": { "eu_ai_act": "Article 15", "owasp_llm": "LLM09" } }, { "layer": 4, "scanner": "secrets_scanner", "file": "C:\\Users\\gilad\\Projects\\warden\\gallery\\repos\\metagpt\\metagpt\\software_company.py", "line": 134, "severity": "MEDIUM", "dimension": "D4", "message": "Exposed Generic Secret: api..._KEY", "remediation": "Move to secrets manager or .env file (excluded from VCS)", "compliance": { "eu_ai_act": "Article 15", "owasp_llm": "LLM09" } }, { "layer": 4, "scanner": "secrets_scanner", "file": "C:\\Users\\gilad\\Projects\\warden\\gallery\\repos\\metagpt\\metagpt\\configs\\embedding_config.py", "line": 22, "severity": "MEDIUM", "dimension": "D4", "message": "Exposed Generic Secret: api..._KEY", "remediation": "Move to secrets manager or .env file (excluded from VCS)", "compliance": { "eu_ai_act": "Article 15", "owasp_llm": "LLM09" } }, { "layer": 4, "scanner": "secrets_scanner", "file": "C:\\Users\\gilad\\Projects\\warden\\gallery\\repos\\metagpt\\metagpt\\configs\\embedding_config.py", "line": 26, "severity": "MEDIUM", "dimension": "D4", "message": "Exposed Generic Secret: api..._KEY", "remediation": "Move to secrets manager or .env file (excluded from VCS)", "compliance": { "eu_ai_act": "Article 15", "owasp_llm": "LLM09" } }, { "layer": 4, "scanner": "secrets_scanner", "file": "C:\\Users\\gilad\\Projects\\warden\\gallery\\repos\\metagpt\\metagpt\\configs\\embedding_config.py", "line": 32, "severity": "MEDIUM", "dimension": "D4", "message": "Exposed Generic Secret: api..._KEY", "remediation": "Move to secrets manager or .env file (excluded from VCS)", "compliance": { "eu_ai_act": "Article 15", "owasp_llm": "LLM09" } }, { "layer": 4, "scanner": "secrets_scanner", "file": "C:\\Users\\gilad\\Projects\\warden\\gallery\\repos\\metagpt\\metagpt\\configs\\redis_config.py", "line": 19, "severity": "MEDIUM", "dimension": "D4", "message": "Exposed Database URL (no credentials): red...ort}", "remediation": "Move to secrets manager or .env file (excluded from VCS)", "compliance": { "eu_ai_act": "Article 15", "owasp_llm": "LLM09" } }, { "layer": 4, "scanner": "secrets_scanner", "file": "C:\\Users\\gilad\\Projects\\warden\\gallery\\repos\\metagpt\\metagpt\\provider\\ark_api.py", "line": 13, "severity": "MEDIUM", "dimension": "D4", "message": "Exposed Generic Secret: api...fd77", "remediation": "Move to secrets manager or .env file (excluded from VCS)", "compliance": { "eu_ai_act": "Article 15", "owasp_llm": "LLM09" } }, { "layer": 7, "scanner": "audit_scanner", "file": "C:\\Users\\gilad\\Projects\\warden\\gallery\\repos\\metagpt\\examples\\dalle_gpt4v_agent.py", "line": 48, "severity": "HIGH", "dimension": "D5", "message": "Potential PII/sensitive data logged via f-string", "remediation": "Redact sensitive fields before logging", "compliance": { "eu_ai_act": "Article 15", "owasp_llm": "LLM06" } }, { "layer": 7, "scanner": "audit_scanner", "file": "C:\\Users\\gilad\\Projects\\warden\\gallery\\repos\\metagpt\\examples\\dalle_gpt4v_agent.py", "line": 49, "severity": "HIGH", "dimension": "D5", "message": "Potential PII/sensitive data logged via f-string", "remediation": "Redact sensitive fields before logging", "compliance": { "eu_ai_act": "Article 15", "owasp_llm": "LLM06" } }, { "layer": 7, "scanner": "audit_scanner", "file": "C:\\Users\\gilad\\Projects\\warden\\gallery\\repos\\metagpt\\examples\\hello_world.py", "line": 18, "severity": "HIGH", "dimension": "D5", "message": "Potential PII/sensitive data logged via f-string", "remediation": "Redact sensitive fields before logging", "compliance": { "eu_ai_act": "Article 15", "owasp_llm": "LLM06" } }, { "layer": 7, "scanner": "audit_scanner", "file": "C:\\Users\\gilad\\Projects\\warden\\gallery\\repos\\metagpt\\examples\\di\\InfiAgent-DABench\\run_InfiAgent-DABench_single.py", "line": 18, "severity": "HIGH", "dimension": "D5", "message": "Potential PII/sensitive data logged via f-string", "remediation": "Redact sensitive fields before logging", "compliance": { "eu_ai_act": "Article 15", "owasp_llm": "LLM06" } }, { "layer": 7, "scanner": "audit_scanner", "file": "C:\\Users\\gilad\\Projects\\warden\\gallery\\repos\\metagpt\\examples\\exp_pool\\decorator.py", "line": 21, "severity": "HIGH", "dimension": "D5", "message": "Potential PII/sensitive data logged via f-string", "remediation": "Redact sensitive fields before logging", "compliance": { "eu_ai_act": "Article 15", "owasp_llm": "LLM06" } }, { "layer": 7, "scanner": "audit_scanner", "file": "C:\\Users\\gilad\\Projects\\warden\\gallery\\repos\\metagpt\\examples\\exp_pool\\init_exp_pool.py", "line": 52, "severity": "HIGH", "dimension": "D5", "message": "Potential PII/sensitive data logged via f-string", "remediation": "Redact sensitive fields before logging", "compliance": { "eu_ai_act": "Article 15", "owasp_llm": "LLM06" } }, { "layer": 7, "scanner": "audit_scanner", "file": "C:\\Users\\gilad\\Projects\\warden\\gallery\\repos\\metagpt\\examples\\exp_pool\\manager.py", "line": 23, "severity": "HIGH", "dimension": "D5", "message": "Potential PII/sensitive data logged via f-string", "remediation": "Redact sensitive fields before logging", "compliance": { "eu_ai_act": "Article 15", "owasp_llm": "LLM06" } }, { "layer": 7, "scanner": "audit_scanner", "file": "C:\\Users\\gilad\\Projects\\warden\\gallery\\repos\\metagpt\\metagpt\\actions\\action_node.py", "line": 440, "severity": "HIGH", "dimension": "D5", "message": "Potential PII/sensitive data logged via f-string", "remediation": "Redact sensitive fields before logging", "compliance": { "eu_ai_act": "Article 15", "owasp_llm": "LLM06" } }, { "layer": 7, "scanner": "audit_scanner", "file": "C:\\Users\\gilad\\Projects\\warden\\gallery\\repos\\metagpt\\metagpt\\actions\\skill_action.py", "line": 55, "severity": "HIGH", "dimension": "D5", "message": "Potential PII/sensitive data logged via f-string", "remediation": "Redact sensitive fields before logging", "compliance": { "eu_ai_act": "Article 15", "owasp_llm": "LLM06" } }, { "layer": 7, "scanner": "audit_scanner", "file": "C:\\Users\\gilad\\Projects\\warden\\gallery\\repos\\metagpt\\metagpt\\actions\\talk_action.py", "line": 49, "severity": "HIGH", "dimension": "D5", "message": "Potential PII/sensitive data logged via f-string", "remediation": "Redact sensitive fields before logging", "compliance": { "eu_ai_act": "Article 15", "owasp_llm": "LLM06" } }, { "layer": 7, "scanner": "audit_scanner", "file": "C:\\Users\\gilad\\Projects\\warden\\gallery\\repos\\metagpt\\metagpt\\actions\\talk_action.py", "line": 64, "severity": "HIGH", "dimension": "D5", "message": "Potential PII/sensitive data logged via f-string", "remediation": "Redact sensitive fields before logging", "compliance": { "eu_ai_act": "Article 15", "owasp_llm": "LLM06" } }, { "layer": 7, "scanner": "audit_scanner", "file": "C:\\Users\\gilad\\Projects\\warden\\gallery\\repos\\metagpt\\metagpt\\actions\\write_code_review.py", "line": 205, "severity": "HIGH", "dimension": "D5", "message": "Potential PII/sensitive data logged via f-string", "remediation": "Redact sensitive fields before logging", "compliance": { "eu_ai_act": "Article 15", "owasp_llm": "LLM06" } }, { "layer": 7, "scanner": "audit_scanner", "file": "C:\\Users\\gilad\\Projects\\warden\\gallery\\repos\\metagpt\\metagpt\\actions\\write_prd.py", "line": 160, "severity": "HIGH", "dimension": "D5", "message": "Potential PII/sensitive data logged via f-string", "remediation": "Redact sensitive fields before logging", "compliance": { "eu_ai_act": "Article 15", "owasp_llm": "LLM06" } }, { "layer": 7, "scanner": "audit_scanner", "file": "C:\\Users\\gilad\\Projects\\warden\\gallery\\repos\\metagpt\\metagpt\\actions\\write_prd.py", "line": 167, "severity": "HIGH", "dimension": "D5", "message": "Potential PII/sensitive data logged via f-string", "remediation": "Redact sensitive fields before logging", "compliance": { "eu_ai_act": "Article 15", "owasp_llm": "LLM06" } }, { "layer": 7, "scanner": "audit_scanner", "file": "C:\\Users\\gilad\\Projects\\warden\\gallery\\repos\\metagpt\\metagpt\\actions\\write_prd.py", "line": 170, "severity": "HIGH", "dimension": "D5", "message": "Potential PII/sensitive data logged via f-string", "remediation": "Redact sensitive fields before logging", "compliance": { "eu_ai_act": "Article 15", "owasp_llm": "LLM06" } }, { "layer": 7, "scanner": "audit_scanner", "file": "C:\\Users\\gilad\\Projects\\warden\\gallery\\repos\\metagpt\\metagpt\\environment\\base_env.py", "line": 184, "severity": "HIGH", "dimension": "D5", "message": "Potential PII/sensitive data logged via f-string", "remediation": "Redact sensitive fields before logging", "compliance": { "eu_ai_act": "Article 15", "owasp_llm": "LLM06" } }, { "layer": 7, "scanner": "audit_scanner", "file": "C:\\Users\\gilad\\Projects\\warden\\gallery\\repos\\metagpt\\metagpt\\ext\\aflow\\scripts\\operator.py", "line": 209, "severity": "HIGH", "dimension": "D5", "message": "Potential PII/sensitive data logged via f-string", "remediation": "Redact sensitive fields before logging", "compliance": { "eu_ai_act": "Article 15", "owasp_llm": "LLM06" } }, { "layer": 7, "scanner": "audit_scanner", "file": "C:\\Users\\gilad\\Projects\\warden\\gallery\\repos\\metagpt\\metagpt\\ext\\aflow\\scripts\\optimizer_utils\\graph_utils.py", "line": 51, "severity": "HIGH", "dimension": "D5", "message": "Potential PII/sensitive data logged via f-string", "remediation": "Redact sensitive fields before logging", "compliance": { "eu_ai_act": "Article 15", "owasp_llm": "LLM06" } }, { "layer": 7, "scanner": "audit_scanner", "file": "C:\\Users\\gilad\\Projects\\warden\\gallery\\repos\\metagpt\\metagpt\\ext\\spo\\components\\optimizer.py", "line": 55, "severity": "HIGH", "dimension": "D5", "message": "Potential PII/sensitive data logged via f-string", "remediation": "Redact sensitive fields before logging", "compliance": { "eu_ai_act": "Article 15", "owasp_llm": "LLM06" } }, { "layer": 7, "scanner": "audit_scanner", "file": "C:\\Users\\gilad\\Projects\\warden\\gallery\\repos\\metagpt\\metagpt\\ext\\spo\\components\\optimizer.py", "line": 71, "severity": "HIGH", "dimension": "D5", "message": "Potential PII/sensitive data logged via f-string", "remediation": "Redact sensitive fields before logging", "compliance": { "eu_ai_act": "Article 15", "owasp_llm": "LLM06" } }, { "layer": 7, "scanner": "audit_scanner", "file": "C:\\Users\\gilad\\Projects\\warden\\gallery\\repos\\metagpt\\metagpt\\ext\\spo\\components\\optimizer.py", "line": 98, "severity": "HIGH", "dimension": "D5", "message": "Potential PII/sensitive data logged via f-string", "remediation": "Redact sensitive fields before logging", "compliance": { "eu_ai_act": "Article 15", "owasp_llm": "LLM06" } }, { "layer": 7, "scanner": "audit_scanner", "file": "C:\\Users\\gilad\\Projects\\warden\\gallery\\repos\\metagpt\\metagpt\\ext\\spo\\components\\optimizer.py", "line": 136, "severity": "HIGH", "dimension": "D5", "message": "Potential PII/sensitive data logged via f-string", "remediation": "Redact sensitive fields before logging", "compliance": { "eu_ai_act": "Article 15", "owasp_llm": "LLM06" } }, { "layer": 7, "scanner": "audit_scanner", "file": "C:\\Users\\gilad\\Projects\\warden\\gallery\\repos\\metagpt\\metagpt\\ext\\spo\\utils\\prompt_utils.py", "line": 21, "severity": "HIGH", "dimension": "D5", "message": "Potential PII/sensitive data logged via f-string", "remediation": "Redact sensitive fields before logging", "compliance": { "eu_ai_act": "Article 15", "owasp_llm": "LLM06" } }, { "layer": 7, "scanner": "audit_scanner", "file": "C:\\Users\\gilad\\Projects\\warden\\gallery\\repos\\metagpt\\metagpt\\ext\\stanford_town\\actions\\gen_hourly_schedule.py", "line": 105, "severity": "HIGH", "dimension": "D5", "message": "Potential PII/sensitive data logged via f-string", "remediation": "Redact sensitive fields before logging", "compliance": { "eu_ai_act": "Article 15", "owasp_llm": "LLM06" } }, { "layer": 7, "scanner": "audit_scanner", "file": "C:\\Users\\gilad\\Projects\\warden\\gallery\\repos\\metagpt\\metagpt\\ext\\stanford_town\\actions\\st_action.py", "line": 108, "severity": "HIGH", "dimension": "D5", "message": "Potential PII/sensitive data logged via f-string", "remediation": "Redact sensitive fields before logging", "compliance": { "eu_ai_act": "Article 15", "owasp_llm": "LLM06" } }, { "layer": 7, "scanner": "audit_scanner", "file": "C:\\Users\\gilad\\Projects\\warden\\gallery\\repos\\metagpt\\metagpt\\ext\\werewolf\\roles\\moderator.py", "line": 243, "severity": "HIGH", "dimension": "D5", "message": "Potential PII/sensitive data logged via f-string", "remediation": "Redact sensitive fields before logging", "compliance": { "eu_ai_act": "Article 15", "owasp_llm": "LLM06" } }, { "layer": 7, "scanner": "audit_scanner", "file": "C:\\Users\\gilad\\Projects\\warden\\gallery\\repos\\metagpt\\metagpt\\memory\\brain_memory.py", "line": 195, "severity": "HIGH", "dimension": "D5", "message": "Potential PII/sensitive data logged via f-string", "remediation": "Redact sensitive fields before logging", "compliance": { "eu_ai_act": "Article 15", "owasp_llm": "LLM06" } }, { "layer": 7, "scanner": "audit_scanner", "file": "C:\\Users\\gilad\\Projects\\warden\\gallery\\repos\\metagpt\\metagpt\\memory\\brain_memory.py", "line": 245, "severity": "HIGH", "dimension": "D5", "message": "Potential PII/sensitive data logged via f-string", "remediation": "Redact sensitive fields before logging", "compliance": { "eu_ai_act": "Article 15", "owasp_llm": "LLM06" } }, { "layer": 7, "scanner": "audit_scanner", "file": "C:\\Users\\gilad\\Projects\\warden\\gallery\\repos\\metagpt\\metagpt\\memory\\brain_memory.py", "line": 317, "severity": "HIGH", "dimension": "D5", "message": "Potential PII/sensitive data logged via f-string", "remediation": "Redact sensitive fields before logging", "compliance": { "eu_ai_act": "Article 15", "owasp_llm": "LLM06" } }, { "layer": 7, "scanner": "audit_scanner", "file": "C:\\Users\\gilad\\Projects\\warden\\gallery\\repos\\metagpt\\metagpt\\memory\\memory_storage.py", "line": 59, "severity": "HIGH", "dimension": "D5", "message": "Potential PII/sensitive data logged via f-string", "remediation": "Redact sensitive fields before logging", "compliance": { "eu_ai_act": "Article 15", "owasp_llm": "LLM06" } }, { "layer": 7, "scanner": "audit_scanner", "file": "C:\\Users\\gilad\\Projects\\warden\\gallery\\repos\\metagpt\\metagpt\\roles\\assistant.py", "line": 69, "severity": "HIGH", "dimension": "D5", "message": "Potential PII/sensitive data logged via f-string", "remediation": "Redact sensitive fields before logging", "compliance": { "eu_ai_act": "Article 15", "owasp_llm": "LLM06" } }, { "layer": 7, "scanner": "audit_scanner", "file": "C:\\Users\\gilad\\Projects\\warden\\gallery\\repos\\metagpt\\metagpt\\roles\\role.py", "line": 369, "severity": "HIGH", "dimension": "D5", "message": "Potential PII/sensitive data logged via f-string", "remediation": "Redact sensitive fields before logging", "compliance": { "eu_ai_act": "Article 15", "owasp_llm": "LLM06" } }, { "layer": 7, "scanner": "audit_scanner", "file": "C:\\Users\\gilad\\Projects\\warden\\gallery\\repos\\metagpt\\metagpt\\utils\\cost_manager.py", "line": 57, "severity": "HIGH", "dimension": "D5", "message": "Potential PII/sensitive data logged via f-string", "remediation": "Redact sensitive fields before logging", "compliance": { "eu_ai_act": "Article 15", "owasp_llm": "LLM06" } }, { "layer": 7, "scanner": "audit_scanner", "file": "C:\\Users\\gilad\\Projects\\warden\\gallery\\repos\\metagpt\\metagpt\\utils\\cost_manager.py", "line": 108, "severity": "HIGH", "dimension": "D5", "message": "Potential PII/sensitive data logged via f-string", "remediation": "Redact sensitive fields before logging", "compliance": { "eu_ai_act": "Article 15", "owasp_llm": "LLM06" } }, { "layer": 7, "scanner": "audit_scanner", "file": "C:\\Users\\gilad\\Projects\\warden\\gallery\\repos\\metagpt\\metagpt\\utils\\cost_manager.py", "line": 146, "severity": "HIGH", "dimension": "D5", "message": "Potential PII/sensitive data logged via f-string", "remediation": "Redact sensitive fields before logging", "compliance": { "eu_ai_act": "Article 15", "owasp_llm": "LLM06" } }, { "layer": 7, "scanner": "audit_scanner", "file": "C:\\Users\\gilad\\Projects\\warden\\gallery\\repos\\metagpt\\metagpt\\utils\\human_interaction.py", "line": 19, "severity": "HIGH", "dimension": "D5", "message": "Potential PII/sensitive data logged via f-string", "remediation": "Redact sensitive fields before logging", "compliance": { "eu_ai_act": "Article 15", "owasp_llm": "LLM06" } }, { "layer": 7, "scanner": "audit_scanner", "file": "C:\\Users\\gilad\\Projects\\warden\\gallery\\repos\\metagpt\\metagpt\\utils\\human_interaction.py", "line": 80, "severity": "HIGH", "dimension": "D5", "message": "Potential PII/sensitive data logged via f-string", "remediation": "Redact sensitive fields before logging", "compliance": { "eu_ai_act": "Article 15", "owasp_llm": "LLM06" } }, { "layer": 7, "scanner": "audit_scanner", "file": "C:\\Users\\gilad\\Projects\\warden\\gallery\\repos\\metagpt\\metagpt\\utils\\repo_to_markdown.py", "line": 87, "severity": "HIGH", "dimension": "D5", "message": "Potential PII/sensitive data logged via f-string", "remediation": "Redact sensitive fields before logging", "compliance": { "eu_ai_act": "Article 15", "owasp_llm": "LLM06" } }, { "layer": 7, "scanner": "audit_scanner", "file": "C:\\Users\\gilad\\Projects\\warden\\gallery\\repos\\metagpt\\tests\\conftest.py", "line": 75, "severity": "HIGH", "dimension": "D5", "message": "Potential PII/sensitive data logged via f-string", "remediation": "Redact sensitive fields before logging", "compliance": { "eu_ai_act": "Article 15", "owasp_llm": "LLM06" } }, { "layer": 7, "scanner": "audit_scanner", "file": "C:\\Users\\gilad\\Projects\\warden\\gallery\\repos\\metagpt\\tests\\metagpt\\test_environment.py", "line": 34, "severity": "HIGH", "dimension": "D5", "message": "Potential PII/sensitive data logged via f-string", "remediation": "Redact sensitive fields before logging", "compliance": { "eu_ai_act": "Article 15", "owasp_llm": "LLM06" } }, { "layer": 7, "scanner": "audit_scanner", "file": "C:\\Users\\gilad\\Projects\\warden\\gallery\\repos\\metagpt\\tests\\metagpt\\actions\\test_generate_questions.py", "line": 26, "severity": "HIGH", "dimension": "D5", "message": "Potential PII/sensitive data logged via f-string", "remediation": "Redact sensitive fields before logging", "compliance": { "eu_ai_act": "Article 15", "owasp_llm": "LLM06" } }, { "layer": 7, "scanner": "audit_scanner", "file": "C:\\Users\\gilad\\Projects\\warden\\gallery\\repos\\metagpt\\tests\\metagpt\\actions\\test_prepare_interview.py", "line": 18, "severity": "HIGH", "dimension": "D5", "message": "Potential PII/sensitive data logged via f-string", "remediation": "Redact sensitive fields before logging", "compliance": { "eu_ai_act": "Article 15", "owasp_llm": "LLM06" } }, { "layer": 7, "scanner": "audit_scanner", "file": "C:\\Users\\gilad\\Projects\\warden\\gallery\\repos\\metagpt", "line": 0, "severity": "CRITICAL", "dimension": "D5", "message": "No audit logging for tool calls detected", "remediation": "Add audit logging for all tool/agent executions", "compliance": { "eu_ai_act": "Article 12" } }, { "layer": 3, "scanner": "infra_analyzer", "file": "C:\\Users\\gilad\\Projects\\warden\\gallery\\repos\\metagpt\\Dockerfile", "line": 1, "severity": "HIGH", "dimension": "D4", "message": "Container runs as root — no USER directive in Dockerfile", "remediation": "Add USER directive to run as non-root user", "compliance": { "owasp_llm": "LLM09" } }, { "layer": 3, "scanner": "infra_analyzer", "file": "C:\\Users\\gilad\\Projects\\warden\\gallery\\repos\\metagpt\\.devcontainer\\docker-compose.yaml", "line": 14, "severity": "CRITICAL", "dimension": "D4", "message": "Secret value in docker-compose environment", "remediation": "Use .env file or Docker secrets, not inline values", "compliance": {} }, { "layer": 3, "scanner": "infra_analyzer", "file": "C:\\Users\\gilad\\Projects\\warden\\gallery\\repos\\metagpt\\.devcontainer\\docker-compose.yaml", "line": 22, "severity": "CRITICAL", "dimension": "D4", "message": "Secret value in docker-compose environment", "remediation": "Use .env file or Docker secrets, not inline values", "compliance": {} }, { "layer": 3, "scanner": "infra_analyzer", "file": "C:\\Users\\gilad\\Projects\\warden\\gallery\\repos\\metagpt\\.devcontainer\\docker-compose.yaml", "line": 1, "severity": "MEDIUM", "dimension": "D9", "message": "No healthcheck defined for any service", "remediation": "Add healthcheck sections to critical services", "compliance": {} }, { "layer": 3, "scanner": "infra_analyzer", "file": "C:\\Users\\gilad\\Projects\\warden\\gallery\\repos\\metagpt\\.devcontainer\\docker-compose.yaml", "line": 1, "severity": "MEDIUM", "dimension": "D9", "message": "No resource limits defined — services can consume unlimited resources", "remediation": "Add CPU/memory limits to services", "compliance": {} }, { "layer": 5, "scanner": "agent_arch_scanner", "file": "C:\\Users\\gilad\\Projects\\warden\\gallery\\repos\\metagpt\\examples\\agent_creator.py", "line": 19, "severity": "HIGH", "dimension": "D8", "message": "Agent class 'CreateAgent' has no permission model", "remediation": "Add role/permission checks before tool dispatch", "compliance": {} }, { "layer": 5, "scanner": "agent_arch_scanner", "file": "C:\\Users\\gilad\\Projects\\warden\\gallery\\repos\\metagpt\\examples\\agent_creator.py", "line": 19, "severity": "MEDIUM", "dimension": "D8", "message": "Agent class 'CreateAgent' has no defined lifecycle states", "remediation": "Add state machine (ACTIVE/SUSPENDED/RETIRED) for agent lifecycle", "compliance": {} }, { "layer": 5, "scanner": "agent_arch_scanner", "file": "C:\\Users\\gilad\\Projects\\warden\\gallery\\repos\\metagpt\\metagpt\\ext\\android_assistant\\roles\\android_assistant.py", "line": 26, "severity": "MEDIUM", "dimension": "D12", "message": "Agent class 'AndroidAssistant' has no cost tracking", "remediation": "Track token usage and costs per agent execution", "compliance": {} }, { "layer": 5, "scanner": "agent_arch_scanner", "file": "C:\\Users\\gilad\\Projects\\warden\\gallery\\repos\\metagpt\\metagpt\\roles\\assistant.py", "line": 37, "severity": "MEDIUM", "dimension": "D12", "message": "Agent class 'Assistant' has no cost tracking", "remediation": "Track token usage and costs per agent execution", "compliance": {} }, { "layer": 5, "scanner": "agent_arch_scanner", "file": "C:\\Users\\gilad\\Projects\\warden\\gallery\\repos\\metagpt\\metagpt\\roles\\assistant.py", "line": 37, "severity": "MEDIUM", "dimension": "D8", "message": "Agent class 'Assistant' has no defined lifecycle states", "remediation": "Add state machine (ACTIVE/SUSPENDED/RETIRED) for agent lifecycle", "compliance": {} }, { "layer": 5, "scanner": "agent_arch_scanner", "file": "C:\\Users\\gilad\\Projects\\warden\\gallery\\repos\\metagpt\\metagpt\\roles\\invoice_ocr_assistant.py", "line": 39, "severity": "MEDIUM", "dimension": "D12", "message": "Agent class 'InvoiceOCRAssistant' has no cost tracking", "remediation": "Track token usage and costs per agent execution", "compliance": {} }, { "layer": 5, "scanner": "agent_arch_scanner", "file": "C:\\Users\\gilad\\Projects\\warden\\gallery\\repos\\metagpt\\metagpt\\roles\\invoice_ocr_assistant.py", "line": 39, "severity": "MEDIUM", "dimension": "D8", "message": "Agent class 'InvoiceOCRAssistant' has no defined lifecycle states", "remediation": "Add state machine (ACTIVE/SUSPENDED/RETIRED) for agent lifecycle", "compliance": {} }, { "layer": 5, "scanner": "agent_arch_scanner", "file": "C:\\Users\\gilad\\Projects\\warden\\gallery\\repos\\metagpt\\metagpt\\roles\\tutorial_assistant.py", "line": 20, "severity": "MEDIUM", "dimension": "D12", "message": "Agent class 'TutorialAssistant' has no cost tracking", "remediation": "Track token usage and costs per agent execution", "compliance": {} }, { "layer": 5, "scanner": "agent_arch_scanner", "file": "C:\\Users\\gilad\\Projects\\warden\\gallery\\repos\\metagpt\\metagpt\\roles\\tutorial_assistant.py", "line": 20, "severity": "MEDIUM", "dimension": "D8", "message": "Agent class 'TutorialAssistant' has no defined lifecycle states", "remediation": "Add state machine (ACTIVE/SUSPENDED/RETIRED) for agent lifecycle", "compliance": {} }, { "layer": 5, "scanner": "agent_arch_scanner", "file": "C:\\Users\\gilad\\Projects\\warden\\gallery\\repos\\metagpt\\metagpt\\roles\\di\\swe_agent.py", "line": 17, "severity": "MEDIUM", "dimension": "D12", "message": "Agent class 'SWEAgent' has no cost tracking", "remediation": "Track token usage and costs per agent execution", "compliance": {} }, { "layer": 6, "scanner": "dependency_scanner", "file": "C:\\Users\\gilad\\Projects\\warden\\gallery\\repos\\metagpt\\requirements.txt", "line": 1, "severity": "CRITICAL", "dimension": "D4", "message": "Possible typosquat: 'scikit_learn' is 1 edit from 'scikit-learn'", "remediation": "Verify this is the intended package, not a typosquat of 'scikit-learn'", "compliance": { "mitre_atlas": "AML.T0010" } }, { "layer": 8, "scanner": "cicd_scanner", "file": "C:\\Users\\gilad\\Projects\\warden\\gallery\\repos\\metagpt\\.github\\workflows\\build-package.yaml", "line": 32, "severity": "HIGH", "dimension": "D4", "message": "Secret used without OIDC — long-lived credential in workflow", "remediation": "Use OIDC (id-token: write) for cloud auth instead of static secrets", "compliance": { "owasp_llm": "LLM09" } }, { "layer": 8, "scanner": "cicd_scanner", "file": "C:\\Users\\gilad\\Projects\\warden\\gallery\\repos\\metagpt\\.github\\workflows\\build-package.yaml", "line": 1, "severity": "MEDIUM", "dimension": "D3", "message": "No concurrency block — parallel deployments possible", "remediation": "Add concurrency: group with cancel-in-progress to prevent parallel deploys", "compliance": {} }, { "layer": 8, "scanner": "cicd_scanner", "file": "C:\\Users\\gilad\\Projects\\warden\\gallery\\repos\\metagpt\\.github\\workflows\\build-package.yaml", "line": 1, "severity": "LOW", "dimension": "D14", "message": "No environment: block — no required reviewers for deployments", "remediation": "Add environment: production with required reviewers in GitHub settings", "compliance": { "eu_ai_act": "Article 14" } }, { "layer": 8, "scanner": "cicd_scanner", "file": "C:\\Users\\gilad\\Projects\\warden\\gallery\\repos\\metagpt\\.github\\workflows\\fulltest.yaml", "line": 41, "severity": "HIGH", "dimension": "D4", "message": "Secret used without OIDC — long-lived credential in workflow", "remediation": "Use OIDC (id-token: write) for cloud auth instead of static secrets", "compliance": { "owasp_llm": "LLM09" } }, { "layer": 8, "scanner": "cicd_scanner", "file": "C:\\Users\\gilad\\Projects\\warden\\gallery\\repos\\metagpt\\.github\\workflows\\fulltest.yaml", "line": 39, "severity": "MEDIUM", "dimension": "D3", "message": "continue-on-error: true — pipeline failures silently suppressed", "remediation": "Remove continue-on-error or scope it to non-critical steps only", "compliance": {} }, { "layer": 8, "scanner": "cicd_scanner", "file": "C:\\Users\\gilad\\Projects\\warden\\gallery\\repos\\metagpt\\.github\\workflows\\fulltest.yaml", "line": 1, "severity": "MEDIUM", "dimension": "D3", "message": "No concurrency block — parallel deployments possible", "remediation": "Add concurrency: group with cancel-in-progress to prevent parallel deploys", "compliance": {} }, { "layer": 8, "scanner": "cicd_scanner", "file": "C:\\Users\\gilad\\Projects\\warden\\gallery\\repos\\metagpt\\.github\\workflows\\fulltest.yaml", "line": 1, "severity": "MEDIUM", "dimension": "D14", "message": "Push trigger without branch protection guard", "remediation": "Add if: github.ref == 'refs/heads/main' or restrict push trigger branches", "compliance": {} }, { "layer": 8, "scanner": "cicd_scanner", "file": "C:\\Users\\gilad\\Projects\\warden\\gallery\\repos\\metagpt\\.github\\workflows\\pre-commit.yaml", "line": 1, "severity": "MEDIUM", "dimension": "D3", "message": "No concurrency block — parallel deployments possible", "remediation": "Add concurrency: group with cancel-in-progress to prevent parallel deploys", "compliance": {} }, { "layer": 8, "scanner": "cicd_scanner", "file": "C:\\Users\\gilad\\Projects\\warden\\gallery\\repos\\metagpt\\.github\\workflows\\pre-commit.yaml", "line": 1, "severity": "MEDIUM", "dimension": "D14", "message": "Push trigger without branch protection guard", "remediation": "Add if: github.ref == 'refs/heads/main' or restrict push trigger branches", "compliance": {} }, { "layer": 8, "scanner": "cicd_scanner", "file": "C:\\Users\\gilad\\Projects\\warden\\gallery\\repos\\metagpt\\.github\\workflows\\stale.yaml", "line": 22, "severity": "HIGH", "dimension": "D4", "message": "Secret used without OIDC — long-lived credential in workflow", "remediation": "Use OIDC (id-token: write) for cloud auth instead of static secrets", "compliance": { "owasp_llm": "LLM09" } }, { "layer": 8, "scanner": "cicd_scanner", "file": "C:\\Users\\gilad\\Projects\\warden\\gallery\\repos\\metagpt\\.github\\workflows\\stale.yaml", "line": 1, "severity": "MEDIUM", "dimension": "D3", "message": "No concurrency block — parallel deployments possible", "remediation": "Add concurrency: group with cancel-in-progress to prevent parallel deploys", "compliance": {} }, { "layer": 8, "scanner": "cicd_scanner", "file": "C:\\Users\\gilad\\Projects\\warden\\gallery\\repos\\metagpt\\.github\\workflows\\stale.yaml", "line": 1, "severity": "LOW", "dimension": "D14", "message": "No environment: block — no required reviewers for deployments", "remediation": "Add environment: production with required reviewers in GitHub settings", "compliance": { "eu_ai_act": "Article 14" } }, { "layer": 8, "scanner": "cicd_scanner", "file": "C:\\Users\\gilad\\Projects\\warden\\gallery\\repos\\metagpt\\.github\\workflows\\unittest.yaml", "line": 1, "severity": "MEDIUM", "dimension": "D3", "message": "No concurrency block — parallel deployments possible", "remediation": "Add concurrency: group with cancel-in-progress to prevent parallel deploys", "compliance": {} }, { "layer": 8, "scanner": "cicd_scanner", "file": "C:\\Users\\gilad\\Projects\\warden\\gallery\\repos\\metagpt\\.github\\workflows\\unittest.yaml", "line": 1, "severity": "LOW", "dimension": "D14", "message": "No environment: block — no required reviewers for deployments", "remediation": "Add environment: production with required reviewers in GitHub settings", "compliance": { "eu_ai_act": "Article 14" } }, { "layer": 8, "scanner": "cicd_scanner", "file": "C:\\Users\\gilad\\Projects\\warden\\gallery\\repos\\metagpt\\.github\\workflows\\unittest.yaml", "line": 1, "severity": "MEDIUM", "dimension": "D14", "message": "Push trigger without branch protection guard", "remediation": "Add if: github.ref == 'refs/heads/main' or restrict push trigger branches", "compliance": {} }, { "layer": 8, "scanner": "cicd_scanner", "file": "C:\\Users\\gilad\\Projects\\warden\\gallery\\repos\\metagpt\\.github\\CODEOWNERS", "line": 0, "severity": "MEDIUM", "dimension": "D3", "message": "No .github/CODEOWNERS file — no code ownership enforcement", "remediation": "Add CODEOWNERS to enforce review requirements per path", "compliance": { "eu_ai_act": "Article 9" } }, { "layer": 10, "scanner": "framework_scanner", "file": "C:\\Users\\gilad\\Projects\\warden\\gallery\\repos\\metagpt\\examples\\rag\\rag_bm.py", "line": 6, "severity": "MEDIUM", "dimension": "D6", "message": "LlamaIndex used without callback_manager — no query observability", "remediation": "Set callback_manager= on your index/query engine for tracing", "compliance": {} }, { "layer": 10, "scanner": "framework_scanner", "file": "C:\\Users\\gilad\\Projects\\warden\\gallery\\repos\\metagpt\\metagpt\\document.py", "line": 14, "severity": "MEDIUM", "dimension": "D6", "message": "LlamaIndex used without callback_manager — no query observability", "remediation": "Set callback_manager= on your index/query engine for tracing", "compliance": {} }, { "layer": 10, "scanner": "framework_scanner", "file": "C:\\Users\\gilad\\Projects\\warden\\gallery\\repos\\metagpt\\metagpt\\document_store\\faiss_store.py", "line": 13, "severity": "MEDIUM", "dimension": "D6", "message": "LlamaIndex used without callback_manager — no query observability", "remediation": "Set callback_manager= on your index/query engine for tracing", "compliance": {} }, { "layer": 10, "scanner": "framework_scanner", "file": "C:\\Users\\gilad\\Projects\\warden\\gallery\\repos\\metagpt\\metagpt\\environment\\minecraft\\minecraft_env.py", "line": 11, "severity": "MEDIUM", "dimension": "D6", "message": "LlamaIndex used without callback_manager — no query observability", "remediation": "Set callback_manager= on your index/query engine for tracing", "compliance": {} }, { "layer": 10, "scanner": "framework_scanner", "file": "C:\\Users\\gilad\\Projects\\warden\\gallery\\repos\\metagpt\\metagpt\\memory\\memory_storage.py", "line": 9, "severity": "MEDIUM", "dimension": "D6", "message": "LlamaIndex used without callback_manager — no query observability", "remediation": "Set callback_manager= on your index/query engine for tracing", "compliance": {} }, { "layer": 10, "scanner": "framework_scanner", "file": "C:\\Users\\gilad\\Projects\\warden\\gallery\\repos\\metagpt\\metagpt\\memory\\role_zero_memory.py", "line": 19, "severity": "MEDIUM", "dimension": "D6", "message": "LlamaIndex used without callback_manager — no query observability", "remediation": "Set callback_manager= on your index/query engine for tracing", "compliance": {} }, { "layer": 10, "scanner": "framework_scanner", "file": "C:\\Users\\gilad\\Projects\\warden\\gallery\\repos\\metagpt\\metagpt\\rag\\schema.py", "line": 7, "severity": "MEDIUM", "dimension": "D6", "message": "LlamaIndex used without callback_manager — no query observability", "remediation": "Set callback_manager= on your index/query engine for tracing", "compliance": {} }, { "layer": 10, "scanner": "framework_scanner", "file": "C:\\Users\\gilad\\Projects\\warden\\gallery\\repos\\metagpt\\metagpt\\rag\\benchmark\\base.py", "line": 6, "severity": "MEDIUM", "dimension": "D6", "message": "LlamaIndex used without callback_manager — no query observability", "remediation": "Set callback_manager= on your index/query engine for tracing", "compliance": {} }, { "layer": 10, "scanner": "framework_scanner", "file": "C:\\Users\\gilad\\Projects\\warden\\gallery\\repos\\metagpt\\metagpt\\rag\\engines\\flare.py", "line": 7, "severity": "MEDIUM", "dimension": "D6", "message": "LlamaIndex used without callback_manager — no query observability", "remediation": "Set callback_manager= on your index/query engine for tracing", "compliance": {} }, { "layer": 10, "scanner": "framework_scanner", "file": "C:\\Users\\gilad\\Projects\\warden\\gallery\\repos\\metagpt\\metagpt\\rag\\factories\\embedding.py", "line": 6, "severity": "MEDIUM", "dimension": "D6", "message": "LlamaIndex used without callback_manager — no query observability", "remediation": "Set callback_manager= on your index/query engine for tracing", "compliance": {} }, { "layer": 10, "scanner": "framework_scanner", "file": "C:\\Users\\gilad\\Projects\\warden\\gallery\\repos\\metagpt\\metagpt\\rag\\factories\\index.py", "line": 4, "severity": "MEDIUM", "dimension": "D6", "message": "LlamaIndex used without callback_manager — no query observability", "remediation": "Set callback_manager= on your index/query engine for tracing", "compliance": {} }, { "layer": 10, "scanner": "framework_scanner", "file": "C:\\Users\\gilad\\Projects\\warden\\gallery\\repos\\metagpt\\metagpt\\rag\\factories\\llm.py", "line": 5, "severity": "MEDIUM", "dimension": "D6", "message": "LlamaIndex used without callback_manager — no query observability", "remediation": "Set callback_manager= on your index/query engine for tracing", "compliance": {} }, { "layer": 10, "scanner": "framework_scanner", "file": "C:\\Users\\gilad\\Projects\\warden\\gallery\\repos\\metagpt\\metagpt\\rag\\factories\\ranker.py", "line": 3, "severity": "MEDIUM", "dimension": "D6", "message": "LlamaIndex used without callback_manager — no query observability", "remediation": "Set callback_manager= on your index/query engine for tracing", "compliance": {} }, { "layer": 10, "scanner": "framework_scanner", "file": "C:\\Users\\gilad\\Projects\\warden\\gallery\\repos\\metagpt\\metagpt\\rag\\factories\\retriever.py", "line": 8, "severity": "MEDIUM", "dimension": "D6", "message": "LlamaIndex used without callback_manager — no query observability", "remediation": "Set callback_manager= on your index/query engine for tracing", "compliance": {} }, { "layer": 10, "scanner": "framework_scanner", "file": "C:\\Users\\gilad\\Projects\\warden\\gallery\\repos\\metagpt\\metagpt\\rag\\parsers\\omniparse.py", "line": 6, "severity": "MEDIUM", "dimension": "D6", "message": "LlamaIndex used without callback_manager — no query observability", "remediation": "Set callback_manager= on your index/query engine for tracing", "compliance": {} }, { "layer": 10, "scanner": "framework_scanner", "file": "C:\\Users\\gilad\\Projects\\warden\\gallery\\repos\\metagpt\\metagpt\\rag\\prompts\\default_prompts.py", "line": 3, "severity": "MEDIUM", "dimension": "D6", "message": "LlamaIndex used without callback_manager — no query observability", "remediation": "Set callback_manager= on your index/query engine for tracing", "compliance": {} }, { "layer": 10, "scanner": "framework_scanner", "file": "C:\\Users\\gilad\\Projects\\warden\\gallery\\repos\\metagpt\\metagpt\\rag\\rankers\\base.py", "line": 6, "severity": "MEDIUM", "dimension": "D6", "message": "LlamaIndex used without callback_manager — no query observability", "remediation": "Set callback_manager= on your index/query engine for tracing", "compliance": {} }, { "layer": 10, "scanner": "framework_scanner", "file": "C:\\Users\\gilad\\Projects\\warden\\gallery\\repos\\metagpt\\metagpt\\rag\\rankers\\object_ranker.py", "line": 7, "severity": "MEDIUM", "dimension": "D6", "message": "LlamaIndex used without callback_manager — no query observability", "remediation": "Set callback_manager= on your index/query engine for tracing", "compliance": {} }, { "layer": 10, "scanner": "framework_scanner", "file": "C:\\Users\\gilad\\Projects\\warden\\gallery\\repos\\metagpt\\metagpt\\rag\\retrievers\\base.py", "line": 5, "severity": "MEDIUM", "dimension": "D6", "message": "LlamaIndex used without callback_manager — no query observability", "remediation": "Set callback_manager= on your index/query engine for tracing", "compliance": {} }, { "layer": 10, "scanner": "framework_scanner", "file": "C:\\Users\\gilad\\Projects\\warden\\gallery\\repos\\metagpt\\metagpt\\rag\\retrievers\\chroma_retriever.py", "line": 3, "severity": "MEDIUM", "dimension": "D6", "message": "LlamaIndex used without callback_manager — no query observability", "remediation": "Set callback_manager= on your index/query engine for tracing", "compliance": {} }, { "layer": 10, "scanner": "framework_scanner", "file": "C:\\Users\\gilad\\Projects\\warden\\gallery\\repos\\metagpt\\metagpt\\rag\\retrievers\\es_retriever.py", "line": 3, "severity": "MEDIUM", "dimension": "D6", "message": "LlamaIndex used without callback_manager — no query observability", "remediation": "Set callback_manager= on your index/query engine for tracing", "compliance": {} }, { "layer": 10, "scanner": "framework_scanner", "file": "C:\\Users\\gilad\\Projects\\warden\\gallery\\repos\\metagpt\\metagpt\\rag\\retrievers\\faiss_retriever.py", "line": 3, "severity": "MEDIUM", "dimension": "D6", "message": "LlamaIndex used without callback_manager — no query observability", "remediation": "Set callback_manager= on your index/query engine for tracing", "compliance": {} }, { "layer": 10, "scanner": "framework_scanner", "file": "C:\\Users\\gilad\\Projects\\warden\\gallery\\repos\\metagpt\\metagpt\\rag\\retrievers\\hybrid_retriever.py", "line": 5, "severity": "MEDIUM", "dimension": "D6", "message": "LlamaIndex used without callback_manager — no query observability", "remediation": "Set callback_manager= on your index/query engine for tracing", "compliance": {} }, { "layer": 10, "scanner": "framework_scanner", "file": "C:\\Users\\gilad\\Projects\\warden\\gallery\\repos\\metagpt\\metagpt\\tools\\libs\\index_repo.py", "line": 10, "severity": "MEDIUM", "dimension": "D6", "message": "LlamaIndex used without callback_manager — no query observability", "remediation": "Set callback_manager= on your index/query engine for tracing", "compliance": {} }, { "layer": 10, "scanner": "framework_scanner", "file": "C:\\Users\\gilad\\Projects\\warden\\gallery\\repos\\metagpt\\metagpt\\utils\\embedding.py", "line": 8, "severity": "MEDIUM", "dimension": "D6", "message": "LlamaIndex used without callback_manager — no query observability", "remediation": "Set callback_manager= on your index/query engine for tracing", "compliance": {} }, { "layer": 10, "scanner": "framework_scanner", "file": "C:\\Users\\gilad\\Projects\\warden\\gallery\\repos\\metagpt\\metagpt\\utils\\file.py", "line": 136, "severity": "MEDIUM", "dimension": "D6", "message": "LlamaIndex used without callback_manager — no query observability", "remediation": "Set callback_manager= on your index/query engine for tracing", "compliance": {} }, { "layer": 10, "scanner": "framework_scanner", "file": "C:\\Users\\gilad\\Projects\\warden\\gallery\\repos\\metagpt\\tests\\metagpt\\rag\\engines\\test_simple.py", "line": 4, "severity": "MEDIUM", "dimension": "D6", "message": "LlamaIndex used without callback_manager — no query observability", "remediation": "Set callback_manager= on your index/query engine for tracing", "compliance": {} }, { "layer": 10, "scanner": "framework_scanner", "file": "C:\\Users\\gilad\\Projects\\warden\\gallery\\repos\\metagpt\\tests\\metagpt\\rag\\factories\\test_index.py", "line": 2, "severity": "MEDIUM", "dimension": "D6", "message": "LlamaIndex used without callback_manager — no query observability", "remediation": "Set callback_manager= on your index/query engine for tracing", "compliance": {} }, { "layer": 10, "scanner": "framework_scanner", "file": "C:\\Users\\gilad\\Projects\\warden\\gallery\\repos\\metagpt\\tests\\metagpt\\rag\\factories\\test_llm.py", "line": 4, "severity": "MEDIUM", "dimension": "D6", "message": "LlamaIndex used without callback_manager — no query observability", "remediation": "Set callback_manager= on your index/query engine for tracing", "compliance": {} }, { "layer": 10, "scanner": "framework_scanner", "file": "C:\\Users\\gilad\\Projects\\warden\\gallery\\repos\\metagpt\\tests\\metagpt\\rag\\factories\\test_ranker.py", "line": 4, "severity": "MEDIUM", "dimension": "D6", "message": "LlamaIndex used without callback_manager — no query observability", "remediation": "Set callback_manager= on your index/query engine for tracing", "compliance": {} }, { "layer": 10, "scanner": "framework_scanner", "file": "C:\\Users\\gilad\\Projects\\warden\\gallery\\repos\\metagpt\\tests\\metagpt\\rag\\factories\\test_retriever.py", "line": 3, "severity": "MEDIUM", "dimension": "D6", "message": "LlamaIndex used without callback_manager — no query observability", "remediation": "Set callback_manager= on your index/query engine for tracing", "compliance": {} }, { "layer": 10, "scanner": "framework_scanner", "file": "C:\\Users\\gilad\\Projects\\warden\\gallery\\repos\\metagpt\\tests\\metagpt\\rag\\parser\\test_omniparse.py", "line": 2, "severity": "MEDIUM", "dimension": "D6", "message": "LlamaIndex used without callback_manager — no query observability", "remediation": "Set callback_manager= on your index/query engine for tracing", "compliance": {} }, { "layer": 10, "scanner": "framework_scanner", "file": "C:\\Users\\gilad\\Projects\\warden\\gallery\\repos\\metagpt\\tests\\metagpt\\rag\\rankers\\test_base_ranker.py", "line": 2, "severity": "MEDIUM", "dimension": "D6", "message": "LlamaIndex used without callback_manager — no query observability", "remediation": "Set callback_manager= on your index/query engine for tracing", "compliance": {} }, { "layer": 10, "scanner": "framework_scanner", "file": "C:\\Users\\gilad\\Projects\\warden\\gallery\\repos\\metagpt\\tests\\metagpt\\rag\\rankers\\test_object_ranker.py", "line": 4, "severity": "MEDIUM", "dimension": "D6", "message": "LlamaIndex used without callback_manager — no query observability", "remediation": "Set callback_manager= on your index/query engine for tracing", "compliance": {} }, { "layer": 10, "scanner": "framework_scanner", "file": "C:\\Users\\gilad\\Projects\\warden\\gallery\\repos\\metagpt\\tests\\metagpt\\rag\\retrievers\\test_bm25_retriever.py", "line": 2, "severity": "MEDIUM", "dimension": "D6", "message": "LlamaIndex used without callback_manager — no query observability", "remediation": "Set callback_manager= on your index/query engine for tracing", "compliance": {} }, { "layer": 10, "scanner": "framework_scanner", "file": "C:\\Users\\gilad\\Projects\\warden\\gallery\\repos\\metagpt\\tests\\metagpt\\rag\\retrievers\\test_chroma_retriever.py", "line": 2, "severity": "MEDIUM", "dimension": "D6", "message": "LlamaIndex used without callback_manager — no query observability", "remediation": "Set callback_manager= on your index/query engine for tracing", "compliance": {} }, { "layer": 10, "scanner": "framework_scanner", "file": "C:\\Users\\gilad\\Projects\\warden\\gallery\\repos\\metagpt\\tests\\metagpt\\rag\\retrievers\\test_es_retriever.py", "line": 2, "severity": "MEDIUM", "dimension": "D6", "message": "LlamaIndex used without callback_manager — no query observability", "remediation": "Set callback_manager= on your index/query engine for tracing", "compliance": {} }, { "layer": 10, "scanner": "framework_scanner", "file": "C:\\Users\\gilad\\Projects\\warden\\gallery\\repos\\metagpt\\tests\\metagpt\\rag\\retrievers\\test_faiss_retriever.py", "line": 2, "severity": "MEDIUM", "dimension": "D6", "message": "LlamaIndex used without callback_manager — no query observability", "remediation": "Set callback_manager= on your index/query engine for tracing", "compliance": {} }, { "layer": 10, "scanner": "framework_scanner", "file": "C:\\Users\\gilad\\Projects\\warden\\gallery\\repos\\metagpt\\tests\\metagpt\\rag\\retrievers\\test_hybrid_retriever.py", "line": 2, "severity": "MEDIUM", "dimension": "D6", "message": "LlamaIndex used without callback_manager — no query observability", "remediation": "Set callback_manager= on your index/query engine for tracing", "compliance": {} }, { "layer": 12, "scanner": "cloud_scanner", "file": "C:\\Users\\gilad\\Projects\\warden\\gallery\\repos\\metagpt\\metagpt\\software_company.py", "line": 133, "severity": "MEDIUM", "dimension": "D1", "message": "Cloud AI endpoint URL hardcoded in source — hinders environment portability", "remediation": "Move AI service endpoints to environment variables or configuration files", "compliance": { "owasp_llm": "LLM06" } }, { "layer": 12, "scanner": "cloud_scanner", "file": "C:\\Users\\gilad\\Projects\\warden\\gallery\\repos\\metagpt\\metagpt\\configs\\llm_config.py", "line": 61, "severity": "MEDIUM", "dimension": "D1", "message": "Cloud AI endpoint URL hardcoded in source — hinders environment portability", "remediation": "Move AI service endpoints to environment variables or configuration files", "compliance": { "owasp_llm": "LLM06" } }, { "layer": 12, "scanner": "cloud_scanner", "file": "C:\\Users\\gilad\\Projects\\warden\\gallery\\repos\\metagpt\\metagpt\\provider\\azure_openai_api.py", "line": 9, "severity": "HIGH", "dimension": "D10", "message": "Azure AI used without ContentSafetyClient — no content moderation", "remediation": "Add Azure ContentSafetyClient to analyse prompts/responses for harmful content", "compliance": { "eu_ai_act": "Article 15", "owasp_llm": "LLM02" } }, { "layer": 12, "scanner": "cloud_scanner", "file": "C:\\Users\\gilad\\Projects\\warden\\gallery\\repos\\metagpt\\metagpt\\provider\\bedrock_api.py", "line": 73, "severity": "HIGH", "dimension": "D11", "message": "AWS Bedrock invoke_model without guardrailIdentifier — no guardrail enforcement", "remediation": "Add guardrailIdentifier and guardrailVersion parameters to invoke_model calls", "compliance": { "eu_ai_act": "Article 9", "owasp_llm": "LLM02" } }, { "layer": 12, "scanner": "cloud_scanner", "file": "C:\\Users\\gilad\\Projects\\warden\\gallery\\repos\\metagpt\\metagpt\\provider\\bedrock_api.py", "line": 73, "severity": "MEDIUM", "dimension": "D10", "message": "AWS Bedrock invoke_model without contentPolicy — no content filtering configured", "remediation": "Configure contentPolicy with filterStrength for input/output content moderation", "compliance": { "eu_ai_act": "Article 15" } }, { "layer": 12, "scanner": "cloud_scanner", "file": "C:\\Users\\gilad\\Projects\\warden\\gallery\\repos\\metagpt\\metagpt\\provider\\google_gemini_api.py", "line": 11, "severity": "MEDIUM", "dimension": "D4", "message": "GCP Vertex AI without explicit service_account or credentials — relying on ambient auth", "remediation": "Pass service_account or credentials parameter for explicit IAM scoping", "compliance": { "owasp_llm": "LLM06" } }, { "layer": 12, "scanner": "cloud_scanner", "file": "C:\\Users\\gilad\\Projects\\warden\\gallery\\repos\\metagpt\\metagpt\\provider\\google_gemini_api.py", "line": 27, "severity": "HIGH", "dimension": "D10", "message": "GCP GenerativeModel without safety_settings — no harm category filtering", "remediation": "Add safety_settings with HarmCategory and HarmBlockThreshold to GenerativeModel", "compliance": { "eu_ai_act": "Article 15", "owasp_llm": "LLM02" } }, { "layer": 12, "scanner": "cloud_scanner", "file": "C:\\Users\\gilad\\Projects\\warden\\gallery\\repos\\metagpt\\metagpt\\provider\\__init__.py", "line": 13, "severity": "HIGH", "dimension": "D10", "message": "Azure AI used without ContentSafetyClient — no content moderation", "remediation": "Add Azure ContentSafetyClient to analyse prompts/responses for harmful content", "compliance": { "eu_ai_act": "Article 15", "owasp_llm": "LLM02" } }, { "layer": 12, "scanner": "cloud_scanner", "file": "C:\\Users\\gilad\\Projects\\warden\\gallery\\repos\\metagpt\\metagpt\\rag\\factories\\embedding.py", "line": 7, "severity": "HIGH", "dimension": "D10", "message": "Azure AI used without ContentSafetyClient — no content moderation", "remediation": "Add Azure ContentSafetyClient to analyse prompts/responses for harmful content", "compliance": { "eu_ai_act": "Article 15", "owasp_llm": "LLM02" } }, { "layer": 12, "scanner": "cloud_scanner", "file": "C:\\Users\\gilad\\Projects\\warden\\gallery\\repos\\metagpt\\metagpt\\tools\\openai_text_to_embedding.py", "line": 63, "severity": "MEDIUM", "dimension": "D1", "message": "Cloud AI endpoint URL hardcoded in source — hinders environment portability", "remediation": "Move AI service endpoints to environment variables or configuration files", "compliance": { "owasp_llm": "LLM06" } }, { "layer": 12, "scanner": "cloud_scanner", "file": "C:\\Users\\gilad\\Projects\\warden\\gallery\\repos\\metagpt\\tests\\metagpt\\provider\\mock_llm_config.py", "line": 62, "severity": "MEDIUM", "dimension": "D1", "message": "Cloud AI endpoint URL hardcoded in source — hinders environment portability", "remediation": "Move AI service endpoints to environment variables or configuration files", "compliance": { "owasp_llm": "LLM06" } }, { "layer": 12, "scanner": "cloud_scanner", "file": "C:\\Users\\gilad\\Projects\\warden\\gallery\\repos\\metagpt\\tests\\metagpt\\provider\\mock_llm_config.py", "line": 62, "severity": "CRITICAL", "dimension": "D4", "message": "API key appears alongside cloud AI provider URL — credential in source code", "remediation": "Remove API keys from source; use secrets manager, env vars, or managed identity", "compliance": { "eu_ai_act": "Article 15", "owasp_llm": "LLM06" } }, { "layer": 12, "scanner": "cloud_scanner", "file": "C:\\Users\\gilad\\Projects\\warden\\gallery\\repos\\metagpt\\tests\\metagpt\\provider\\test_azure_llm.py", "line": 5, "severity": "HIGH", "dimension": "D10", "message": "Azure AI used without ContentSafetyClient — no content moderation", "remediation": "Add Azure ContentSafetyClient to analyse prompts/responses for harmful content", "compliance": { "eu_ai_act": "Article 15", "owasp_llm": "LLM02" } }, { "layer": 12, "scanner": "cloud_scanner", "file": "C:\\Users\\gilad\\Projects\\warden\\gallery\\repos\\metagpt\\tests\\metagpt\\provider\\test_google_gemini_api.py", "line": 57, "severity": "MEDIUM", "dimension": "D4", "message": "GCP Vertex AI without explicit service_account or credentials — relying on ambient auth", "remediation": "Pass service_account or credentials parameter for explicit IAM scoping", "compliance": { "owasp_llm": "LLM06" } }, { "layer": 12, "scanner": "cloud_scanner", "file": "C:\\Users\\gilad\\Projects\\warden\\gallery\\repos\\metagpt\\tests\\metagpt\\rag\\factories\\test_embedding.py", "line": 27, "severity": "HIGH", "dimension": "D10", "message": "Azure AI used without ContentSafetyClient — no content moderation", "remediation": "Add Azure ContentSafetyClient to analyse prompts/responses for harmful content", "compliance": { "eu_ai_act": "Article 15", "owasp_llm": "LLM02" } }, { "layer": 12, "scanner": "cloud_scanner", "file": "C:\\Users\\gilad\\Projects\\warden\\gallery\\repos\\metagpt\\tests\\mock\\mock_llm.py", "line": 8, "severity": "HIGH", "dimension": "D10", "message": "Azure AI used without ContentSafetyClient — no content moderation", "remediation": "Add Azure ContentSafetyClient to analyse prompts/responses for harmful content", "compliance": { "eu_ai_act": "Article 15", "owasp_llm": "LLM02" } }, { "layer": 8, "scanner": "trap_defense_scanner", "file": "C:\\Users\\gilad\\Projects\\warden\\gallery\\repos\\metagpt", "line": 0, "severity": "CRITICAL", "dimension": "D17", "message": "No content injection defense — hidden HTML/CSS/zero-width instructions pass to agents undetected. (86% attack success rate)", "remediation": "Deploy trap defense layer on tool results", "compliance": { "eu_ai_act": "Article 15", "owasp_llm": "LLM01", "mitre_atlas": "AML.T0051" } }, { "layer": 8, "scanner": "trap_defense_scanner", "file": "C:\\Users\\gilad\\Projects\\warden\\gallery\\repos\\metagpt", "line": 0, "severity": "CRITICAL", "dimension": "D17", "message": "No RAG poisoning protection — knowledge base documents not scanned for embedded instructions. (<0.1% contamination = >80% attack success)", "remediation": "Deploy trap defense layer on tool results", "compliance": { "eu_ai_act": "Article 15", "owasp_llm": "LLM01", "mitre_atlas": "AML.T0049" } }, { "layer": 8, "scanner": "trap_defense_scanner", "file": "C:\\Users\\gilad\\Projects\\warden\\gallery\\repos\\metagpt", "line": 0, "severity": "HIGH", "dimension": "D17", "message": "No behavioral trap detection — post-execution behavioral changes not monitored. (10/10 M365 Copilot attacks succeeded)", "remediation": "Deploy trap defense layer on tool results", "compliance": { "eu_ai_act": "Article 14", "owasp_llm": "LLM07", "mitre_atlas": "AML.T0051" } }, { "layer": 8, "scanner": "trap_defense_scanner", "file": "C:\\Users\\gilad\\Projects\\warden\\gallery\\repos\\metagpt", "line": 0, "severity": "HIGH", "dimension": "D17", "message": "No approval integrity verification -- agent summaries for approval not cross-checked against actual actions. (Approval fatigue exploitation)", "remediation": "Deploy trap defense layer on tool results", "compliance": { "eu_ai_act": "Article 14", "owasp_llm": "LLM07", "mitre_atlas": "AML.T0048" } }, { "layer": 8, "scanner": "trap_defense_scanner", "file": "C:\\Users\\gilad\\Projects\\warden\\gallery\\repos\\metagpt", "line": 0, "severity": "MEDIUM", "dimension": "D17", "message": "No adversarial testing evidence — no red team, no prompt injection tests", "remediation": "Implement adversarial testing for agent systems", "compliance": {} }, { "layer": 8, "scanner": "trap_defense_scanner", "file": "C:\\Users\\gilad\\Projects\\warden\\gallery\\repos\\metagpt", "line": 0, "severity": "MEDIUM", "dimension": "D17", "message": "No tool-call attack simulation — agent tool calls not tested against adversarial inputs", "remediation": "Implement adversarial testing for agent systems", "compliance": {} }, { "layer": 8, "scanner": "trap_defense_scanner", "file": "C:\\Users\\gilad\\Projects\\warden\\gallery\\repos\\metagpt", "line": 0, "severity": "MEDIUM", "dimension": "D17", "message": "No multi-agent chaos engineering — agent swarms not stress tested", "remediation": "Implement adversarial testing for agent systems", "compliance": {} } ], "competitors_detected": [], "gtm_signal": "", "trap_defense": { "content_injection": false, "rag_poisoning": false, "behavioral_traps": false, "approval_integrity": false, "adversarial_testing": false, "tool_attack_simulation": false, "chaos_engineering": false, "before_after_comparison": true, "deepmind_citation": "Franklin, Tomašev, Jacobs, Leibo, Osindero. \"AI Agent Traps.\" Google DeepMind, March 2026." } }