Close Open Privacy Scan

bolt Snapshot: commit 5d65348
science engine v3
schedule 2026-07-08T06:05:49.590972+00:00

verified_user No application data leak found

No high-confidence exfiltration was found in application code.

App Privacy Score

97 /100
Low privacy risk

Low risk · 12 finding(s)

Dependency score: 100 (Low risk)

bar_chart Score Breakdown

env_fs −3

list Scan Summary

0 high 0 medium 12 low
First-party packages: 1
Dependency packages: 0
Ecosystem: npm

swap_horiz Application data flows

No high- or medium-confidence application data-flow findings in this scan.

</> First-Party Code

first-party (npm)

npm first-party
expand_more 12 low-confidence finding(s)
low env_fs production #fac87937ff9171c4 Environment-variable access.
repo/examples/async/src/index.js:11
if (process.env.NODE_ENV !== 'production') {

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #ebc1fcbf9bb5c2af Environment-variable access.
repo/examples/counter-ts/src/App.tsx:10
          src={`${process.env.PUBLIC_URL ?? ''}/logo.svg`}

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #2d965101b623932a Environment-variable access.
repo/examples/counter/src/App.js:10
          src={`${process.env.PUBLIC_URL ?? ''}/logo.svg`}

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #fb45997163a4000b Environment-variable access.
repo/examples/real-world/src/containers/Root.js:1
if (process.env.NODE_ENV === 'production') {

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #371b93e2f69a839c Environment-variable access.
repo/examples/real-world/src/store/configureStore.js:1
if (process.env.NODE_ENV === 'production') {

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #ccb1b270fe3e9ee7 Environment-variable access.
repo/examples/shopping-cart/src/index.js:12
if (process.env.NODE_ENV !== 'production') {

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #3f950e3c7b75631f Filesystem access.
repo/examples/testAll.js:5
const fs = require('fs')

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #fbcf6050d8c153e1 Environment-variable access.
repo/examples/universal/webpack.config.js:5
  mode: process.env.NODE_ENV || 'development',

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #4788ef3e6e1ad23e Environment-variable access.
repo/src/combineReducers.ts:131
    if (process.env.NODE_ENV !== 'production') {

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #73d5d05dca8f349f Environment-variable access.
repo/src/combineReducers.ts:146
  if (process.env.NODE_ENV !== 'production') {

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #717b2d5e33775487 Environment-variable access.
repo/src/combineReducers.ts:165
    if (process.env.NODE_ENV !== 'production') {

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #b91db1aba7e0388d Environment-variable access.
repo/src/utils/kindOf.ts:65
  if (process.env.NODE_ENV !== 'production') {

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.