Close Open Privacy Scan

bolt Snapshot: commit 1ff9429
science engine v1.5
schedule 2026-07-14T15:07:29.380189+00:00

verified_user Application data leak confirmed

High-confidence data exfiltration identified in application code.

smart_toy AI deps detected: openai — detected in dependencies, not a safety judgment.

App Privacy Score

32 /100
High privacy risk — application leak confirmed

High risk · 990 finding(s)

Dependency score: 37 (High risk)

bar_chart Score Breakdown

pii_flow −30
telemetry −25
egress −10
env_fs −3

list Scan Summary

3 high 16 medium 971 low
First-party packages: 2
Dependency packages: 2
Ecosystem: python

swap_horiz Confirmed data exfiltration in application code

External domains: a.slack-edge.comapi.github.comapi.openai.comarxiv.orgbugs.python.orgcookbook.openai.comdatatracker.ietf.orgdavidism.comdev-discuss.pytorch.orgdeveloper.mozilla.orgdiscuss.python.orgdiscuss.vllm.aidocs.anthropic.comdocs.cohere.comdocs.google.comdocs.nvidia.comdocs.pydantic.devdocs.python.orgdocs.ray.iodocs.rsdocs.vllm.aiedge.urm.nvidia.comen.wikipedia.orgendpoint.openai.azure.comerrors.pydantic.devexam_ple.comexample-resource.azure.openai.comfastapi.tiangolo.comfb.mefoo.comforums.developer.nvidia.comgist.github.comgithub.comhelp.openai.comhuggingfacehuggingface.cohypothesis.readthedocs.ioieeexplore.ieee.orgjson-schema.orgkexue.fmlark-parser.readthedocs.iolearn.microsoft.comman7.orgmeta-pytorch.orgmypy.readthedocs.ionats.ioopenai.comopenreview.netpeps.python.orgplatform.openai.comproceedings.neurips.ccpydantic-docs.helpmanual.iopypi.amd.compypi.orgpython-devtools.helpmanual.iopytorch.orgpyzmq.readthedocs.ioraw.githubusercontent.comrich.readthedocs.ioslack.vllm.aistackoverflow.comstats.vllm.aitimeapi.iotinyurl.comvllm-public-assets.s3.us-west-2.amazonaws.comwebsockets.readthedocs.iowheels.vllm.aiwidget.runllm.comwww.arxiv.orgwww.example.珠宝www.github.comwww.iana.orgwww.microsoft.comwww.python.orgwww.reddit.comwww.w3.orgwww.xudongz.comwww.аррӏе.com

high first-party (python) User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/vllm/utils/flashinfer.py:30 repo/vllm/utils/flashinfer.py:358
hub Dependency data flows (2)
high openai dependency User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
pkgs/python/[email protected]/src/openai/lib/azure.py:213 pkgs/python/[email protected]/src/openai/lib/azure.py:249
high openai dependency User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
pkgs/python/[email protected]/src/openai/lib/azure.py:487 pkgs/python/[email protected]/src/openai/lib/azure.py:523

</> First-Party Code

first-party (python)

python first-party
high pii_flow production #da71d750264159a9 User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/vllm/utils/flashinfer.py:358 · flow /tmp/closeopen-mn7y7i4y/repo/vllm/utils/flashinfer.py:30 → /tmp/closeopen-mn7y7i4y/repo/vllm/utils/flashinfer.py:358
        response = requests.get(FLASHINFER_CUBINS_REPOSITORY, timeout=5)

User/PII-bearing data flows to an external sink — the classic data-exfiltration shape.

Fix: Confirm no user identifiers reach this sink; redact/hash before sending, or remove the flow.

medium telemetry test-only #3d8e671e690ddba0 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
repo/examples/observability/opentelemetry/dummy_client.py:5
from opentelemetry.exporter.otlp.proto.grpc.trace_exporter import OTLPSpanExporter

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry test-only #2207f05dab111d9d Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
repo/examples/observability/opentelemetry/dummy_client.py:6
from opentelemetry.sdk.trace import TracerProvider

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry test-only #7ae9dd01b0290a09 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
repo/examples/observability/opentelemetry/dummy_client.py:7
from opentelemetry.sdk.trace.export import BatchSpanProcessor, ConsoleSpanExporter

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry test-only #c3aa6518dfb058e9 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
repo/examples/observability/opentelemetry/dummy_client.py:8
from opentelemetry.trace import SpanKind, set_tracer_provider

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry test-only #ec2b902275149bfa Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
repo/examples/observability/opentelemetry/dummy_client.py:9
from opentelemetry.trace.propagation.tracecontext import TraceContextTextMapPropagator

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry production #64e50121b161a96b Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
repo/vllm/tracing/otel.py:19
    from opentelemetry import trace

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry production #0f6cb33e90466b11 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
repo/vllm/tracing/otel.py:20
    from opentelemetry.context.context import Context

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry production #dd31f8e23c81e4ff Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
repo/vllm/tracing/otel.py:21
    from opentelemetry.exporter.otlp.proto.grpc.trace_exporter import (
        OTLPSpanExporter as OTLPGrpcExporter,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry production #4eaea0e29582837c Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
repo/vllm/tracing/otel.py:24
    from opentelemetry.exporter.otlp.proto.http.trace_exporter import (
        OTLPSpanExporter as OTLPHttpExporter,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry production #caaa7ef219812493 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
repo/vllm/tracing/otel.py:27
    from opentelemetry.propagate import inject

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry production #4ec52f9383d1a5c6 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
repo/vllm/tracing/otel.py:28
    from opentelemetry.sdk.environment_variables import (
        OTEL_EXPORTER_OTLP_TRACES_PROTOCOL,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry production #78ba8ab700cb2a67 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
repo/vllm/tracing/otel.py:31
    from opentelemetry.sdk.resources import Resource

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry production #cba9a895f12d96b0 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
repo/vllm/tracing/otel.py:32
    from opentelemetry.sdk.trace import TracerProvider

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry production #1355175dee438859 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
repo/vllm/tracing/otel.py:33
    from opentelemetry.sdk.trace.export import BatchSpanProcessor

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry production #9df72e1f5c3eedac Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
repo/vllm/tracing/otel.py:34
    from opentelemetry.trace import (
        SpanKind,  # noqa: F401
        Tracer,
        set_tracer_provider,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry production #46b0db4f8bd48a34 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
repo/vllm/tracing/otel.py:39
    from opentelemetry.trace.propagation.tracecontext import (
        TraceContextTextMapPropagator,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

expand_more 907 low-confidence finding(s)
low env_fs production #3e5b43480adfda4a Environment-variable access.
repo/.buildkite/check-wheel-size.py:12
VLLM_MAX_SIZE_MB = int(os.environ.get("VLLM_MAX_SIZE_MB", 500))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #84079e63f123b491 Filesystem access.
repo/.buildkite/lm-eval-harness/conftest.py:38
        with open(config_list_file, encoding="utf-8") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #22fdef3b13dcca7b Environment-variable access.
repo/.buildkite/lm-eval-harness/test_lm_eval_correctness.py:36
            if key in os.environ:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #32effacab83961f9 Environment-variable access.
repo/.buildkite/lm-eval-harness/test_lm_eval_correctness.py:37
                old_values[key] = os.environ[key]

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #2c62474cd553b5dc Environment-variable access.
repo/.buildkite/lm-eval-harness/test_lm_eval_correctness.py:40
            os.environ[key] = str(value)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #e2704a6bddd16b01 Environment-variable access.
repo/.buildkite/lm-eval-harness/test_lm_eval_correctness.py:45
            os.environ[key] = value

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #3c8cdfcf9112ff41 Environment-variable access.
repo/.buildkite/lm-eval-harness/test_lm_eval_correctness.py:47
            os.environ.pop(key, None)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #eeaf1716f24933a7 Filesystem access.
repo/.buildkite/lm-eval-harness/test_lm_eval_correctness.py:127
    eval_config = yaml.safe_load(config_filename.read_text(encoding="utf-8"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #76293f477e67aeaa Filesystem access.
repo/.buildkite/performance-benchmarks/scripts/compare-json-results.py:239
    with open(input_file, encoding="utf-8") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #184c2bce1ac6f861 Filesystem access.
repo/.buildkite/performance-benchmarks/scripts/compare-json-results.py:466
    lines = env_path.read_text(encoding="utf-8", errors="replace").splitlines()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #45a5c30581773e0c Environment-variable access.
repo/.buildkite/performance-benchmarks/scripts/compare-json-results.py:1141
    disable_excel = os.getenv("VLLM_COMPARE_DISABLE_EXCEL", "0") == "1"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #bb38be6b9bc60914 Environment-variable access.
repo/.buildkite/performance-benchmarks/scripts/compare-json-results.py:1145
        os.getenv("VLLM_COMPARE_EXCEL_ENGINE", "xlsxwriter").strip() or "xlsxwriter"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #c85214636241c38f Filesystem access.
repo/.buildkite/performance-benchmarks/scripts/compare-json-results.py:1181
        with open("perf_comparison.html", "w", encoding="utf-8") as main_fh:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #8c63fafbba408a82 Filesystem access.
repo/.buildkite/performance-benchmarks/scripts/compare-json-results.py:1212
                with open(sub_path, "w", encoding="utf-8") as sub_fh:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #30972ac344947547 Filesystem access.
repo/.buildkite/performance-benchmarks/scripts/convert-results-json-to-markdown.py:79
        with open(file) as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #69a565299258bc78 Filesystem access.
repo/.buildkite/performance-benchmarks/scripts/convert-results-json-to-markdown.py:209
        with open(test_file) as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #d36be1891fe5b3df Filesystem access.
repo/.buildkite/performance-benchmarks/scripts/convert-results-json-to-markdown.py:216
                with open(test_file.with_suffix(".commands")) as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #281f6b6eda9a2098 Filesystem access.
repo/.buildkite/performance-benchmarks/scripts/convert-results-json-to-markdown.py:268
                with open(test_file.with_suffix(".commands")) as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #4680eedcbb7c9579 Filesystem access.
repo/.buildkite/performance-benchmarks/scripts/convert-results-json-to-markdown.py:296
                with open(test_file.with_suffix(".commands")) as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #e16686c963565e9c Filesystem access.
repo/.buildkite/performance-benchmarks/scripts/convert-results-json-to-markdown.py:393
    with open(results_folder / md_file, "w") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #e7c6aef8e057cc50 Filesystem access.
repo/.buildkite/performance-benchmarks/scripts/convert-results-json-to-markdown.py:408
    with open(results_folder / json_file, "w") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #ce7f5827552112e5 Filesystem access.
repo/.buildkite/scripts/generate-nightly-index.py:306
            with open(variant_dir / "index.html", "w") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #4b151f64b5c965ae Filesystem access.
repo/.buildkite/scripts/generate-nightly-index.py:319
            with open(package_dir / "index.html", "w") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #93695b3beb10d91e Filesystem access.
repo/.buildkite/scripts/generate-nightly-index.py:321
            with open(package_dir / "metadata.json", "w") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #22cb6a5063ed54f5 Filesystem access.
repo/.buildkite/scripts/generate-nightly-index.py:326
    with open(index_base_dir / "index.html", "w") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #d051cffcd04eae71 Filesystem access.
repo/.buildkite/scripts/generate-nightly-index.py:397
    with open(current_objects_path) as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs test-only #b180d725d96d6fbc Filesystem access.
repo/benchmarks/attention_benchmarks/benchmark.py:393
    with open(config_path) as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs test-only #bcc2a300c1df9625 Environment-variable access.
repo/benchmarks/attention_benchmarks/benchmark.py:791
    if args.ncu_profile and "_NCU_INNER" not in os.environ:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs test-only #77bef7cf429093c1 Environment-variable access.
repo/benchmarks/attention_benchmarks/benchmark.py:809
        env = os.environ.copy()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs test-only #b3a2f3fc5fd8ae55 Filesystem access.
repo/benchmarks/attention_benchmarks/common.py:447
        with open(path, "w", newline="") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs test-only #8b164cc6baf28551 Filesystem access.
repo/benchmarks/attention_benchmarks/common.py:484
        with open(path, "w") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs test-only #e9975fc9f81c621a Filesystem access.
repo/benchmarks/attention_benchmarks/mla_runner.py:178
    with open(config_path, "w") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs test-only #3c9620a37d92d77f Environment-variable access.
repo/benchmarks/backend_request_func.py:223
        headers = {"Authorization": f"Bearer {os.environ.get('OPENAI_API_KEY')}"}

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs test-only #32e64c4e8dfaf73c Environment-variable access.
repo/benchmarks/backend_request_func.py:297
        headers = {"Authorization": f"Bearer {os.environ.get('OPENAI_API_KEY')}"}

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs test-only #b8ab7d3bb18ad50d Environment-variable access.
repo/benchmarks/backend_request_func.py:410
            "Authorization": f"Bearer {os.environ.get('OPENAI_API_KEY')}",

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs test-only #be1b12bfe1b6efb5 Environment-variable access.
repo/benchmarks/backend_request_func.py:508
            "Authorization": f"Bearer {os.environ.get('OPENAI_API_KEY')}",

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs test-only #e66c5d58c711ff8b Environment-variable access.
repo/benchmarks/backend_request_func.py:589
    if os.getenv("VLLM_USE_MODELSCOPE", "False").lower() == "true":

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs test-only #5597214b13089649 Environment-variable access.
repo/benchmarks/benchmark_batch_invariance.py:108
        os.environ["VLLM_BATCH_INVARIANT"] = "1"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs test-only #686eb1d9b1684dfc Environment-variable access.
repo/benchmarks/benchmark_batch_invariance.py:110
        os.environ["VLLM_BATCH_INVARIANT"] = "0"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs test-only #bd516d075da84bfd Environment-variable access.
repo/benchmarks/benchmark_batch_invariance.py:241
    model = os.getenv("VLLM_BENCH_MODEL", "Qwen/Qwen3-1.7B")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs test-only #0433316bbc803726 Environment-variable access.
repo/benchmarks/benchmark_batch_invariance.py:242
    tp_size = int(os.getenv("VLLM_BENCH_TP_SIZE", "1"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs test-only #4bf240dc9b31ce39 Environment-variable access.
repo/benchmarks/benchmark_batch_invariance.py:243
    max_batch_size = int(os.getenv("VLLM_BENCH_BATCH_SIZE", "128"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs test-only #13f3592515e837da Environment-variable access.
repo/benchmarks/benchmark_batch_invariance.py:244
    num_trials = int(os.getenv("VLLM_BENCH_NUM_TRIALS", "5"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs test-only #4f8adbc6a75c613e Environment-variable access.
repo/benchmarks/benchmark_batch_invariance.py:245
    min_prompt = int(os.getenv("VLLM_BENCH_MIN_PROMPT", "1024"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs test-only #4fdfe617e57481db Environment-variable access.
repo/benchmarks/benchmark_batch_invariance.py:246
    max_prompt = int(os.getenv("VLLM_BENCH_MAX_PROMPT", "2048"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs test-only #2be05a6c5a88885a Environment-variable access.
repo/benchmarks/benchmark_batch_invariance.py:247
    max_tokens = int(os.getenv("VLLM_BENCH_MAX_TOKENS", "128"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs test-only #7ebd6538eae04995 Environment-variable access.
repo/benchmarks/benchmark_batch_invariance.py:248
    temperature = float(os.getenv("VLLM_BENCH_TEMPERATURE", "0.0"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs test-only #24ce3a271c3f70d6 Environment-variable access.
repo/benchmarks/benchmark_batch_invariance.py:249
    gpu_mem_util = float(os.getenv("VLLM_BENCH_GPU_MEMORY_UTILIZATION", "0.4"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs test-only #4713581a6614efe8 Environment-variable access.
repo/benchmarks/benchmark_batch_invariance.py:250
    max_model_len = int(os.getenv("VLLM_BENCH_MAX_MODEL_LEN", "5120"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs test-only #eb6c59dc47247471 Environment-variable access.
repo/benchmarks/benchmark_batch_invariance.py:251
    backend = os.getenv("VLLM_BENCH_BACKEND", "FLASH_ATTN")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs test-only #fa61d6bce2a49b4c Environment-variable access.
repo/benchmarks/benchmark_pin_memory.py:95
            runner = "v2" if os.environ.get("VLLM_USE_V2_MODEL_RUNNER") == "1" else "v1"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs test-only #5621ff3432516b3e Filesystem access.
repo/benchmarks/benchmark_pin_memory.py:156
    with open(tmp_path) as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs test-only #d47cc1e579cd6b07 Filesystem access.
repo/benchmarks/benchmark_pin_memory.py:226
    with open(tmp_path) as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs test-only #5dbd96ab13c455d4 Filesystem access.
repo/benchmarks/benchmark_prefix_caching.py:88
    with open(dataset_path) as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs test-only #434a315f8c209c01 Filesystem access.
repo/benchmarks/benchmark_prioritization.py:31
    with open(dataset_path) as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs test-only #f8a14fe142ca5807 Filesystem access.
repo/benchmarks/benchmark_prioritization.py:158
        with open(args.output_json, "w") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs test-only #0d3a210ecad34733 Filesystem access.
repo/benchmarks/benchmark_serving_structured_output.py:158
        with open(args.json_schema_path) as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs test-only #00c471fac1f01cfd Filesystem access.
repo/benchmarks/benchmark_serving_structured_output.py:883
        with open(result_file_name, "w", encoding="utf-8") as outfile:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs test-only #687e86d60c7c8cc5 Filesystem access.
repo/benchmarks/cutlass_benchmarks/w8a8_benchmarks.py:233
    with open(f"{base_description}-{timestamp}.pkl", "wb") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs test-only #a4190b0be23e1c4e Filesystem access.
repo/benchmarks/cutlass_benchmarks/w8a8_benchmarks.py:292
    with open(f"model_bench-{args.dtype}-{timestamp}.pkl", "wb") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs test-only #510020b6def099d3 Filesystem access.
repo/benchmarks/fused_kernels/layernorm_rms_benchmarks.py:307
    with open(f"rms_norm_dpt_quant-{timestamp}.pkl", "wb") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs test-only #085ca4c246995557 Environment-variable access.
repo/benchmarks/kernels/benchmark_block_fp8_gemm.py:7
os.environ["VLLM_USE_DEEP_GEMM"] = "0"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs test-only #2200e445fb113da9 Environment-variable access.
repo/benchmarks/kernels/benchmark_device_communicators.py:301
            saved_env = {key: os.environ.get(key) for key in env_dict}

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs test-only #5e37bbd7f934fdf6 Environment-variable access.
repo/benchmarks/kernels/benchmark_device_communicators.py:303
                os.environ[key] = value

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs test-only #cf9b5f1b9d81c86c Environment-variable access.
repo/benchmarks/kernels/benchmark_device_communicators.py:321
                        os.environ.pop(key, None)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs test-only #8d0db710020e7250 Environment-variable access.
repo/benchmarks/kernels/benchmark_device_communicators.py:323
                        os.environ[key] = original_value

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs test-only #afc4376be9f80f20 Environment-variable access.
repo/benchmarks/kernels/benchmark_device_communicators.py:505
    os.environ["VLLM_ALLREDUCE_USE_SYMM_MEM"] = "0"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs test-only #84bf01a37aa5d082 Filesystem access.
repo/benchmarks/kernels/benchmark_device_communicators.py:560
            with open(args.output_json, "w") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs test-only #93d9c670be51f34b Filesystem access.
repo/benchmarks/kernels/benchmark_flydsl_moe_w4a16.py:269
            with open(store_path, "w") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs test-only #7ca4df3fd0979164 Environment-variable access.
repo/benchmarks/kernels/benchmark_fused_collective.py:92
    b for b in os.environ.get("FI_BACKENDS", "trtllm,mnnvl").split(",") if b

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs test-only #0b9c552464e2ffbb Filesystem access.
repo/benchmarks/kernels/benchmark_fused_collective.py:924
        with open(output_path, "a") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs test-only #b541f6f940b55f76 Environment-variable access.
repo/benchmarks/kernels/benchmark_fused_collective.py:992
    if "RANK" not in os.environ or "WORLD_SIZE" not in os.environ:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs test-only #c4fbf48f43e0d521 Environment-variable access.
repo/benchmarks/kernels/benchmark_fused_collective.py:999
    rank = int(os.environ["RANK"])

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs test-only #5a4c42865a5c8dc4 Environment-variable access.
repo/benchmarks/kernels/benchmark_fused_collective.py:1000
    world_size = int(os.environ["WORLD_SIZE"])

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs test-only #857501c6541c62d6 Environment-variable access.
repo/benchmarks/kernels/benchmark_fused_collective.py:1004
    local_rank = int(os.environ.get("LOCAL_RANK", rank))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs test-only #1f6d0893c1232e09 Filesystem access.
repo/benchmarks/kernels/benchmark_lora.py:1216
        with open(pkl_file, "wb") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs test-only #5bf30ddd92e40a0f Environment-variable access.
repo/benchmarks/kernels/benchmark_machete.py:42
NVTX_PROFILE = os.environ.get("NVTX_PROFILE", False)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs test-only #487ed6576cd702d8 Filesystem access.
repo/benchmarks/kernels/benchmark_machete.py:530
    with open(f"{base_description}-{timestamp}.pkl", "wb") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs test-only #be7554475ae64073 Filesystem access.
repo/benchmarks/kernels/benchmark_machete.py:601
    with open(f"model_bench-{type_string}-{timestr}.pkl", "wb") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs test-only #8aaafc643104c401 Environment-variable access.
repo/benchmarks/kernels/benchmark_moe.py:44
TRITON_CACHE_CLEAR_INTERVAL = int(os.environ.get(_CACHE_CLEAR_INTERVAL_ENV, "50"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs test-only #cc516ea9baa1a1ba Environment-variable access.
repo/benchmarks/kernels/benchmark_moe.py:625
            visible_device = os.environ.get("ROCR_VISIBLE_DEVICES", None)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs test-only #509185a02ac3997d Filesystem access.
repo/benchmarks/kernels/benchmark_moe.py:725
    with open(filename, "w") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs test-only #d810a96d112c90fc Environment-variable access.
repo/benchmarks/kernels/benchmark_moe.py:937
    if current_platform.is_rocm() and "HIP_VISIBLE_DEVICES" in os.environ:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs test-only #d1cab148fb15be9a Environment-variable access.
repo/benchmarks/kernels/benchmark_moe.py:943
        val = os.environ["HIP_VISIBLE_DEVICES"]

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs test-only #324bdd62bd3b5ecb Environment-variable access.
repo/benchmarks/kernels/benchmark_moe.py:944
        os.environ["ROCR_VISIBLE_DEVICES"] = val

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs test-only #00c136a25cb7c5c3 Environment-variable access.
repo/benchmarks/kernels/benchmark_moe.py:945
        del os.environ["HIP_VISIBLE_DEVICES"]

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs test-only #da87344b71c9199b Filesystem access.
repo/benchmarks/kernels/benchmark_mrope.py:245
    with open(csv_filename, "w", newline="") as csvfile:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs test-only #bd9e0b993196f297 Filesystem access.
repo/benchmarks/kernels/benchmark_selective_state_update.py:464
    with open(file_path, "w") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs test-only #cfd7df8a64b991bc Filesystem access.
repo/benchmarks/kernels/benchmark_selective_state_update.py:560
    with open(results_file, "w") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs test-only #525c56088e9ac313 Filesystem access.
repo/benchmarks/kernels/benchmark_trtllm_decode_attention.py:237
    with open(filename, "a", newline="") as csvfile:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs test-only #14957067662996e2 Filesystem access.
repo/benchmarks/kernels/benchmark_trtllm_prefill_attention.py:253
    with open(filename, "a", newline="") as csvfile:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs test-only #3ba0ac28f98732a5 Filesystem access.
repo/benchmarks/kernels/benchmark_w8a8_block_fp8.py:277
    with open(config_file_path, "w") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs test-only #bbee0f54eeff0f77 Filesystem access.
repo/benchmarks/kernels/graph_machete_bench.py:25
    with open(args.filename, "rb") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs test-only #477766206676c226 Filesystem access.
repo/benchmarks/kernels/ir/bench_ir_ops.py:36
    with open(os.devnull, "w") as _devnull:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs test-only #2805a00ad732397f Filesystem access.
repo/benchmarks/kernels/ir/bench_ir_ops.py:256
    with open(path, "w", newline="") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs test-only #ccfca46c08e2c34f Filesystem access.
repo/benchmarks/multi_turn/bench_dataset.py:417
        with open(filename) as file:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs test-only #2a71bcd27f3493e3 Environment-variable access.
repo/benchmarks/multi_turn/benchmark_serving_multi_turn.py:1452
        default=int(os.environ.get("MULTITURN_BENCH_MAX_RETRIES", "0")),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs test-only #5d01ea9df6e484b3 Filesystem access.
repo/benchmarks/multi_turn/benchmark_serving_multi_turn.py:1600
    with open(args.input_file) as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs test-only #a2acc9a5e1b1944d Environment-variable access.
repo/benchmarks/multi_turn/benchmark_serving_multi_turn.py:1625
        os.environ["TOKENIZERS_PARALLELISM"] = "true"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs test-only #daae319387e7d3d1 Filesystem access.
repo/benchmarks/multi_turn/benchmark_serving_multi_turn.py:1751
        with open(args.stats_json_output, "w") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs test-only #27e79c5427fdbfe6 Filesystem access.
repo/benchmarks/multi_turn/benchmark_serving_multi_turn.py:1761
        with open(args.output_file, "w") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs test-only #bd8c2f7c8526dd65 Filesystem access.
repo/benchmarks/multi_turn/convert_sharegpt_to_openai.py:140
    with open(input_file, encoding="utf-8") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs test-only #ea0861e79e59a588 Filesystem access.
repo/benchmarks/multi_turn/convert_sharegpt_to_openai.py:286
    with open(output_file, "w", encoding="utf-8") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #556d74284e847618 Filesystem access.
repo/csrc/cpu/generate_cpu_attn_dispatch.py:271
    with open(output_path, "w") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #7250673b4b9afacc Filesystem access.
repo/csrc/libtorch_stable/moe/marlin_moe_wna16/generate_kernels.py:299
            with open(os.path.join(os.path.dirname(__file__), filename), "w") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #22384136bf05e164 Filesystem access.
repo/csrc/libtorch_stable/moe/marlin_moe_wna16/generate_kernels.py:309
    with open(os.path.join(os.path.dirname(__file__), "kernel_selector.h"), "w") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #207f26b415e15e09 Filesystem access.
repo/csrc/libtorch_stable/quantization/machete/generate.py:688
        with open(filepath, "w") as output_file:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #9c4a1ed3a12cc857 Filesystem access.
repo/csrc/libtorch_stable/quantization/marlin/generate_kernels.py:300
            with open(os.path.join(os.path.dirname(__file__), filename), "w") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #1dc6c8f28e9ccc2b Filesystem access.
repo/csrc/libtorch_stable/quantization/marlin/generate_kernels.py:310
    with open(os.path.join(os.path.dirname(__file__), "kernel_selector.h"), "w") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #5bea96dbf2748823 Filesystem access.
repo/docs/mkdocs/hooks/autoref_code.py:73
        source = filepath.read_text(encoding="utf-8")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #cbd8d300cf1efc0f Filesystem access.
repo/docs/mkdocs/hooks/generate_argparse.py:62
with open(ROOT_DIR / "requirements/test/cuda.txt") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #6c4f5a014d0d8cb7 Filesystem access.
repo/docs/mkdocs/hooks/generate_argparse.py:283
        with open(doc_path, "w", encoding="utf-8") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #a5830b01c0137c4f Filesystem access.
repo/docs/mkdocs/hooks/generate_examples.py:112
        with open(self.main_file, encoding="utf-8") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #25e0c281c8de1436 Filesystem access.
repo/docs/mkdocs/hooks/generate_examples.py:170
                with open(self.main_file, encoding="utf-8") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #6c95e24b62dcc431 Filesystem access.
repo/docs/mkdocs/hooks/generate_examples.py:237
        with open(doc_path, "w+", encoding="utf-8") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #0a3c26cc69ca4b60 Filesystem access.
repo/docs/mkdocs/hooks/generate_metrics.py:81
        with open(filepath, encoding="utf-8") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #89c22fc1c4e3eef4 Filesystem access.
repo/docs/mkdocs/hooks/generate_metrics.py:136
        with open(output_path, "w", encoding="utf-8") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #9204ecab866b64fa Environment-variable access.
repo/docs/mkdocs/hooks/remove_announcement.py:10
    if os.getenv("READTHEDOCS_VERSION_TYPE") == "tag":

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs test-only #5c2460a9545e7ed9 Environment-variable access.
repo/examples/applications/chatbot/streamlit_openai_chatbot_webserver.py:39
openai_api_key = os.getenv("VLLM_API_KEY", "EMPTY")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs test-only #6440fc934fa21edb Environment-variable access.
repo/examples/applications/chatbot/streamlit_openai_chatbot_webserver.py:40
openai_api_base = os.getenv("VLLM_API_BASE", "http://localhost:8000/v1")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs test-only #22172edc36b94ca1 Filesystem access.
repo/examples/basic/offline_inference/chat.py:87
        with open(chat_template_path) as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs test-only #38eb488cf4751c2c Environment-variable access.
repo/examples/disaggregated/disaggregated_encoder/disagg_epd_proxy.py:500
    headers = {"Authorization": f"Bearer {os.getenv('OPENAI_API_KEY', '')}"}

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs test-only #dc956d45720f4065 Environment-variable access.
repo/examples/disaggregated/disaggregated_serving/disagg_proxy_demo.py:96
        expected_api_key = os.environ.get("ADMIN_API_KEY")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs test-only #99a79186ebe6c68c Environment-variable access.
repo/examples/disaggregated/disaggregated_serving/disagg_proxy_demo.py:198
            headers = {"Authorization": f"Bearer {os.environ.get('OPENAI_API_KEY')}"}

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs test-only #69fe445b20bf6349 Environment-variable access.
repo/examples/disaggregated/disaggregated_serving/disagg_proxy_multiturn.py:196
    api_key = os.environ.get("OPENAI_API_KEY")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs test-only #53cad775dceb1681 Environment-variable access.
repo/examples/disaggregated/disaggregated_serving/disagg_proxy_pushconnector_demo.py:222
        api_key = os.environ.get("OPENAI_API_KEY")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs test-only #acb90116a68fb9de Environment-variable access.
repo/examples/disaggregated/disaggregated_serving/moriio_toy_proxy_server.py:163
            "Authorization": f"Bearer {os.environ.get('OPENAI_API_KEY')}",

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs test-only #aa797f7a581f78b8 Environment-variable access.
repo/examples/disaggregated/disaggregated_serving/moriio_toy_proxy_server.py:189
        "Authorization": f"Bearer {os.environ.get('OPENAI_API_KEY')}",

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs test-only #205f46d23a633aee Environment-variable access.
repo/examples/disaggregated/disaggregated_serving/moriio_toy_proxy_server.py:357
        "Authorization": f"Bearer {os.environ.get('OPENAI_API_KEY')}",

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs test-only #7e30029b9cc34873 Filesystem access.
repo/examples/disaggregated/example_connector/decode_example.py:12
        with open("output.txt") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs test-only #30ff55d72e2d0585 Filesystem access.
repo/examples/disaggregated/example_connector/prefill_example.py:51
    with open("output.txt", "w") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs test-only #584d57b5392af37f Filesystem access.
repo/examples/disaggregated/flexkv_connector/prefix_caching_flexkv.py:82
    with open(flexkv_config_path, "w") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs test-only #5bfc4b1139be4216 Environment-variable access.
repo/examples/disaggregated/flexkv_connector/prefix_caching_flexkv.py:84
    os.environ["FLEXKV_CONFIG_PATH"] = flexkv_config_path

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs test-only #c07a95f528e303bc Filesystem access.
repo/examples/disaggregated/kv_load_failure_recovery_offline/decode_example.py:13
        with open("prefill_output.txt") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs test-only #a7bfbcd2905775da Filesystem access.
repo/examples/disaggregated/kv_load_failure_recovery_offline/decode_example.py:74
    with open(out_file, "w", encoding="utf-8") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs test-only #07eb7a7b292c57ac Filesystem access.
repo/examples/disaggregated/kv_load_failure_recovery_offline/prefill_example.py:51
    with open("prefill_output.txt", "w") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs test-only #75851aa2015cb3ff Environment-variable access.
repo/examples/disaggregated/lmcache/cpu_offload_lmcache.py:30
    os.environ["LMCACHE_CHUNK_SIZE"] = "256"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs test-only #895da00ebd79fd6f Environment-variable access.
repo/examples/disaggregated/lmcache/cpu_offload_lmcache.py:32
    os.environ["LMCACHE_LOCAL_CPU"] = "True"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs test-only #6ca7a195962b61b2 Environment-variable access.
repo/examples/disaggregated/lmcache/cpu_offload_lmcache.py:34
    os.environ["LMCACHE_MAX_LOCAL_CPU_SIZE"] = "5.0"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs test-only #26f2c32730357397 Environment-variable access.
repo/examples/disaggregated/lmcache/disagg_prefill_lmcache_v1/disagg_proxy_server.py:117
    headers = {"Authorization": f"Bearer {os.environ.get('OPENAI_API_KEY')}"}

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs test-only #b16aa2fdff6852ca Environment-variable access.
repo/examples/disaggregated/lmcache/disagg_prefill_lmcache_v1/disagg_proxy_server.py:134
    headers = {"Authorization": f"Bearer {os.environ.get('OPENAI_API_KEY')}"}

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs test-only #58516ebb2360a44f Environment-variable access.
repo/examples/disaggregated/lmcache/kv_cache_sharing_lmcache_v1.py:30
os.environ["LMCACHE_CHUNK_SIZE"] = "256"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs test-only #4e167bd8ccaccbf5 Environment-variable access.
repo/examples/disaggregated/lmcache/kv_cache_sharing_lmcache_v1.py:32
os.environ["LMCACHE_LOCAL_CPU"] = "False"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs test-only #9916d9fd3ba5bf1c Environment-variable access.
repo/examples/disaggregated/lmcache/kv_cache_sharing_lmcache_v1.py:34
os.environ["LMCACHE_MAX_LOCAL_CPU_SIZE"] = "5.0"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs test-only #3113a27e4d936335 Environment-variable access.
repo/examples/disaggregated/lmcache/kv_cache_sharing_lmcache_v1.py:36
os.environ["LMCACHE_REMOTE_URL"] = f"lm://localhost:{port}"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs test-only #41a8729011dbc8ce Environment-variable access.
repo/examples/disaggregated/lmcache/kv_cache_sharing_lmcache_v1.py:39
os.environ["LMCACHE_REMOTE_SERDE"] = "naive"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs test-only #28bcace30792e35c Environment-variable access.
repo/examples/disaggregated/lmcache/kv_cache_sharing_lmcache_v1.py:48
    os.environ["CUDA_VISIBLE_DEVICES"] = "0"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs test-only #5444ba0fba8ee036 Environment-variable access.
repo/examples/disaggregated/lmcache/kv_cache_sharing_lmcache_v1.py:76
    os.environ["CUDA_VISIBLE_DEVICES"] = "1"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs test-only #18e98c88dcf14a9c Environment-variable access.
repo/examples/disaggregated/mooncake_connector/mooncake_connector_proxy.py:269
        "Authorization": f"Bearer {os.environ.get('OPENAI_API_KEY')}",

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs test-only #741ab559c3f8c16c Environment-variable access.
repo/examples/disaggregated/mooncake_connector/mooncake_connector_proxy.py:295
        "Authorization": f"Bearer {os.environ.get('OPENAI_API_KEY')}",

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs test-only #d73aa3c70be6b04a Environment-variable access.
repo/examples/features/batch_invariance/reproducibility_offline.py:16
os.environ["VLLM_ENABLE_V1_MULTIPROCESSING"] = "0"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs test-only #144c3e48f1fae698 Environment-variable access.
repo/examples/features/batch_invariance/reproducibility_offline.py:18
os.environ["VLLM_BATCH_INVARIANT"] = "1"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs test-only #ed0a706745eb0117 Environment-variable access.
repo/examples/features/data_parallel/data_parallel_offline.py:94
    os.environ["VLLM_DP_RANK"] = str(global_dp_rank)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs test-only #3c22b9f6504a2448 Environment-variable access.
repo/examples/features/data_parallel/data_parallel_offline.py:95
    os.environ["VLLM_DP_RANK_LOCAL"] = str(local_dp_rank)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs test-only #3b72a225b5462cdb Environment-variable access.
repo/examples/features/data_parallel/data_parallel_offline.py:96
    os.environ["VLLM_DP_SIZE"] = str(dp_size)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs test-only #167511ec4012ad71 Environment-variable access.
repo/examples/features/data_parallel/data_parallel_offline.py:97
    os.environ["VLLM_DP_MASTER_IP"] = dp_master_ip

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs test-only #f8e3df741475dc3d Environment-variable access.
repo/examples/features/data_parallel/data_parallel_offline.py:98
    os.environ["VLLM_DP_MASTER_PORT"] = str(dp_master_port)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs test-only #4338310df98099ad Environment-variable access.
repo/examples/features/tensorize_vllm_model.py:309
    s3_access_key_id = getattr(args, "s3_access_key_id", None) or os.environ.get(

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs test-only #079791c824c9810d Environment-variable access.
repo/examples/features/tensorize_vllm_model.py:309
    s3_access_key_id = getattr(args, "s3_access_key_id", None) or os.environ.get(
        "S3_ACCESS_KEY_ID", None
    )

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs test-only #c828e9e5fc273b05 Environment-variable access.
repo/examples/features/tensorize_vllm_model.py:314
    ) or os.environ.get("S3_SECRET_ACCESS_KEY", None)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs test-only #2947d97c1ec627af Environment-variable access.
repo/examples/features/tensorize_vllm_model.py:315
    s3_endpoint = getattr(args, "s3_endpoint", None) or os.environ.get(

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs test-only #3d429f6f69e37c1c Environment-variable access.
repo/examples/features/tensorize_vllm_model.py:315
    s3_endpoint = getattr(args, "s3_endpoint", None) or os.environ.get(
        "S3_ENDPOINT_URL", None
    )

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs test-only #efcd364b5b4744d7 Environment-variable access.
repo/examples/generate/batched_chat_completions_online.py:23
BASE_URL = os.environ.get("VLLM_BASE_URL", "http://localhost:8000")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs test-only #e84099410cd27b24 Environment-variable access.
repo/examples/generate/batched_chat_completions_online.py:24
MODEL = os.environ.get("VLLM_MODEL", "Qwen/Qwen2.5-1.5B-Instruct")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low pii_flow test-only Excluded from app score #31fcbb3d0f8606a6 User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration. Non-production path — not application runtime.
repo/examples/generate/batched_chat_completions_online.py:29 · flow /tmp/closeopen-mn7y7i4y/repo/examples/generate/batched_chat_completions_online.py:23 → /tmp/closeopen-mn7y7i4y/repo/examples/generate/batched_chat_completions_online.py:29
    response = httpx.post(BATCH_URL, json=payload, timeout=60)

User/PII-bearing data flows to an external sink — the classic data-exfiltration shape.

Fix: Confirm no user identifiers reach this sink; redact/hash before sending, or remove the flow.

low pii_flow test-only Excluded from app score #15875fa37f9fff53 User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration. Non-production path — not application runtime.
repo/examples/generate/batched_chat_completions_online.py:36 · flow /tmp/closeopen-mn7y7i4y/repo/examples/generate/batched_chat_completions_online.py:23 → /tmp/closeopen-mn7y7i4y/repo/examples/generate/batched_chat_completions_online.py:36
    response = httpx.post(
        f"{BASE_URL}/v1/chat/completions",
        json={
            "model": MODEL,
            "messages": [{"role": "user", "content": "What is the capital of Japan?"}],
        },
        timeout=60,
    )

User/PII-bearing data flows to an external sink — the classic data-exfiltration shape.

Fix: Confirm no user identifiers reach this sink; redact/hash before sending, or remove the flow.

low env_fs test-only #9156109e2feb42c4 Environment-variable access.
repo/examples/generate/multimodal/encoder_decoder_multimodal_offline.py:24
    os.environ["VLLM_WORKER_MULTIPROC_METHOD"] = "spawn"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs test-only #68bfc36f0aa1703c Filesystem access.
repo/examples/generate/multimodal/openai_chat_completion_client_for_multimodal.py:57
    with open(file_path, "rb") as file:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs test-only #e1d931292a6967cd Environment-variable access.
repo/examples/generate/qwen_1m_offline.py:8
os.environ["VLLM_ALLOW_LONG_MAX_MODEL_LEN"] = "1"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low egress test-only #4d346941c3b78536 Hardcoded external endpoint. Review what data is sent to this destination.
repo/examples/generate/qwen_1m_offline.py:19
    with urlopen(
        "https://qianwen-res.oss-cn-beijing.aliyuncs.com/Qwen2.5-1M/test-data/600k.txt",
        timeout=5,
    ) as response:

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low env_fs test-only #38bde6e8ef0681f9 Filesystem access.
repo/examples/pooling/plugin/prithvi_geospatial_mae_io_processor.py:53
    with open(file_path, "wb") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs test-only #f967dc092b634d2b Filesystem access.
repo/examples/pooling/plugin/prithvi_geospatial_mae_online.py:49
    with open(out_path, "wb") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs test-only #412ec5c3d137da26 Filesystem access.
repo/examples/pooling/score/qwen3_reranker_offline.py:74
    chat_template = (template_home / template_path).read_text()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs test-only #30d9e23bec7f6c03 Filesystem access.
repo/examples/pooling/score/using_template_offline.py:65
    return (template_home / template_path).read_text()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs test-only #db10ed5c77313940 Filesystem access.
repo/examples/pooling/score/vision_reranker_offline.py:92
    chat_template = (TEMPLATE_HOME / chat_template_path).read_text()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs test-only #0c924392f790186f Filesystem access.
repo/examples/pooling/token_classify/forced_alignment_online.py:56
    audio_base64 = base64.b64encode(audio_path.read_bytes()).decode("utf-8")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs test-only #a6de4a0e7ed5b803 Filesystem access.
repo/examples/ray_serving/batch_llm_inference.py:38
ds = ray.data.read_text("s3://anonymous@air-example-data/prompts.txt")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs test-only #11f56724d387abd6 Environment-variable access.
repo/examples/rl/rlhf_http_ipc.py:58
os.environ["VLLM_ALLOW_INSECURE_SERIALIZATION"] = "1"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs test-only #4656ce37dad0020c Environment-variable access.
repo/examples/rl/rlhf_ipc.py:44
        os.environ.pop("CUDA_VISIBLE_DEVICES", None)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs test-only #c45cb4c534ee4dd4 Environment-variable access.
repo/examples/rl/rlhf_ipc.py:46
        os.environ["VLLM_RAY_PER_WORKER_GPUS"] = "0.4"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs test-only #52a2402f7090f200 Environment-variable access.
repo/examples/rl/rlhf_ipc.py:47
        os.environ["VLLM_RAY_BUNDLE_INDICES"] = "0"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs test-only #c3ee6847cd751ee6 Environment-variable access.
repo/examples/rl/rlhf_ipc.py:49
        os.environ["VLLM_ALLOW_INSECURE_SERIALIZATION"] = "1"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs test-only #634978c2fb2c3185 Environment-variable access.
repo/examples/rl/rlhf_ipc_fsdp_ep.py:47
TRAIN_GPU_FRACTION = float(os.environ.get("RLHF_IPC_TRAIN_GPU_FRACTION", "0.42"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs test-only #02b291ffbbf7d758 Environment-variable access.
repo/examples/rl/rlhf_ipc_fsdp_ep.py:48
VLLM_GPU_FRACTION = float(os.environ.get("RLHF_IPC_VLLM_GPU_FRACTION", "0.42"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs test-only #bbb22531dce2cc72 Environment-variable access.
repo/examples/rl/rlhf_ipc_fsdp_ep.py:69
        os.environ.pop("CUDA_VISIBLE_DEVICES", None)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs test-only #d53a06f2498d5c4b Environment-variable access.
repo/examples/rl/rlhf_ipc_fsdp_ep.py:70
        os.environ["VLLM_RAY_PER_WORKER_GPUS"] = str(VLLM_GPU_FRACTION)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs test-only #9823f034ebcb65d7 Environment-variable access.
repo/examples/rl/rlhf_ipc_fsdp_ep.py:71
        os.environ["VLLM_RAY_BUNDLE_INDICES"] = "0"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs test-only #83d94a2aa915f15e Environment-variable access.
repo/examples/rl/rlhf_ipc_fsdp_ep.py:72
        os.environ["VLLM_ALLOW_INSECURE_SERIALIZATION"] = "1"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs test-only #7868f14bd1a0640c Environment-variable access.
repo/examples/rl/rlhf_ipc_fsdp_ep.py:74
        os.environ["VLLM_DP_RANK"] = str(dp_rank)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs test-only #54e4da3d0276d871 Environment-variable access.
repo/examples/rl/rlhf_ipc_fsdp_ep.py:75
        os.environ["VLLM_DP_RANK_LOCAL"] = str(dp_rank)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs test-only #75a362f47a700724 Environment-variable access.
repo/examples/rl/rlhf_ipc_fsdp_ep.py:76
        os.environ["VLLM_DP_SIZE"] = str(dp_size)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs test-only #8c362351ce4ef945 Environment-variable access.
repo/examples/rl/rlhf_ipc_fsdp_ep.py:77
        os.environ["VLLM_DP_MASTER_IP"] = dp_master_ip

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs test-only #c3db74fa25767528 Environment-variable access.
repo/examples/rl/rlhf_ipc_fsdp_ep.py:78
        os.environ["VLLM_DP_MASTER_PORT"] = str(dp_master_port)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs test-only #e39c6815d7e0bc16 Environment-variable access.
repo/examples/rl/rlhf_ipc_fsdp_ep.py:100
        os.environ["MASTER_ADDR"] = fsdp_master_addr

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs test-only #abc859f595e35758 Environment-variable access.
repo/examples/rl/rlhf_ipc_fsdp_ep.py:101
        os.environ["MASTER_PORT"] = str(fsdp_master_port)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs test-only #76a289d5e86fe20a Environment-variable access.
repo/examples/rl/rlhf_nccl.py:55
    os.environ.pop("CUDA_VISIBLE_DEVICES", None)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs test-only #6f7023aa3d1b1462 Environment-variable access.
repo/examples/rl/rlhf_nccl.py:56
    os.environ.pop("HIP_VISIBLE_DEVICES", None)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs test-only #2798f7847506d041 Environment-variable access.
repo/examples/rl/rlhf_nccl.py:65
        os.environ["VLLM_RAY_BUNDLE_INDICES"] = "0,1"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs test-only #e5dd0db7b7ae1849 Environment-variable access.
repo/examples/rl/rlhf_nccl_fsdp_ep.py:82
        os.environ["MASTER_ADDR"] = fsdp_master_addr

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs test-only #d9f3c163ddbe79aa Environment-variable access.
repo/examples/rl/rlhf_nccl_fsdp_ep.py:83
        os.environ["MASTER_PORT"] = str(fsdp_master_port)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs test-only #ee6a520584997df5 Environment-variable access.
repo/examples/rl/rlhf_sparse_nccl.py:73
        os.environ["VLLM_RAY_BUNDLE_INDICES"] = "0"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs test-only #ffefceefefaa5f3b Environment-variable access.
repo/examples/rl/routed_experts_e2e.py:296
    os.environ.setdefault("VLLM_BATCH_INVARIANT", "1")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs test-only #32f9dc0cce092a9b Filesystem access.
repo/examples/speech_to_text/lid/openai_lid_client.py:60
    with open(audio_path, "rb") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs test-only #53bfd393d08a83b6 Filesystem access.
repo/examples/speech_to_text/lid/openai_lid_client.py:82
    with open(audio_path, "rb") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs test-only #13f9a6bfdc2b4ced Filesystem access.
repo/examples/speech_to_text/lid/openai_lid_client.py:106
    with open(audio_path, "rb") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs test-only #56325cecb941db63 Filesystem access.
repo/examples/speech_to_text/openai/openai_transcription_client.py:47
    with open(audio_path, "rb") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs test-only #c73539feb9017e18 Filesystem access.
repo/examples/speech_to_text/openai/openai_transcription_client.py:76
    with open(audio_path, "rb") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs test-only #683907e7bfb8f159 Filesystem access.
repo/examples/speech_to_text/openai/openai_transcription_client.py:111
    with open(audio_path, "rb") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs test-only #a80c5e3142c0408b Filesystem access.
repo/examples/speech_to_text/openai/openai_translation_client.py:13
    with open(audio_path, "rb") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs test-only #f8b05ac4a616474a Filesystem access.
repo/examples/speech_to_text/openai/openai_translation_client.py:42
        with open(audio_path, "rb") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #5a8db45ab60f5562 Environment-variable access.
repo/setup.py:58
    value = os.getenv("VLLM_REQUIRE_RUST_FRONTEND", "")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #ae0a5412d25d9e97 Environment-variable access.
repo/setup.py:92
elif sys.platform.startswith("linux") and os.getenv("VLLM_TARGET_DEVICE") is None:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #83e5c6e9e49d7708 Environment-variable access.
repo/setup.py:108
        int(os.getenv("VLLM_DISABLE_SCCACHE", "0"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #cad8c76d9c516311 Environment-variable access.
repo/setup.py:289
        fc_base_dir = os.environ.get("FETCHCONTENT_BASE_DIR", fc_base_dir)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #a900947915641595 Environment-variable access.
repo/setup.py:315
        other_cmake_args = os.environ.get("CMAKE_ARGS")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #b3619458c095fa78 Environment-variable access.
repo/setup.py:514
        if os.getenv("ROCM_PATH"):

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #ca3dfbc3497e8c46 Environment-variable access.
repo/setup.py:628
        index_url = os.getenv(
            "VLLM_ROCM_WHEEL_INDEX", "https://pypi.amd.com/vllm-rocm/simple"
        )

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #4bf2796128ce55c4 Environment-variable access.
repo/setup.py:652
        wheel_location = os.getenv("VLLM_PRECOMPILED_WHEEL_LOCATION", None)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #b1a070ffc4b51b8a Environment-variable access.
repo/setup.py:667
            variant = os.getenv("VLLM_PRECOMPILED_WHEEL_VARIANT", None)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #eb45b7839a3026d2 Environment-variable access.
repo/setup.py:670
            commit = os.getenv("VLLM_PRECOMPILED_WHEEL_COMMIT", "").lower()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #aa86e5592a89c131 Filesystem access.
repo/setup.py:841
                        open(target_path, "wb") as dst,

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #eef1e1a599dc34f1 Environment-variable access.
repo/setup.py:868
            github_token = os.getenv("GH_TOKEN", os.getenv("GITHUB_TOKEN"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #289e02ceddc1b075 Environment-variable access.
repo/setup.py:1007
    if env_version := os.getenv("VLLM_VERSION_OVERRIDE"):

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #02f1f781249fa909 Environment-variable access.
repo/setup.py:1009
        os.environ["SETUPTOOLS_SCM_PRETEND_VERSION"] = env_version

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #d9de2eec62299481 Filesystem access.
repo/setup.py:1053
        with open(requirements_dir / filename) as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #a2b455db9e232228 Environment-variable access.
repo/tools/build_deepgemm_C.py:58
    os.environ.get("CXX", "g++"),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #de1c37add1d5f306 Filesystem access.
repo/tools/check_wheel_deepgemm.py:25
    spec = tomllib.loads(pyproject.read_text())["project"]["requires-python"]

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #79b8ad939ee0ec8a Environment-variable access.
repo/tools/generate_cmake_presets.py:16
    CUDA_HOME = os.environ.get("CUDA_HOME")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #815e8f6b58b1dae7 Filesystem access.
repo/tools/generate_cmake_presets.py:159
        with open(output_file_path, "w") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #c515646cf1969538 Filesystem access.
repo/tools/generate_versions_json.py:119
        existing_content = VERSIONS_JSON.read_text()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #58eb616b2ae80258 Filesystem access.
repo/tools/generate_versions_json.py:129
    VERSIONS_JSON.write_text(new_content)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #924c6299b3efb983 Environment-variable access.
repo/tools/install_nixl_from_source_ubuntu.py:13
WHEELS_CACHE_HOME = os.environ.get("WHEELS_CACHE_HOME", "/tmp/wheels_cache")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low egress production #3659f7139ddc1e19 Hardcoded external endpoint. Review what data is sent to this destination.
repo/tools/install_nixl_from_source_ubuntu.py:27
        with urllib.request.urlopen(nixl_release_url) as response:

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low env_fs production #c49dfe871d1932e1 Environment-variable access.
repo/tools/install_nixl_from_source_ubuntu.py:34
NIXL_VERSION = os.environ.get("NIXL_VERSION", get_latest_nixl_version())

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #7fd550234a197979 Environment-variable access.
repo/tools/install_nixl_from_source_ubuntu.py:171
    build_env = os.environ.copy()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #a50db9475160c4d1 Environment-variable access.
repo/tools/install_nixl_from_source_ubuntu.py:175
    existing_ld_path = os.environ.get("LD_LIBRARY_PATH", "")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #865bb99d8e679ded Filesystem access.
repo/tools/pre_commit/check_boolean_context_manager.py:23
        with open(filepath, encoding="utf-8") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #bf8971077392bf88 Filesystem access.
repo/tools/pre_commit/check_forbidden_imports.py:89
    with open(path, encoding="utf-8") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #3428548cd9c7e61e Filesystem access.
repo/tools/pre_commit/check_init_lazy_imports.py:45
    source = INIT_PATH.read_text(encoding="utf-8")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #53e94354476ab5ad Filesystem access.
repo/tools/pre_commit/check_spdx_header.py:63
    with open(file_path, encoding="UTF-8") as file:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #4709d35315466a1d Filesystem access.
repo/tools/pre_commit/check_spdx_header.py:99
    with open(file_path, "r+", encoding="UTF-8") as file:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #e47dd2ceff252791 Filesystem access.
repo/tools/pre_commit/check_torch_cuda.py:28
    with open(path, encoding="utf-8") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #4cc76fba2547600a Filesystem access.
repo/tools/pre_commit/generate_attention_backend_docs.py:290
    tree = ast.parse(REGISTRY_FILE.read_text())

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #123e492872c0af58 Filesystem access.
repo/tools/pre_commit/generate_attention_backend_docs.py:330
        tree = ast.parse(MLA_PREFILL_REGISTRY_FILE.read_text())

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #bac7e61fba62b813 Filesystem access.
repo/tools/pre_commit/generate_attention_backend_docs.py:351
        tree = ast.parse(MLA_PREFILL_SELECTOR_FILE.read_text())

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #c98fea0cae9753c1 Filesystem access.
repo/tools/pre_commit/generate_attention_backend_docs.py:463
        tree = ast.parse(file_path.read_text())

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #e4ac5246d6dd17fc Filesystem access.
repo/tools/pre_commit/generate_attention_backend_docs.py:800
                parent_tree = ast.parse(parent_file.read_text())

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #be1417995b191efc Filesystem access.
repo/tools/pre_commit/generate_attention_backend_docs.py:822
        tree = ast.parse(file_path.read_text())

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #7181757fde4c5fd1 Filesystem access.
repo/tools/pre_commit/generate_attention_backend_docs.py:905
        tree = ast.parse(fa_interface_file.read_text())

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #b09e96e0870cedd0 Filesystem access.
repo/tools/pre_commit/generate_attention_backend_docs.py:942
        tree = ast.parse(FA_UTILS_FILE.read_text())

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #c2de59e4c7743dff Filesystem access.
repo/tools/pre_commit/generate_attention_backend_docs.py:1080
        tree = ast.parse(FLASHINFER_UTILS_FILE.read_text())

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #403e454fa25b7963 Filesystem access.
repo/tools/pre_commit/generate_attention_backend_docs.py:1261
        source = CUDA_PLATFORM_FILE.read_text()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #54f3edbf2ac9db88 Filesystem access.
repo/tools/pre_commit/generate_attention_backend_docs.py:1894
            not output_path.exists() or output_path.read_text() != new_content

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #bccb3bb5c4704e08 Filesystem access.
repo/tools/pre_commit/generate_attention_backend_docs.py:1898
            output_path.write_text(new_content)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #30e862cdf6da3201 Filesystem access.
repo/tools/pre_commit/generate_attention_backend_docs.py:1905
    output_path.write_text(new_content)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #61aa019919aca912 Filesystem access.
repo/tools/pre_commit/generate_nightly_torch_test.py:21
with open(input_file) as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #732faba42f1e69af Filesystem access.
repo/tools/pre_commit/validate_config.py:137
        with open(file_path, encoding="utf-8") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #7c346659753a3afb Filesystem access.
repo/tools/pre_commit/validate_config.py:159
        with open(filename, encoding="utf-8") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #e5c4fb28f404bba2 Filesystem access.
repo/tools/profiler/nsys_profile_tools/gputrc2graph.py:28
        with open(fname, encoding="utf-8") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #213851cc493255b8 Filesystem access.
repo/tools/profiler/nsys_profile_tools/gputrc2graph.py:153
            open(f"{output_name}.html", "a", encoding="utf-8") as outfile,

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #a00f82bb69baef9d Filesystem access.
repo/tools/profiler/nsys_profile_tools/gputrc2graph.py:154
            open("temp.html", encoding="utf-8") as infile,

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #7c4c7021917ab1c3 Filesystem access.
repo/tools/profiler/print_layerwise_table.py:59
    with open(args.json_trace) as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #cd6754735dc5984f Filesystem access.
repo/tools/profiler/visualize_layerwise_profile.py:523
    with open(json_trace) as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #8bb8d434001239dd Filesystem access.
repo/tools/report_build_time_ninja.py:316
        with open(log_file) as log:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #f264a3556bfb5011 Filesystem access.
repo/tools/vllm-rocm/pin_rocm_dependencies.py:122
    with open(requirements_file) as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #ead05ea733e1f738 Filesystem access.
repo/tools/vllm-rocm/pin_rocm_dependencies.py:126
    with open(backup_file, "w") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #e9b1da85767b25b3 Filesystem access.
repo/tools/vllm-rocm/pin_rocm_dependencies.py:167
    with open(requirements_file, "w") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #56ef7bb6684def1c Filesystem access.
repo/use_existing_torch.py:37
        with open(file) as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #6e4ebbbfa2ebf294 Filesystem access.
repo/use_existing_torch.py:40
            with open(file, "w") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #0022f4b5c4e3e5b9 Filesystem access.
repo/vllm/assets/image.py:62
        return p.read_bytes()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs test-only #9b79027fb1c464ea Filesystem access.
repo/vllm/benchmarks/datasets/create_txt_slices_dataset.py:52
    with open(path, encoding="utf-8") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs test-only #b28dccf4b1a99a03 Filesystem access.
repo/vllm/benchmarks/datasets/create_txt_slices_dataset.py:112
    with open(output_path, "w", encoding="utf-8") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs test-only #0ce39a914388628c Filesystem access.
repo/vllm/benchmarks/datasets/datasets.py:1006
            with open(temp_path, "rb") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs test-only #6c8e62ed6fefb4cb Filesystem access.
repo/vllm/benchmarks/datasets/datasets.py:1360
        with open(self.dataset_path, encoding="utf-8") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs test-only #685b1b911339baec Filesystem access.
repo/vllm/benchmarks/datasets/datasets.py:1474
        with open(self.dataset_path) as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs test-only #efe1ad68dd6277da Filesystem access.
repo/vllm/benchmarks/datasets/datasets.py:2650
        with open(self.dataset_path, encoding="utf-8") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs test-only #7f7ed6fbd29d0fc3 Filesystem access.
repo/vllm/benchmarks/datasets/datasets.py:3097
        with open(self.dataset_path, encoding="utf-8") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs test-only #6bb925615c739f08 Filesystem access.
repo/vllm/benchmarks/datasets/datasets.py:4592
        with open(path) as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs test-only #82e8e9878f2972f9 Filesystem access.
repo/vllm/benchmarks/latency.py:171
        with open(args.output_json, "w") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs test-only #cdd7006b189e582e Environment-variable access.
repo/vllm/benchmarks/lib/endpoint_request_func.py:152
    api_key = os.environ.get("OPENAI_API_KEY")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs test-only #51abb273a639aa7b Filesystem access.
repo/vllm/benchmarks/lib/endpoint_request_func.py:572
        with open(audio_path, "rb") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs test-only #b18ff549cba40f0f Environment-variable access.
repo/vllm/benchmarks/lib/utils.py:47
    if not os.environ.get("SAVE_TO_PYTORCH_BENCHMARK_FORMAT", False):

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs test-only #e7930bfe149890ee Filesystem access.
repo/vllm/benchmarks/lib/utils.py:114
    with open(filename, "w") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs test-only #1cc19d1f612b366e Filesystem access.
repo/vllm/benchmarks/mm_processor.py:530
        with open(args.output_json, "w") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs test-only #5c5488cd053fdb99 Filesystem access.
repo/vllm/benchmarks/serve.py:2275
        with open(
            file_name, mode="a+" if args.append_result else "w", encoding="utf-8"
        ) as outfile:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs test-only #239de101a9676ffe Environment-variable access.
repo/vllm/benchmarks/startup.py:119
    original_cache_root = os.environ.get("VLLM_CACHE_ROOT")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs test-only #bc115f2a6d594b6b Environment-variable access.
repo/vllm/benchmarks/startup.py:122
        os.environ["VLLM_CACHE_ROOT"] = temp_cache_dir

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs test-only #517a8b181a23d447 Environment-variable access.
repo/vllm/benchmarks/startup.py:129
            os.environ["VLLM_CACHE_ROOT"] = original_cache_root

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs test-only #52db061506216a35 Environment-variable access.
repo/vllm/benchmarks/startup.py:131
            os.environ.pop("VLLM_CACHE_ROOT", None)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs test-only #d5cce00f567a129a Environment-variable access.
repo/vllm/benchmarks/startup.py:261
    os.environ["VLLM_ENABLE_V1_MULTIPROCESSING"] = "0"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs test-only #a264732521c53f41 Filesystem access.
repo/vllm/benchmarks/startup.py:304
        with open(args.output_json, "w") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs test-only #e9bc371844b4cec4 Filesystem access.
repo/vllm/benchmarks/sweep/param_sweep.py:10
        with open(filepath, "rb") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs test-only #7905e64a59de93ca Environment-variable access.
repo/vllm/benchmarks/sweep/server.py:53
            env=os.environ | {"VLLM_SERVER_DEV_MODE": "1"},

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs test-only #9238f7762b05e801 Environment-variable access.
repo/vllm/benchmarks/throughput.py:725
    global_rank = int(os.environ["RANK"])

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs test-only #0f4ade37a474b8cd Environment-variable access.
repo/vllm/benchmarks/throughput.py:726
    world_size = int(os.environ["WORLD_SIZE"])

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs test-only #23ba064845672f45 Filesystem access.
repo/vllm/benchmarks/throughput.py:1286
        with open(args.output_json, "w") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #1aca92fa333f04e4 Environment-variable access.
repo/vllm/collect_env.py:163
    conda = os.environ.get("CONDA_EXE", "conda")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #34a41f534f1d06d6 Environment-variable access.
repo/vllm/collect_env.py:232
        system_root = os.environ.get("SYSTEMROOT", "C:\\Windows")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #400572fcdda9917b Environment-variable access.
repo/vllm/collect_env.py:233
        cuda_path = os.environ.get("CUDA_PATH", "%CUDA_PATH%")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #dfdb919ce6e16146 Environment-variable access.
repo/vllm/collect_env.py:247
        l = os.environ.get("CUDNN_LIBRARY")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #df6f7d9ebb1a48ff Environment-variable access.
repo/vllm/collect_env.py:270
        system_root = os.environ.get("SYSTEMROOT", "C:\\Windows")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #150c477909702e30 Environment-variable access.
repo/vllm/collect_env.py:271
        program_files_root = os.environ.get("PROGRAMFILES", "C:\\Program Files")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #ee80bcbbdbd36daa Environment-variable access.
repo/vllm/collect_env.py:441
        os.environ.get("TORCH_CUDA_ARCH_LIST", "Not Set"),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #2d2bbbebe17cdbb7 Environment-variable access.
repo/vllm/collect_env.py:442
        "Enabled" if os.environ.get("ROCM_HOME") else "Disabled",

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #fd5df5559766a466 Environment-variable access.
repo/vllm/collect_env.py:572
    system_root = os.environ.get("SYSTEMROOT", "C:\\Windows")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #b788d35a725f8f52 Environment-variable access.
repo/vllm/collect_env.py:638
    if os.environ.get("UV"):

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #ff56f119b8664842 Filesystem access.
repo/vllm/collect_env.py:642
        with open(pyvenv_cfg_path, "r") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #ec1b3e20c3457474 Environment-variable access.
repo/vllm/collect_env.py:682
    ca_config = os.environ.get("PYTORCH_CUDA_ALLOC_CONF", "")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #2b3bc4ac1836a250 Environment-variable access.
repo/vllm/collect_env.py:689
        config = os.environ.get("CUDA_MODULE_LOADING", "")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #e42c2cfbcf61a108 Environment-variable access.
repo/vllm/collect_env.py:725
    for k, v in os.environ.items():

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #6d09776044313f2b Filesystem access.
repo/vllm/compilation/backends.py:187
            with open(self.cache_file_path) as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #c43e81b9ea937c09 Filesystem access.
repo/vllm/compilation/backends.py:220
        with open(self.cache_file_path, "w") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #ee20cd52d14fc06b Filesystem access.
repo/vllm/compilation/backends.py:1045
                with open(filepath) as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #3fadae99e2a3d4b6 Filesystem access.
repo/vllm/compilation/backends.py:1118
                with open(meta_path, "w") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #21ca24dad37b12cd Filesystem access.
repo/vllm/compilation/backends.py:1264
            with open(graph_path, "w") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #67b9ec484ea1fff6 Filesystem access.
repo/vllm/compilation/caching.py:610
            with open(filepath) as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #ee7565f87a47dbeb Environment-variable access.
repo/vllm/compilation/compiler_interface.py:477
        os.environ["TORCHINDUCTOR_CACHE_DIR"] = inductor_cache

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #f14dc6abe8ca406c Environment-variable access.
repo/vllm/compilation/compiler_interface.py:480
        os.environ["TRITON_CACHE_DIR"] = triton_cache

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #35273f6e3c5547b3 Filesystem access.
repo/vllm/compilation/decorators.py:297
                open(aot_compilation_path, "rb") as f,

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #ddb6bbc29d28ff4a Environment-variable access.
repo/vllm/compilation/decorators.py:558
            os.environ["TORCHINDUCTOR_CACHE_DIR"] = inductor_cache

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #ece1dccb74f4458b Filesystem access.
repo/vllm/compilation/wrapper.py:243
                    with open(decompiled_file, "w") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #e58d4952ff7fe0d7 Environment-variable access.
repo/vllm/config/parallel.py:831
                self.data_parallel_rank = int(os.environ["RANK"]) // (

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #eaafc47994f79355 Environment-variable access.
repo/vllm/config/parallel.py:867
            os.environ["VLLM_ENABLE_V1_MULTIPROCESSING"] = "0"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #f6aaa651992a7799 Environment-variable access.
repo/vllm/config/utils.py:444
        value = os.environ.get(env_name)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #7d66c00a7b4ae37f Environment-variable access.
repo/vllm/config/vllm.py:897
        if "expandable_segments:True" not in os.environ.get(

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #ec6b17b8f21be501 Environment-variable access.
repo/vllm/config/vllm.py:897
        if "expandable_segments:True" not in os.environ.get(
            "PYTORCH_CUDA_ALLOC_CONF", ""
        ):

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #713c5f460458c130 Environment-variable access.
repo/vllm/config/vllm.py:1124
            and os.environ.get("VLLM_WORKER_MULTIPROC_METHOD") != "spawn"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #3920f65ba169c107 Environment-variable access.
repo/vllm/config/vllm.py:1151
        if os.environ.get("TORCH_COMPILE_DISABLE") == "1":

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #a4cae9cf36abfc59 Environment-variable access.
repo/vllm/config/vllm.py:1163
            and "VLLM_USE_BREAKABLE_CUDAGRAPH" not in os.environ

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #7ce69660fc9c4b93 Environment-variable access.
repo/vllm/config/vllm.py:1175
            os.environ["VLLM_USE_BREAKABLE_CUDAGRAPH"] = "1"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #3b3198b58ca85035 Environment-variable access.
repo/vllm/config/vllm.py:1404
            and os.environ.get("VLLM_WORKER_MULTIPROC_METHOD") != "spawn"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #354c965bd0ee0dec Environment-variable access.
repo/vllm/device_allocator/cumem.py:330
        conf = os.environ.get("PYTORCH_CUDA_ALLOC_CONF", "")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #1bd12ede028b0852 Filesystem access.
repo/vllm/distributed/device_communicators/all_reduce_utils.py:397
            with open(output_file.name, "rb") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #7614fe7c04110f8e Filesystem access.
repo/vllm/distributed/device_communicators/all_reduce_utils.py:404
        with open(path, "w") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #6aa76313e13b3e1f Filesystem access.
repo/vllm/distributed/device_communicators/all_reduce_utils.py:409
    with open(path) as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #f9c9dd8cf409ae7a Filesystem access.
repo/vllm/distributed/device_communicators/all_reduce_utils.py:420
    with open(output_file, "wb") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #9ad7531fc15adfdf Environment-variable access.
repo/vllm/distributed/device_communicators/cpu_communicator.py:241
        instance_identifier = os.environ["VLLM_DIST_IDENT"]

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #a8a9c79d7ae7df6a Environment-variable access.
repo/vllm/distributed/eplb/eplb_utils.py:97
        current_value_str = os.getenv("NCCL_MAX_CTAS")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #9b217d3d6a08c9dc Environment-variable access.
repo/vllm/distributed/eplb/eplb_utils.py:103
        os.environ["NCCL_MAX_CTAS"] = str(override_value)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #8b7d1d18519e3bd6 Filesystem access.
repo/vllm/distributed/kv_transfer/kv_connector/v1/example_hidden_states_connector.py:59
    with open(lock_path) as lf:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #b82acaec27169559 Filesystem access.
repo/vllm/distributed/kv_transfer/kv_connector/v1/hf3fs/utils/hf3fs_mock_client.py:27
            with open(self._file_path, "w+b") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #36057fccfa1ea8cd Filesystem access.
repo/vllm/distributed/kv_transfer/kv_connector/v1/hf3fs/utils/hf3fs_mock_client.py:35
            with open(self._file_path, "rb") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #adf9cafdcd5cdc2c Filesystem access.
repo/vllm/distributed/kv_transfer/kv_connector/v1/hf3fs/utils/hf3fs_mock_client.py:90
            with open(self._file_path, "r+b") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #de620edffd45a255 Environment-variable access.
repo/vllm/distributed/kv_transfer/kv_connector/v1/lmcache_integration/utils.py:47
                if "LMCACHE_CONFIG_FILE" not in os.environ:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #8ae407235bb2d733 Environment-variable access.
repo/vllm/distributed/kv_transfer/kv_connector/v1/lmcache_integration/utils.py:58
                    config_file = os.environ["LMCACHE_CONFIG_FILE"]

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #25ee899ee28b27c1 Environment-variable access.
repo/vllm/distributed/kv_transfer/kv_connector/v1/lmcache_integration/vllm_v1_adapter.py:681
        self.force_skip_save = bool(os.environ.get("LMCACHE_FORCE_SKIP_SAVE", False))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #d4a61a922fbc2acb Environment-variable access.
repo/vllm/distributed/kv_transfer/kv_connector/v1/lmcache_mp_connector.py:1201
    if os.environ.get("LMCACHE_USE_UPSTREAM_MP"):

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #aa332838f0dfdf84 Filesystem access.
repo/vllm/distributed/kv_transfer/kv_connector/v1/mooncake/store/worker.py:128
        with open(file_path) as file:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #38266eb651f64500 Environment-variable access.
repo/vllm/distributed/kv_transfer/kv_connector/v1/mooncake/store/worker.py:147
        config_path = os.getenv("MOONCAKE_CONFIG_PATH")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #7553cdb0cd2fefb7 Environment-variable access.
repo/vllm/distributed/kv_transfer/kv_connector/v1/moriio/moriio_common.py:216
        if env_var in os.environ:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #b7ad76ca04f5ff90 Environment-variable access.
repo/vllm/distributed/nixl_utils.py:21
    if "UCX_RCACHE_MAX_UNRELEASED" in os.environ:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #6bfa2b9b67f89098 Environment-variable access.
repo/vllm/distributed/nixl_utils.py:36
    os.environ["UCX_RCACHE_MAX_UNRELEASED"] = "1024"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #e203796e6d21fdc0 Environment-variable access.
repo/vllm/engine/arg_utils.py:1792
            os.environ.get(current_platform.device_control_env_var),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #09feba3108872409 Filesystem access.
repo/vllm/entrypoints/chat_utils.py:1310
        with open(chat_template) as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #76f476de759563b2 Filesystem access.
repo/vllm/entrypoints/chat_utils.py:1325
                with open(builtin_template_path) as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #f094a731546342a3 Environment-variable access.
repo/vllm/entrypoints/cli/openai.py:34
    api_key = args.api_key or os.environ.get("OPENAI_API_KEY", "EMPTY")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #1976e5ef6a1c3ab0 Environment-variable access.
repo/vllm/entrypoints/mcp/tool.py:62
        exa_api_key = os.getenv("EXA_API_KEY")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #38dca7c8a78807b3 Environment-variable access.
repo/vllm/entrypoints/openai/api_server.py:123
    if os.getenv("VLLM_WORKER_MULTIPROC_METHOD") == "forkserver":

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #fa2214035f3e3768 Filesystem access.
repo/vllm/entrypoints/openai/run_batch.py:340
        with open(path_or_url, encoding="utf-8") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #f968a6d1cedde307 Filesystem access.
repo/vllm/entrypoints/openai/run_batch.py:354
    with open(output_path, "w", encoding="utf-8") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #4e5c44c1d95cd9f0 Filesystem access.
repo/vllm/entrypoints/openai/run_batch.py:380
                    with open(data_or_file, "rb") as file:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #f98e95c647f8a5b6 Environment-variable access.
repo/vllm/entrypoints/serve/utils/api_utils.py:165
    if "VLLM_WORKER_MULTIPROC_METHOD" not in os.environ:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #d74c5a68896c0de4 Environment-variable access.
repo/vllm/entrypoints/serve/utils/api_utils.py:167
        os.environ["VLLM_WORKER_MULTIPROC_METHOD"] = "spawn"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #228f356b2f58103e Filesystem access.
repo/vllm/entrypoints/serve/utils/server_utils.py:131
        with open(log_config_file) as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #75aecd4bd840eb19 Environment-variable access.
repo/vllm/env_override.py:50
    enable = os.environ.get("VLLM_ENABLE_CUDA_COMPATIBILITY", "0").strip().lower() in (

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #0ba19aeacdfa55d2 Environment-variable access.
repo/vllm/env_override.py:57
    cuda_compat_path = os.environ.get("VLLM_CUDA_COMPATIBILITY_PATH", "")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #682649a2c94c71d7 Environment-variable access.
repo/vllm/env_override.py:59
        conda_prefix = os.environ.get("CONDA_PREFIX", "")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #1936de289529b702 Environment-variable access.
repo/vllm/env_override.py:73
    existing = os.environ.get("LD_LIBRARY_PATH", "")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #dc89b5909fe03c5d Environment-variable access.
repo/vllm/env_override.py:82
    os.environ["LD_LIBRARY_PATH"] = os.pathsep.join(new_paths)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #9dc6802afa26c4d2 Environment-variable access.
repo/vllm/env_override.py:101
os.environ["PYTORCH_NVML_BASED_CUDA_CHECK"] = "1"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #17dc161c28fc6272 Environment-variable access.
repo/vllm/env_override.py:105
os.environ["TORCHINDUCTOR_COMPILE_THREADS"] = "1"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #f4e4062927fea3d3 Environment-variable access.
repo/vllm/env_override.py:113
os.environ.setdefault("TRITON_CACHE_AUTOTUNING", "1")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #9a19c7b17f55cfab Environment-variable access.
repo/vllm/env_override.py:120
os.environ.setdefault("TILELANG_CLEANUP_TEMP_FILES", "1")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #83572b70382edd43 Environment-variable access.
repo/vllm/env_override.py:865
if os.environ.get("VLLM_TRITON_FORCE_FIRST_CONFIG", "0").strip().lower() in (

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #4c0a5265bebe5ee6 Environment-variable access.
repo/vllm/envs.py:302
    return os.getenv(
        "XDG_CACHE_HOME",
        os.path.join(os.path.expanduser("~"), ".cache"),
    )

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #b4afddbc15e1b08f Environment-variable access.
repo/vllm/envs.py:309
    return os.getenv(
        "XDG_CONFIG_HOME",
        os.path.join(os.path.expanduser("~"), ".config"),
    )

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #888835df08da9b8f Filesystem access.
repo/vllm/envs.py:331
        with open(value) as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #5b9b99bfb0115690 Environment-variable access.
repo/vllm/envs.py:337
    return bool(int(os.getenv("VLLM_DISABLE_COMPILE_CACHE", "0")))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #a6c13737b7ebcac7 Environment-variable access.
repo/vllm/envs.py:349
    return os.environ.get("VLLM_USE_AOT_COMPILE", default_value) == "1"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #52b4743027ad4163 Environment-variable access.
repo/vllm/envs.py:359
    return os.environ.get("VLLM_USE_MEGA_AOT_ARTIFACT", default_value) == "1"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #661b5182be8d4a8c Environment-variable access.
repo/vllm/envs.py:382
        value = os.getenv(env_name)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #00196fd08857c5d7 Environment-variable access.
repo/vllm/envs.py:429
        value = os.getenv(env_name)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #66926a9197a385c1 Environment-variable access.
repo/vllm/envs.py:489
    if "VLLM_PORT" not in os.environ:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #7eaea83a51726147 Environment-variable access.
repo/vllm/envs.py:492
    port = os.getenv("VLLM_PORT", "0")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #a7cee690428a09d1 Environment-variable access.
repo/vllm/envs.py:519
        value = os.getenv(env_name)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #8bd35193d59c59f2 Environment-variable access.
repo/vllm/envs.py:524
        os.environ[env_name] = default_value

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #6e3499fb1f3799fe Environment-variable access.
repo/vllm/envs.py:543
    if "VLLM_TRITON_ATTN_USE_TD" in os.environ:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #c1725768d5af525c Environment-variable access.
repo/vllm/envs.py:558
    use_rust = bool(int(os.environ.get("VLLM_USE_RUST_FRONTEND", "0")))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #fae6407972b93a0b Environment-variable access.
repo/vllm/envs.py:559
    raw = os.environ.get("VLLM_RUST_FRONTEND_PATH", "auto")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #e6c02a20abe5f991 Environment-variable access.
repo/vllm/envs.py:562
        if os.environ.get("VLLM_RUST_FRONTEND_PATH") is not None:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #88d5aa49fc3f8fee Environment-variable access.
repo/vllm/envs.py:588
    "VLLM_TARGET_DEVICE": lambda: os.getenv("VLLM_TARGET_DEVICE", "cuda").lower(),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #0d9aee72bdad90ab Environment-variable access.
repo/vllm/envs.py:591
        os.getenv("VLLM_MAIN_CUDA_VERSION", "").lower() or "13.0"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #450f68f4072ecb4b Environment-variable access.
repo/vllm/envs.py:603
    "VLLM_BATCH_INVARIANT": lambda: bool(int(os.getenv("VLLM_BATCH_INVARIANT", "0"))),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #43a83ec1b3eb26ee Environment-variable access.
repo/vllm/envs.py:612
        os.getenv("VLLM_TRITON_USE_TD", "").strip()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #97969b705bc167b9 Environment-variable access.
repo/vllm/envs.py:627
    "MAX_JOBS": lambda: os.getenv("MAX_JOBS", None),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #51d06c2489e63b91 Environment-variable access.
repo/vllm/envs.py:631
    "NVCC_THREADS": lambda: os.getenv("NVCC_THREADS", None),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #159cde2c9e602175 Environment-variable access.
repo/vllm/envs.py:634
        os.environ.get("VLLM_USE_PRECOMPILED", "").strip().lower() in ("1", "true")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #5a8cdfccf204cfdf Environment-variable access.
repo/vllm/envs.py:635
        or bool(os.environ.get("VLLM_PRECOMPILED_WHEEL_LOCATION"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #7607a308211190ac Environment-variable access.
repo/vllm/envs.py:639
        os.environ.get("VLLM_USE_PRECOMPILED_RUST", "").strip().lower() in ("1", "true")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #9c2338998db892aa Environment-variable access.
repo/vllm/envs.py:643
        int(os.environ.get("VLLM_SKIP_PRECOMPILED_VERSION_SUFFIX", "0"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #bd464eade4abc195 Environment-variable access.
repo/vllm/envs.py:648
        os.environ.get("VLLM_DOCKER_BUILD_CONTEXT", "").strip().lower() in ("1", "true")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #29e79e84bded3a00 Environment-variable access.
repo/vllm/envs.py:652
    "VLLM_BUILD_COMMIT": lambda: os.environ.get("VLLM_BUILD_COMMIT", "unknown"),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #71be3f7aef5b1999 Environment-variable access.
repo/vllm/envs.py:653
    "VLLM_BUILD_PIPELINE": lambda: os.environ.get("VLLM_BUILD_PIPELINE", "local"),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #6e998989ce30f4cd Environment-variable access.
repo/vllm/envs.py:654
    "VLLM_BUILD_URL": lambda: os.environ.get("VLLM_BUILD_URL", ""),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #324455a0288418d6 Environment-variable access.
repo/vllm/envs.py:655
    "VLLM_IMAGE_TAG": lambda: os.environ.get("VLLM_IMAGE_TAG", ""),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #94ffc54b794b2ea7 Environment-variable access.
repo/vllm/envs.py:663
    "VERBOSE": lambda: bool(int(os.getenv("VERBOSE", "0"))),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #d5bded65a1d272ad Environment-variable access.
repo/vllm/envs.py:670
        os.getenv(
            "VLLM_CONFIG_ROOT",
            os.path.join(get_default_config_root(), "vllm"),
        )

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #6c2cd2d28ceec09c Environment-variable access.
repo/vllm/envs.py:679
        os.getenv(
            "VLLM_CACHE_ROOT",
            os.path.join(get_default_cache_root(), "vllm"),
        )

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #3f670e9711243105 Environment-variable access.
repo/vllm/envs.py:688
    "VLLM_HOST_IP": lambda: os.getenv("VLLM_HOST_IP", ""),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #3d271c1a8beec497 Environment-variable access.
repo/vllm/envs.py:696
    "VLLM_RPC_BASE_PATH": lambda: os.getenv(
        "VLLM_RPC_BASE_PATH", tempfile.gettempdir()
    ),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #12ee6d648cde3b05 Environment-variable access.
repo/vllm/envs.py:702
        os.environ.get("VLLM_USE_MODELSCOPE", "False").lower() == "true"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #9478aa89142638c2 Environment-variable access.
repo/vllm/envs.py:709
    "VLLM_USE_FASTOKENS": lambda: bool(int(os.getenv("VLLM_USE_FASTOKENS", "0"))),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #654d698ad5396eaa Environment-variable access.
repo/vllm/envs.py:712
        os.environ.get("VLLM_RINGBUFFER_WARNING_INTERVAL", "60")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #76aaca265b9e103f Environment-variable access.
repo/vllm/envs.py:716
    "CUDA_HOME": lambda: os.environ.get("CUDA_HOME", None),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #443cf458c0f68164 Environment-variable access.
repo/vllm/envs.py:719
    "VLLM_NCCL_SO_PATH": lambda: os.environ.get("VLLM_NCCL_SO_PATH", None),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #02c586ef22d0c175 Environment-variable access.
repo/vllm/envs.py:722
    "LD_LIBRARY_PATH": lambda: os.environ.get("LD_LIBRARY_PATH", None),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #e70b82b0914fd939 Environment-variable access.
repo/vllm/envs.py:725
        os.environ.get("VLLM_ROCM_SLEEP_MEM_CHUNK_SIZE", "256")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #4993946870760f90 Environment-variable access.
repo/vllm/envs.py:731
        os.environ.get("VLLM_USE_STANDALONE_COMPILE", "1") == "1"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #9fcd205eb5d132a4 Environment-variable access.
repo/vllm/envs.py:740
        os.environ.get("VLLM_ENABLE_PREGRAD_PASSES", "1") == "1"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #06ae27cef023cdda Environment-variable access.
repo/vllm/envs.py:744
        os.environ.get("VLLM_USE_BREAKABLE_CUDAGRAPH", "0") == "1"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #e885862ec22728d8 Environment-variable access.
repo/vllm/envs.py:748
    "VLLM_PATTERN_MATCH_DEBUG": lambda: os.environ.get(

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #def7d9073f209e43 Environment-variable access.
repo/vllm/envs.py:748
    "VLLM_PATTERN_MATCH_DEBUG": lambda: os.environ.get(
        "VLLM_PATTERN_MATCH_DEBUG", None
    ),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #7cb0aedbcca79911 Environment-variable access.
repo/vllm/envs.py:753
    "VLLM_DEBUG_DUMP_PATH": lambda: os.environ.get("VLLM_DEBUG_DUMP_PATH", None),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #8a65047956a56134 Environment-variable access.
repo/vllm/envs.py:761
        int(os.environ.get("VLLM_USE_BYTECODE_HOOK", "1"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #f66d38216bbbcb93 Environment-variable access.
repo/vllm/envs.py:766
    "VLLM_FORCE_AOT_LOAD": lambda: os.environ.get("VLLM_FORCE_AOT_LOAD", "0") == "1",

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #98ff82752aa81e5e Environment-variable access.
repo/vllm/envs.py:773
    "LOCAL_RANK": lambda: int(os.environ.get("LOCAL_RANK", "0")),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #c884ef6583fcb34f Environment-variable access.
repo/vllm/envs.py:775
    "CUDA_VISIBLE_DEVICES": lambda: os.environ.get("CUDA_VISIBLE_DEVICES", None),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #26ff212df0dd2261 Environment-variable access.
repo/vllm/envs.py:778
        os.environ.get("VLLM_ENGINE_ITERATION_TIMEOUT_S", "60")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #53dfe21b58a9115e Environment-variable access.
repo/vllm/envs.py:783
        os.environ.get("VLLM_ENGINE_READY_TIMEOUT_S", "600")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #35d001e394129535 Environment-variable access.
repo/vllm/envs.py:786
    "VLLM_API_KEY": lambda: os.environ.get("VLLM_API_KEY", None),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #77c342d634153f1a Environment-variable access.
repo/vllm/envs.py:789
        os.environ.get("VLLM_DEBUG_LOG_API_SERVER_RESPONSE", "False").lower() == "true"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #2b74d2f5827cda58 Environment-variable access.
repo/vllm/envs.py:792
    "S3_ACCESS_KEY_ID": lambda: os.environ.get("S3_ACCESS_KEY_ID", None),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #96e2c95e2fd9dbc6 Environment-variable access.
repo/vllm/envs.py:793
    "S3_SECRET_ACCESS_KEY": lambda: os.environ.get("S3_SECRET_ACCESS_KEY", None),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #adba89df2f62ba62 Environment-variable access.
repo/vllm/envs.py:794
    "S3_ENDPOINT_URL": lambda: os.environ.get("S3_ENDPOINT_URL", None),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #f5fa94fb56b44b58 Environment-variable access.
repo/vllm/envs.py:796
    "VLLM_USAGE_STATS_SERVER": lambda: os.environ.get(

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #be5c18133fc56a59 Environment-variable access.
repo/vllm/envs.py:796
    "VLLM_USAGE_STATS_SERVER": lambda: os.environ.get(
        "VLLM_USAGE_STATS_SERVER", "https://stats.vllm.ai"
    ),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #e3ece6e31bc13b74 Environment-variable access.
repo/vllm/envs.py:799
    "VLLM_NO_USAGE_STATS": lambda: os.environ.get("VLLM_NO_USAGE_STATS", "0") == "1",

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #dcb4ffd700d75121 Environment-variable access.
repo/vllm/envs.py:802
            os.environ.get("VLLM_DO_NOT_TRACK", None)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #f67b459a636abb5b Environment-variable access.
repo/vllm/envs.py:803
            or os.environ.get("DO_NOT_TRACK", None)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #8cd790d5e0b7e0ab Environment-variable access.
repo/vllm/envs.py:808
    "VLLM_USAGE_SOURCE": lambda: os.environ.get("VLLM_USAGE_SOURCE", "production"),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #0ef293e93a8adcd1 Environment-variable access.
repo/vllm/envs.py:814
        int(os.getenv("VLLM_CONFIGURE_LOGGING", "1"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #43f9fa008d9ecb82 Environment-variable access.
repo/vllm/envs.py:816
    "VLLM_LOGGING_CONFIG_PATH": lambda: os.getenv("VLLM_LOGGING_CONFIG_PATH"),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #918087ff8903bcd1 Environment-variable access.
repo/vllm/envs.py:818
    "VLLM_LOGGING_LEVEL": lambda: os.getenv("VLLM_LOGGING_LEVEL", "INFO").upper(),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #f200278190192bde Environment-variable access.
repo/vllm/envs.py:820
    "VLLM_LOGGING_STREAM": lambda: os.getenv("VLLM_LOGGING_STREAM", "ext://sys.stdout"),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #213739090842fe9e Environment-variable access.
repo/vllm/envs.py:822
    "VLLM_LOGGING_PREFIX": lambda: os.getenv("VLLM_LOGGING_PREFIX", ""),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #77e5b6fd98147bb0 Environment-variable access.
repo/vllm/envs.py:825
    "VLLM_LOGGING_COLOR": lambda: os.getenv("VLLM_LOGGING_COLOR", "auto"),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #ab6a78d48d073e5c Environment-variable access.
repo/vllm/envs.py:827
    "NO_COLOR": lambda: os.getenv("NO_COLOR", "0") != "0",

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #e28e99a99b69a0c4 Environment-variable access.
repo/vllm/envs.py:832
        if (val := float(os.getenv("VLLM_LOG_STATS_INTERVAL", "10."))) > 0.0

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #ac54d3fbf1f9e147 Environment-variable access.
repo/vllm/envs.py:838
    "VLLM_TRACE_FUNCTION": lambda: int(os.getenv("VLLM_TRACE_FUNCTION", "0")),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #41297f8d4ba4e9d3 Environment-variable access.
repo/vllm/envs.py:843
        bool(int(os.environ["VLLM_USE_FLASHINFER_SAMPLER"]))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #678c2c66e7367fe6 Environment-variable access.
repo/vllm/envs.py:844
        if "VLLM_USE_FLASHINFER_SAMPLER" in os.environ

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #6e26071bdee5b1de Environment-variable access.
repo/vllm/envs.py:848
    "VLLM_PP_LAYER_PARTITION": lambda: os.getenv("VLLM_PP_LAYER_PARTITION", None),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #6407fe5fb17346f1 Environment-variable access.
repo/vllm/envs.py:852
        int(os.getenv("VLLM_CPU_KVCACHE_SPACE", "0"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #3d697ec4ebe0a748 Environment-variable access.
repo/vllm/envs.py:853
        if "VLLM_CPU_KVCACHE_SPACE" in os.environ

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #7caba31369604213 Environment-variable access.
repo/vllm/envs.py:858
    "VLLM_CPU_OMP_THREADS_BIND": lambda: os.getenv("VLLM_CPU_OMP_THREADS_BIND", "auto"),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #0a6226cc251dc89c Environment-variable access.
repo/vllm/envs.py:862
        int(os.getenv("VLLM_CPU_NUM_OF_RESERVED_CPU", "0"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #476f3b17ea7fd208 Environment-variable access.
repo/vllm/envs.py:863
        if "VLLM_CPU_NUM_OF_RESERVED_CPU" in os.environ

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #f03c2b6f4909e4a1 Environment-variable access.
repo/vllm/envs.py:867
    "VLLM_CPU_SGL_KERNEL": lambda: bool(int(os.getenv("VLLM_CPU_SGL_KERNEL", "0"))),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #efc6487a072c79a5 Environment-variable access.
repo/vllm/envs.py:870
        int(os.getenv("VLLM_CPU_ATTN_SPLIT_KV", "1"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #11a2f01c55d918af Environment-variable access.
repo/vllm/envs.py:875
        int(os.getenv("VLLM_ZENTORCH_WEIGHT_PREPACK", "1"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #4f0d7ed81f94d947 Environment-variable access.
repo/vllm/envs.py:878
    "VLLM_CPU_INT4_W4A8": lambda: bool(int(os.getenv("VLLM_CPU_INT4_W4A8", "1"))),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #575acc874edb5e5c Environment-variable access.
repo/vllm/envs.py:892
        int(os.getenv("VLLM_USE_RAY_COMPILED_DAG_OVERLAP_COMM", "0"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #ccd13b0b013d8aca Environment-variable access.
repo/vllm/envs.py:898
        int(os.getenv("VLLM_USE_RAY_WRAPPED_PP_COMM", "1"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #17874a7415245d4e Environment-variable access.
repo/vllm/envs.py:903
        int(os.getenv("VLLM_USE_RAY_V2_EXECUTOR_BACKEND", "1"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #37ed96bc09af91af Environment-variable access.
repo/vllm/envs.py:910
        int(os.getenv("VLLM_DISTRIBUTED_USE_SPLIT_GROUP", "0"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #e463f191e5e0ef6f Environment-variable access.
repo/vllm/envs.py:919
        os.getenv(
            "VLLM_ASSETS_CACHE",
            os.path.join(get_default_cache_root(), "vllm", "assets"),
        )

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #949c273d835782c6 Environment-variable access.
repo/vllm/envs.py:927
        int(os.getenv("VLLM_ASSETS_CACHE_MODEL_CLEAN", "0"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #b2ef5f96d17309ed Environment-variable access.
repo/vllm/envs.py:931
    "VLLM_IMAGE_FETCH_TIMEOUT": lambda: int(os.getenv("VLLM_IMAGE_FETCH_TIMEOUT", "5")),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #54b646f929ff5354 Environment-variable access.
repo/vllm/envs.py:935
        os.getenv("VLLM_VIDEO_FETCH_TIMEOUT", "30")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #002478c0c81a7435 Environment-variable access.
repo/vllm/envs.py:940
        os.getenv("VLLM_AUDIO_FETCH_TIMEOUT", "10")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #0301b5dd822a4f74 Environment-variable access.
repo/vllm/envs.py:944
    "VLLM_MEDIA_CACHE": lambda: os.getenv("VLLM_MEDIA_CACHE", ""),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #a4b0a9f88e6369dd Environment-variable access.
repo/vllm/envs.py:948
        os.getenv("VLLM_MEDIA_CACHE_MAX_SIZE_MB", "5120")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #2ef341c0293538fa Environment-variable access.
repo/vllm/envs.py:953
        os.getenv("VLLM_MEDIA_CACHE_TTL_HOURS", "24")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #40d9063663cb1d55 Environment-variable access.
repo/vllm/envs.py:958
        os.getenv("VLLM_MEDIA_FETCH_MAX_RETRIES", "3")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #d644caeebea743b4 Environment-variable access.
repo/vllm/envs.py:963
        int(os.getenv("VLLM_MEDIA_URL_ALLOW_REDIRECTS", "1"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #b87387534e381e1c Environment-variable access.
repo/vllm/envs.py:969
        os.getenv("VLLM_MEDIA_LOADING_THREAD_COUNT", "8")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #1cc7dbb2ea0801ff Environment-variable access.
repo/vllm/envs.py:975
        os.getenv("VLLM_MAX_AUDIO_CLIP_FILESIZE_MB", "25")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #1076c2c3b96303a6 Environment-variable access.
repo/vllm/envs.py:982
        os.getenv("VLLM_MAX_AUDIO_DECODE_DURATION_S", "600")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #9c09f716cdab6c94 Environment-variable access.
repo/vllm/envs.py:988
        os.getenv(
            "VLLM_MAX_AUDIO_PREPROCESS_WORKERS",
            str(max(1, min(os.cpu_count() or 1, 2))),
        )

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #5ef155df7653e802 Environment-variable access.
repo/vllm/envs.py:998
        os.getenv("VLLM_MAX_IMAGE_PIXELS", "178956970")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #7c3320b68466daad Environment-variable access.
repo/vllm/envs.py:1009
    "VLLM_VIDEO_LOADER_BACKEND": lambda: os.getenv(
        "VLLM_VIDEO_LOADER_BACKEND", "opencv"
    ),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #c7b20e6e971bff72 Environment-variable access.
repo/vllm/envs.py:1019
    "VLLM_MEDIA_CONNECTOR": lambda: os.getenv("VLLM_MEDIA_CONNECTOR", "http"),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #6eddcf5bf2933c72 Environment-variable access.
repo/vllm/envs.py:1034
        os.getenv(
            "VLLM_XLA_CACHE_PATH",
            os.path.join(get_default_cache_root(), "vllm", "xla_cache"),
        )

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #942f068f00b31ce3 Environment-variable access.
repo/vllm/envs.py:1041
        int(os.getenv("VLLM_XLA_CHECK_RECOMPILATION", "0"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #ead3fec911ef488d Environment-variable access.
repo/vllm/envs.py:1044
    "VLLM_XLA_USE_SPMD": lambda: bool(int(os.getenv("VLLM_XLA_USE_SPMD", "0"))),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #6dff05f033655095 Environment-variable access.
repo/vllm/envs.py:1049
        os.getenv("VLLM_SPARSE_INDEXER_MAX_LOGITS_MB", "512")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #5e36b498b1753566 Environment-variable access.
repo/vllm/envs.py:1054
        int(os.getenv("VLLM_KEEP_ALIVE_ON_ENGINE_DEATH", "0"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #7428953332d7236f Environment-variable access.
repo/vllm/envs.py:1061
        os.environ.get("VLLM_ALLOW_LONG_MAX_MODEL_LEN", "0").strip().lower()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #772e99eb324e0183 Environment-variable access.
repo/vllm/envs.py:1067
        os.environ.get("VLLM_TEST_FORCE_FP8_MARLIN", "0").strip().lower()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #393de05a819e450b Environment-variable access.
repo/vllm/envs.py:1070
    "VLLM_TEST_FORCE_LOAD_FORMAT": lambda: os.getenv(
        "VLLM_TEST_FORCE_LOAD_FORMAT", "dummy"
    ),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #aab8227bdd9f217a Environment-variable access.
repo/vllm/envs.py:1083
        os.getenv("VLLM_FASTSAFETENSORS_QUEUE_SIZE", "0")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #af9f40958f2444b8 Environment-variable access.
repo/vllm/envs.py:1087
        os.environ.get("VLLM_HTTP_TIMEOUT_KEEP_ALIVE", "5")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #0ec645273ea03d3a Environment-variable access.
repo/vllm/envs.py:1093
        os.environ.get("VLLM_MAX_N_SEQUENCES", "16384")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #8efcdc56f5c7e547 Environment-variable access.
repo/vllm/envs.py:1099
        os.environ.get("VLLM_MAX_COMPLETION_PROMPTS", "1024")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #8817f5367ca1d60c Environment-variable access.
repo/vllm/envs.py:1106
        if "VLLM_PLUGINS" not in os.environ

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #4212559c4240324d Environment-variable access.
repo/vllm/envs.py:1107
        else os.environ["VLLM_PLUGINS"].split(",")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #042df6a091d72411 Environment-variable access.
repo/vllm/envs.py:1116
        int(os.environ["VLLM_PREFIX_CACHE_RETENTION_INTERVAL"])

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #22b6550f90cbe139 Environment-variable access.
repo/vllm/envs.py:1117
        if "VLLM_PREFIX_CACHE_RETENTION_INTERVAL" in os.environ

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #31501a0435d0a6fd Environment-variable access.
repo/vllm/envs.py:1123
    "VLLM_LORA_RESOLVER_CACHE_DIR": lambda: os.getenv(
        "VLLM_LORA_RESOLVER_CACHE_DIR", None
    ),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #24f1990c45313b08 Environment-variable access.
repo/vllm/envs.py:1130
    "VLLM_LORA_RESOLVER_HF_REPO_LIST": lambda: os.getenv(
        "VLLM_LORA_RESOLVER_HF_REPO_LIST", None
    ),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #701912d63d082787 Environment-variable access.
repo/vllm/envs.py:1134
    "VLLM_USE_TRITON_AWQ": lambda: bool(int(os.getenv("VLLM_USE_TRITON_AWQ", "0"))),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #50613fcb000b4a17 Environment-variable access.
repo/vllm/envs.py:1140
        os.environ.get("VLLM_TRITON_FORCE_FIRST_CONFIG", "0").strip().lower()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #44e74f3138affaf0 Environment-variable access.
repo/vllm/envs.py:1145
        os.environ.get("VLLM_ALLOW_RUNTIME_LORA_UPDATING", "0").strip().lower()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #a1312ee408d14b2c Environment-variable access.
repo/vllm/envs.py:1154
    "VLLM_SKIP_P2P_CHECK": lambda: os.getenv("VLLM_SKIP_P2P_CHECK", "1") == "1",

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #32fe32442fe0ab11 Environment-variable access.
repo/vllm/envs.py:1161
        if "VLLM_DISABLED_KERNELS" not in os.environ

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #c7b1d32631418c06 Environment-variable access.
repo/vllm/envs.py:1162
        else os.environ["VLLM_DISABLED_KERNELS"].split(",")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #83361d92f654dd9c Environment-variable access.
repo/vllm/envs.py:1165
        int(os.getenv("VLLM_ENABLE_FLA_PACKED_RECURRENT_DECODE", "1"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #55d6690f221ef70f Environment-variable access.
repo/vllm/envs.py:1169
        os.getenv("VLLM_DISABLE_PYNCCL", "False").lower() in ("true", "1")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #e7bc2537fb9a4cb1 Environment-variable access.
repo/vllm/envs.py:1174
        os.getenv("VLLM_USE_OINK_OPS", "False").lower() in ("true", "1")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #de24264fda90aaa4 Environment-variable access.
repo/vllm/envs.py:1184
        os.getenv("VLLM_MXFP8_EMULATION_DEQUANT_AT_LOAD", "True").lower()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #be278b42ff1c53f3 Environment-variable access.
repo/vllm/envs.py:1188
        os.getenv("VLLM_ROCM_USE_AITER", "False").lower() in ("true", "1")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #7138db6edd0a5fa4 Environment-variable access.
repo/vllm/envs.py:1193
        os.getenv("VLLM_ROCM_USE_AITER_CUSTOM_AR", "True").lower() in ("true", "1")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #bea9aecbe91f740b Environment-variable access.
repo/vllm/envs.py:1198
        os.getenv("VLLM_ROCM_USE_AITER_PAGED_ATTN", "False").lower() in ("true", "1")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #dbc356aa781b0497 Environment-variable access.
repo/vllm/envs.py:1205
        os.getenv("VLLM_ROCM_USE_AITER_LINEAR", "True").lower() in ("true", "1")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #773c6e64da6417cb Environment-variable access.
repo/vllm/envs.py:1208
        os.getenv("VLLM_ROCM_USE_AITER_LINEAR_HIPBMM", "False").lower() in ("true", "1")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #5489ca7e7bd8c226 Environment-variable access.
repo/vllm/envs.py:1213
        os.getenv("VLLM_ROCM_USE_AITER_MOE", "True").lower() in ("true", "1")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #7a2763fc2374e972 Environment-variable access.
repo/vllm/envs.py:1224
        os.getenv("VLLM_ROCM_AITER_MOE_DISPATCH_POLICY", "0")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #a43dbc0d1c0297dd Environment-variable access.
repo/vllm/envs.py:1228
        os.getenv("VLLM_ROCM_USE_AITER_RMSNORM", "True").lower() in ("true", "1")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #a55ef113d38861cf Environment-variable access.
repo/vllm/envs.py:1233
        os.getenv("VLLM_ROCM_USE_AITER_MLA", "True").lower() in ("true", "1")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #d05f11749dc775d4 Environment-variable access.
repo/vllm/envs.py:1238
        os.getenv("VLLM_ROCM_USE_AITER_MHA", "True").lower() in ("true", "1")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #f048c5754de8c626 Environment-variable access.
repo/vllm/envs.py:1243
        os.getenv("VLLM_ROCM_USE_AITER_FP4_ASM_GEMM", "False").lower() in ("true", "1")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #108422565094016b Environment-variable access.
repo/vllm/envs.py:1248
        os.getenv("VLLM_ROCM_USE_AITER_TRITON_ROPE", "False").lower() in ("true", "1")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #5494ca9562f7003f Environment-variable access.
repo/vllm/envs.py:1253
        os.getenv("VLLM_ROCM_USE_AITER_FP8BMM", "True").lower() in ("true", "1")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #fc49a33b64e7b6c5 Environment-variable access.
repo/vllm/envs.py:1258
        os.getenv("VLLM_ROCM_USE_AITER_FP4BMM", "True").lower() in ("true", "1")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #dd3b5b2028ead52c Environment-variable access.
repo/vllm/envs.py:1262
        os.getenv("VLLM_ROCM_USE_AITER_UNIFIED_ATTENTION", "False").lower()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #ee1e7565e3608824 Environment-variable access.
repo/vllm/envs.py:1268
        os.getenv("VLLM_ROCM_USE_AITER_FUSION_SHARED_EXPERTS", "False").lower()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #829dcb13ba29fefe Environment-variable access.
repo/vllm/envs.py:1274
        os.getenv("VLLM_ROCM_USE_AITER_TRITON_GEMM", "True").lower() in ("true", "1")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #a5e97abbc7f39286 Environment-variable access.
repo/vllm/envs.py:1278
        os.getenv("VLLM_ROCM_USE_SKINNY_GEMM", "True").lower() in ("true", "1")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #ff69e964b2acc99d Environment-variable access.
repo/vllm/envs.py:1281
    "VLLM_ROCM_FP8_PADDING": lambda: bool(int(os.getenv("VLLM_ROCM_FP8_PADDING", "1"))),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #24dac99afab47cd4 Environment-variable access.
repo/vllm/envs.py:1283
    "VLLM_ROCM_MOE_PADDING": lambda: bool(int(os.getenv("VLLM_ROCM_MOE_PADDING", "1"))),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #dbb860ead745700a Environment-variable access.
repo/vllm/envs.py:1286
        os.getenv("VLLM_ROCM_SHUFFLE_KV_CACHE_LAYOUT", "False").lower() in ("true", "1")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #4c6d360262d4c0d2 Environment-variable access.
repo/vllm/envs.py:1301
        os.getenv("VLLM_ROCM_QUICK_REDUCE_CAST_BF16_TO_FP16", "True").lower()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #164c63e13ccaa74e Environment-variable access.
repo/vllm/envs.py:1311
        os.environ.get("VLLM_ROCM_QUICK_REDUCE_MAX_SIZE_BYTES_MB", None)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #0f45189dfefd7983 Environment-variable access.
repo/vllm/envs.py:1318
        os.environ.get("VLLM_ROCM_QUICK_REDUCE_MIN_SIZE_BYTES_MB", None)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #e04714d1cda14c18 Environment-variable access.
repo/vllm/envs.py:1324
        os.environ.get("VLLM_ROCM_QUICK_REDUCE_QUANTIZATION_MIN_SIZE_KB", None)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #b36f2944829fba65 Environment-variable access.
repo/vllm/envs.py:1327
    "Q_SCALE_CONSTANT": lambda: int(os.getenv("Q_SCALE_CONSTANT", "200")),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #0b60afe086d54ea5 Environment-variable access.
repo/vllm/envs.py:1329
    "K_SCALE_CONSTANT": lambda: int(os.getenv("K_SCALE_CONSTANT", "200")),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #0886a03dd08c2792 Environment-variable access.
repo/vllm/envs.py:1331
    "V_SCALE_CONSTANT": lambda: int(os.getenv("V_SCALE_CONSTANT", "100")),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #aa045e6fe99003d0 Environment-variable access.
repo/vllm/envs.py:1334
        int(os.getenv("VLLM_ENABLE_V1_MULTIPROCESSING", "1"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #d47df5eafb6dbe33 Environment-variable access.
repo/vllm/envs.py:1337
        os.getenv("VLLM_LOG_BATCHSIZE_INTERVAL", "-1")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #3b6b6bfba23d79d9 Environment-variable access.
repo/vllm/envs.py:1342
    "VLLM_USE_LAYERNAME": lambda: bool(int(os.getenv("VLLM_USE_LAYERNAME", "1"))),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #ec18f07c5382d2ec Environment-variable access.
repo/vllm/envs.py:1346
        int(os.getenv("VLLM_USE_RUST_FRONTEND", "0"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #96c877d6b95fe102 Environment-variable access.
repo/vllm/envs.py:1355
    "VLLM_SERVER_DEV_MODE": lambda: bool(int(os.getenv("VLLM_SERVER_DEV_MODE", "0"))),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #e27636c1bc878ef1 Environment-variable access.
repo/vllm/envs.py:1364
        os.getenv("VLLM_V1_OUTPUT_PROC_CHUNK_SIZE", "128")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #2b93422498c74bfb Environment-variable access.
repo/vllm/envs.py:1367
    "VLLM_MLA_DISABLE": lambda: bool(int(os.getenv("VLLM_MLA_DISABLE", "0"))),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #56856abd4f22be3f Environment-variable access.
repo/vllm/envs.py:1373
        os.getenv("VLLM_RAY_PER_WORKER_GPUS", "1.0")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #c76e31f8a7a63e8a Environment-variable access.
repo/vllm/envs.py:1378
    "VLLM_RAY_BUNDLE_INDICES": lambda: os.getenv("VLLM_RAY_BUNDLE_INDICES", ""),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #ee099f511b14cb24 Environment-variable access.
repo/vllm/envs.py:1381
    "VLLM_CUDART_SO_PATH": lambda: os.getenv("VLLM_CUDART_SO_PATH", None),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #40e532c823ad88bb Environment-variable access.
repo/vllm/envs.py:1383
    "VLLM_DP_RANK": lambda: int(os.getenv("VLLM_DP_RANK", "0")),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #a8b23a68de606893 Environment-variable access.
repo/vllm/envs.py:1387
        os.getenv("VLLM_DP_RANK_LOCAL", sys.modules[__name__].VLLM_DP_RANK)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #3854320e0ba06c70 Environment-variable access.
repo/vllm/envs.py:1390
    "VLLM_DP_SIZE": lambda: int(os.getenv("VLLM_DP_SIZE", "1")),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #e1e99e1736b231eb Environment-variable access.
repo/vllm/envs.py:1392
    "VLLM_DP_MASTER_IP": lambda: os.getenv("VLLM_DP_MASTER_IP", "127.0.0.1"),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #9c313ea954fbb5d3 Environment-variable access.
repo/vllm/envs.py:1394
    "VLLM_DP_MASTER_PORT": lambda: int(os.getenv("VLLM_DP_MASTER_PORT", "0")),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #f1f4186d36bb80f4 Environment-variable access.
repo/vllm/envs.py:1397
        os.environ.get("VLLM_RANDOMIZE_DP_DUMMY_INPUTS", "0") == "1"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #b3cc3752706c5a90 Environment-variable access.
repo/vllm/envs.py:1410
    "VLLM_RAY_DP_PACK_STRATEGY": lambda: os.getenv(
        "VLLM_RAY_DP_PACK_STRATEGY", "strict"
    ),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #019814dd15eb9725 Environment-variable access.
repo/vllm/envs.py:1417
    "VLLM_RAY_DP_PLACEMENT_NODE_IPS": lambda: os.getenv(
        "VLLM_RAY_DP_PLACEMENT_NODE_IPS", ""
    ),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #6cd32726f08205f7 Environment-variable access.
repo/vllm/envs.py:1423
    "VLLM_RAY_EXTRA_ENV_VAR_PREFIXES_TO_COPY": lambda: os.getenv(
        "VLLM_RAY_EXTRA_ENV_VAR_PREFIXES_TO_COPY", ""
    ),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #4abb7d01d50efe4c Environment-variable access.
repo/vllm/envs.py:1430
    "VLLM_RAY_EXTRA_ENV_VARS_TO_COPY": lambda: os.getenv(
        "VLLM_RAY_EXTRA_ENV_VARS_TO_COPY", ""
    ),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #c41e7f3bac778e7f Environment-variable access.
repo/vllm/envs.py:1434
    "VLLM_CI_USE_S3": lambda: os.environ.get("VLLM_CI_USE_S3", "0") == "1",

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #c0490670a2a409b4 Environment-variable access.
repo/vllm/envs.py:1441
    "VLLM_MODEL_REDIRECT_PATH": lambda: os.environ.get(

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #354c8f042f393237 Environment-variable access.
repo/vllm/envs.py:1441
    "VLLM_MODEL_REDIRECT_PATH": lambda: os.environ.get(
        "VLLM_MODEL_REDIRECT_PATH", None
    ),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #6c3838d3ee2ed55f Environment-variable access.
repo/vllm/envs.py:1446
        os.environ.get("VLLM_MARLIN_USE_ATOMIC_ADD", "0") == "1"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #5fff95346e54e14a Environment-variable access.
repo/vllm/envs.py:1454
        os.environ.get("VLLM_HUMMING_ONLINE_QUANT_CONFIG", None)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #88071b05de90fa2b Environment-variable access.
repo/vllm/envs.py:1458
        os.environ.get("VLLM_HUMMING_INPUT_QUANT_CONFIG", None)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #6b46bddd505d9516 Environment-variable access.
repo/vllm/envs.py:1462
        os.environ.get("VLLM_HUMMING_USE_F16_ACCUM", "0")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #d8f7e54020d5563b Environment-variable access.
repo/vllm/envs.py:1468
    "VLLM_HUMMING_MOE_GEMM_TYPE": lambda: os.environ.get(

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #b27bc1d13f7bd507 Environment-variable access.
repo/vllm/envs.py:1468
    "VLLM_HUMMING_MOE_GEMM_TYPE": lambda: os.environ.get(
        "VLLM_HUMMING_MOE_GEMM_TYPE", None
    ),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #65f37ff377c001db Environment-variable access.
repo/vllm/envs.py:1475
        int(os.getenv("VLLM_DEEPEPLL_NVFP4_DISPATCH", "0"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #c1c51a7c49a4adc2 Environment-variable access.
repo/vllm/envs.py:1481
        os.environ.get("VLLM_V1_USE_OUTLINES_CACHE", "0") == "1"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #7ed34b2368a8e9fe Environment-variable access.
repo/vllm/envs.py:1486
        int(os.environ["VLLM_TPU_BUCKET_PADDING_GAP"])

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #fa95e6700e6b265a Environment-variable access.
repo/vllm/envs.py:1487
        if "VLLM_TPU_BUCKET_PADDING_GAP" in os.environ

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #f1e7c6e247c2d16f Environment-variable access.
repo/vllm/envs.py:1491
        os.environ.get("VLLM_TPU_MOST_MODEL_LEN", None)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #b4ab46a86ddc5cb2 Environment-variable access.
repo/vllm/envs.py:1495
        "proxy" in os.getenv("JAX_PLATFORMS", "").lower()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #2187caa921c25c80 Environment-variable access.
repo/vllm/envs.py:1498
    "VLLM_USE_DEEP_GEMM": lambda: bool(int(os.getenv("VLLM_USE_DEEP_GEMM", "1"))),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #aec4bb2e32b00d4f Environment-variable access.
repo/vllm/envs.py:1501
        int(os.getenv("VLLM_MOE_USE_DEEP_GEMM", "1"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #e6bc6a734a990a70 Environment-variable access.
repo/vllm/envs.py:1505
        int(os.getenv("VLLM_USE_DEEP_GEMM_E8M0", "1"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #bfa002a70ebfe6cb Environment-variable access.
repo/vllm/envs.py:1509
        int(os.getenv("VLLM_USE_DEEP_GEMM_TMA_ALIGNED_SCALES", "1"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #e6317913f6e7d8b5 Environment-variable access.
repo/vllm/envs.py:1533
        int(os.getenv("VLLM_USE_FUSED_MOE_GROUPED_TOPK", "1"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #74f82986870db496 Environment-variable access.
repo/vllm/envs.py:1539
    "VLLM_MOE_SKIP_PADDING": lambda: bool(int(os.getenv("VLLM_MOE_SKIP_PADDING", "0"))),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #9ec0139d2f574848 Environment-variable access.
repo/vllm/envs.py:1543
        int(os.getenv("VLLM_BLOCKSCALE_FP8_GEMM_FLASHINFER", "1"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #34a614af1d259887 Environment-variable access.
repo/vllm/envs.py:1547
        int(os.getenv("VLLM_USE_FLASHINFER_MOE_INT4", "0"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #8d46b871375ce079 Environment-variable access.
repo/vllm/envs.py:1552
    "VLLM_XGRAMMAR_CACHE_MB": lambda: int(os.getenv("VLLM_XGRAMMAR_CACHE_MB", "512")),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #2910e1e1fcef7ba8 Environment-variable access.
repo/vllm/envs.py:1558
        os.getenv("VLLM_REGEX_COMPILATION_TIMEOUT_S", "5")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #0f22d65a175c9d24 Environment-variable access.
repo/vllm/envs.py:1568
        os.getenv("VLLM_MSGPACK_ZERO_COPY_THRESHOLD", "256")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #cd1a5d1d996b71b7 Environment-variable access.
repo/vllm/envs.py:1574
        int(os.getenv("VLLM_ALLOW_INSECURE_SERIALIZATION", "0"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #81b548f1366a77e3 Environment-variable access.
repo/vllm/envs.py:1579
        int(os.getenv("VLLM_DISABLE_REQUEST_ID_RANDOMIZATION", "0"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #a392e10af340340c Environment-variable access.
repo/vllm/envs.py:1582
    "VLLM_NIXL_SIDE_CHANNEL_HOST": lambda: os.getenv(
        "VLLM_NIXL_SIDE_CHANNEL_HOST", "localhost"
    ),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #e86f7f05d5ac976d Environment-variable access.
repo/vllm/envs.py:1587
        os.getenv("VLLM_NIXL_SIDE_CHANNEL_PORT", "5600")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #a693eeaa9729463c Environment-variable access.
repo/vllm/envs.py:1591
    "VLLM_EC_SIDE_CHANNEL_HOST": lambda: os.getenv(
        "VLLM_EC_SIDE_CHANNEL_HOST", "localhost"
    ),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #795673467b0e4dc7 Environment-variable access.
repo/vllm/envs.py:1597
        os.getenv("VLLM_EC_SIDE_CHANNEL_PORT", "5601")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #959566c7fc307061 Environment-variable access.
repo/vllm/envs.py:1601
        os.getenv("VLLM_MOONCAKE_BOOTSTRAP_PORT", "8998")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #8a37ef4adb8a03ac Environment-variable access.
repo/vllm/envs.py:1605
        os.getenv("VLLM_MOONCAKE_STORE_TIER_LOG", "False").lower() in ("true", "1")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #28891424013e2cf3 Environment-variable access.
repo/vllm/envs.py:1613
        os.getenv("VLLM_MOONCAKE_LOAD_RECV_THREADS", "1")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #2a3b125adaa9c582 Environment-variable access.
repo/vllm/envs.py:1617
        os.getenv("VLLM_MOONCAKE_DISK_STAGING_USABLE_RATIO", "0.9")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #8c93203a651d3b80 Environment-variable access.
repo/vllm/envs.py:1620
    "MOONCAKE_PREFERRED_SEGMENT": lambda: os.getenv("MOONCAKE_PREFERRED_SEGMENT"),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #42a65e3c20da1b26 Environment-variable access.
repo/vllm/envs.py:1622
    "MOONCAKE_REQUESTER_LOCAL_HOSTNAME": lambda: os.getenv(
        "MOONCAKE_REQUESTER_LOCAL_HOSTNAME"
    ),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #7fdb60fb615656ed Environment-variable access.
repo/vllm/envs.py:1626
    "VLLM_FLASHINFER_AUTOTUNE_CACHE_DIR": lambda: os.getenv(
        "VLLM_FLASHINFER_AUTOTUNE_CACHE_DIR", None
    ),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #f36fe656dff0ed8a Environment-variable access.
repo/vllm/envs.py:1634
        if "VLLM_FLASHINFER_AUTOTUNE_SKIP_OPS" not in os.environ

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #85bbc05eff24b8b1 Environment-variable access.
repo/vllm/envs.py:1637
            for v in os.environ["VLLM_FLASHINFER_AUTOTUNE_SKIP_OPS"].split(",")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #12876b3c638fe2b5 Environment-variable access.
repo/vllm/envs.py:1649
        os.getenv("VLLM_FLASHINFER_WORKSPACE_BUFFER_SIZE", str(394 * 1024 * 1024))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #4fd7a2728defbac7 Environment-variable access.
repo/vllm/envs.py:1656
        os.getenv("VLLM_MAX_TOKENS_PER_EXPERT_FP4_MOE", "163840")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #3e78916469d22479 Environment-variable access.
repo/vllm/envs.py:1665
        os.getenv("VLLM_FLASHINFER_ALLREDUCE_FUSION_THRESHOLDS_MB", "{}")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #7e7c7ab4a564a807 Environment-variable access.
repo/vllm/envs.py:1673
    "VLLM_MOE_ROUTING_SIMULATION_STRATEGY": lambda: os.environ.get(

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #549ce6bd68185e77 Environment-variable access.
repo/vllm/envs.py:1673
    "VLLM_MOE_ROUTING_SIMULATION_STRATEGY": lambda: os.environ.get(
        "VLLM_MOE_ROUTING_SIMULATION_STRATEGY", ""
    ).lower(),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #e0bdff6ab9733f61 Environment-variable access.
repo/vllm/envs.py:1678
        os.getenv("VLLM_TOOL_PARSE_REGEX_TIMEOUT_SECONDS", "1")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #6da171e2a7ae536c Environment-variable access.
repo/vllm/envs.py:1682
        os.getenv("VLLM_ENFORCE_STRICT_TOOL_CALLING", "True").lower() in ("true", "1")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #7ed002ff75ccfbf2 Environment-variable access.
repo/vllm/envs.py:1688
        os.getenv("VLLM_MQ_MAX_CHUNK_BYTES_MB", "16")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #1ffdd91bd97b636f Environment-variable access.
repo/vllm/envs.py:1693
        os.getenv("VLLM_EXECUTE_MODEL_TIMEOUT_SECONDS", "300")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #4bc9e082c3779445 Environment-variable access.
repo/vllm/envs.py:1697
        os.getenv("VLLM_WORKER_SHUTDOWN_TIMEOUT_SECONDS", "5")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #3986e973b07c35f7 Environment-variable access.
repo/vllm/envs.py:1720
        int(os.getenv("VLLM_COMPUTE_NANS_IN_LOGITS", "0"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #59f54a864d69ca85 Environment-variable access.
repo/vllm/envs.py:1724
        os.getenv("VLLM_MOONCAKE_ABORT_REQUEST_TIMEOUT", "480")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #1caca998560c0681 Environment-variable access.
repo/vllm/envs.py:1729
        int(os.getenv("VLLM_HAS_FLASHINFER_CUBIN", "0"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #946d6b322d521979 Environment-variable access.
repo/vllm/envs.py:1735
        int(os.getenv("VLLM_ENABLE_CUDAGRAPH_GC", "0"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #5d221180a40c202b Environment-variable access.
repo/vllm/envs.py:1738
    "VLLM_LOOPBACK_IP": lambda: os.getenv("VLLM_LOOPBACK_IP", ""),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #537f2739fed4f146 Environment-variable access.
repo/vllm/envs.py:1742
    "VLLM_PROCESS_NAME_PREFIX": lambda: os.getenv("VLLM_PROCESS_NAME_PREFIX", "VLLM"),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #81cb692bc4df6d01 Environment-variable access.
repo/vllm/envs.py:1751
        int(os.getenv("VLLM_ALLOW_CHUNKED_LOCAL_ATTN_WITH_HYBRID_KV_CACHE", "1"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #8ae26875ec44b0a7 Environment-variable access.
repo/vllm/envs.py:1763
        int(os.getenv("VLLM_ENABLE_RESPONSES_API_STORE", "0"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #5568229fd2751739 Environment-variable access.
repo/vllm/envs.py:1767
        int(os.getenv("VLLM_ROCM_FP8_MFMA_PAGE_ATTN", "0"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #fbb3e17634826f6e Environment-variable access.
repo/vllm/envs.py:1771
        int(os.getenv("VLLM_ALLREDUCE_USE_SYMM_MEM", "1"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #7d01d4dab4e7cc28 Environment-variable access.
repo/vllm/envs.py:1775
        int(os.getenv("VLLM_ALLREDUCE_USE_FLASHINFER", "0"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #2b741681f442c58c Environment-variable access.
repo/vllm/envs.py:1779
        int(os.getenv("VLLM_USE_EXPERIMENTAL_PARSER_CONTEXT", "0"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #28cd4ad1314ae052 Environment-variable access.
repo/vllm/envs.py:1785
    "VLLM_TUNED_CONFIG_FOLDER": lambda: os.getenv("VLLM_TUNED_CONFIG_FOLDER", None),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #62ef94d55dd2ecf3 Environment-variable access.
repo/vllm/envs.py:1794
        int(os.getenv("VLLM_ENABLE_STARTUP_PLAN", "0"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #73f9fc21453763d2 Environment-variable access.
repo/vllm/envs.py:1807
        int(os.getenv("VLLM_GPT_OSS_HARMONY_SYSTEM_INSTRUCTIONS", "0"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #427023dc39618764 Environment-variable access.
repo/vllm/envs.py:1814
    "VLLM_SYSTEM_START_DATE": lambda: os.getenv("VLLM_SYSTEM_START_DATE", None),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #afeef151a55e8640 Environment-variable access.
repo/vllm/envs.py:1819
        int(os.getenv("VLLM_TOOL_JSON_ERROR_AUTOMATIC_RETRY", "0"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #58657168fc6082c3 Environment-variable access.
repo/vllm/envs.py:1823
        int(os.getenv("VLLM_CUSTOM_SCOPES_FOR_PROFILING", "0"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #f19d13fe978c9326 Environment-variable access.
repo/vllm/envs.py:1827
        int(os.getenv("VLLM_NVTX_SCOPES_FOR_PROFILING", "0"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #b8464888c2be7b9f Environment-variable access.
repo/vllm/envs.py:1832
        int(os.getenv("VLLM_KV_EVENTS_USE_INT_BLOCK_HASHES", "1"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #b024aac3fbb101a0 Environment-variable access.
repo/vllm/envs.py:1844
        os.getenv("VLLM_DEEPEP_BUFFER_SIZE_MB", "1024")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #36c8708a205f9f50 Environment-variable access.
repo/vllm/envs.py:1850
        int(os.getenv("VLLM_DEEPEP_HIGH_THROUGHPUT_FORCE_INTRA_NODE", "0"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #e1e628b67f0778bb Environment-variable access.
repo/vllm/envs.py:1855
        int(os.getenv("VLLM_DEEPEP_LOW_LATENCY_USE_MNNVL", "0"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #10c2cac650e14f19 Environment-variable access.
repo/vllm/envs.py:1859
        int(os.getenv("VLLM_DEEPEP_V2_ALLOW_HYBRID_MODE", "0"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #23c42ae05ea53d3b Environment-variable access.
repo/vllm/envs.py:1863
        int(os.getenv("VLLM_DEEPEP_V2_PREFER_OVERLAP", "0"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #d6493b3f85466578 Environment-variable access.
repo/vllm/envs.py:1867
        int(os.getenv("VLLM_DEEPEP_V2_ALLOW_MULTIPLE_REDUCTION", "0"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #63a15a93bab9804a Environment-variable access.
repo/vllm/envs.py:1873
        os.getenv(
            "VLLM_DBO_COMM_SMS",
            "64"
            if hasattr(__import__("torch").version, "hip")
            and __import__("torch").version.hip is not None
            else "20",
        )

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #fa0622e22dbf6315 Environment-variable access.
repo/vllm/envs.py:1885
        int(os.getenv("VLLM_ENABLE_INDUCTOR_MAX_AUTOTUNE", "1"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #4e7eccbdbc0a407f Environment-variable access.
repo/vllm/envs.py:1890
        int(os.getenv("VLLM_ENABLE_INDUCTOR_COORDINATE_DESCENT_TUNING", "1"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #318896b5f8248d31 Environment-variable access.
repo/vllm/envs.py:1894
        int(os.getenv("VLLM_USE_NCCL_SYMM_MEM", "0"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #8fe6d5e741b6ff90 Environment-variable access.
repo/vllm/envs.py:1897
    "VLLM_NCCL_INCLUDE_PATH": lambda: os.environ.get("VLLM_NCCL_INCLUDE_PATH", None),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #6b2ab6b707a2d3c7 Environment-variable access.
repo/vllm/envs.py:1903
    "VLLM_GC_DEBUG": lambda: os.getenv("VLLM_GC_DEBUG", ""),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #e5af5571327cce48 Environment-variable access.
repo/vllm/envs.py:1906
    "VLLM_DEBUG_WORKSPACE": lambda: bool(int(os.getenv("VLLM_DEBUG_WORKSPACE", "0"))),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #000ea2ba42a3cd1a Environment-variable access.
repo/vllm/envs.py:1909
        int(os.getenv("VLLM_DISABLE_SHARED_EXPERTS_STREAM", "0"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #69b331a389a7be1f Environment-variable access.
repo/vllm/envs.py:1916
        int(os.getenv("VLLM_SHARED_EXPERTS_STREAM_TOKEN_THRESHOLD", 256))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #60e7da6e3309ac3c Environment-variable access.
repo/vllm/envs.py:1927
        os.getenv("VLLM_MULTI_STREAM_GEMM_TOKEN_THRESHOLD", "1024")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #f1531387813fe331 Environment-variable access.
repo/vllm/envs.py:1940
        os.getenv("VLLM_USE_V2_MODEL_RUNNER", None)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #7e55b8c3c4a183a3 Environment-variable access.
repo/vllm/envs.py:1946
        int(os.getenv("VLLM_LOG_MODEL_INSPECTION", "0"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #ce347192f1c6afac Environment-variable access.
repo/vllm/envs.py:1950
        int(os.getenv("VLLM_DEBUG_MFU_METRICS", "0"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #4d35d245483d48fd Environment-variable access.
repo/vllm/envs.py:1954
        int(os.getenv("VLLM_WEIGHT_OFFLOADING_DISABLE_PIN_MEMORY", "0"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #13317bae7cb7b35d Environment-variable access.
repo/vllm/envs.py:1958
        int(os.getenv("VLLM_WEIGHT_OFFLOADING_DISABLE_UVA", "0"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #e6f61c95baade8af Environment-variable access.
repo/vllm/envs.py:1965
        int(os.getenv("VLLM_WSL2_ENABLE_PIN_MEMORY", "0"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #1d51b9a0fe53b76e Environment-variable access.
repo/vllm/envs.py:1968
    "VLLM_DISABLE_LOG_LOGO": lambda: bool(int(os.getenv("VLLM_DISABLE_LOG_LOGO", "0"))),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #849e3770fe2a2220 Environment-variable access.
repo/vllm/envs.py:1971
    "VLLM_LORA_DISABLE_PDL": lambda: bool(int(os.getenv("VLLM_LORA_DISABLE_PDL", "0"))),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #4f56ec6f7b9c03ce Environment-variable access.
repo/vllm/envs.py:1975
        os.environ.get("VLLM_ENABLE_CUDA_COMPATIBILITY", "0").strip().lower()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #470facafbdcfd752 Environment-variable access.
repo/vllm/envs.py:1979
    "VLLM_CUDA_COMPATIBILITY_PATH": lambda: os.environ.get(

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #812fd103474b6a0a Environment-variable access.
repo/vllm/envs.py:1979
    "VLLM_CUDA_COMPATIBILITY_PATH": lambda: os.environ.get(
        "VLLM_CUDA_COMPATIBILITY_PATH", None
    ),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #0df4501092c2ef6f Environment-variable access.
repo/vllm/envs.py:1987
        os.getenv("VLLM_SKIP_MODEL_NAME_VALIDATION", "0").strip().lower()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #1012a4fefd36bf90 Environment-variable access.
repo/vllm/envs.py:1993
        int(os.getenv("VLLM_ELASTIC_EP_SCALE_UP_LAUNCH", "0"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #622a5855d82b13dd Environment-variable access.
repo/vllm/envs.py:1998
        int(os.getenv("VLLM_ELASTIC_EP_DRAIN_REQUESTS", "0"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #2f871cc5e074009a Environment-variable access.
repo/vllm/envs.py:2004
        int(os.getenv("VLLM_MEMORY_PROFILER_ESTIMATE_CUDAGRAPHS", "1"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #e673cb92eacc9922 Environment-variable access.
repo/vllm/envs.py:2008
        os.getenv("VLLM_NIXL_EP_MAX_NUM_RANKS", "32")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #6c4525f1c222917f Environment-variable access.
repo/vllm/envs.py:2012
        int(os.getenv("VLLM_XPU_ENABLE_XPU_GRAPH", "0"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #3ff7899782e742b0 Environment-variable access.
repo/vllm/envs.py:2016
        int(os.getenv("VLLM_XPU_USE_SAMPLER_KERNEL", "1"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #2dbe7f427b2850bf Environment-variable access.
repo/vllm/envs.py:2020
        int(os.getenv("VLLM_USE_SIMPLE_KV_OFFLOAD", "0"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #974709ef694d6840 Environment-variable access.
repo/vllm/envs.py:2026
        int(os.getenv("VLLM_LORA_ENABLE_DUAL_STREAM", "0"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #aab446a801b3a7de Environment-variable access.
repo/vllm/envs.py:2030
    "VLLM_USE_SPINLOOP_EXT": lambda: bool(int(os.getenv("VLLM_USE_SPINLOOP_EXT", "0"))),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #117be37c48c37c2f Environment-variable access.
repo/vllm/envs.py:2033
    "VLLM_GPU_NIC_PCIE_MAPPING": lambda: os.getenv("VLLM_GPU_NIC_PCIE_MAPPING", ""),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #321fee1c010b2404 Environment-variable access.
repo/vllm/envs.py:2037
    "VLLM_NIC_SELECTION_VARS": lambda: os.getenv("VLLM_NIC_SELECTION_VARS", ""),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #1fc0f7c85bac11b1 Environment-variable access.
repo/vllm/envs.py:2103
        return name in os.environ

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #8c978a922fb0c1f7 Environment-variable access.
repo/vllm/envs.py:2108
    for env in os.environ:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #13d5e1721f14266a Environment-variable access.
repo/vllm/envs.py:2238
        factors[var] = normalize_value(os.getenv(var))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #446ccb65fa8dff95 Filesystem access.
repo/vllm/ir/util.py:26
            src_str = src.read_text()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #19fd2aa34fd78300 Filesystem access.
repo/vllm/kernels/helion/config_manager.py:235
            test_file.write_text("test")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #67464f8d3d04b606 Filesystem access.
repo/vllm/kernels/helion/config_manager.py:247
            with open(config_path) as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #9397980ca867088d Filesystem access.
repo/vllm/kernels/helion/config_manager.py:262
                with open(platform_file) as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #d4c6dee9b7209c2e Filesystem access.
repo/vllm/kernels/helion/config_manager.py:293
            with open(platform_path, "w") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #da7cd0d0e6a87bf6 Filesystem access.
repo/vllm/kernels/helion/config_manager.py:317
        with open(platform_path, "w") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #a1550efa95c32f0b Filesystem access.
repo/vllm/logger.py:185
        with open(envs.VLLM_LOGGING_CONFIG_PATH, encoding="utf-8") as file:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #550bd28777bb08ae Filesystem access.
repo/vllm/logger.py:272
            with open(log_path, "a") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #e39f2e769bbfbbf4 Filesystem access.
repo/vllm/lora/ops/triton_ops/utils.py:189
        with open(str(config_path)) as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #a3485ca22bae3cd5 Filesystem access.
repo/vllm/lora/peft_helper.py:110
            with open(lora_config_path) as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #bb56f41bd143e0b4 Filesystem access.
repo/vllm/model_executor/layers/attention/mm_encoder_attention.py:71
    with open(path, encoding="utf-8") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #c5945242b7a542b8 Filesystem access.
repo/vllm/model_executor/layers/attention/mm_encoder_attention.py:140
    with open(path, "w", encoding="utf-8") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #ccdec8dcb3dacc72 Environment-variable access.
repo/vllm/model_executor/layers/batch_invariant.py:918
        os.environ["CUBLAS_WORKSPACE_CONFIG"] = ":16:8"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #70b0456304f6a573 Environment-variable access.
repo/vllm/model_executor/layers/batch_invariant.py:919
        os.environ["CUBLASLT_WORKSPACE_SIZE"] = "1"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #8428a38346964d11 Environment-variable access.
repo/vllm/model_executor/layers/batch_invariant.py:954
    os.environ["VLLM_ALLREDUCE_USE_SYMM_MEM"] = "0"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #a5e3caf8b3af29e8 Environment-variable access.
repo/vllm/model_executor/layers/batch_invariant.py:956
    os.environ["CUBLAS_WORKSPACE_CONFIG"] = ":4096:8"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #67fbce686eb62bc6 Environment-variable access.
repo/vllm/model_executor/layers/batch_invariant.py:959
    os.environ["NCCL_LAUNCH_MODE"] = "GROUP"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #d19c406ecbc40c2c Environment-variable access.
repo/vllm/model_executor/layers/batch_invariant.py:960
    os.environ["NCCL_COLLNET_ENABLE"] = "0"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #6648eccdef1b2112 Environment-variable access.
repo/vllm/model_executor/layers/batch_invariant.py:961
    os.environ["NCCL_NVLS_ENABLE"] = "0"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #8f03f1b314b99295 Environment-variable access.
repo/vllm/model_executor/layers/batch_invariant.py:962
    os.environ["NCCL_P2P_NET_DISABLE"] = "1"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #697a30272487c6ab Environment-variable access.
repo/vllm/model_executor/layers/batch_invariant.py:963
    os.environ["NCCL_MIN_NCHANNELS"] = "1"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #5f9d4d497b4f3d58 Environment-variable access.
repo/vllm/model_executor/layers/batch_invariant.py:964
    os.environ["NCCL_MAX_NCHANNELS"] = "1"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #c93f5e8c5f54f3e9 Environment-variable access.
repo/vllm/model_executor/layers/batch_invariant.py:965
    os.environ["NCCL_PROTO"] = "Simple"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #50a2ee851c5dea8c Environment-variable access.
repo/vllm/model_executor/layers/batch_invariant.py:966
    os.environ["NCCL_ALGO"] = "allreduce:tree"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #5ddbe8ddb8bcdc6c Environment-variable access.
repo/vllm/model_executor/layers/batch_invariant.py:967
    os.environ["NCCL_NTHREADS"] = "1"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #5afe4987e7567ca7 Environment-variable access.
repo/vllm/model_executor/layers/batch_invariant.py:968
    os.environ["NCCL_SOCKET_NTHREADS"] = "1"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #ef3cbd60635f63d2 Environment-variable access.
repo/vllm/model_executor/layers/batch_invariant.py:971
    os.environ["VLLM_USE_AOT_COMPILE"] = "0"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #e7b381d8a7d6dc4e Environment-variable access.
repo/vllm/model_executor/layers/fla/ops/l2norm.py:18
USE_DEFAULT_FLA_NORM = int(os.getenv("USE_DEFAULT_FLA_NORM", "0"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #448ddb5b8adc4648 Environment-variable access.
repo/vllm/model_executor/layers/fla/ops/op.py:16
if os.environ.get("FLA_USE_FAST_OPS", "0") == "1":

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #ef45d2f561cc1074 Environment-variable access.
repo/vllm/model_executor/layers/fla/ops/solve_tril.py:21
FLA_TRIL_PRECISION = os.environ.get("FLA_TRIL_PRECISION", "ieee")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #7ba2fd300733421b Environment-variable access.
repo/vllm/model_executor/layers/fla/ops/utils.py:25
COMPILER_MODE = os.getenv("FLA_COMPILER_MODE") == "1"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #0437124853661c8f Environment-variable access.
repo/vllm/model_executor/layers/fla/ops/utils.py:26
FLA_CI_ENV = os.getenv("FLA_CI_ENV") == "1"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #f94e85319777844a Environment-variable access.
repo/vllm/model_executor/layers/fla/ops/utils.py:28
SUPPRESS_LEVEL = int(os.getenv("GDN_RECOMPUTE_SUPPRESS_LEVEL", "0"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #87f8fa80b20f9bf0 Environment-variable access.
repo/vllm/model_executor/layers/fla/ops/utils.py:155
use_cuda_graph = is_nvidia and os.environ.get("FLA_USE_CUDA_GRAPH", "0") == "1"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #d5fff93c00128450 Environment-variable access.
repo/vllm/model_executor/layers/fla/ops/utils.py:159
    and os.getenv("FLA_USE_TMA", "0") == "1"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #8a6a7de14150cda2 Filesystem access.
repo/vllm/model_executor/layers/fused_moe/fused_flydsl_moe.py:118
        with open(config_file_path) as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #3751ea3a23dd437c Filesystem access.
repo/vllm/model_executor/layers/fused_moe/fused_moe.py:1093
            with open(config_file_path) as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #0059653b22b8ba92 Environment-variable access.
repo/vllm/model_executor/layers/fused_moe/oracle/mxfp4.py:1449
        os.environ["AITER_BF16_FP8_MOE_BOUND"] = "0"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #09d24f33df893ddf Filesystem access.
repo/vllm/model_executor/layers/mamba/gdn/qwen_gdn_linear_attn.py:139
            with open(pkg_path.locate(), "rb") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #868578071e2c6ade Filesystem access.
repo/vllm/model_executor/layers/mamba/ops/mamba_ssm.py:96
            with open(path) as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #bb4795745954e278 Filesystem access.
repo/vllm/model_executor/layers/quantization/torchao.py:224
        with open(config_file) as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #109ad2234a9ff71a Filesystem access.
repo/vllm/model_executor/layers/quantization/utils/fp8_utils.py:875
        with open(config_file_path) as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #0773097c27e1f916 Filesystem access.
repo/vllm/model_executor/layers/quantization/utils/int8_utils.py:340
        with open(config_file_path) as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #029650e4a059e9c8 Environment-variable access.
repo/vllm/model_executor/model_loader/runai_streamer_loader.py:73
            os.environ.update(env_updates)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #2510ce444751e966 Environment-variable access.
repo/vllm/model_executor/model_loader/runai_streamer_loader.py:75
            runai_streamer_s3_endpoint = os.getenv("RUNAI_STREAMER_S3_ENDPOINT")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #9cc64bda89651773 Environment-variable access.
repo/vllm/model_executor/model_loader/runai_streamer_loader.py:76
            aws_endpoint_url = os.getenv("AWS_ENDPOINT_URL")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #0465e2823d9cf181 Environment-variable access.
repo/vllm/model_executor/model_loader/runai_streamer_loader.py:78
                os.environ["RUNAI_STREAMER_S3_ENDPOINT"] = aws_endpoint_url

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #4669fc33123a3c9c Filesystem access.
repo/vllm/model_executor/model_loader/tensorizer.py:648
                open(artifact.path, "rb") as f,

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #1cc714e85052d23d Filesystem access.
repo/vllm/model_executor/model_loader/tensorizer.py:673
        with open(keyfile, "rb") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #98097b5f544c4c07 Filesystem access.
repo/vllm/model_executor/model_loader/tensorizer.py:773
    with open(config_path) as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #3aecd05b1f1faa1a Environment-variable access.
repo/vllm/model_executor/model_loader/weight_utils.py:76
    if "HF_XET_HIGH_PERFORMANCE" not in os.environ:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #7059f1f928a4ca97 Filesystem access.
repo/vllm/model_executor/model_loader/weight_utils.py:380
    with open(quant_config_file) as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #bb25082dea2013e9 Filesystem access.
repo/vllm/model_executor/model_loader/weight_utils.py:423
    with open(config_file) as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #cd013c0c4f47ab49 Filesystem access.
repo/vllm/model_executor/model_loader/weight_utils.py:483
                with open(index_path) as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #fc6808f9843eefa0 Filesystem access.
repo/vllm/model_executor/model_loader/weight_utils.py:593
    with open(index_file_name) as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #47ee22daaffe19c6 Filesystem access.
repo/vllm/model_executor/model_loader/weight_utils.py:673
                    with open(param_path, "wb") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #13f756b269d1b59e Filesystem access.
repo/vllm/model_executor/model_loader/weight_utils.py:676
            with open(weight_names_file, "w") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #4a59dcd3ba45f127 Filesystem access.
repo/vllm/model_executor/model_loader/weight_utils.py:679
    with open(weight_names_file) as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #5341c8e3b767d4bf Filesystem access.
repo/vllm/model_executor/model_loader/weight_utils.py:684
        with open(param_path, "rb") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #886c87f85119c705 Filesystem access.
repo/vllm/model_executor/model_loader/weight_utils.py:717
        with open("/proc/mounts") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #1ebdbeba0f4ba9d7 Filesystem access.
repo/vllm/model_executor/model_loader/weight_utils.py:748
    with open(file_path, "rb") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #fb28c68724aad354 Filesystem access.
repo/vllm/model_executor/model_loader/weight_utils.py:921
            with open(st_file, "rb") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #55dbf008daec4a9e Filesystem access.
repo/vllm/model_executor/models/llava_onevision2.py:173
        with open(config_file, encoding="utf-8") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #9ca050b9d8e7c1da Filesystem access.
repo/vllm/model_executor/models/mimo_audio.py:1258
        with open(config_path) as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #37e2a57320620743 Environment-variable access.
repo/vllm/model_executor/models/minicpmo.py:81
if os.getenv("USE_FLAGOS") == "1":

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #d21991404dce2017 Filesystem access.
repo/vllm/model_executor/models/registry.py:878
            hasher.update(path.read_bytes())

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #b1e615f3398bca22 Filesystem access.
repo/vllm/model_executor/models/registry.py:886
                with open(modelinfo_path, encoding="utf-8") as file:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #336334e2af5e5b2c Filesystem access.
repo/vllm/model_executor/models/registry.py:1449
        with open(output_filepath, "rb") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #0907da69956c1b36 Filesystem access.
repo/vllm/model_executor/models/registry.py:1463
    with open(output_file, "wb") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #972da665e2a69069 Filesystem access.
repo/vllm/model_executor/warmup/flashinfer_sparse_mla_warmup.py:164
        with open(cache_path, "rb") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #3c5fc8157d801948 Filesystem access.
repo/vllm/model_executor/warmup/kernel_warmup.py:251
        with open(cache_path, "rb") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #0edd7cb07a1fb047 Filesystem access.
repo/vllm/multimodal/media/connector.py:234
            return cache_path.read_bytes()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #ee4382d83055af5d Filesystem access.
repo/vllm/multimodal/media/image.py:96
        return self.load_bytes(filepath.read_bytes())

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #058e6065c2ad87d4 Environment-variable access.
repo/vllm/multimodal/video.py:870
                pool_size = int(os.environ.get("VLLM_MEDIA_LOADING_THREAD_COUNT", 8))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #1dc53e8fa4358866 Filesystem access.
repo/vllm/platforms/__init__.py:157
    with open("/proc/cpuinfo") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #fd8de326c3f50b0e Environment-variable access.
repo/vllm/platforms/cpu.py:138
        if env_key in os.environ and os.environ[env_key] != "":

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #7b29af35de967545 Environment-variable access.
repo/vllm/platforms/cpu.py:139
            kv_cache_space = int(os.environ[env_key])

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #3314d6db92dda8c7 Environment-variable access.
repo/vllm/platforms/cpu.py:148
            os.environ.get("VLLM_ENABLE_V1_MULTIPROCESSING", "1") == "1"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #063757b0c7ac2ee5 Environment-variable access.
repo/vllm/platforms/cpu.py:177
            if os.environ.get("VLLM_CPU_CI_ENV", "0") != "0":

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #e437b0489a663aa6 Environment-variable access.
repo/vllm/platforms/cpu.py:225
        os.environ["VLLM_WORKER_MULTIPROC_METHOD"] = "spawn"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #d7e9abbe2f300158 Environment-variable access.
repo/vllm/platforms/cpu.py:229
        os.environ["NUMEXPR_MAX_THREADS"] = str(get_max_threads())

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #738edca08b503298 Environment-variable access.
repo/vllm/platforms/cpu.py:232
        os.environ["TORCHINDUCTOR_COMPILE_THREADS"] = "1"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #42b76419fe4d75c8 Environment-variable access.
repo/vllm/platforms/cpu.py:235
        os.environ["VLLM_DISABLE_SHARED_EXPERTS_STREAM"] = "1"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #138c932436857457 Environment-variable access.
repo/vllm/platforms/cpu.py:238
        os.environ["TORCHINDUCTOR_CPP_DYNAMIC_THREADS"] = "1"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #e258c06420d34021 Environment-variable access.
repo/vllm/platforms/cpu.py:242
            os.environ["VLLM_SSM_CONV_STATE_LAYOUT"] = "SD"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #faa761aec0b920a9 Environment-variable access.
repo/vllm/platforms/cpu.py:244
        ld_preload_str = os.getenv("LD_PRELOAD", "")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #d72cd2af7a351ed3 Environment-variable access.
repo/vllm/platforms/cpu.py:287
                os.environ["LD_PRELOAD"] = ld_preload_str

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #82456723282bc5c2 Environment-variable access.
repo/vllm/platforms/cpu.py:311
                os.environ["LD_PRELOAD"] = ld_preload_str

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #626e65a94256e0a8 Environment-variable access.
repo/vllm/platforms/cpu.py:313
        os.environ["LOCAL_WORLD_SIZE"] = str(

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #b5961fa89f2339a1 Filesystem access.
repo/vllm/platforms/cpu.py:370
                        with open(path) as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #12134384cd339124 Filesystem access.
repo/vllm/platforms/cuda.py:846
            return cpulist_file.read_text().strip() != ""

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #7d0adcd9ab08e99e Filesystem access.
repo/vllm/platforms/cuda.py:886
                    cpulist = cpulist_file.read_text().strip()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #674aaa8ef12a741b Environment-variable access.
repo/vllm/platforms/cuda.py:951
                and os.environ.get("CUDA_DEVICE_ORDER") != "PCI_BUS_ID"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #36e7bda18ac7958b Environment-variable access.
repo/vllm/platforms/interface.py:305
            cls.device_control_env_var in os.environ

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #69974c24d36d1e4b Environment-variable access.
repo/vllm/platforms/interface.py:306
            and os.environ[cls.device_control_env_var] != ""

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #1f2139af99cc7440 Environment-variable access.
repo/vllm/platforms/interface.py:308
            device_ids = os.environ[cls.device_control_env_var].split(",")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #0dce8ed593919ad1 Environment-variable access.
repo/vllm/platforms/interface.py:324
        device_control_env = os.environ.get(cls.device_control_env_var, "")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #38fcbbbf098ecd62 Environment-variable access.
repo/vllm/platforms/interface.py:349
        device_control_env = os.environ.get(cls.device_control_env_var, "")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #449b326713cc0780 Environment-variable access.
repo/vllm/platforms/rocm.py:119
    hip_val = os.environ.get("HIP_VISIBLE_DEVICES") or None

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #5551fe95d6e58611 Environment-variable access.
repo/vllm/platforms/rocm.py:120
    cuda_val = os.environ.get("CUDA_VISIBLE_DEVICES") or None

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #6770915cfbbb2c04 Environment-variable access.
repo/vllm/platforms/rocm.py:139
        os.environ["CUDA_VISIBLE_DEVICES"] = hip_val

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #4cb41399a363cdf6 Environment-variable access.
repo/vllm/platforms/rocm.py:141
        os.environ["HIP_VISIBLE_DEVICES"] = cuda_val

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #b7716e3a8e21472f Environment-variable access.
repo/vllm/platforms/rocm.py:342
    os.environ["HIP_ONLINE_TUNING"] = "1"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #4df4003c4d79aef9 Environment-variable access.
repo/vllm/platforms/rocm.py:396
        if os.environ.get("FLASH_ATTENTION_TRITON_AMD_ENABLE") != "TRUE":

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #71bf878e34312752 Environment-variable access.
repo/vllm/platforms/rocm.py:859
        os.environ["VLLM_USE_TRITON_AWQ"] = "1"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #b9ec75128362ef9b Environment-variable access.
repo/vllm/platforms/xpu.py:240
        xpu_use_triton_kernel = os.getenv("XPU_USE_TRITON_KERNEL", "0") == "1"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #568a533303ea7dcc Environment-variable access.
repo/vllm/platforms/xpu.py:323
        os.environ["UCX_MEMTYPE_CACHE"] = "n"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #10e83ac7e9c931bd Environment-variable access.
repo/vllm/platforms/xpu.py:326
        if "VLLM_WORKER_MULTIPROC_METHOD" not in os.environ:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #0c1703c606955c61 Environment-variable access.
repo/vllm/platforms/xpu.py:327
            os.environ["VLLM_WORKER_MULTIPROC_METHOD"] = "spawn"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #18d8f28e6090b316 Filesystem access.
repo/vllm/plugins/lora_resolvers/filesystem_resolver.py:34
                with open(adapter_config_path) as file:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #8c762dbab93816fc Filesystem access.
repo/vllm/profiler/wrapper.py:258
            with open(profiler_out_file, "w") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #8b97b3ee76b796a2 Filesystem access.
repo/vllm/ray/ray_env.py:20
        with open(RAY_NON_CARRY_OVER_ENV_VARS_FILE) as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #73577bd044cafa23 Environment-variable access.
repo/vllm/ray/ray_env.py:90
    result |= {name for name in os.environ if any(name.startswith(p) for p in prefixes)}

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #31b0825a2b92b0a6 Environment-variable access.
repo/vllm/ray/ray_env.py:104
        sorted(v for v in result if v in os.environ),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #26f95bd592fbc122 Environment-variable access.
repo/vllm/third_party/pynvml.py:2413
                            nvmlLib = CDLL(os.path.join(os.getenv("WINDIR", "C:/Windows"), "System32/nvml.dll"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #a33f86c66b32c93c Environment-variable access.
repo/vllm/third_party/pynvml.py:2417
                            nvmlLib = CDLL(os.path.join(os.getenv("ProgramFiles", "C:/Program Files"), "NVIDIA Corporation/NVSMI/nvml.dll"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #8517db80d6f1e021 Filesystem access.
repo/vllm/tokenizers/kimi_audio.py:29
    with open(vocab_file, encoding="utf-8") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #1442da67f0f3ac40 Filesystem access.
repo/vllm/tokenizers/kimi_audio.py:136
            with open(tokenizer_config, encoding="utf-8") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #80a3346e025b65f8 Environment-variable access.
repo/vllm/tracing/otel.py:74
    os.environ["OTEL_EXPORTER_OTLP_TRACES_ENDPOINT"] = otlp_traces_endpoint

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #90e589a222d590e7 Environment-variable access.
repo/vllm/tracing/otel.py:95
    protocol = os.environ.get(OTEL_EXPORTER_OTLP_TRACES_PROTOCOL, "grpc")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #adfbc9525b24e9a2 Environment-variable access.
repo/vllm/tracing/otel.py:115
    otlp_endpoint = os.environ.get("OTEL_EXPORTER_OTLP_TRACES_ENDPOINT")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #753d3acdbef52718 Environment-variable access.
repo/vllm/tracing/otel.py:228
    if tp := os.environ.get("traceparent", os.environ.get("TRACEPARENT")):  # noqa: SIM112

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #fae788b81d5e494e Environment-variable access.
repo/vllm/tracing/otel.py:231
    if ts := os.environ.get("tracestate", os.environ.get("TRACESTATE")):  # noqa: SIM112

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #3e253fc2d97a3666 Environment-variable access.
repo/vllm/tracing/otel.py:235
        carrier = dict(os.environ)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #1054bd50b1140369 Environment-variable access.
repo/vllm/tracing/otel.py:252
    original_state = {k: os.environ.get(k) for k in TRACE_HEADERS}

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #8170fad5ef151864 Environment-variable access.
repo/vllm/tracing/otel.py:256
        inject(os.environ)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #3bcbe4821636eddb Environment-variable access.
repo/vllm/tracing/otel.py:263
                os.environ.pop(key, None)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #3442cffdf09c87f2 Environment-variable access.
repo/vllm/tracing/otel.py:265
                os.environ[key] = original_value

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #734db0ecac151705 Environment-variable access.
repo/vllm/transformers_utils/config.py:743
                os.environ["VLLM_USE_DEEP_GEMM_E8M0"] = "1"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #7bf2406b9908ccc0 Filesystem access.
repo/vllm/transformers_utils/processors/funasr.py:64
    with open(cmvn_file, encoding="utf-8") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #65799f3253b7c158 Environment-variable access.
repo/vllm/transformers_utils/repo_utils.py:102
                    token=os.getenv("MODELSCOPE_API_TOKEN", None),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #102a0c3a26e76dbc Filesystem access.
repo/vllm/transformers_utils/repo_utils.py:296
        with open(file_path, "rb") as file:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #0c9aa77a45a8b2a0 Filesystem access.
repo/vllm/transformers_utils/repo_utils.py:357
        with open(file_path) as file:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #d869db4b22503ab5 Filesystem access.
repo/vllm/transformers_utils/utils.py:63
    with open(path) as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #a9fed920bc09039f Filesystem access.
repo/vllm/transformers_utils/utils.py:72
    with open(path) as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #399ce608ff6a77cc Filesystem access.
repo/vllm/transformers_utils/utils.py:113
    with open(path, "rb") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #b30289d13c673bec Environment-variable access.
repo/vllm/triton_utils/importing.py:38
        visible_devices = os.environ.get(visible_devices_env)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #ef4c58d7fa0a50e1 Filesystem access.
repo/vllm/usage/usage_lib.py:96
            file_content = path.read_text().lower()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #6bef020026d318e4 Environment-variable access.
repo/vllm/usage/usage_lib.py:106
        if os.environ.get(env_var):

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #fb13d478bfa0865b Filesystem access.
repo/vllm/usage/usage_lib.py:277
        with open(_USAGE_STATS_JSON_PATH, "a") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #96b8a4cb96d1f267 Filesystem access.
repo/vllm/utils/argparse_utils.py:563
            with open(file_path) as config_file:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #40e488aa3a1f8ec7 Filesystem access.
repo/vllm/utils/cpu_resource_utils.py:56
        with open(path) as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #8b34e265562c9ce2 Filesystem access.
repo/vllm/utils/cpu_resource_utils.py:98
    with open(path) as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #62c95df7e0deeb50 Filesystem access.
repo/vllm/utils/cpu_resource_utils.py:141
    with open(meminfo_path) as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #f2f5462252d1c2b6 Environment-variable access.
repo/vllm/utils/cpu_resource_utils.py:192
        ("VLLM_CPU_SIM_MULTI_NUMA" not in os.environ)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #8e413ff0e9832736 Environment-variable access.
repo/vllm/utils/cpu_resource_utils.py:193
        and env_key in os.environ

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #de6cad3228e4b24c Environment-variable access.
repo/vllm/utils/cpu_resource_utils.py:194
        and os.environ[env_key] != ""

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #df5075fb9352041b Environment-variable access.
repo/vllm/utils/cpu_resource_utils.py:196
        visible_nodes = [int(s) for s in os.environ[env_key].split(",")]

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #cfb2bb6449373581 Environment-variable access.
repo/vllm/utils/deep_gemm.py:251
    if not os.environ.get(DEEP_GEMM_JIT_CACHE_ENV_NAME, None):

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #f654c82593205db9 Environment-variable access.
repo/vllm/utils/deep_gemm.py:252
        os.environ[DEEP_GEMM_JIT_CACHE_ENV_NAME] = os.path.join(

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #44328bf477bd599e Environment-variable access.
repo/vllm/utils/flashinfer.py:30
FLASHINFER_CUBINS_REPOSITORY = os.environ.get(

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #f93fffa84a3f3c60 Environment-variable access.
repo/vllm/utils/flashinfer.py:30
FLASHINFER_CUBINS_REPOSITORY = os.environ.get(
    "FLASHINFER_CUBINS_REPOSITORY",
    "https://edge.urm.nvidia.com/artifactory/sw-kernelinferencelibrary-public-generic-local/",  # noqa: E501
)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #e2120bafeb8d1555 Environment-variable access.
repo/vllm/utils/jit_monitor.py:97
    user_val = os.environ.get("TRITON_PRINT_AUTOTUNING")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #058eb121160bbac8 Environment-variable access.
repo/vllm/utils/jit_monitor.py:519
    previous_env = os.environ.get(key)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #a09cfbd02f8af836 Environment-variable access.
repo/vllm/utils/jit_monitor.py:521
    os.environ[key] = "workqueue"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #bb8b9c2408fd60e1 Environment-variable access.
repo/vllm/utils/jit_monitor.py:527
            os.environ.pop(key, None)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #66c8ee171750ab99 Environment-variable access.
repo/vllm/utils/jit_monitor.py:529
            os.environ[key] = previous_env

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #6146c0ea4d1c05bc Environment-variable access.
repo/vllm/utils/network_utils.py:35
    if "HOST_IP" in os.environ and "VLLM_HOST_IP" not in os.environ:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #c1a12604e35fcb2f Environment-variable access.
repo/vllm/utils/network_utils.py:159
    if "VLLM_DP_MASTER_PORT" in os.environ:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #92f6ffbecec2cf73 Filesystem access.
repo/vllm/utils/numa_utils.py:185
        with open(_PROC_CPUINFO_PATH) as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #083d3bbf08501a33 Filesystem access.
repo/vllm/utils/numa_utils.py:217
        with open(_PCT_HIGHEST_PERF_PATH) as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #8455cef9b62e172b Filesystem access.
repo/vllm/utils/numa_utils.py:299
            cpulist_raw = cpulist_path.read_text().strip()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #f67d9e7e3de95ac9 Environment-variable access.
repo/vllm/utils/numa_utils.py:563
    old_numactl_args = os.environ.get(_NUMACTL_ARGS_ENV)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #e6b4487020593c4e Environment-variable access.
repo/vllm/utils/numa_utils.py:564
    old_python_executable = os.environ.get(_NUMACTL_PYTHON_EXECUTABLE_ENV)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #eb34067652b30fb5 Environment-variable access.
repo/vllm/utils/numa_utils.py:565
    os.environ[_NUMACTL_ARGS_ENV] = numactl_args

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #51a4e0874c447707 Environment-variable access.
repo/vllm/utils/numa_utils.py:566
    os.environ[_NUMACTL_PYTHON_EXECUTABLE_ENV] = python_executable

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #49ff9c16109070d6 Environment-variable access.
repo/vllm/utils/numa_utils.py:571
            os.environ.pop(_NUMACTL_ARGS_ENV, None)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #9e7d2fd6f4ace77a Environment-variable access.
repo/vllm/utils/numa_utils.py:573
            os.environ[_NUMACTL_ARGS_ENV] = old_numactl_args

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #b6d4ff1a519d0bd4 Environment-variable access.
repo/vllm/utils/numa_utils.py:576
            os.environ.pop(_NUMACTL_PYTHON_EXECUTABLE_ENV, None)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #034f1029bd6004bc Environment-variable access.
repo/vllm/utils/numa_utils.py:578
            os.environ[_NUMACTL_PYTHON_EXECUTABLE_ENV] = old_python_executable

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #6894df2c386ccf72 Environment-variable access.
repo/vllm/utils/ompmultiprocessing.py:36
        self.simulate_multi_node = os.environ.get("VLLM_CPU_SIM_MULTI_NUMA", "0") != "0"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #49bb6e80242f3799 Environment-variable access.
repo/vllm/utils/ompmultiprocessing.py:37
        ld_preload_str = os.getenv("LD_PRELOAD", "")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #a70d2c9addbccb75 Environment-variable access.
repo/vllm/utils/ompmultiprocessing.py:107
            old_envs_dict[k] = os.environ.get(k)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #989a39ffad696fd0 Environment-variable access.
repo/vllm/utils/ompmultiprocessing.py:112
                os.environ[k] = v

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #12f549c3c850c8a2 Environment-variable access.
repo/vllm/utils/ompmultiprocessing.py:118
                    os.environ.pop(k, None)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #26737f3caed0ad29 Environment-variable access.
repo/vllm/utils/ompmultiprocessing.py:120
                    os.environ[k] = v

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #aabbca8fef0766c3 Environment-variable access.
repo/vllm/utils/system_utils.py:37
        if k in os.environ and os.environ[k] != v:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #45ab7ddfacefe1e3 Environment-variable access.
repo/vllm/utils/system_utils.py:41
                os.environ[k],

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #4fc563cef18056ce Environment-variable access.
repo/vllm/utils/system_utils.py:44
        os.environ[k] = v

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #afd2f9d28dd1566d Environment-variable access.
repo/vllm/utils/system_utils.py:50
    old = os.environ.get(key)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #f1bdfcc9d3327463 Environment-variable access.
repo/vllm/utils/system_utils.py:51
    os.environ[key] = value

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #a5b7073599aa5277 Environment-variable access.
repo/vllm/utils/system_utils.py:56
            os.environ.pop(key, None)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #d444a75a5a843f16 Environment-variable access.
repo/vllm/utils/system_utils.py:58
            os.environ[key] = old

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #b349f971b48f9311 Environment-variable access.
repo/vllm/utils/system_utils.py:130
    if os.environ.get("VLLM_WORKER_MULTIPROC_METHOD") == "spawn":

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #ccaa5f308cd34b70 Environment-variable access.
repo/vllm/utils/system_utils.py:140
        os.environ["RAY_ADDRESS"] = ray.get_runtime_context().gcs_address

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #bbcd39d47c328827 Environment-variable access.
repo/vllm/utils/system_utils.py:165
        os.environ["VLLM_WORKER_MULTIPROC_METHOD"] = "spawn"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #2d25ec60df9fa443 Filesystem access.
repo/vllm/utils/system_utils.py:323
    with open("/proc/self/maps") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #100a3f17e4123a2d Environment-variable access.
repo/vllm/utils/torch_utils.py:165
            num_threads = int(os.environ["OMP_NUM_THREADS"])

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #d51a05d1d13a4d4c Environment-variable access.
repo/vllm/utils/torch_utils.py:195
    old_value = os.environ.get("CUDA_VISIBLE_DEVICES")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #7697f641cda35569 Environment-variable access.
repo/vllm/utils/torch_utils.py:196
    os.environ["CUDA_VISIBLE_DEVICES"] = ""

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #78e97cf24a97a3d6 Environment-variable access.
repo/vllm/utils/torch_utils.py:207
            del os.environ["CUDA_VISIBLE_DEVICES"]

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #d48182b2583c3936 Environment-variable access.
repo/vllm/utils/torch_utils.py:209
            os.environ["CUDA_VISIBLE_DEVICES"] = old_value

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #59664748d71eb805 Filesystem access.
repo/vllm/v1/attention/backends/cpu_attn.py:457
        with open("/proc/cpuinfo") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #1fc531ae355a35d5 Environment-variable access.
repo/vllm/v1/attention/backends/mla/cutlass_mla.py:163
        force_num_kv_splits = os.environ.get("FORCE_NUM_KV_SPLITS", None)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #a21c2d6ffd7b9f16 Environment-variable access.
repo/vllm/v1/core/kv_cache_utils.py:102
    hash_seed = os.getenv("PYTHONHASHSEED")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #418c09115fcc35d2 Environment-variable access.
repo/vllm/v1/engine/core.py:2179
        os.environ.setdefault(

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #ec61966f64c0bf2d Environment-variable access.
repo/vllm/v1/engine/core.py:2216
                f'base value: "{os.getenv(device_control_env_var)}"'

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #4de6f8e8c1d3b466 Environment-variable access.
repo/vllm/v1/engine/utils.py:354
            f'"{os.getenv(device_control_env_var)}"'

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #ef6bd34650ff0365 Environment-variable access.
repo/vllm/v1/engine/utils.py:411
            name: os.environ[name] for name in env_vars_list if name in os.environ

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #223d6f38a12d56eb Environment-variable access.
repo/vllm/v1/executor/multiproc_executor.py:1066
            "OMP_NUM_THREADS" not in os.environ

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #a5ea269afbebbc66 Environment-variable access.
repo/vllm/v1/executor/multiproc_executor.py:1077
            os.environ["OMP_NUM_THREADS"] = str(default_omp_num_threads)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #db32fb43d65eff5b Environment-variable access.
repo/vllm/v1/executor/ray_env_utils.py:18
    return {key: value for key, value in os.environ.items() if key not in exclude_vars}

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #429f5d726902baf4 Environment-variable access.
repo/vllm/v1/executor/ray_executor.py:75
            os.environ["VLLM_USE_RAY_COMPILED_DAG_CHANNEL_TYPE"] = "shm"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #6212d96f139fe06b Environment-variable access.
repo/vllm/v1/executor/ray_executor.py:82
        ray_usage = os.environ.get("RAY_USAGE_STATS_ENABLED", "0")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #dc0625de555e2d10 Environment-variable access.
repo/vllm/v1/executor/ray_executor.py:84
            os.environ["RAY_USAGE_STATS_ENABLED"] = "0"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #adb09dfa36fa78fd Environment-variable access.
repo/vllm/v1/executor/ray_executor.py:320
                if name in os.environ:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #dcf1fe1e056ba567 Environment-variable access.
repo/vllm/v1/executor/ray_executor.py:321
                    args[name] = os.environ[name]

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #643fc0f2e929c03b Environment-variable access.
repo/vllm/v1/executor/ray_executor.py:537
        os.environ.setdefault("RAY_CGRAPH_get_timeout", "300")  # noqa: SIM112

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #5f4a79d6b6c652d3 Environment-variable access.
repo/vllm/v1/executor/ray_executor.py:542
            os.environ["RAY_CGRAPH_get_timeout"],  # noqa: SIM112

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #b331c9f1ed9e5a11 Environment-variable access.
repo/vllm/v1/executor/ray_executor_v2.py:155
                os.environ.setdefault(key, value)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #53e7f1d0b044b40a Environment-variable access.
repo/vllm/v1/executor/ray_executor_v2.py:157
            os.environ[key] = value

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #f82b3f4a8bf156e3 Environment-variable access.
repo/vllm/v1/executor/ray_utils.py:180
            os.environ.update(vars)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #1e96a4d6de9c682c Environment-variable access.
repo/vllm/v1/executor/ray_utils.py:552
    if os.environ.get("RAY_USAGE_STATS_ENABLED", "0") != "1":

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #980cc1749e6b4fe1 Environment-variable access.
repo/vllm/v1/executor/ray_utils.py:553
        os.environ["RAY_USAGE_STATS_ENABLED"] = "0"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #8a6002f9ef36c7fc Environment-variable access.
repo/vllm/v1/executor/uniproc_executor.py:184
        rank = int(os.environ["RANK"])

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #ef1b18fc28684e6c Environment-variable access.
repo/vllm/v1/executor/uniproc_executor.py:185
        local_rank = int(os.environ["LOCAL_RANK"])

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #582bc26500b09d69 Environment-variable access.
repo/vllm/v1/executor/vllm_net_devices.py:177
        existing = os.environ.get(var_name, "").strip()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #cba755a9882924ea Environment-variable access.
repo/vllm/v1/executor/vllm_net_devices.py:180
        os.environ[var_name] = value

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #4560a2459de076fb Filesystem access.
repo/vllm/v1/kv_offload/tiering/fs/manager.py:161
            with open(config_path, "w") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #34fbfebca001ba8c Environment-variable access.
repo/vllm/v1/metrics/prometheus.py:21
    if "PROMETHEUS_MULTIPROC_DIR" not in os.environ:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #8e2d93eee50c9cd9 Environment-variable access.
repo/vllm/v1/metrics/prometheus.py:26
        os.environ["PROMETHEUS_MULTIPROC_DIR"] = _prometheus_multiproc_dir.name

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #bf4ad548ac0c04dd Environment-variable access.
repo/vllm/v1/metrics/prometheus.py:46
    if os.getenv("PROMETHEUS_MULTIPROC_DIR") is not None:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #0d8620af00c0f803 Environment-variable access.
repo/vllm/v1/structured_output/backend_guidance.py:121
            log_level=int(os.environ.get("LLGUIDANCE_LOG_LEVEL", "1")),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #9e15af7db307b737 Environment-variable access.
repo/vllm/v1/structured_output/utils.py:195
    outlines_cache_dir = os.getenv("OUTLINES_CACHE_DIR")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #6bda0666ffd81752 Environment-variable access.
repo/vllm/v1/structured_output/utils.py:196
    xdg_cache_home = os.getenv("XDG_CACHE_HOME")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #750f779abc612d63 Environment-variable access.
repo/vllm/v1/worker/cpu_worker.py:125
            ld_preload_list = os.environ.get("LD_PRELOAD", "")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #7b55f89e89a1e77b Environment-variable access.
repo/vllm/v1/worker/cpu_worker.py:161
        os.environ["VLLM_DIST_IDENT"] = self.distributed_init_method.split(":")[-1]

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #87e9b1bac08cc82c Environment-variable access.
repo/vllm/v1/worker/gpu_worker.py:281
        conf = os.environ.get("PYTORCH_CUDA_ALLOC_CONF", "")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #b65c90ee74329618 Environment-variable access.
repo/vllm/v1/worker/gpu_worker.py:300
            os.environ.pop("NCCL_ASYNC_ERROR_HANDLING", None)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #b0d3aa19ecc5fb92 Filesystem access.
repo/vllm/v1/worker/startup_plan.py:91
        with open(path) as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #b9a0eb107562b444 Filesystem access.
repo/vllm/v1/worker/startup_plan.py:186
        with open(tmp, "w") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #77d2843a6d1e761c Environment-variable access.
repo/vllm/v1/worker/xpu_worker.py:87
        ENV_CCL_ATL_TRANSPORT = os.getenv("CCL_ATL_TRANSPORT", "ofi")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #e5c5c9001a6ce1f5 Environment-variable access.
repo/vllm/v1/worker/xpu_worker.py:88
        ENV_LOCAL_WORLD_SIZE = os.getenv(
            "LOCAL_WORLD_SIZE", str(self.parallel_config.world_size)
        )

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #095c8e597c8b6a48 Environment-variable access.
repo/vllm/v1/worker/xpu_worker.py:91
        os.environ["CCL_ATL_TRANSPORT"] = ENV_CCL_ATL_TRANSPORT

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #51688067ebb5adc9 Environment-variable access.
repo/vllm/v1/worker/xpu_worker.py:92
        os.environ["LOCAL_WORLD_SIZE"] = ENV_LOCAL_WORLD_SIZE

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #b96fe601ddb423ec Environment-variable access.
repo/vllm/v1/worker/xpu_worker.py:93
        os.environ["LOCAL_RANK"] = str(self.local_rank)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

first-party (python): examples/features/structured_outputs

python first-party
expand_more 1 low-confidence finding(s)
low env_fs test-only #00b7fe8bd99ec3c2 Environment-variable access.
repo/examples/features/structured_outputs/structured_outputs_client.py:224
    base_url = os.getenv("OPENAI_BASE_URL", "http://localhost:8000/v1")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

</> Dependencies

openai

python dependency
high pii_flow dependency Excluded from app score #30dd83c1bf00a850 User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
pkgs/python/[email protected]/src/openai/lib/azure.py:249 · flow /tmp/closeopen-mn7y7i4y/pkgs/python/[email protected]/src/openai/lib/azure.py:213 → /tmp/closeopen-mn7y7i4y/pkgs/python/[email protected]/src/openai/lib/azure.py:249
        self._azure_endpoint = httpx.URL(azure_endpoint) if azure_endpoint else None

User/PII-bearing data flows to an external sink — the classic data-exfiltration shape.

Fix: Confirm no user identifiers reach this sink; redact/hash before sending, or remove the flow.

high pii_flow dependency Excluded from app score #15006876ea02782d User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
pkgs/python/[email protected]/src/openai/lib/azure.py:523 · flow /tmp/closeopen-mn7y7i4y/pkgs/python/[email protected]/src/openai/lib/azure.py:487 → /tmp/closeopen-mn7y7i4y/pkgs/python/[email protected]/src/openai/lib/azure.py:523
        self._azure_endpoint = httpx.URL(azure_endpoint) if azure_endpoint else None

User/PII-bearing data flows to an external sink — the classic data-exfiltration shape.

Fix: Confirm no user identifiers reach this sink; redact/hash before sending, or remove the flow.

expand_more 53 low-confidence finding(s)
low env_fs tooling reachable #c57c5166f4fb2391 Environment-variable access.
pkgs/python/[email protected]/examples/realtime/azure_realtime.py:25
        azure_endpoint=os.environ["AZURE_OPENAI_ENDPOINT"],

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling Excluded from app score unreachable #a30267e1fc0e0cdc Filesystem access.
pkgs/python/[email protected]/examples/uploads.py:30
    data = file.read_bytes()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #373dd18d8b401762 Environment-variable access.
pkgs/python/[email protected]/src/openai/__init__.py:137
api_type: _ApiType | None = _t.cast(_ApiType, _os.environ.get("OPENAI_API_TYPE"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #62b34a696c7f4410 Environment-variable access.
pkgs/python/[email protected]/src/openai/__init__.py:139
api_version: str | None = _os.environ.get("OPENAI_API_VERSION")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #d3f4d31dc17e171a Environment-variable access.
pkgs/python/[email protected]/src/openai/__init__.py:141
azure_endpoint: str | None = _os.environ.get("AZURE_OPENAI_ENDPOINT")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #f9e30eefb80689df Environment-variable access.
pkgs/python/[email protected]/src/openai/__init__.py:143
azure_ad_token: str | None = _os.environ.get("AZURE_OPENAI_AD_TOKEN")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #26b08e981cda703a Environment-variable access.
pkgs/python/[email protected]/src/openai/__init__.py:265
    return _os.environ.get("OPENAI_API_KEY") is not None

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #ffc35c997dc93402 Environment-variable access.
pkgs/python/[email protected]/src/openai/__init__.py:269
    return azure_endpoint is not None or _os.environ.get("AZURE_OPENAI_API_KEY") is not None

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #e8a6c33fed62faf3 Environment-variable access.
pkgs/python/[email protected]/src/openai/__init__.py:274
        _os.environ.get("AZURE_OPENAI_AD_TOKEN") is not None

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #e7846d6ac21a6575 Environment-variable access.
pkgs/python/[email protected]/src/openai/__init__.py:290
            azure_endpoint = _os.environ.get("AZURE_OPENAI_ENDPOINT")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #1c641e88c9e4ba9e Environment-variable access.
pkgs/python/[email protected]/src/openai/__init__.py:293
            azure_ad_token = _os.environ.get("AZURE_OPENAI_AD_TOKEN")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #bd25902cefc18b00 Environment-variable access.
pkgs/python/[email protected]/src/openai/__init__.py:296
            api_version = _os.environ.get("OPENAI_API_VERSION")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #195a96769f439ebd Environment-variable access.
pkgs/python/[email protected]/src/openai/__init__.py:306
            if (azure_ad_token is not None or azure_ad_token_provider is not None) and _os.environ.get(

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #e613df7e7e5dbe8d Environment-variable access.
pkgs/python/[email protected]/src/openai/__init__.py:306
            if (azure_ad_token is not None or azure_ad_token_provider is not None) and _os.environ.get(
                "AZURE_OPENAI_API_KEY"
            ) is not None:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #e2c939935cc72597 Environment-variable access.
pkgs/python/[email protected]/src/openai/_client.py:122
            api_key = os.environ.get("OPENAI_API_KEY")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #fb816689fb184594 Environment-variable access.
pkgs/python/[email protected]/src/openai/_client.py:130
            organization = os.environ.get("OPENAI_ORG_ID")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #de90260b7a72722e Environment-variable access.
pkgs/python/[email protected]/src/openai/_client.py:134
            project = os.environ.get("OPENAI_PROJECT_ID")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #2958afed7632a777 Environment-variable access.
pkgs/python/[email protected]/src/openai/_client.py:140
            base_url = os.environ.get("OPENAI_BASE_URL")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #b61c1d9ffc5acd80 Environment-variable access.
pkgs/python/[email protected]/src/openai/_client.py:417
            api_key = os.environ.get("OPENAI_API_KEY")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #465a7974eb82bfec Environment-variable access.
pkgs/python/[email protected]/src/openai/_client.py:425
            organization = os.environ.get("OPENAI_ORG_ID")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #7443ebabea7d3cd6 Environment-variable access.
pkgs/python/[email protected]/src/openai/_client.py:429
            project = os.environ.get("OPENAI_PROJECT_ID")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #1acbf6d9527e8a48 Environment-variable access.
pkgs/python/[email protected]/src/openai/_client.py:435
            base_url = os.environ.get("OPENAI_BASE_URL")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #a5f2c249868167f5 Filesystem access.
pkgs/python/[email protected]/src/openai/_files.py:67
            return (path.name, path.read_bytes())

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #bb49774f606cdcc3 Filesystem access.
pkgs/python/[email protected]/src/openai/_files.py:79
        return pathlib.Path(file).read_bytes()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #2fe8f1d70e0f1437 Filesystem access.
pkgs/python/[email protected]/src/openai/_files.py:109
            return (path.name, await path.read_bytes())

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #dd9fc49e27e454bf Filesystem access.
pkgs/python/[email protected]/src/openai/_files.py:121
        return await anyio.Path(file).read_bytes()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #c7047cc81ba0c7e4 Filesystem access.
pkgs/python/[email protected]/src/openai/_legacy_response.py:438
        with open(file, mode="wb") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #85f7002b9631fb68 Filesystem access.
pkgs/python/[email protected]/src/openai/_legacy_response.py:451
        with open(file, mode="wb") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #e535b70ad0f778fc Environment-variable access.
pkgs/python/[email protected]/src/openai/_models.py:88
            extra="allow", defer_build=coerce_boolean(os.environ.get("DEFER_PYDANTIC_BUILD", "true"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #4b8886d4e3cf51a0 Filesystem access.
pkgs/python/[email protected]/src/openai/_response.py:510
        with open(file, mode="wb") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #a657cb5978b0e50d Filesystem access.
pkgs/python/[email protected]/src/openai/_response.py:552
        with open(file, mode="wb") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #9e4822450a498884 Environment-variable access.
pkgs/python/[email protected]/src/openai/_utils/_logs.py:23
    env = os.environ.get("OPENAI_LOG")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #0fa9e5e506603069 Filesystem access.
pkgs/python/[email protected]/src/openai/_utils/_transform.py:242
            binary = data.read_bytes()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #ea250fc1179de2da Filesystem access.
pkgs/python/[email protected]/src/openai/_utils/_transform.py:404
            binary = await anyio.Path(data).read_bytes()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #df5c7d91507ad915 Filesystem access.
pkgs/python/[email protected]/src/openai/_utils/_utils.py:372
    contents = Path(path).read_bytes()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #f9167cc7be3381c2 Filesystem access.
pkgs/python/[email protected]/src/openai/cli/_api/audio.py:67
        with open(args.file, "rb") as file_reader:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #c0f6a28c18ca24a8 Filesystem access.
pkgs/python/[email protected]/src/openai/cli/_api/audio.py:90
        with open(args.file, "rb") as file_reader:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #da7e4b59818a09ff Filesystem access.
pkgs/python/[email protected]/src/openai/cli/_api/files.py:55
        with open(args.file, "rb") as file_reader:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #b1314e2207d445d5 Filesystem access.
pkgs/python/[email protected]/src/openai/cli/_api/image.py:103
        with open(args.image, "rb") as file_reader:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #509ab5dc79a0ca48 Filesystem access.
pkgs/python/[email protected]/src/openai/cli/_api/image.py:119
        with open(args.image, "rb") as file_reader:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #ba69bc817b2d54b0 Filesystem access.
pkgs/python/[email protected]/src/openai/cli/_api/image.py:125
            with open(args.mask, "rb") as file_reader:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #5bf873095c5cbbc1 Environment-variable access.
pkgs/python/[email protected]/src/openai/cli/_tools/migrate.py:68
    xdg = os.environ.get("XDG_CACHE_HOME")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #c4f57a4d2d32b1e1 Environment-variable access.
pkgs/python/[email protected]/src/openai/cli/_tools/migrate.py:76
    if not os.environ.get("DEBUG"):

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #5f2071a06b82c81b Filesystem access.
pkgs/python/[email protected]/src/openai/cli/_tools/migrate.py:121
        with open(temp_file, "wb") as file:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #1e4229a5050a82be Filesystem access.
pkgs/python/[email protected]/src/openai/lib/_validators.py:485
                with open(fname, "r") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #ba9a89e0fff057de Environment-variable access.
pkgs/python/[email protected]/src/openai/lib/azure.py:188
            api_key = os.environ.get("AZURE_OPENAI_API_KEY")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #d39d33424bd40558 Environment-variable access.
pkgs/python/[email protected]/src/openai/lib/azure.py:191
            azure_ad_token = os.environ.get("AZURE_OPENAI_AD_TOKEN")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #75cebe17302253ca Environment-variable access.
pkgs/python/[email protected]/src/openai/lib/azure.py:199
            api_version = os.environ.get("OPENAI_API_VERSION")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #b60ee829ff51c20b Environment-variable access.
pkgs/python/[email protected]/src/openai/lib/azure.py:213
                azure_endpoint = os.environ.get("AZURE_OPENAI_ENDPOINT")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #3ed6fd5a125e1176 Environment-variable access.
pkgs/python/[email protected]/src/openai/lib/azure.py:462
            api_key = os.environ.get("AZURE_OPENAI_API_KEY")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #935b108638778c56 Environment-variable access.
pkgs/python/[email protected]/src/openai/lib/azure.py:465
            azure_ad_token = os.environ.get("AZURE_OPENAI_AD_TOKEN")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #ff697c3f34328cc2 Environment-variable access.
pkgs/python/[email protected]/src/openai/lib/azure.py:473
            api_version = os.environ.get("OPENAI_API_VERSION")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #a855c08f5064907a Environment-variable access.
pkgs/python/[email protected]/src/openai/lib/azure.py:487
                azure_endpoint = os.environ.get("AZURE_OPENAI_ENDPOINT")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

pydantic

python dependency
expand_more 10 low-confidence finding(s)
low env_fs dependency Excluded from app score #fefe1cd62e3a326e Environment-variable access.
pkgs/python/[email protected]/pydantic/_internal/_core_utils.py:113
    if os.getenv('PYDANTIC_VALIDATE_CORE_SCHEMAS'):

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #7a40d3aec01f5b1e Filesystem access.
pkgs/python/[email protected]/pydantic/deprecated/parse.py:71
    b = path.read_bytes()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #360e25dcae92d3fa Environment-variable access.
pkgs/python/[email protected]/pydantic/json_schema.py:321
                if os.getenv('PYDANTIC_PRIVATE_ALLOW_UNHANDLED_SCHEMA_TYPES'):

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #6258b7c8818c4281 Filesystem access.
pkgs/python/[email protected]/pydantic/mypy.py:1379
    with open(config_file, 'rb') as rf:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #50692ecef6554aaa Environment-variable access.
pkgs/python/[email protected]/pydantic/plugin/_loader.py:27
    disabled_plugins = os.getenv('PYDANTIC_DISABLE_PLUGINS')

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #0080e059c6b3bc9e Environment-variable access.
pkgs/python/[email protected]/pydantic/v1/env_settings.py:173
            env_vars: Mapping[str, Optional[str]] = os.environ

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #7f50dbc5f86c68ea Environment-variable access.
pkgs/python/[email protected]/pydantic/v1/env_settings.py:175
            env_vars = {k.lower(): v for k, v in os.environ.items()}

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #4114f9e8b02b0658 Filesystem access.
pkgs/python/[email protected]/pydantic/v1/env_settings.py:307
                    secret_value = path.read_text().strip()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #c3bb3a571053ba18 Filesystem access.
pkgs/python/[email protected]/pydantic/v1/mypy.py:948
    with open(config_file, read_mode) as rf:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #f4201fa7a84d36e9 Filesystem access.
pkgs/python/[email protected]/pydantic/v1/parse.py:57
    b = path.read_bytes()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.