Close Open Privacy Scan

bolt Snapshot: commit c241c7a
science engine v3
schedule 2026-07-10T10:07:17.340532+00:00

verified_user Application data leak confirmed

High-confidence data exfiltration identified in application code.

App Privacy Score

2 /100
High privacy risk — application leak confirmed

High risk · 986 finding(s)

Dependency score: 37 (High risk)

bar_chart Score Breakdown

pii_flow −60
telemetry −25
egress −10
env_fs −3

list Scan Summary

5 high 16 medium 965 low
First-party packages: 2
Dependency packages: 2
Ecosystem: python

swap_horiz Confirmed data exfiltration in application code

External domains: edge.urm.nvidia.compypi.amd.comqianwen-res.oss-cn-beijing.aliyuncs.comstats.vllm.ai

high first-party (python) User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/examples/generate/batched_chat_completions_online.py:23 repo/examples/generate/batched_chat_completions_online.py:29
high first-party (python) User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/examples/generate/batched_chat_completions_online.py:23 repo/examples/generate/batched_chat_completions_online.py:36
high first-party (python) User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/vllm/utils/flashinfer.py:30 repo/vllm/utils/flashinfer.py:358
hub Dependency data flows (2)
high openai dependency User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
pkgs/python/[email protected]/src/openai/lib/azure.py:213 pkgs/python/[email protected]/src/openai/lib/azure.py:249
high openai dependency User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
pkgs/python/[email protected]/src/openai/lib/azure.py:487 pkgs/python/[email protected]/src/openai/lib/azure.py:523

</> First-Party Code

first-party (python)

python first-party
high pii_flow production #fee55ac3f5b0a98c User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/examples/generate/batched_chat_completions_online.py:29 · flow /tmp/closeopen-3c5vkb17/repo/examples/generate/batched_chat_completions_online.py:23 → /tmp/closeopen-3c5vkb17/repo/examples/generate/batched_chat_completions_online.py:29
    response = httpx.post(BATCH_URL, json=payload, timeout=60)

User/PII-bearing data flows to an external sink — the classic data-exfiltration shape.

Fix: Confirm no user identifiers reach this sink; redact/hash before sending, or remove the flow.

high pii_flow production #829e19c1fe4d7907 User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/examples/generate/batched_chat_completions_online.py:36 · flow /tmp/closeopen-3c5vkb17/repo/examples/generate/batched_chat_completions_online.py:23 → /tmp/closeopen-3c5vkb17/repo/examples/generate/batched_chat_completions_online.py:36
    response = httpx.post(
        f"{BASE_URL}/v1/chat/completions",
        json={
            "model": MODEL,
            "messages": [{"role": "user", "content": "What is the capital of Japan?"}],
        },
        timeout=60,
    )

User/PII-bearing data flows to an external sink — the classic data-exfiltration shape.

Fix: Confirm no user identifiers reach this sink; redact/hash before sending, or remove the flow.

high pii_flow production #244b3e172a4cd036 User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/vllm/utils/flashinfer.py:358 · flow /tmp/closeopen-3c5vkb17/repo/vllm/utils/flashinfer.py:30 → /tmp/closeopen-3c5vkb17/repo/vllm/utils/flashinfer.py:358
        response = requests.get(FLASHINFER_CUBINS_REPOSITORY, timeout=5)

User/PII-bearing data flows to an external sink — the classic data-exfiltration shape.

Fix: Confirm no user identifiers reach this sink; redact/hash before sending, or remove the flow.

medium telemetry production #a37f8bd647d14020 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
repo/examples/observability/opentelemetry/dummy_client.py:5
from opentelemetry.exporter.otlp.proto.grpc.trace_exporter import OTLPSpanExporter

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry production #edfbb5e413fa3501 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
repo/examples/observability/opentelemetry/dummy_client.py:6
from opentelemetry.sdk.trace import TracerProvider

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry production #006d76f8cbbd3c20 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
repo/examples/observability/opentelemetry/dummy_client.py:7
from opentelemetry.sdk.trace.export import BatchSpanProcessor, ConsoleSpanExporter

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry production #c801eb073a6c10ed Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
repo/examples/observability/opentelemetry/dummy_client.py:8
from opentelemetry.trace import SpanKind, set_tracer_provider

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry production #ad153d4259bb9d7f Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
repo/examples/observability/opentelemetry/dummy_client.py:9
from opentelemetry.trace.propagation.tracecontext import TraceContextTextMapPropagator

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry production #d9bbeaf3863ce029 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
repo/vllm/tracing/otel.py:19
    from opentelemetry import trace

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry production #5a71a17883a9b568 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
repo/vllm/tracing/otel.py:20
    from opentelemetry.context.context import Context

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry production #b49c75c806ac1918 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
repo/vllm/tracing/otel.py:21
    from opentelemetry.exporter.otlp.proto.grpc.trace_exporter import (
        OTLPSpanExporter as OTLPGrpcExporter,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry production #d64b2a4ef76b8ebb Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
repo/vllm/tracing/otel.py:24
    from opentelemetry.exporter.otlp.proto.http.trace_exporter import (
        OTLPSpanExporter as OTLPHttpExporter,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry production #9057c8ebc037ce86 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
repo/vllm/tracing/otel.py:27
    from opentelemetry.propagate import inject

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry production #b18c40f6b47c58fb Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
repo/vllm/tracing/otel.py:28
    from opentelemetry.sdk.environment_variables import (
        OTEL_EXPORTER_OTLP_TRACES_PROTOCOL,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry production #5f8c6f20afbb6a53 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
repo/vllm/tracing/otel.py:31
    from opentelemetry.sdk.resources import Resource

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry production #8d497d0e64b24bd8 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
repo/vllm/tracing/otel.py:32
    from opentelemetry.sdk.trace import TracerProvider

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry production #6acf04297411d645 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
repo/vllm/tracing/otel.py:33
    from opentelemetry.sdk.trace.export import BatchSpanProcessor

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry production #cad1f6da003618b5 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
repo/vllm/tracing/otel.py:34
    from opentelemetry.trace import (
        SpanKind,  # noqa: F401
        Tracer,
        set_tracer_provider,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry production #3c1f5b0af5a19879 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
repo/vllm/tracing/otel.py:39
    from opentelemetry.trace.propagation.tracecontext import (
        TraceContextTextMapPropagator,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

expand_more 901 low-confidence finding(s)
low env_fs production #8a182c60db0a5a85 Environment-variable access.
repo/.buildkite/check-wheel-size.py:12
VLLM_MAX_SIZE_MB = int(os.environ.get("VLLM_MAX_SIZE_MB", 500))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #bc88608ea7c58300 Filesystem access.
repo/.buildkite/lm-eval-harness/conftest.py:38
        with open(config_list_file, encoding="utf-8") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #cd00b90297c4b4ec Environment-variable access.
repo/.buildkite/lm-eval-harness/test_lm_eval_correctness.py:36
            if key in os.environ:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #990dd7dcb93bb61c Environment-variable access.
repo/.buildkite/lm-eval-harness/test_lm_eval_correctness.py:37
                old_values[key] = os.environ[key]

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #b277bf9b72d3d520 Environment-variable access.
repo/.buildkite/lm-eval-harness/test_lm_eval_correctness.py:40
            os.environ[key] = str(value)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #9440ddefc21876f9 Environment-variable access.
repo/.buildkite/lm-eval-harness/test_lm_eval_correctness.py:45
            os.environ[key] = value

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #345925f26101c5d0 Environment-variable access.
repo/.buildkite/lm-eval-harness/test_lm_eval_correctness.py:47
            os.environ.pop(key, None)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #e201d88a2b50388a Filesystem access.
repo/.buildkite/lm-eval-harness/test_lm_eval_correctness.py:127
    eval_config = yaml.safe_load(config_filename.read_text(encoding="utf-8"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #f052f26acb80ee1d Filesystem access.
repo/.buildkite/performance-benchmarks/scripts/compare-json-results.py:239
    with open(input_file, encoding="utf-8") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #b0472bd233170a26 Filesystem access.
repo/.buildkite/performance-benchmarks/scripts/compare-json-results.py:466
    lines = env_path.read_text(encoding="utf-8", errors="replace").splitlines()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #c2a7daae8854efda Environment-variable access.
repo/.buildkite/performance-benchmarks/scripts/compare-json-results.py:1141
    disable_excel = os.getenv("VLLM_COMPARE_DISABLE_EXCEL", "0") == "1"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #9a072404a87a2995 Environment-variable access.
repo/.buildkite/performance-benchmarks/scripts/compare-json-results.py:1145
        os.getenv("VLLM_COMPARE_EXCEL_ENGINE", "xlsxwriter").strip() or "xlsxwriter"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #b66bf8f80859d75b Filesystem access.
repo/.buildkite/performance-benchmarks/scripts/compare-json-results.py:1181
        with open("perf_comparison.html", "w", encoding="utf-8") as main_fh:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #4045ee25ca7113e6 Filesystem access.
repo/.buildkite/performance-benchmarks/scripts/compare-json-results.py:1212
                with open(sub_path, "w", encoding="utf-8") as sub_fh:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #ab926821b6e4ec7e Filesystem access.
repo/.buildkite/performance-benchmarks/scripts/convert-results-json-to-markdown.py:79
        with open(file) as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #af56787d6892c050 Filesystem access.
repo/.buildkite/performance-benchmarks/scripts/convert-results-json-to-markdown.py:209
        with open(test_file) as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #b41bec71424e374f Filesystem access.
repo/.buildkite/performance-benchmarks/scripts/convert-results-json-to-markdown.py:216
                with open(test_file.with_suffix(".commands")) as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #3af07b073884f80a Filesystem access.
repo/.buildkite/performance-benchmarks/scripts/convert-results-json-to-markdown.py:268
                with open(test_file.with_suffix(".commands")) as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #db64c0e07cba4223 Filesystem access.
repo/.buildkite/performance-benchmarks/scripts/convert-results-json-to-markdown.py:296
                with open(test_file.with_suffix(".commands")) as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #f2c60e00ae1ba72f Filesystem access.
repo/.buildkite/performance-benchmarks/scripts/convert-results-json-to-markdown.py:393
    with open(results_folder / md_file, "w") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #cadc1ed48831f0f5 Filesystem access.
repo/.buildkite/performance-benchmarks/scripts/convert-results-json-to-markdown.py:408
    with open(results_folder / json_file, "w") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #a961117651e6612a Filesystem access.
repo/.buildkite/scripts/generate-nightly-index.py:306
            with open(variant_dir / "index.html", "w") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #2245017a9809d623 Filesystem access.
repo/.buildkite/scripts/generate-nightly-index.py:319
            with open(package_dir / "index.html", "w") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #acfdcf28a541e7dc Filesystem access.
repo/.buildkite/scripts/generate-nightly-index.py:321
            with open(package_dir / "metadata.json", "w") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #7ec7d53945d07b70 Filesystem access.
repo/.buildkite/scripts/generate-nightly-index.py:326
    with open(index_base_dir / "index.html", "w") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #1e6b538d7adbded7 Filesystem access.
repo/.buildkite/scripts/generate-nightly-index.py:397
    with open(current_objects_path) as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs test-only #f0b385406fad97d5 Filesystem access.
repo/benchmarks/attention_benchmarks/benchmark.py:389
    with open(config_path) as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs test-only #3d5a0e6b5b51bb64 Environment-variable access.
repo/benchmarks/attention_benchmarks/benchmark.py:744
    if args.ncu_profile and "_NCU_INNER" not in os.environ:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs test-only #05a3ae929dd93072 Environment-variable access.
repo/benchmarks/attention_benchmarks/benchmark.py:762
        env = os.environ.copy()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs test-only #e3903f000d52303d Filesystem access.
repo/benchmarks/attention_benchmarks/common.py:416
        with open(path, "w", newline="") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs test-only #3fbdfaf20695a009 Filesystem access.
repo/benchmarks/attention_benchmarks/common.py:453
        with open(path, "w") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs test-only #b2318fb875616cce Filesystem access.
repo/benchmarks/attention_benchmarks/mla_runner.py:122
    with open(config_path, "w") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs test-only #35394ab446b17a06 Environment-variable access.
repo/benchmarks/backend_request_func.py:223
        headers = {"Authorization": f"Bearer {os.environ.get('OPENAI_API_KEY')}"}

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs test-only #3dd81c9a4d8ad702 Environment-variable access.
repo/benchmarks/backend_request_func.py:297
        headers = {"Authorization": f"Bearer {os.environ.get('OPENAI_API_KEY')}"}

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs test-only #4d40f46342a11c36 Environment-variable access.
repo/benchmarks/backend_request_func.py:410
            "Authorization": f"Bearer {os.environ.get('OPENAI_API_KEY')}",

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs test-only #b8931bf776a8bb07 Environment-variable access.
repo/benchmarks/backend_request_func.py:508
            "Authorization": f"Bearer {os.environ.get('OPENAI_API_KEY')}",

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs test-only #596b67d4d2543c31 Environment-variable access.
repo/benchmarks/backend_request_func.py:589
    if os.getenv("VLLM_USE_MODELSCOPE", "False").lower() == "true":

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs test-only #7146bde50b268f8d Environment-variable access.
repo/benchmarks/benchmark_batch_invariance.py:108
        os.environ["VLLM_BATCH_INVARIANT"] = "1"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs test-only #18a8ee8b7e797af7 Environment-variable access.
repo/benchmarks/benchmark_batch_invariance.py:110
        os.environ["VLLM_BATCH_INVARIANT"] = "0"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs test-only #b347326cc4308e95 Environment-variable access.
repo/benchmarks/benchmark_batch_invariance.py:241
    model = os.getenv("VLLM_BENCH_MODEL", "Qwen/Qwen3-1.7B")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs test-only #8700c18b366154b5 Environment-variable access.
repo/benchmarks/benchmark_batch_invariance.py:242
    tp_size = int(os.getenv("VLLM_BENCH_TP_SIZE", "1"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs test-only #9567c9830d30fb19 Environment-variable access.
repo/benchmarks/benchmark_batch_invariance.py:243
    max_batch_size = int(os.getenv("VLLM_BENCH_BATCH_SIZE", "128"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs test-only #a8d6a1bffdeebf7e Environment-variable access.
repo/benchmarks/benchmark_batch_invariance.py:244
    num_trials = int(os.getenv("VLLM_BENCH_NUM_TRIALS", "5"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs test-only #dded8ad3f314b90f Environment-variable access.
repo/benchmarks/benchmark_batch_invariance.py:245
    min_prompt = int(os.getenv("VLLM_BENCH_MIN_PROMPT", "1024"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs test-only #9f046a100d815719 Environment-variable access.
repo/benchmarks/benchmark_batch_invariance.py:246
    max_prompt = int(os.getenv("VLLM_BENCH_MAX_PROMPT", "2048"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs test-only #40de97e60312256a Environment-variable access.
repo/benchmarks/benchmark_batch_invariance.py:247
    max_tokens = int(os.getenv("VLLM_BENCH_MAX_TOKENS", "128"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs test-only #e134bf5213018133 Environment-variable access.
repo/benchmarks/benchmark_batch_invariance.py:248
    temperature = float(os.getenv("VLLM_BENCH_TEMPERATURE", "0.0"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs test-only #f7f3d3d535e8ae3e Environment-variable access.
repo/benchmarks/benchmark_batch_invariance.py:249
    gpu_mem_util = float(os.getenv("VLLM_BENCH_GPU_MEMORY_UTILIZATION", "0.4"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs test-only #27e069bf4d47671d Environment-variable access.
repo/benchmarks/benchmark_batch_invariance.py:250
    max_model_len = int(os.getenv("VLLM_BENCH_MAX_MODEL_LEN", "5120"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs test-only #2f8cbe1d67d7b116 Environment-variable access.
repo/benchmarks/benchmark_batch_invariance.py:251
    backend = os.getenv("VLLM_BENCH_BACKEND", "FLASH_ATTN")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs test-only #03152f69e98d619a Environment-variable access.
repo/benchmarks/benchmark_pin_memory.py:95
            runner = "v2" if os.environ.get("VLLM_USE_V2_MODEL_RUNNER") == "1" else "v1"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs test-only #2d0bac6a24f1d3dc Filesystem access.
repo/benchmarks/benchmark_pin_memory.py:156
    with open(tmp_path) as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs test-only #c1fb8c81e06088a9 Filesystem access.
repo/benchmarks/benchmark_pin_memory.py:226
    with open(tmp_path) as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs test-only #750eea593cfdc8e2 Filesystem access.
repo/benchmarks/benchmark_prefix_caching.py:88
    with open(dataset_path) as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs test-only #4fc09b24a31c6be3 Filesystem access.
repo/benchmarks/benchmark_prioritization.py:31
    with open(dataset_path) as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs test-only #aed8911ff3278851 Filesystem access.
repo/benchmarks/benchmark_prioritization.py:158
        with open(args.output_json, "w") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs test-only #bc1425cde59aa25a Filesystem access.
repo/benchmarks/benchmark_serving_structured_output.py:158
        with open(args.json_schema_path) as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs test-only #ebae6b3fdf3a879c Filesystem access.
repo/benchmarks/benchmark_serving_structured_output.py:883
        with open(result_file_name, "w", encoding="utf-8") as outfile:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs test-only #e29ac5c6f680565a Filesystem access.
repo/benchmarks/cutlass_benchmarks/w8a8_benchmarks.py:233
    with open(f"{base_description}-{timestamp}.pkl", "wb") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs test-only #91a09527e261fdbe Filesystem access.
repo/benchmarks/cutlass_benchmarks/w8a8_benchmarks.py:292
    with open(f"model_bench-{args.dtype}-{timestamp}.pkl", "wb") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs test-only #a28fce78f8f2a59e Filesystem access.
repo/benchmarks/fused_kernels/layernorm_rms_benchmarks.py:307
    with open(f"rms_norm_dpt_quant-{timestamp}.pkl", "wb") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs test-only #0b9a17551d88baa1 Environment-variable access.
repo/benchmarks/kernels/benchmark_block_fp8_gemm.py:7
os.environ["VLLM_USE_DEEP_GEMM"] = "0"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs test-only #0c697eb4164b6a2f Environment-variable access.
repo/benchmarks/kernels/benchmark_device_communicators.py:301
            saved_env = {key: os.environ.get(key) for key in env_dict}

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs test-only #1df0a79840ef023d Environment-variable access.
repo/benchmarks/kernels/benchmark_device_communicators.py:303
                os.environ[key] = value

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs test-only #d109e8c42f057617 Environment-variable access.
repo/benchmarks/kernels/benchmark_device_communicators.py:321
                        os.environ.pop(key, None)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs test-only #4ba2b826c216dfab Environment-variable access.
repo/benchmarks/kernels/benchmark_device_communicators.py:323
                        os.environ[key] = original_value

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs test-only #a263203210457e3e Environment-variable access.
repo/benchmarks/kernels/benchmark_device_communicators.py:505
    os.environ["VLLM_ALLREDUCE_USE_SYMM_MEM"] = "0"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs test-only #f9820d42eafa16e4 Filesystem access.
repo/benchmarks/kernels/benchmark_device_communicators.py:560
            with open(args.output_json, "w") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs test-only #d4c9bd8b55bab3c1 Filesystem access.
repo/benchmarks/kernels/benchmark_flydsl_moe_w4a16.py:269
            with open(store_path, "w") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs test-only #c456b8f3b8e3a0d1 Environment-variable access.
repo/benchmarks/kernels/benchmark_fused_collective.py:92
    b for b in os.environ.get("FI_BACKENDS", "trtllm,mnnvl").split(",") if b

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs test-only #bdfb12078f3282c4 Filesystem access.
repo/benchmarks/kernels/benchmark_fused_collective.py:924
        with open(output_path, "a") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs test-only #1b96702103664ab2 Environment-variable access.
repo/benchmarks/kernels/benchmark_fused_collective.py:992
    if "RANK" not in os.environ or "WORLD_SIZE" not in os.environ:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs test-only #cca2fb24baa54604 Environment-variable access.
repo/benchmarks/kernels/benchmark_fused_collective.py:999
    rank = int(os.environ["RANK"])

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs test-only #c5d722c3abeb0fff Environment-variable access.
repo/benchmarks/kernels/benchmark_fused_collective.py:1000
    world_size = int(os.environ["WORLD_SIZE"])

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs test-only #5775644310913c66 Environment-variable access.
repo/benchmarks/kernels/benchmark_fused_collective.py:1004
    local_rank = int(os.environ.get("LOCAL_RANK", rank))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs test-only #1db9b486c78b3219 Filesystem access.
repo/benchmarks/kernels/benchmark_lora.py:1216
        with open(pkl_file, "wb") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs test-only #72d15c7ba96777e3 Environment-variable access.
repo/benchmarks/kernels/benchmark_machete.py:42
NVTX_PROFILE = os.environ.get("NVTX_PROFILE", False)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs test-only #b05e7a921b7b78f3 Filesystem access.
repo/benchmarks/kernels/benchmark_machete.py:530
    with open(f"{base_description}-{timestamp}.pkl", "wb") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs test-only #122136c03abfc854 Filesystem access.
repo/benchmarks/kernels/benchmark_machete.py:601
    with open(f"model_bench-{type_string}-{timestr}.pkl", "wb") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs test-only #100cc238bd33cf65 Environment-variable access.
repo/benchmarks/kernels/benchmark_moe.py:44
TRITON_CACHE_CLEAR_INTERVAL = int(os.environ.get(_CACHE_CLEAR_INTERVAL_ENV, "50"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs test-only #fe71499a5632970e Environment-variable access.
repo/benchmarks/kernels/benchmark_moe.py:625
            visible_device = os.environ.get("ROCR_VISIBLE_DEVICES", None)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs test-only #e244d933541a2094 Filesystem access.
repo/benchmarks/kernels/benchmark_moe.py:725
    with open(filename, "w") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs test-only #061b7bc96a2dcdfb Environment-variable access.
repo/benchmarks/kernels/benchmark_moe.py:937
    if current_platform.is_rocm() and "HIP_VISIBLE_DEVICES" in os.environ:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs test-only #5bdef1fea8afb24c Environment-variable access.
repo/benchmarks/kernels/benchmark_moe.py:943
        val = os.environ["HIP_VISIBLE_DEVICES"]

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs test-only #aba8e58f08868c86 Environment-variable access.
repo/benchmarks/kernels/benchmark_moe.py:944
        os.environ["ROCR_VISIBLE_DEVICES"] = val

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs test-only #60ccea82ca00d104 Environment-variable access.
repo/benchmarks/kernels/benchmark_moe.py:945
        del os.environ["HIP_VISIBLE_DEVICES"]

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs test-only #bf1eb5d1d1116489 Filesystem access.
repo/benchmarks/kernels/benchmark_mrope.py:245
    with open(csv_filename, "w", newline="") as csvfile:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs test-only #8f51b57cf13b0e29 Filesystem access.
repo/benchmarks/kernels/benchmark_selective_state_update.py:464
    with open(file_path, "w") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs test-only #8ee95df6a9415336 Filesystem access.
repo/benchmarks/kernels/benchmark_selective_state_update.py:560
    with open(results_file, "w") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs test-only #33c090c9cd353d0a Filesystem access.
repo/benchmarks/kernels/benchmark_trtllm_decode_attention.py:237
    with open(filename, "a", newline="") as csvfile:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs test-only #766370a3c34de6b9 Filesystem access.
repo/benchmarks/kernels/benchmark_trtllm_prefill_attention.py:253
    with open(filename, "a", newline="") as csvfile:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs test-only #4e50add750de50e3 Filesystem access.
repo/benchmarks/kernels/benchmark_w8a8_block_fp8.py:277
    with open(config_file_path, "w") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs test-only #7587e65520da3c8a Filesystem access.
repo/benchmarks/kernels/graph_machete_bench.py:25
    with open(args.filename, "rb") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs test-only #b51c4229ab5127e0 Filesystem access.
repo/benchmarks/kernels/ir/bench_ir_ops.py:36
    with open(os.devnull, "w") as _devnull:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs test-only #527d04100de3f9ce Filesystem access.
repo/benchmarks/kernels/ir/bench_ir_ops.py:256
    with open(path, "w", newline="") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs test-only #ae0c35534af005a4 Filesystem access.
repo/benchmarks/multi_turn/bench_dataset.py:417
        with open(filename) as file:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs test-only #6cb50fed482b57ac Environment-variable access.
repo/benchmarks/multi_turn/benchmark_serving_multi_turn.py:1452
        default=int(os.environ.get("MULTITURN_BENCH_MAX_RETRIES", "0")),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs test-only #6c89c51b3dee48a2 Filesystem access.
repo/benchmarks/multi_turn/benchmark_serving_multi_turn.py:1600
    with open(args.input_file) as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs test-only #a5da131f2ac11e93 Environment-variable access.
repo/benchmarks/multi_turn/benchmark_serving_multi_turn.py:1625
        os.environ["TOKENIZERS_PARALLELISM"] = "true"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs test-only #67b0b0a853f188b6 Filesystem access.
repo/benchmarks/multi_turn/benchmark_serving_multi_turn.py:1751
        with open(args.stats_json_output, "w") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs test-only #39673c9e95cafc49 Filesystem access.
repo/benchmarks/multi_turn/benchmark_serving_multi_turn.py:1761
        with open(args.output_file, "w") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs test-only #a0ea3487f5706b14 Filesystem access.
repo/benchmarks/multi_turn/convert_sharegpt_to_openai.py:140
    with open(input_file, encoding="utf-8") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs test-only #f6c311716d570d81 Filesystem access.
repo/benchmarks/multi_turn/convert_sharegpt_to_openai.py:286
    with open(output_file, "w", encoding="utf-8") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #7a885fb77632c8cc Filesystem access.
repo/csrc/cpu/generate_cpu_attn_dispatch.py:271
    with open(output_path, "w") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #38d83a681dc7e5ed Filesystem access.
repo/csrc/libtorch_stable/moe/marlin_moe_wna16/generate_kernels.py:299
            with open(os.path.join(os.path.dirname(__file__), filename), "w") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #b701e328c30ee443 Filesystem access.
repo/csrc/libtorch_stable/moe/marlin_moe_wna16/generate_kernels.py:309
    with open(os.path.join(os.path.dirname(__file__), "kernel_selector.h"), "w") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #27ef86389040ff55 Filesystem access.
repo/csrc/libtorch_stable/quantization/machete/generate.py:688
        with open(filepath, "w") as output_file:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #38581764d63cd5e7 Filesystem access.
repo/csrc/libtorch_stable/quantization/marlin/generate_kernels.py:300
            with open(os.path.join(os.path.dirname(__file__), filename), "w") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #e3f8a1e5100a06d8 Filesystem access.
repo/csrc/libtorch_stable/quantization/marlin/generate_kernels.py:310
    with open(os.path.join(os.path.dirname(__file__), "kernel_selector.h"), "w") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #fc91199e5973fbbd Filesystem access.
repo/docs/mkdocs/hooks/autoref_code.py:73
        source = filepath.read_text(encoding="utf-8")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #2327e2372893c40f Filesystem access.
repo/docs/mkdocs/hooks/generate_argparse.py:62
with open(ROOT_DIR / "requirements/test/cuda.txt") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #56a2ca41b2edf4f4 Filesystem access.
repo/docs/mkdocs/hooks/generate_argparse.py:283
        with open(doc_path, "w", encoding="utf-8") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #0cd4e1697618b440 Filesystem access.
repo/docs/mkdocs/hooks/generate_examples.py:112
        with open(self.main_file, encoding="utf-8") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #9b522f056b7c8dde Filesystem access.
repo/docs/mkdocs/hooks/generate_examples.py:170
                with open(self.main_file, encoding="utf-8") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #8394f74c41164ec7 Filesystem access.
repo/docs/mkdocs/hooks/generate_examples.py:237
        with open(doc_path, "w+", encoding="utf-8") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #918e1d77c6421c90 Filesystem access.
repo/docs/mkdocs/hooks/generate_metrics.py:81
        with open(filepath, encoding="utf-8") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #71a4f6a0f76702a8 Filesystem access.
repo/docs/mkdocs/hooks/generate_metrics.py:136
        with open(output_path, "w", encoding="utf-8") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #e96b7b03a6bf69ec Environment-variable access.
repo/docs/mkdocs/hooks/remove_announcement.py:10
    if os.getenv("READTHEDOCS_VERSION_TYPE") == "tag":

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #267bbc6746c83a6e Environment-variable access.
repo/examples/applications/chatbot/streamlit_openai_chatbot_webserver.py:39
openai_api_key = os.getenv("VLLM_API_KEY", "EMPTY")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #88db16ca412a6197 Environment-variable access.
repo/examples/applications/chatbot/streamlit_openai_chatbot_webserver.py:40
openai_api_base = os.getenv("VLLM_API_BASE", "http://localhost:8000/v1")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #71faacc62d172f12 Filesystem access.
repo/examples/basic/offline_inference/chat.py:87
        with open(chat_template_path) as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #10e5c67e22654d66 Environment-variable access.
repo/examples/disaggregated/disaggregated_encoder/disagg_epd_proxy.py:500
    headers = {"Authorization": f"Bearer {os.getenv('OPENAI_API_KEY', '')}"}

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #c00088b4a8035e6a Environment-variable access.
repo/examples/disaggregated/disaggregated_serving/disagg_proxy_demo.py:96
        expected_api_key = os.environ.get("ADMIN_API_KEY")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #ce87e6168a97ebc4 Environment-variable access.
repo/examples/disaggregated/disaggregated_serving/disagg_proxy_demo.py:198
            headers = {"Authorization": f"Bearer {os.environ.get('OPENAI_API_KEY')}"}

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #f598390459b54b5a Environment-variable access.
repo/examples/disaggregated/disaggregated_serving/disagg_proxy_multiturn.py:196
    api_key = os.environ.get("OPENAI_API_KEY")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #b95c5f91fcffce7f Environment-variable access.
repo/examples/disaggregated/disaggregated_serving/disagg_proxy_pushconnector_demo.py:222
        api_key = os.environ.get("OPENAI_API_KEY")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #a68d1de8a7d38a72 Environment-variable access.
repo/examples/disaggregated/disaggregated_serving/moriio_toy_proxy_server.py:163
            "Authorization": f"Bearer {os.environ.get('OPENAI_API_KEY')}",

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #c109c6f2c49a0c19 Environment-variable access.
repo/examples/disaggregated/disaggregated_serving/moriio_toy_proxy_server.py:189
        "Authorization": f"Bearer {os.environ.get('OPENAI_API_KEY')}",

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #24c8603d2cb00914 Environment-variable access.
repo/examples/disaggregated/disaggregated_serving/moriio_toy_proxy_server.py:357
        "Authorization": f"Bearer {os.environ.get('OPENAI_API_KEY')}",

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #0efd27076423a3ba Filesystem access.
repo/examples/disaggregated/example_connector/decode_example.py:12
        with open("output.txt") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #dc2ec5ebf605cd77 Filesystem access.
repo/examples/disaggregated/example_connector/prefill_example.py:51
    with open("output.txt", "w") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #c5ebaeec53e5950b Filesystem access.
repo/examples/disaggregated/flexkv_connector/prefix_caching_flexkv.py:82
    with open(flexkv_config_path, "w") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #f263dd2fce671f53 Environment-variable access.
repo/examples/disaggregated/flexkv_connector/prefix_caching_flexkv.py:84
    os.environ["FLEXKV_CONFIG_PATH"] = flexkv_config_path

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #79b8b576230fd58e Filesystem access.
repo/examples/disaggregated/kv_load_failure_recovery_offline/decode_example.py:13
        with open("prefill_output.txt") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #b5e854daf1d67303 Filesystem access.
repo/examples/disaggregated/kv_load_failure_recovery_offline/decode_example.py:74
    with open(out_file, "w", encoding="utf-8") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #93e7292ba14a950b Filesystem access.
repo/examples/disaggregated/kv_load_failure_recovery_offline/prefill_example.py:51
    with open("prefill_output.txt", "w") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #1ce9f29dea818421 Environment-variable access.
repo/examples/disaggregated/lmcache/cpu_offload_lmcache.py:30
    os.environ["LMCACHE_CHUNK_SIZE"] = "256"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #8be266320f7e3386 Environment-variable access.
repo/examples/disaggregated/lmcache/cpu_offload_lmcache.py:32
    os.environ["LMCACHE_LOCAL_CPU"] = "True"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #6fa512d46f0be700 Environment-variable access.
repo/examples/disaggregated/lmcache/cpu_offload_lmcache.py:34
    os.environ["LMCACHE_MAX_LOCAL_CPU_SIZE"] = "5.0"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #14896d41e0b704b1 Environment-variable access.
repo/examples/disaggregated/lmcache/disagg_prefill_lmcache_v1/disagg_proxy_server.py:117
    headers = {"Authorization": f"Bearer {os.environ.get('OPENAI_API_KEY')}"}

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #55394612e2917c29 Environment-variable access.
repo/examples/disaggregated/lmcache/disagg_prefill_lmcache_v1/disagg_proxy_server.py:134
    headers = {"Authorization": f"Bearer {os.environ.get('OPENAI_API_KEY')}"}

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #050b0c6aa6299c6b Environment-variable access.
repo/examples/disaggregated/lmcache/kv_cache_sharing_lmcache_v1.py:30
os.environ["LMCACHE_CHUNK_SIZE"] = "256"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #d08fa7760e9864cc Environment-variable access.
repo/examples/disaggregated/lmcache/kv_cache_sharing_lmcache_v1.py:32
os.environ["LMCACHE_LOCAL_CPU"] = "False"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #d669f1afe9f15171 Environment-variable access.
repo/examples/disaggregated/lmcache/kv_cache_sharing_lmcache_v1.py:34
os.environ["LMCACHE_MAX_LOCAL_CPU_SIZE"] = "5.0"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #8e3e407a8634cc6e Environment-variable access.
repo/examples/disaggregated/lmcache/kv_cache_sharing_lmcache_v1.py:36
os.environ["LMCACHE_REMOTE_URL"] = f"lm://localhost:{port}"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #e5fc739782d2c850 Environment-variable access.
repo/examples/disaggregated/lmcache/kv_cache_sharing_lmcache_v1.py:39
os.environ["LMCACHE_REMOTE_SERDE"] = "naive"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #64e48d797d5dae81 Environment-variable access.
repo/examples/disaggregated/lmcache/kv_cache_sharing_lmcache_v1.py:48
    os.environ["CUDA_VISIBLE_DEVICES"] = "0"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #01a5c4e0eabe57d6 Environment-variable access.
repo/examples/disaggregated/lmcache/kv_cache_sharing_lmcache_v1.py:76
    os.environ["CUDA_VISIBLE_DEVICES"] = "1"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #70c63da319b2f66e Environment-variable access.
repo/examples/disaggregated/mooncake_connector/mooncake_connector_proxy.py:269
        "Authorization": f"Bearer {os.environ.get('OPENAI_API_KEY')}",

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #259cac58b1b19f18 Environment-variable access.
repo/examples/disaggregated/mooncake_connector/mooncake_connector_proxy.py:295
        "Authorization": f"Bearer {os.environ.get('OPENAI_API_KEY')}",

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #62831c18a37ea11b Environment-variable access.
repo/examples/features/batch_invariance/reproducibility_offline.py:16
os.environ["VLLM_ENABLE_V1_MULTIPROCESSING"] = "0"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #8c3aee109c0c5f60 Environment-variable access.
repo/examples/features/batch_invariance/reproducibility_offline.py:18
os.environ["VLLM_BATCH_INVARIANT"] = "1"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #caf851e62794bb0a Environment-variable access.
repo/examples/features/data_parallel/data_parallel_offline.py:94
    os.environ["VLLM_DP_RANK"] = str(global_dp_rank)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #4d130d4b273c3fd0 Environment-variable access.
repo/examples/features/data_parallel/data_parallel_offline.py:95
    os.environ["VLLM_DP_RANK_LOCAL"] = str(local_dp_rank)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #59bd71fef41b2165 Environment-variable access.
repo/examples/features/data_parallel/data_parallel_offline.py:96
    os.environ["VLLM_DP_SIZE"] = str(dp_size)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #b84384806cf20036 Environment-variable access.
repo/examples/features/data_parallel/data_parallel_offline.py:97
    os.environ["VLLM_DP_MASTER_IP"] = dp_master_ip

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #50c788acc284e91c Environment-variable access.
repo/examples/features/data_parallel/data_parallel_offline.py:98
    os.environ["VLLM_DP_MASTER_PORT"] = str(dp_master_port)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #6ca847d6ce31c458 Environment-variable access.
repo/examples/features/structured_outputs/structured_outputs_client.py:224
    base_url = os.getenv("OPENAI_BASE_URL", "http://localhost:8000/v1")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #1bdf28d894aa2b91 Environment-variable access.
repo/examples/features/tensorize_vllm_model.py:309
    s3_access_key_id = getattr(args, "s3_access_key_id", None) or os.environ.get(

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #7a6352dbb227703a Environment-variable access.
repo/examples/features/tensorize_vllm_model.py:309
    s3_access_key_id = getattr(args, "s3_access_key_id", None) or os.environ.get(
        "S3_ACCESS_KEY_ID", None
    )

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #2f759881bad02021 Environment-variable access.
repo/examples/features/tensorize_vllm_model.py:314
    ) or os.environ.get("S3_SECRET_ACCESS_KEY", None)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #871f0acdf3c811ef Environment-variable access.
repo/examples/features/tensorize_vllm_model.py:315
    s3_endpoint = getattr(args, "s3_endpoint", None) or os.environ.get(

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #f1dd33077eb1049d Environment-variable access.
repo/examples/features/tensorize_vllm_model.py:315
    s3_endpoint = getattr(args, "s3_endpoint", None) or os.environ.get(
        "S3_ENDPOINT_URL", None
    )

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #8285e05f5bb17412 Environment-variable access.
repo/examples/generate/batched_chat_completions_online.py:23
BASE_URL = os.environ.get("VLLM_BASE_URL", "http://localhost:8000")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #5157a286df85e896 Environment-variable access.
repo/examples/generate/batched_chat_completions_online.py:24
MODEL = os.environ.get("VLLM_MODEL", "Qwen/Qwen2.5-1.5B-Instruct")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #1db5ec6c577921ad Environment-variable access.
repo/examples/generate/multimodal/encoder_decoder_multimodal_offline.py:24
    os.environ["VLLM_WORKER_MULTIPROC_METHOD"] = "spawn"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #e935863b2613c8ed Filesystem access.
repo/examples/generate/multimodal/openai_chat_completion_client_for_multimodal.py:57
    with open(file_path, "rb") as file:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #90bf3fe0cbf770c6 Environment-variable access.
repo/examples/generate/qwen_1m_offline.py:8
os.environ["VLLM_ALLOW_LONG_MAX_MODEL_LEN"] = "1"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low egress production #4e241fdfdeece09a Hardcoded external endpoint. Review what data is sent to this destination.
repo/examples/generate/qwen_1m_offline.py:19
    with urlopen(
        "https://qianwen-res.oss-cn-beijing.aliyuncs.com/Qwen2.5-1M/test-data/600k.txt",
        timeout=5,
    ) as response:

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low env_fs production #ce5e8a872cb2e958 Filesystem access.
repo/examples/pooling/plugin/prithvi_geospatial_mae_io_processor.py:53
    with open(file_path, "wb") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #e496568ded90dd6a Filesystem access.
repo/examples/pooling/plugin/prithvi_geospatial_mae_online.py:49
    with open(out_path, "wb") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #6ba7fb07d4ef2dc8 Filesystem access.
repo/examples/pooling/score/qwen3_reranker_offline.py:74
    chat_template = (template_home / template_path).read_text()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #b5ed560f268d7aba Filesystem access.
repo/examples/pooling/score/using_template_offline.py:65
    return (template_home / template_path).read_text()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #f432c394f748b0f6 Filesystem access.
repo/examples/pooling/score/vision_reranker_offline.py:92
    chat_template = (TEMPLATE_HOME / chat_template_path).read_text()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #881322f60c452a1a Filesystem access.
repo/examples/pooling/token_classify/forced_alignment_online.py:56
    audio_base64 = base64.b64encode(audio_path.read_bytes()).decode("utf-8")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #430258e8ac8d5322 Filesystem access.
repo/examples/ray_serving/batch_llm_inference.py:38
ds = ray.data.read_text("s3://anonymous@air-example-data/prompts.txt")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #f1555784cf3bd8e0 Environment-variable access.
repo/examples/rl/rlhf_http_ipc.py:58
os.environ["VLLM_ALLOW_INSECURE_SERIALIZATION"] = "1"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #929bc9c372a925e5 Environment-variable access.
repo/examples/rl/rlhf_ipc.py:44
        os.environ.pop("CUDA_VISIBLE_DEVICES", None)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #51bb3b275f6012a6 Environment-variable access.
repo/examples/rl/rlhf_ipc.py:46
        os.environ["VLLM_RAY_PER_WORKER_GPUS"] = "0.4"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #36ea4dece0509505 Environment-variable access.
repo/examples/rl/rlhf_ipc.py:47
        os.environ["VLLM_RAY_BUNDLE_INDICES"] = "0"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #f552941e9cd02bc9 Environment-variable access.
repo/examples/rl/rlhf_ipc.py:49
        os.environ["VLLM_ALLOW_INSECURE_SERIALIZATION"] = "1"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #926cb7acc2eb2e08 Environment-variable access.
repo/examples/rl/rlhf_ipc_fsdp_ep.py:47
TRAIN_GPU_FRACTION = float(os.environ.get("RLHF_IPC_TRAIN_GPU_FRACTION", "0.42"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #a845b3387ea3f1ce Environment-variable access.
repo/examples/rl/rlhf_ipc_fsdp_ep.py:48
VLLM_GPU_FRACTION = float(os.environ.get("RLHF_IPC_VLLM_GPU_FRACTION", "0.42"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #f9e2c0193522f0b1 Environment-variable access.
repo/examples/rl/rlhf_ipc_fsdp_ep.py:69
        os.environ.pop("CUDA_VISIBLE_DEVICES", None)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #6d5e61e6120cc3a9 Environment-variable access.
repo/examples/rl/rlhf_ipc_fsdp_ep.py:70
        os.environ["VLLM_RAY_PER_WORKER_GPUS"] = str(VLLM_GPU_FRACTION)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #c582fda9ff647622 Environment-variable access.
repo/examples/rl/rlhf_ipc_fsdp_ep.py:71
        os.environ["VLLM_RAY_BUNDLE_INDICES"] = "0"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #6ebe7b4c5d7b1520 Environment-variable access.
repo/examples/rl/rlhf_ipc_fsdp_ep.py:72
        os.environ["VLLM_ALLOW_INSECURE_SERIALIZATION"] = "1"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #d162c5c4954e7301 Environment-variable access.
repo/examples/rl/rlhf_ipc_fsdp_ep.py:74
        os.environ["VLLM_DP_RANK"] = str(dp_rank)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #f66299fa3f8b3fa2 Environment-variable access.
repo/examples/rl/rlhf_ipc_fsdp_ep.py:75
        os.environ["VLLM_DP_RANK_LOCAL"] = str(dp_rank)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #e69f5ca1d4f684a6 Environment-variable access.
repo/examples/rl/rlhf_ipc_fsdp_ep.py:76
        os.environ["VLLM_DP_SIZE"] = str(dp_size)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #827461a59471ae39 Environment-variable access.
repo/examples/rl/rlhf_ipc_fsdp_ep.py:77
        os.environ["VLLM_DP_MASTER_IP"] = dp_master_ip

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #aeb75e254822772c Environment-variable access.
repo/examples/rl/rlhf_ipc_fsdp_ep.py:78
        os.environ["VLLM_DP_MASTER_PORT"] = str(dp_master_port)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #1db3b715304d462b Environment-variable access.
repo/examples/rl/rlhf_ipc_fsdp_ep.py:100
        os.environ["MASTER_ADDR"] = fsdp_master_addr

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #65efd37a722a2deb Environment-variable access.
repo/examples/rl/rlhf_ipc_fsdp_ep.py:101
        os.environ["MASTER_PORT"] = str(fsdp_master_port)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #03ca9dac8a66bbd3 Environment-variable access.
repo/examples/rl/rlhf_nccl.py:55
    os.environ.pop("CUDA_VISIBLE_DEVICES", None)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #af3caec6799ed273 Environment-variable access.
repo/examples/rl/rlhf_nccl.py:56
    os.environ.pop("HIP_VISIBLE_DEVICES", None)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #3395615f0138c1f3 Environment-variable access.
repo/examples/rl/rlhf_nccl.py:65
        os.environ["VLLM_RAY_BUNDLE_INDICES"] = "0,1"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #e90f22c481d24dfa Environment-variable access.
repo/examples/rl/rlhf_nccl_fsdp_ep.py:82
        os.environ["MASTER_ADDR"] = fsdp_master_addr

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #919c527bf28dfd75 Environment-variable access.
repo/examples/rl/rlhf_nccl_fsdp_ep.py:83
        os.environ["MASTER_PORT"] = str(fsdp_master_port)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #339b5dc12398d398 Environment-variable access.
repo/examples/rl/rlhf_sparse_nccl.py:73
        os.environ["VLLM_RAY_BUNDLE_INDICES"] = "0"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #b3aa9d0816ace7fc Environment-variable access.
repo/examples/rl/routed_experts_e2e.py:296
    os.environ.setdefault("VLLM_BATCH_INVARIANT", "1")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #8c00140a1fc37586 Filesystem access.
repo/examples/speech_to_text/lid/openai_lid_client.py:60
    with open(audio_path, "rb") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #18361e9e2e6c3393 Filesystem access.
repo/examples/speech_to_text/lid/openai_lid_client.py:82
    with open(audio_path, "rb") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #c21fcd3d03b6e77c Filesystem access.
repo/examples/speech_to_text/lid/openai_lid_client.py:106
    with open(audio_path, "rb") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #a4a1adbccfa1b6ac Filesystem access.
repo/examples/speech_to_text/openai/openai_transcription_client.py:47
    with open(audio_path, "rb") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #3204458245f29192 Filesystem access.
repo/examples/speech_to_text/openai/openai_transcription_client.py:76
    with open(audio_path, "rb") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #a1a1af10a6ddd28a Filesystem access.
repo/examples/speech_to_text/openai/openai_transcription_client.py:111
    with open(audio_path, "rb") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #1814569ded30e01e Filesystem access.
repo/examples/speech_to_text/openai/openai_translation_client.py:13
    with open(audio_path, "rb") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #aeacb54a30b34666 Filesystem access.
repo/examples/speech_to_text/openai/openai_translation_client.py:42
        with open(audio_path, "rb") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #5192b244dbdf8c98 Environment-variable access.
repo/setup.py:58
    value = os.getenv("VLLM_REQUIRE_RUST_FRONTEND", "")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #44c7a69188b863da Environment-variable access.
repo/setup.py:92
elif sys.platform.startswith("linux") and os.getenv("VLLM_TARGET_DEVICE") is None:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #af5e5506fd8eebf5 Environment-variable access.
repo/setup.py:108
        int(os.getenv("VLLM_DISABLE_SCCACHE", "0"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #42584194f7917952 Environment-variable access.
repo/setup.py:289
        fc_base_dir = os.environ.get("FETCHCONTENT_BASE_DIR", fc_base_dir)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #875d3a95cab24e09 Environment-variable access.
repo/setup.py:315
        other_cmake_args = os.environ.get("CMAKE_ARGS")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #e67ff587529e39d6 Environment-variable access.
repo/setup.py:514
        if os.getenv("ROCM_PATH"):

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #8fb70fa38758ee5b Environment-variable access.
repo/setup.py:628
        index_url = os.getenv(
            "VLLM_ROCM_WHEEL_INDEX", "https://pypi.amd.com/vllm-rocm/simple"
        )

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #58c9957940e978bd Environment-variable access.
repo/setup.py:652
        wheel_location = os.getenv("VLLM_PRECOMPILED_WHEEL_LOCATION", None)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #2fed301bece45a4c Environment-variable access.
repo/setup.py:667
            variant = os.getenv("VLLM_PRECOMPILED_WHEEL_VARIANT", None)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #818af527549c36c4 Environment-variable access.
repo/setup.py:670
            commit = os.getenv("VLLM_PRECOMPILED_WHEEL_COMMIT", "").lower()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #207add40a7a03c60 Filesystem access.
repo/setup.py:841
                        open(target_path, "wb") as dst,

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #b4e2dfc8637c737a Environment-variable access.
repo/setup.py:868
            github_token = os.getenv("GH_TOKEN", os.getenv("GITHUB_TOKEN"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #54edc4af38653813 Environment-variable access.
repo/setup.py:1007
    if env_version := os.getenv("VLLM_VERSION_OVERRIDE"):

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #0af3ee2f1611086e Environment-variable access.
repo/setup.py:1009
        os.environ["SETUPTOOLS_SCM_PRETEND_VERSION"] = env_version

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #421804468c16c6c6 Filesystem access.
repo/setup.py:1053
        with open(requirements_dir / filename) as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #1a4369f34ca0accf Environment-variable access.
repo/tools/build_deepgemm_C.py:58
    os.environ.get("CXX", "g++"),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #021086781b85da8c Filesystem access.
repo/tools/check_wheel_deepgemm.py:25
    spec = tomllib.loads(pyproject.read_text())["project"]["requires-python"]

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #e2fb92ebd7245a16 Environment-variable access.
repo/tools/generate_cmake_presets.py:16
    CUDA_HOME = os.environ.get("CUDA_HOME")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #55e1cb4edbd0e158 Filesystem access.
repo/tools/generate_cmake_presets.py:159
        with open(output_file_path, "w") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #570ffe2e0e43fc30 Filesystem access.
repo/tools/generate_versions_json.py:119
        existing_content = VERSIONS_JSON.read_text()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #9468b8fc32f0f2be Filesystem access.
repo/tools/generate_versions_json.py:129
    VERSIONS_JSON.write_text(new_content)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #7d32d8aa905a982d Environment-variable access.
repo/tools/install_nixl_from_source_ubuntu.py:13
WHEELS_CACHE_HOME = os.environ.get("WHEELS_CACHE_HOME", "/tmp/wheels_cache")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low egress production #6aa25d1456b3cc0d Hardcoded external endpoint. Review what data is sent to this destination.
repo/tools/install_nixl_from_source_ubuntu.py:27
        with urllib.request.urlopen(nixl_release_url) as response:

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low env_fs production #840cb35a30960d0e Environment-variable access.
repo/tools/install_nixl_from_source_ubuntu.py:34
NIXL_VERSION = os.environ.get("NIXL_VERSION", get_latest_nixl_version())

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #ebd72f23232f2bb0 Environment-variable access.
repo/tools/install_nixl_from_source_ubuntu.py:171
    build_env = os.environ.copy()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #0febaae78ad01175 Environment-variable access.
repo/tools/install_nixl_from_source_ubuntu.py:175
    existing_ld_path = os.environ.get("LD_LIBRARY_PATH", "")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #18f4db69c8204a0d Filesystem access.
repo/tools/pre_commit/check_boolean_context_manager.py:23
        with open(filepath, encoding="utf-8") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #435c38e271a40d7f Filesystem access.
repo/tools/pre_commit/check_forbidden_imports.py:89
    with open(path, encoding="utf-8") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #90ba4f44f2289cff Filesystem access.
repo/tools/pre_commit/check_init_lazy_imports.py:45
    source = INIT_PATH.read_text(encoding="utf-8")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #cdbcc9363ceb2f97 Filesystem access.
repo/tools/pre_commit/check_spdx_header.py:29
    with open(file_path, encoding="UTF-8") as file:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #d1ab88342e5fb2cd Filesystem access.
repo/tools/pre_commit/check_spdx_header.py:67
    with open(file_path, "r+", encoding="UTF-8") as file:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #1668a06ba2b30c46 Filesystem access.
repo/tools/pre_commit/check_torch_cuda.py:28
    with open(path, encoding="utf-8") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #c1831f53f04f595d Filesystem access.
repo/tools/pre_commit/generate_attention_backend_docs.py:290
    tree = ast.parse(REGISTRY_FILE.read_text())

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #eb759ef0b719d277 Filesystem access.
repo/tools/pre_commit/generate_attention_backend_docs.py:330
        tree = ast.parse(MLA_PREFILL_REGISTRY_FILE.read_text())

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #307f390bcb73ad0c Filesystem access.
repo/tools/pre_commit/generate_attention_backend_docs.py:351
        tree = ast.parse(MLA_PREFILL_SELECTOR_FILE.read_text())

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #48792d24d74f4515 Filesystem access.
repo/tools/pre_commit/generate_attention_backend_docs.py:463
        tree = ast.parse(file_path.read_text())

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #085d5b20222a06c2 Filesystem access.
repo/tools/pre_commit/generate_attention_backend_docs.py:800
                parent_tree = ast.parse(parent_file.read_text())

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #7de366f593e76be0 Filesystem access.
repo/tools/pre_commit/generate_attention_backend_docs.py:822
        tree = ast.parse(file_path.read_text())

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #1d3c3cb2466306bd Filesystem access.
repo/tools/pre_commit/generate_attention_backend_docs.py:905
        tree = ast.parse(fa_interface_file.read_text())

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #60589f5492c966d3 Filesystem access.
repo/tools/pre_commit/generate_attention_backend_docs.py:942
        tree = ast.parse(FA_UTILS_FILE.read_text())

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #b7651ef76d81ff98 Filesystem access.
repo/tools/pre_commit/generate_attention_backend_docs.py:1080
        tree = ast.parse(FLASHINFER_UTILS_FILE.read_text())

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #2c9c161bcaa6d065 Filesystem access.
repo/tools/pre_commit/generate_attention_backend_docs.py:1261
        source = CUDA_PLATFORM_FILE.read_text()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #d839ceca9cc2082f Filesystem access.
repo/tools/pre_commit/generate_attention_backend_docs.py:1894
            not output_path.exists() or output_path.read_text() != new_content

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #8f7ca8add4c3ca76 Filesystem access.
repo/tools/pre_commit/generate_attention_backend_docs.py:1898
            output_path.write_text(new_content)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #0cd5304168495614 Filesystem access.
repo/tools/pre_commit/generate_attention_backend_docs.py:1905
    output_path.write_text(new_content)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #f30a58168c0e4ab2 Filesystem access.
repo/tools/pre_commit/generate_nightly_torch_test.py:21
with open(input_file) as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #d371b8f000845ffe Filesystem access.
repo/tools/pre_commit/validate_config.py:137
        with open(file_path, encoding="utf-8") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #f303738932ca3fba Filesystem access.
repo/tools/pre_commit/validate_config.py:159
        with open(filename, encoding="utf-8") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #d0d1566199917748 Filesystem access.
repo/tools/profiler/nsys_profile_tools/gputrc2graph.py:28
        with open(fname, encoding="utf-8") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #50012e435bda2f35 Filesystem access.
repo/tools/profiler/nsys_profile_tools/gputrc2graph.py:153
            open(f"{output_name}.html", "a", encoding="utf-8") as outfile,

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #10e0df1f2f0db25b Filesystem access.
repo/tools/profiler/nsys_profile_tools/gputrc2graph.py:154
            open("temp.html", encoding="utf-8") as infile,

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #8634b3f05b406abd Filesystem access.
repo/tools/profiler/print_layerwise_table.py:59
    with open(args.json_trace) as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #b8a2637be4955617 Filesystem access.
repo/tools/profiler/visualize_layerwise_profile.py:523
    with open(json_trace) as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #0be6cfe24431181f Filesystem access.
repo/tools/report_build_time_ninja.py:316
        with open(log_file) as log:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #f1f4da94e5331d95 Filesystem access.
repo/tools/vllm-rocm/pin_rocm_dependencies.py:122
    with open(requirements_file) as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #3ead4929bc6f4c49 Filesystem access.
repo/tools/vllm-rocm/pin_rocm_dependencies.py:126
    with open(backup_file, "w") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #03d81bef5981a807 Filesystem access.
repo/tools/vllm-rocm/pin_rocm_dependencies.py:167
    with open(requirements_file, "w") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #bade0ed71d23b293 Filesystem access.
repo/use_existing_torch.py:37
        with open(file) as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #6c0771544b919bd3 Filesystem access.
repo/use_existing_torch.py:40
            with open(file, "w") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #b35fa641eb67de2b Filesystem access.
repo/vllm/assets/image.py:62
        return p.read_bytes()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs test-only #10f6677edf184417 Filesystem access.
repo/vllm/benchmarks/datasets/create_txt_slices_dataset.py:52
    with open(path, encoding="utf-8") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs test-only #312010633fefca2e Filesystem access.
repo/vllm/benchmarks/datasets/create_txt_slices_dataset.py:112
    with open(output_path, "w", encoding="utf-8") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs test-only #c46834ad1a7f61fb Filesystem access.
repo/vllm/benchmarks/datasets/datasets.py:1006
            with open(temp_path, "rb") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs test-only #ce2595fec151e999 Filesystem access.
repo/vllm/benchmarks/datasets/datasets.py:1360
        with open(self.dataset_path, encoding="utf-8") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs test-only #e35477bd1efedf04 Filesystem access.
repo/vllm/benchmarks/datasets/datasets.py:1474
        with open(self.dataset_path) as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs test-only #235b2bbf6724be59 Filesystem access.
repo/vllm/benchmarks/datasets/datasets.py:2650
        with open(self.dataset_path, encoding="utf-8") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs test-only #9bc0e34fa43fe34b Filesystem access.
repo/vllm/benchmarks/datasets/datasets.py:3097
        with open(self.dataset_path, encoding="utf-8") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs test-only #81bb47bd08294a04 Filesystem access.
repo/vllm/benchmarks/datasets/datasets.py:4592
        with open(path) as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs test-only #6cac4c4b40fece50 Filesystem access.
repo/vllm/benchmarks/latency.py:171
        with open(args.output_json, "w") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs test-only #fb59aee5b92052c3 Environment-variable access.
repo/vllm/benchmarks/lib/endpoint_request_func.py:152
    api_key = os.environ.get("OPENAI_API_KEY")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs test-only #a87b4207067b1d7b Filesystem access.
repo/vllm/benchmarks/lib/endpoint_request_func.py:572
        with open(audio_path, "rb") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs test-only #e111fc0a51b0bdd5 Environment-variable access.
repo/vllm/benchmarks/lib/utils.py:47
    if not os.environ.get("SAVE_TO_PYTORCH_BENCHMARK_FORMAT", False):

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs test-only #417ff3142c6a2b98 Filesystem access.
repo/vllm/benchmarks/lib/utils.py:114
    with open(filename, "w") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs test-only #5fa5adfeb76da784 Filesystem access.
repo/vllm/benchmarks/mm_processor.py:530
        with open(args.output_json, "w") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs test-only #19a4a45a8d7ac18e Filesystem access.
repo/vllm/benchmarks/serve.py:2275
        with open(
            file_name, mode="a+" if args.append_result else "w", encoding="utf-8"
        ) as outfile:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs test-only #87edd40388188017 Environment-variable access.
repo/vllm/benchmarks/startup.py:119
    original_cache_root = os.environ.get("VLLM_CACHE_ROOT")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs test-only #6024e3ee4c4f91f3 Environment-variable access.
repo/vllm/benchmarks/startup.py:122
        os.environ["VLLM_CACHE_ROOT"] = temp_cache_dir

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs test-only #3a287cd37be32869 Environment-variable access.
repo/vllm/benchmarks/startup.py:129
            os.environ["VLLM_CACHE_ROOT"] = original_cache_root

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs test-only #3755379d9f596abe Environment-variable access.
repo/vllm/benchmarks/startup.py:131
            os.environ.pop("VLLM_CACHE_ROOT", None)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs test-only #2ca4de470e0a9a2b Environment-variable access.
repo/vllm/benchmarks/startup.py:261
    os.environ["VLLM_ENABLE_V1_MULTIPROCESSING"] = "0"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs test-only #2763a9e2134d1b26 Filesystem access.
repo/vllm/benchmarks/startup.py:304
        with open(args.output_json, "w") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs test-only #cbce73563d3982ab Filesystem access.
repo/vllm/benchmarks/sweep/param_sweep.py:10
        with open(filepath, "rb") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs test-only #d337222b2c342331 Environment-variable access.
repo/vllm/benchmarks/sweep/server.py:53
            env=os.environ | {"VLLM_SERVER_DEV_MODE": "1"},

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs test-only #7a45eb09fb136868 Environment-variable access.
repo/vllm/benchmarks/throughput.py:725
    global_rank = int(os.environ["RANK"])

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs test-only #0633c234a484688a Environment-variable access.
repo/vllm/benchmarks/throughput.py:726
    world_size = int(os.environ["WORLD_SIZE"])

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs test-only #b520d91fc92c210d Filesystem access.
repo/vllm/benchmarks/throughput.py:1286
        with open(args.output_json, "w") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #94dc29641cc57b91 Environment-variable access.
repo/vllm/collect_env.py:163
    conda = os.environ.get("CONDA_EXE", "conda")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #bc4c45477f81605e Environment-variable access.
repo/vllm/collect_env.py:232
        system_root = os.environ.get("SYSTEMROOT", "C:\\Windows")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #f70cbed8d95daf37 Environment-variable access.
repo/vllm/collect_env.py:233
        cuda_path = os.environ.get("CUDA_PATH", "%CUDA_PATH%")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #581c0731a98ce1c7 Environment-variable access.
repo/vllm/collect_env.py:247
        l = os.environ.get("CUDNN_LIBRARY")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #6ee9d160ca4e48f8 Environment-variable access.
repo/vllm/collect_env.py:270
        system_root = os.environ.get("SYSTEMROOT", "C:\\Windows")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #dacc2da1b4033dbe Environment-variable access.
repo/vllm/collect_env.py:271
        program_files_root = os.environ.get("PROGRAMFILES", "C:\\Program Files")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #c07c0226475c4345 Environment-variable access.
repo/vllm/collect_env.py:441
        os.environ.get("TORCH_CUDA_ARCH_LIST", "Not Set"),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #bd3cc9fe2207e230 Environment-variable access.
repo/vllm/collect_env.py:442
        "Enabled" if os.environ.get("ROCM_HOME") else "Disabled",

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #9335129f03fa8e4e Environment-variable access.
repo/vllm/collect_env.py:572
    system_root = os.environ.get("SYSTEMROOT", "C:\\Windows")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #01c504bfa40de62d Environment-variable access.
repo/vllm/collect_env.py:638
    if os.environ.get("UV"):

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #d6c811c2a7a4315d Filesystem access.
repo/vllm/collect_env.py:642
        with open(pyvenv_cfg_path, "r") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #1cbf51ae84a09a1d Environment-variable access.
repo/vllm/collect_env.py:682
    ca_config = os.environ.get("PYTORCH_CUDA_ALLOC_CONF", "")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #18f50d2cd05c6544 Environment-variable access.
repo/vllm/collect_env.py:689
        config = os.environ.get("CUDA_MODULE_LOADING", "")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #9c8ad8b4f51184aa Environment-variable access.
repo/vllm/collect_env.py:725
    for k, v in os.environ.items():

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #9ab4e2708099d4a1 Filesystem access.
repo/vllm/compilation/backends.py:187
            with open(self.cache_file_path) as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #e763ec666b07779f Filesystem access.
repo/vllm/compilation/backends.py:220
        with open(self.cache_file_path, "w") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #3432c3f3d923aaf3 Filesystem access.
repo/vllm/compilation/backends.py:1045
                with open(filepath) as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #370636621610c5ab Filesystem access.
repo/vllm/compilation/backends.py:1118
                with open(meta_path, "w") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #ac32c0f66f3ec61d Filesystem access.
repo/vllm/compilation/backends.py:1261
            with open(graph_path, "w") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #2a692016a64c8b1a Filesystem access.
repo/vllm/compilation/caching.py:610
            with open(filepath) as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #e6a7047bc4166166 Environment-variable access.
repo/vllm/compilation/compiler_interface.py:477
        os.environ["TORCHINDUCTOR_CACHE_DIR"] = inductor_cache

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #a014cd0516cedf5f Environment-variable access.
repo/vllm/compilation/compiler_interface.py:480
        os.environ["TRITON_CACHE_DIR"] = triton_cache

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #f4cd90eef4f3e9ef Filesystem access.
repo/vllm/compilation/decorators.py:297
                open(aot_compilation_path, "rb") as f,

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #8a77b73f7581d53f Environment-variable access.
repo/vllm/compilation/decorators.py:558
            os.environ["TORCHINDUCTOR_CACHE_DIR"] = inductor_cache

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #2fb74d787e7173f3 Filesystem access.
repo/vllm/compilation/wrapper.py:243
                    with open(decompiled_file, "w") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #a2d492128ef702c6 Environment-variable access.
repo/vllm/config/parallel.py:832
                self.data_parallel_rank = int(os.environ["RANK"]) // (

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #b8d7819f65bd0445 Environment-variable access.
repo/vllm/config/parallel.py:868
            os.environ["VLLM_ENABLE_V1_MULTIPROCESSING"] = "0"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #e9d0975db6ac19f2 Environment-variable access.
repo/vllm/config/utils.py:444
        value = os.environ.get(env_name)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #87c5d60cbf6c0385 Environment-variable access.
repo/vllm/config/vllm.py:896
        if "expandable_segments:True" not in os.environ.get(

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #e368e5bfefec2491 Environment-variable access.
repo/vllm/config/vllm.py:896
        if "expandable_segments:True" not in os.environ.get(
            "PYTORCH_CUDA_ALLOC_CONF", ""
        ):

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #69b959b825110beb Environment-variable access.
repo/vllm/config/vllm.py:1123
            and os.environ.get("VLLM_WORKER_MULTIPROC_METHOD") != "spawn"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #2c0e3fce1b354570 Environment-variable access.
repo/vllm/config/vllm.py:1150
        if os.environ.get("TORCH_COMPILE_DISABLE") == "1":

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #01ee925fcf6d037e Environment-variable access.
repo/vllm/config/vllm.py:1162
            and "VLLM_USE_BREAKABLE_CUDAGRAPH" not in os.environ

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #816a3467e2f03bac Environment-variable access.
repo/vllm/config/vllm.py:1174
            os.environ["VLLM_USE_BREAKABLE_CUDAGRAPH"] = "1"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #cb471d418ebe0225 Environment-variable access.
repo/vllm/config/vllm.py:1403
            and os.environ.get("VLLM_WORKER_MULTIPROC_METHOD") != "spawn"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #11ec8e6e37acab4e Environment-variable access.
repo/vllm/device_allocator/cumem.py:330
        conf = os.environ.get("PYTORCH_CUDA_ALLOC_CONF", "")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #9608c5b5981515d8 Filesystem access.
repo/vllm/distributed/device_communicators/all_reduce_utils.py:397
            with open(output_file.name, "rb") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #027e4d4a75333eb6 Filesystem access.
repo/vllm/distributed/device_communicators/all_reduce_utils.py:404
        with open(path, "w") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #27432ffcbf914c64 Filesystem access.
repo/vllm/distributed/device_communicators/all_reduce_utils.py:409
    with open(path) as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #4de294b301d86f4e Filesystem access.
repo/vllm/distributed/device_communicators/all_reduce_utils.py:420
    with open(output_file, "wb") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #0e1f3ff49cedd802 Environment-variable access.
repo/vllm/distributed/device_communicators/cpu_communicator.py:240
        instance_identifier = os.environ["VLLM_DIST_IDENT"]

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #3a4f6ec1018a4e06 Environment-variable access.
repo/vllm/distributed/eplb/eplb_utils.py:97
        current_value_str = os.getenv("NCCL_MAX_CTAS")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #6c862c4dae231bf1 Environment-variable access.
repo/vllm/distributed/eplb/eplb_utils.py:103
        os.environ["NCCL_MAX_CTAS"] = str(override_value)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #8a7467285f4ff819 Filesystem access.
repo/vllm/distributed/kv_transfer/kv_connector/v1/example_hidden_states_connector.py:59
    with open(lock_path) as lf:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #91d8ecb655f81b78 Filesystem access.
repo/vllm/distributed/kv_transfer/kv_connector/v1/hf3fs/utils/hf3fs_mock_client.py:27
            with open(self._file_path, "w+b") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #80d4ff9f5fee3ff3 Filesystem access.
repo/vllm/distributed/kv_transfer/kv_connector/v1/hf3fs/utils/hf3fs_mock_client.py:35
            with open(self._file_path, "rb") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #103fe3aa6ee8ba05 Filesystem access.
repo/vllm/distributed/kv_transfer/kv_connector/v1/hf3fs/utils/hf3fs_mock_client.py:90
            with open(self._file_path, "r+b") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #e15af5bfdba7c256 Environment-variable access.
repo/vllm/distributed/kv_transfer/kv_connector/v1/lmcache_integration/utils.py:47
                if "LMCACHE_CONFIG_FILE" not in os.environ:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #966d74e9142ae541 Environment-variable access.
repo/vllm/distributed/kv_transfer/kv_connector/v1/lmcache_integration/utils.py:58
                    config_file = os.environ["LMCACHE_CONFIG_FILE"]

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #fb7b2ed176eda911 Environment-variable access.
repo/vllm/distributed/kv_transfer/kv_connector/v1/lmcache_integration/vllm_v1_adapter.py:681
        self.force_skip_save = bool(os.environ.get("LMCACHE_FORCE_SKIP_SAVE", False))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #f4f283356d25243f Environment-variable access.
repo/vllm/distributed/kv_transfer/kv_connector/v1/lmcache_mp_connector.py:1201
    if os.environ.get("LMCACHE_USE_UPSTREAM_MP"):

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #82ee0746bdad195f Filesystem access.
repo/vllm/distributed/kv_transfer/kv_connector/v1/mooncake/store/worker.py:128
        with open(file_path) as file:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #4085a361a785ed9e Environment-variable access.
repo/vllm/distributed/kv_transfer/kv_connector/v1/mooncake/store/worker.py:147
        config_path = os.getenv("MOONCAKE_CONFIG_PATH")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #aff472b663c3c73c Environment-variable access.
repo/vllm/distributed/kv_transfer/kv_connector/v1/moriio/moriio_common.py:216
        if env_var in os.environ:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #62a89354f6ab9799 Environment-variable access.
repo/vllm/distributed/nixl_utils.py:21
    if "UCX_RCACHE_MAX_UNRELEASED" in os.environ:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #0fa9422688f780e4 Environment-variable access.
repo/vllm/distributed/nixl_utils.py:36
    os.environ["UCX_RCACHE_MAX_UNRELEASED"] = "1024"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #b218047e01217708 Environment-variable access.
repo/vllm/engine/arg_utils.py:1788
            os.environ.get(current_platform.device_control_env_var),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #023ae0b2f1e12439 Filesystem access.
repo/vllm/entrypoints/chat_utils.py:1301
        with open(chat_template) as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #8cabdbbdd45342f3 Filesystem access.
repo/vllm/entrypoints/chat_utils.py:1316
                with open(builtin_template_path) as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #bbf58f089c45c746 Environment-variable access.
repo/vllm/entrypoints/cli/openai.py:34
    api_key = args.api_key or os.environ.get("OPENAI_API_KEY", "EMPTY")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #d0a75a68f7865ad2 Environment-variable access.
repo/vllm/entrypoints/mcp/tool.py:62
        exa_api_key = os.getenv("EXA_API_KEY")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #2a5a8f527ced0a2e Environment-variable access.
repo/vllm/entrypoints/openai/api_server.py:123
    if os.getenv("VLLM_WORKER_MULTIPROC_METHOD") == "forkserver":

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #c6b7b333e0c2c4f6 Filesystem access.
repo/vllm/entrypoints/openai/run_batch.py:340
        with open(path_or_url, encoding="utf-8") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #42887a69dee51292 Filesystem access.
repo/vllm/entrypoints/openai/run_batch.py:354
    with open(output_path, "w", encoding="utf-8") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #f6ff150347e801e9 Filesystem access.
repo/vllm/entrypoints/openai/run_batch.py:380
                    with open(data_or_file, "rb") as file:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #70a7940daaf82396 Environment-variable access.
repo/vllm/entrypoints/serve/utils/api_utils.py:165
    if "VLLM_WORKER_MULTIPROC_METHOD" not in os.environ:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #11619b7fc3100d29 Environment-variable access.
repo/vllm/entrypoints/serve/utils/api_utils.py:167
        os.environ["VLLM_WORKER_MULTIPROC_METHOD"] = "spawn"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #5116bb1f93505245 Filesystem access.
repo/vllm/entrypoints/serve/utils/server_utils.py:131
        with open(log_config_file) as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #37e55c886d628ac8 Environment-variable access.
repo/vllm/env_override.py:50
    enable = os.environ.get("VLLM_ENABLE_CUDA_COMPATIBILITY", "0").strip().lower() in (

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #72b3aadc4c67c22f Environment-variable access.
repo/vllm/env_override.py:57
    cuda_compat_path = os.environ.get("VLLM_CUDA_COMPATIBILITY_PATH", "")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #e4746dc80a2688e6 Environment-variable access.
repo/vllm/env_override.py:59
        conda_prefix = os.environ.get("CONDA_PREFIX", "")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #49730260daae3697 Environment-variable access.
repo/vllm/env_override.py:73
    existing = os.environ.get("LD_LIBRARY_PATH", "")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #41bbf3afe9e34e22 Environment-variable access.
repo/vllm/env_override.py:82
    os.environ["LD_LIBRARY_PATH"] = os.pathsep.join(new_paths)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #4b39a01b183cdb1a Environment-variable access.
repo/vllm/env_override.py:101
os.environ["PYTORCH_NVML_BASED_CUDA_CHECK"] = "1"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #7d42f846ad658e87 Environment-variable access.
repo/vllm/env_override.py:105
os.environ["TORCHINDUCTOR_COMPILE_THREADS"] = "1"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #c4c47869f3561c83 Environment-variable access.
repo/vllm/env_override.py:113
os.environ.setdefault("TRITON_CACHE_AUTOTUNING", "1")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #4253af7efa2459db Environment-variable access.
repo/vllm/env_override.py:120
os.environ.setdefault("TILELANG_CLEANUP_TEMP_FILES", "1")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #f28d3e16d8662724 Environment-variable access.
repo/vllm/env_override.py:865
if os.environ.get("VLLM_TRITON_FORCE_FIRST_CONFIG", "0").strip().lower() in (

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #3334841368078c06 Environment-variable access.
repo/vllm/envs.py:297
    return os.getenv(
        "XDG_CACHE_HOME",
        os.path.join(os.path.expanduser("~"), ".cache"),
    )

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #193db10b565e8851 Environment-variable access.
repo/vllm/envs.py:304
    return os.getenv(
        "XDG_CONFIG_HOME",
        os.path.join(os.path.expanduser("~"), ".config"),
    )

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #3e27561b49cdb237 Filesystem access.
repo/vllm/envs.py:326
        with open(value) as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #e384ede92c91c088 Environment-variable access.
repo/vllm/envs.py:332
    return bool(int(os.getenv("VLLM_DISABLE_COMPILE_CACHE", "0")))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #636c7ddac8e70383 Environment-variable access.
repo/vllm/envs.py:344
    return os.environ.get("VLLM_USE_AOT_COMPILE", default_value) == "1"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #3c5f546d4c16d721 Environment-variable access.
repo/vllm/envs.py:354
    return os.environ.get("VLLM_USE_MEGA_AOT_ARTIFACT", default_value) == "1"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #9949675a9b061a4d Environment-variable access.
repo/vllm/envs.py:377
        value = os.getenv(env_name)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #50d6622f457e7fe8 Environment-variable access.
repo/vllm/envs.py:424
        value = os.getenv(env_name)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #0bc0e257cc3847c4 Environment-variable access.
repo/vllm/envs.py:484
    if "VLLM_PORT" not in os.environ:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #c8a234b251fbb9ec Environment-variable access.
repo/vllm/envs.py:487
    port = os.getenv("VLLM_PORT", "0")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #3bb84f781415f52d Environment-variable access.
repo/vllm/envs.py:514
        value = os.getenv(env_name)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #6ff3987c706b40c1 Environment-variable access.
repo/vllm/envs.py:519
        os.environ[env_name] = default_value

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #0158b22bf319677f Environment-variable access.
repo/vllm/envs.py:540
    use_rust = bool(int(os.environ.get("VLLM_USE_RUST_FRONTEND", "0")))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #d3735042c08000f9 Environment-variable access.
repo/vllm/envs.py:541
    raw = os.environ.get("VLLM_RUST_FRONTEND_PATH", "auto")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #4b445452766cdda9 Environment-variable access.
repo/vllm/envs.py:544
        if os.environ.get("VLLM_RUST_FRONTEND_PATH") is not None:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #04790d013b65effe Environment-variable access.
repo/vllm/envs.py:570
    "VLLM_TARGET_DEVICE": lambda: os.getenv("VLLM_TARGET_DEVICE", "cuda").lower(),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #81b28c4aa26de3db Environment-variable access.
repo/vllm/envs.py:573
        os.getenv("VLLM_MAIN_CUDA_VERSION", "").lower() or "13.0"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #846000f57b31fff8 Environment-variable access.
repo/vllm/envs.py:585
    "VLLM_BATCH_INVARIANT": lambda: bool(int(os.getenv("VLLM_BATCH_INVARIANT", "0"))),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #4d670b081e86914e Environment-variable access.
repo/vllm/envs.py:594
        os.getenv("VLLM_TRITON_ATTN_USE_TD", "").strip()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #ac754230be491c77 Environment-variable access.
repo/vllm/envs.py:605
    "MAX_JOBS": lambda: os.getenv("MAX_JOBS", None),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #100b3c38da4fbfd6 Environment-variable access.
repo/vllm/envs.py:609
    "NVCC_THREADS": lambda: os.getenv("NVCC_THREADS", None),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #aa978e4ffd60bfc2 Environment-variable access.
repo/vllm/envs.py:612
        os.environ.get("VLLM_USE_PRECOMPILED", "").strip().lower() in ("1", "true")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #ac632d765b8da578 Environment-variable access.
repo/vllm/envs.py:613
        or bool(os.environ.get("VLLM_PRECOMPILED_WHEEL_LOCATION"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #f742abd8765a194f Environment-variable access.
repo/vllm/envs.py:617
        os.environ.get("VLLM_USE_PRECOMPILED_RUST", "").strip().lower() in ("1", "true")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #6a8c1eaecc9cdfd2 Environment-variable access.
repo/vllm/envs.py:621
        int(os.environ.get("VLLM_SKIP_PRECOMPILED_VERSION_SUFFIX", "0"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #0bd7b428c04ed578 Environment-variable access.
repo/vllm/envs.py:626
        os.environ.get("VLLM_DOCKER_BUILD_CONTEXT", "").strip().lower() in ("1", "true")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #149c05c47a1700f2 Environment-variable access.
repo/vllm/envs.py:630
    "VLLM_BUILD_COMMIT": lambda: os.environ.get("VLLM_BUILD_COMMIT", "unknown"),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #65c9a466b3be6380 Environment-variable access.
repo/vllm/envs.py:631
    "VLLM_BUILD_PIPELINE": lambda: os.environ.get("VLLM_BUILD_PIPELINE", "local"),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #cab8f7667e616f0c Environment-variable access.
repo/vllm/envs.py:632
    "VLLM_BUILD_URL": lambda: os.environ.get("VLLM_BUILD_URL", ""),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #7a8fd177c6516ac4 Environment-variable access.
repo/vllm/envs.py:633
    "VLLM_IMAGE_TAG": lambda: os.environ.get("VLLM_IMAGE_TAG", ""),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #a558af8d262bcd28 Environment-variable access.
repo/vllm/envs.py:641
    "VERBOSE": lambda: bool(int(os.getenv("VERBOSE", "0"))),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #a1e08d9587597e91 Environment-variable access.
repo/vllm/envs.py:648
        os.getenv(
            "VLLM_CONFIG_ROOT",
            os.path.join(get_default_config_root(), "vllm"),
        )

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #4f50a160b49ca64f Environment-variable access.
repo/vllm/envs.py:657
        os.getenv(
            "VLLM_CACHE_ROOT",
            os.path.join(get_default_cache_root(), "vllm"),
        )

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #852d42fd70c599c3 Environment-variable access.
repo/vllm/envs.py:666
    "VLLM_HOST_IP": lambda: os.getenv("VLLM_HOST_IP", ""),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #d5cbdb05eaf5f463 Environment-variable access.
repo/vllm/envs.py:674
    "VLLM_RPC_BASE_PATH": lambda: os.getenv(
        "VLLM_RPC_BASE_PATH", tempfile.gettempdir()
    ),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #a0560db77c2c81fd Environment-variable access.
repo/vllm/envs.py:680
        os.environ.get("VLLM_USE_MODELSCOPE", "False").lower() == "true"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #73da8c4abd1bb006 Environment-variable access.
repo/vllm/envs.py:687
    "VLLM_USE_FASTOKENS": lambda: bool(int(os.getenv("VLLM_USE_FASTOKENS", "0"))),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #70925ce40f2164ac Environment-variable access.
repo/vllm/envs.py:690
        os.environ.get("VLLM_RINGBUFFER_WARNING_INTERVAL", "60")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #5bcba47d2a9da5ba Environment-variable access.
repo/vllm/envs.py:694
    "CUDA_HOME": lambda: os.environ.get("CUDA_HOME", None),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #d01af56649f730bf Environment-variable access.
repo/vllm/envs.py:697
    "VLLM_NCCL_SO_PATH": lambda: os.environ.get("VLLM_NCCL_SO_PATH", None),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #8f89466ad225b610 Environment-variable access.
repo/vllm/envs.py:700
    "LD_LIBRARY_PATH": lambda: os.environ.get("LD_LIBRARY_PATH", None),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #351a23788f724194 Environment-variable access.
repo/vllm/envs.py:703
        os.environ.get("VLLM_ROCM_SLEEP_MEM_CHUNK_SIZE", "256")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #33e95dc3ee732f96 Environment-variable access.
repo/vllm/envs.py:709
        os.environ.get("VLLM_USE_STANDALONE_COMPILE", "1") == "1"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #7eafa18522952674 Environment-variable access.
repo/vllm/envs.py:718
        os.environ.get("VLLM_ENABLE_PREGRAD_PASSES", "1") == "1"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #d06aa96a42f7007a Environment-variable access.
repo/vllm/envs.py:722
        os.environ.get("VLLM_USE_BREAKABLE_CUDAGRAPH", "0") == "1"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #3cd46edff8f89b95 Environment-variable access.
repo/vllm/envs.py:726
    "VLLM_PATTERN_MATCH_DEBUG": lambda: os.environ.get(

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #5c376c29d5ce7c00 Environment-variable access.
repo/vllm/envs.py:726
    "VLLM_PATTERN_MATCH_DEBUG": lambda: os.environ.get(
        "VLLM_PATTERN_MATCH_DEBUG", None
    ),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #caf4f2ab625878c0 Environment-variable access.
repo/vllm/envs.py:731
    "VLLM_DEBUG_DUMP_PATH": lambda: os.environ.get("VLLM_DEBUG_DUMP_PATH", None),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #6a15607df0376fa8 Environment-variable access.
repo/vllm/envs.py:739
        int(os.environ.get("VLLM_USE_BYTECODE_HOOK", "1"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #8fb83f9f609d3d13 Environment-variable access.
repo/vllm/envs.py:744
    "VLLM_FORCE_AOT_LOAD": lambda: os.environ.get("VLLM_FORCE_AOT_LOAD", "0") == "1",

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #83981c053d4d4328 Environment-variable access.
repo/vllm/envs.py:751
    "LOCAL_RANK": lambda: int(os.environ.get("LOCAL_RANK", "0")),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #5a17b27ff5e491b7 Environment-variable access.
repo/vllm/envs.py:753
    "CUDA_VISIBLE_DEVICES": lambda: os.environ.get("CUDA_VISIBLE_DEVICES", None),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #e61248ed6374a837 Environment-variable access.
repo/vllm/envs.py:756
        os.environ.get("VLLM_ENGINE_ITERATION_TIMEOUT_S", "60")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #863202d7993b2b50 Environment-variable access.
repo/vllm/envs.py:761
        os.environ.get("VLLM_ENGINE_READY_TIMEOUT_S", "600")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #2876a5dd2e9c3dfe Environment-variable access.
repo/vllm/envs.py:764
    "VLLM_API_KEY": lambda: os.environ.get("VLLM_API_KEY", None),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #1aa17debe3122a51 Environment-variable access.
repo/vllm/envs.py:767
        os.environ.get("VLLM_DEBUG_LOG_API_SERVER_RESPONSE", "False").lower() == "true"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #58ab0b97857d3ed9 Environment-variable access.
repo/vllm/envs.py:770
    "S3_ACCESS_KEY_ID": lambda: os.environ.get("S3_ACCESS_KEY_ID", None),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #5834fe799369897b Environment-variable access.
repo/vllm/envs.py:771
    "S3_SECRET_ACCESS_KEY": lambda: os.environ.get("S3_SECRET_ACCESS_KEY", None),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #603dcbb7ce50c709 Environment-variable access.
repo/vllm/envs.py:772
    "S3_ENDPOINT_URL": lambda: os.environ.get("S3_ENDPOINT_URL", None),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #db1cc285ff645647 Environment-variable access.
repo/vllm/envs.py:774
    "VLLM_USAGE_STATS_SERVER": lambda: os.environ.get(

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #129987e53a78a86b Environment-variable access.
repo/vllm/envs.py:774
    "VLLM_USAGE_STATS_SERVER": lambda: os.environ.get(
        "VLLM_USAGE_STATS_SERVER", "https://stats.vllm.ai"
    ),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #63ef44daa62d3682 Environment-variable access.
repo/vllm/envs.py:777
    "VLLM_NO_USAGE_STATS": lambda: os.environ.get("VLLM_NO_USAGE_STATS", "0") == "1",

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #a781f8f9b8e10042 Environment-variable access.
repo/vllm/envs.py:780
            os.environ.get("VLLM_DO_NOT_TRACK", None)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #cb73b7822c285f2a Environment-variable access.
repo/vllm/envs.py:781
            or os.environ.get("DO_NOT_TRACK", None)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #4b2d49be979a0162 Environment-variable access.
repo/vllm/envs.py:786
    "VLLM_USAGE_SOURCE": lambda: os.environ.get("VLLM_USAGE_SOURCE", "production"),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #ade376936c3f68a6 Environment-variable access.
repo/vllm/envs.py:792
        int(os.getenv("VLLM_CONFIGURE_LOGGING", "1"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #9a25f07bfc69016c Environment-variable access.
repo/vllm/envs.py:794
    "VLLM_LOGGING_CONFIG_PATH": lambda: os.getenv("VLLM_LOGGING_CONFIG_PATH"),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #2bc8b7a9d3a07809 Environment-variable access.
repo/vllm/envs.py:796
    "VLLM_LOGGING_LEVEL": lambda: os.getenv("VLLM_LOGGING_LEVEL", "INFO").upper(),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #fd993ca3e6d66233 Environment-variable access.
repo/vllm/envs.py:798
    "VLLM_LOGGING_STREAM": lambda: os.getenv("VLLM_LOGGING_STREAM", "ext://sys.stdout"),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #dc29552996ec5267 Environment-variable access.
repo/vllm/envs.py:800
    "VLLM_LOGGING_PREFIX": lambda: os.getenv("VLLM_LOGGING_PREFIX", ""),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #39ac89190257ed01 Environment-variable access.
repo/vllm/envs.py:803
    "VLLM_LOGGING_COLOR": lambda: os.getenv("VLLM_LOGGING_COLOR", "auto"),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #eccf3353bbcb2c32 Environment-variable access.
repo/vllm/envs.py:805
    "NO_COLOR": lambda: os.getenv("NO_COLOR", "0") != "0",

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #677b29d0f075c824 Environment-variable access.
repo/vllm/envs.py:810
        if (val := float(os.getenv("VLLM_LOG_STATS_INTERVAL", "10."))) > 0.0

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #01780058bb2260fc Environment-variable access.
repo/vllm/envs.py:816
    "VLLM_TRACE_FUNCTION": lambda: int(os.getenv("VLLM_TRACE_FUNCTION", "0")),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #7bd4d96b487c0ac9 Environment-variable access.
repo/vllm/envs.py:821
        bool(int(os.environ["VLLM_USE_FLASHINFER_SAMPLER"]))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #a9dbeb22b6c4926d Environment-variable access.
repo/vllm/envs.py:822
        if "VLLM_USE_FLASHINFER_SAMPLER" in os.environ

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #53405670ff667186 Environment-variable access.
repo/vllm/envs.py:826
    "VLLM_PP_LAYER_PARTITION": lambda: os.getenv("VLLM_PP_LAYER_PARTITION", None),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #64fbfb1d5d498664 Environment-variable access.
repo/vllm/envs.py:830
        int(os.getenv("VLLM_CPU_KVCACHE_SPACE", "0"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #f06d34d9497e4561 Environment-variable access.
repo/vllm/envs.py:831
        if "VLLM_CPU_KVCACHE_SPACE" in os.environ

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #c4b936af4e812de8 Environment-variable access.
repo/vllm/envs.py:836
    "VLLM_CPU_OMP_THREADS_BIND": lambda: os.getenv("VLLM_CPU_OMP_THREADS_BIND", "auto"),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #db34c2408470d301 Environment-variable access.
repo/vllm/envs.py:840
        int(os.getenv("VLLM_CPU_NUM_OF_RESERVED_CPU", "0"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #303f186ea4d9fe07 Environment-variable access.
repo/vllm/envs.py:841
        if "VLLM_CPU_NUM_OF_RESERVED_CPU" in os.environ

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #6cf463f7f19807a7 Environment-variable access.
repo/vllm/envs.py:845
    "VLLM_CPU_SGL_KERNEL": lambda: bool(int(os.getenv("VLLM_CPU_SGL_KERNEL", "0"))),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #096bc36ecb7f2597 Environment-variable access.
repo/vllm/envs.py:848
        int(os.getenv("VLLM_CPU_ATTN_SPLIT_KV", "1"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #97622e819f1e1aa7 Environment-variable access.
repo/vllm/envs.py:853
        int(os.getenv("VLLM_ZENTORCH_WEIGHT_PREPACK", "1"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #61a01ec16ef0ba4e Environment-variable access.
repo/vllm/envs.py:856
    "VLLM_CPU_INT4_W4A8": lambda: bool(int(os.getenv("VLLM_CPU_INT4_W4A8", "1"))),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #74ecc97765dcf0cd Environment-variable access.
repo/vllm/envs.py:870
        int(os.getenv("VLLM_USE_RAY_COMPILED_DAG_OVERLAP_COMM", "0"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #b4c5019b5b87248f Environment-variable access.
repo/vllm/envs.py:876
        int(os.getenv("VLLM_USE_RAY_WRAPPED_PP_COMM", "1"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #a58232dba307c2b6 Environment-variable access.
repo/vllm/envs.py:881
        int(os.getenv("VLLM_USE_RAY_V2_EXECUTOR_BACKEND", "1"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #7d48ee96f0da790d Environment-variable access.
repo/vllm/envs.py:888
        int(os.getenv("VLLM_DISTRIBUTED_USE_SPLIT_GROUP", "0"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #03a7ae7f9fe49432 Environment-variable access.
repo/vllm/envs.py:897
        os.getenv(
            "VLLM_ASSETS_CACHE",
            os.path.join(get_default_cache_root(), "vllm", "assets"),
        )

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #ea33d03995c69013 Environment-variable access.
repo/vllm/envs.py:905
        int(os.getenv("VLLM_ASSETS_CACHE_MODEL_CLEAN", "0"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #3b3936414f3bf283 Environment-variable access.
repo/vllm/envs.py:909
    "VLLM_IMAGE_FETCH_TIMEOUT": lambda: int(os.getenv("VLLM_IMAGE_FETCH_TIMEOUT", "5")),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #171b424e11244bb0 Environment-variable access.
repo/vllm/envs.py:913
        os.getenv("VLLM_VIDEO_FETCH_TIMEOUT", "30")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #b27e726b89521280 Environment-variable access.
repo/vllm/envs.py:918
        os.getenv("VLLM_AUDIO_FETCH_TIMEOUT", "10")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #55fd91daa0b03f85 Environment-variable access.
repo/vllm/envs.py:922
    "VLLM_MEDIA_CACHE": lambda: os.getenv("VLLM_MEDIA_CACHE", ""),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #847a990c20f4ceab Environment-variable access.
repo/vllm/envs.py:926
        os.getenv("VLLM_MEDIA_CACHE_MAX_SIZE_MB", "5120")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #5417cb5f5b668c95 Environment-variable access.
repo/vllm/envs.py:931
        os.getenv("VLLM_MEDIA_CACHE_TTL_HOURS", "24")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #ee9606b04146fda2 Environment-variable access.
repo/vllm/envs.py:936
        os.getenv("VLLM_MEDIA_FETCH_MAX_RETRIES", "3")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #4a56dac138d326c7 Environment-variable access.
repo/vllm/envs.py:941
        int(os.getenv("VLLM_MEDIA_URL_ALLOW_REDIRECTS", "1"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #e4b090d5a85ca5a6 Environment-variable access.
repo/vllm/envs.py:947
        os.getenv("VLLM_MEDIA_LOADING_THREAD_COUNT", "8")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #5718f85681d513ff Environment-variable access.
repo/vllm/envs.py:953
        os.getenv("VLLM_MAX_AUDIO_CLIP_FILESIZE_MB", "25")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #27dbacfae6befa82 Environment-variable access.
repo/vllm/envs.py:960
        os.getenv("VLLM_MAX_AUDIO_DECODE_DURATION_S", "600")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #8cec1a30ff4f3734 Environment-variable access.
repo/vllm/envs.py:966
        os.getenv(
            "VLLM_MAX_AUDIO_PREPROCESS_WORKERS",
            str(max(1, min(os.cpu_count() or 1, 2))),
        )

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #993105fbd4d1e04a Environment-variable access.
repo/vllm/envs.py:976
        os.getenv("VLLM_MAX_IMAGE_PIXELS", "178956970")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #7a33ea1356094105 Environment-variable access.
repo/vllm/envs.py:987
    "VLLM_VIDEO_LOADER_BACKEND": lambda: os.getenv(
        "VLLM_VIDEO_LOADER_BACKEND", "opencv"
    ),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #de58399552ae9f6d Environment-variable access.
repo/vllm/envs.py:997
    "VLLM_MEDIA_CONNECTOR": lambda: os.getenv("VLLM_MEDIA_CONNECTOR", "http"),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #28c329b84a7f6a16 Environment-variable access.
repo/vllm/envs.py:1012
        os.getenv(
            "VLLM_XLA_CACHE_PATH",
            os.path.join(get_default_cache_root(), "vllm", "xla_cache"),
        )

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #96a2343512bd9c68 Environment-variable access.
repo/vllm/envs.py:1019
        int(os.getenv("VLLM_XLA_CHECK_RECOMPILATION", "0"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #33dbdf8331ad87fb Environment-variable access.
repo/vllm/envs.py:1022
    "VLLM_XLA_USE_SPMD": lambda: bool(int(os.getenv("VLLM_XLA_USE_SPMD", "0"))),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #e31ff21b51b40d63 Environment-variable access.
repo/vllm/envs.py:1027
        os.getenv("VLLM_SPARSE_INDEXER_MAX_LOGITS_MB", "512")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #acebc21e62abe473 Environment-variable access.
repo/vllm/envs.py:1032
        int(os.getenv("VLLM_KEEP_ALIVE_ON_ENGINE_DEATH", "0"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #b88f512e2de5732b Environment-variable access.
repo/vllm/envs.py:1039
        os.environ.get("VLLM_ALLOW_LONG_MAX_MODEL_LEN", "0").strip().lower()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #99a02eeb2cba5ddd Environment-variable access.
repo/vllm/envs.py:1045
        os.environ.get("VLLM_TEST_FORCE_FP8_MARLIN", "0").strip().lower()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #c4289f2c14bf0969 Environment-variable access.
repo/vllm/envs.py:1048
    "VLLM_TEST_FORCE_LOAD_FORMAT": lambda: os.getenv(
        "VLLM_TEST_FORCE_LOAD_FORMAT", "dummy"
    ),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #0e8b45541608e994 Environment-variable access.
repo/vllm/envs.py:1061
        os.getenv("VLLM_FASTSAFETENSORS_QUEUE_SIZE", "0")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #2e9e75123b35cfea Environment-variable access.
repo/vllm/envs.py:1065
        os.environ.get("VLLM_HTTP_TIMEOUT_KEEP_ALIVE", "5")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #d186012e459570f4 Environment-variable access.
repo/vllm/envs.py:1071
        os.environ.get("VLLM_MAX_N_SEQUENCES", "16384")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #3c75cbb8cab4836f Environment-variable access.
repo/vllm/envs.py:1077
        os.environ.get("VLLM_MAX_COMPLETION_PROMPTS", "1024")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #8906d161142cf5df Environment-variable access.
repo/vllm/envs.py:1084
        if "VLLM_PLUGINS" not in os.environ

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #da1c9288ee6051f1 Environment-variable access.
repo/vllm/envs.py:1085
        else os.environ["VLLM_PLUGINS"].split(",")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #d3799e3018d470ba Environment-variable access.
repo/vllm/envs.py:1094
        int(os.environ["VLLM_PREFIX_CACHE_RETENTION_INTERVAL"])

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #54629adb687fc1ed Environment-variable access.
repo/vllm/envs.py:1095
        if "VLLM_PREFIX_CACHE_RETENTION_INTERVAL" in os.environ

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #ca4cb288fa06bbc3 Environment-variable access.
repo/vllm/envs.py:1101
    "VLLM_LORA_RESOLVER_CACHE_DIR": lambda: os.getenv(
        "VLLM_LORA_RESOLVER_CACHE_DIR", None
    ),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #7f96de888fc18166 Environment-variable access.
repo/vllm/envs.py:1108
    "VLLM_LORA_RESOLVER_HF_REPO_LIST": lambda: os.getenv(
        "VLLM_LORA_RESOLVER_HF_REPO_LIST", None
    ),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #dd19a174f8fdd02d Environment-variable access.
repo/vllm/envs.py:1112
    "VLLM_USE_TRITON_AWQ": lambda: bool(int(os.getenv("VLLM_USE_TRITON_AWQ", "0"))),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #7218f4a8cce93b4f Environment-variable access.
repo/vllm/envs.py:1118
        os.environ.get("VLLM_TRITON_FORCE_FIRST_CONFIG", "0").strip().lower()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #ec2920dbced38682 Environment-variable access.
repo/vllm/envs.py:1123
        os.environ.get("VLLM_ALLOW_RUNTIME_LORA_UPDATING", "0").strip().lower()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #fe8cfee38c4c3a73 Environment-variable access.
repo/vllm/envs.py:1132
    "VLLM_SKIP_P2P_CHECK": lambda: os.getenv("VLLM_SKIP_P2P_CHECK", "1") == "1",

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #fbeb40fbeb9f0b97 Environment-variable access.
repo/vllm/envs.py:1139
        if "VLLM_DISABLED_KERNELS" not in os.environ

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #f67169f5bc08ff34 Environment-variable access.
repo/vllm/envs.py:1140
        else os.environ["VLLM_DISABLED_KERNELS"].split(",")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #f10382feb4452e80 Environment-variable access.
repo/vllm/envs.py:1143
        int(os.getenv("VLLM_ENABLE_FLA_PACKED_RECURRENT_DECODE", "1"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #61fb7b9924c13114 Environment-variable access.
repo/vllm/envs.py:1147
        os.getenv("VLLM_DISABLE_PYNCCL", "False").lower() in ("true", "1")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #7d86f43bf47c0ab6 Environment-variable access.
repo/vllm/envs.py:1152
        os.getenv("VLLM_USE_OINK_OPS", "False").lower() in ("true", "1")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #a3318331d96c792e Environment-variable access.
repo/vllm/envs.py:1162
        os.getenv("VLLM_MXFP8_EMULATION_DEQUANT_AT_LOAD", "True").lower()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #70e683356b73d5f7 Environment-variable access.
repo/vllm/envs.py:1166
        os.getenv("VLLM_ROCM_USE_AITER", "False").lower() in ("true", "1")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #0353fcbf8aef1e42 Environment-variable access.
repo/vllm/envs.py:1171
        os.getenv("VLLM_ROCM_USE_AITER_CUSTOM_AR", "True").lower() in ("true", "1")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #688506a8637133f1 Environment-variable access.
repo/vllm/envs.py:1176
        os.getenv("VLLM_ROCM_USE_AITER_PAGED_ATTN", "False").lower() in ("true", "1")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #ba84009d468b3fde Environment-variable access.
repo/vllm/envs.py:1183
        os.getenv("VLLM_ROCM_USE_AITER_LINEAR", "True").lower() in ("true", "1")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #ca409e2614547bfb Environment-variable access.
repo/vllm/envs.py:1186
        os.getenv("VLLM_ROCM_USE_AITER_LINEAR_HIPBMM", "False").lower() in ("true", "1")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #4f17c8bfe68f38f6 Environment-variable access.
repo/vllm/envs.py:1191
        os.getenv("VLLM_ROCM_USE_AITER_MOE", "True").lower() in ("true", "1")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #d448190a52616fe1 Environment-variable access.
repo/vllm/envs.py:1202
        os.getenv("VLLM_ROCM_AITER_MOE_DISPATCH_POLICY", "0")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #089f073d1585d9e8 Environment-variable access.
repo/vllm/envs.py:1206
        os.getenv("VLLM_ROCM_USE_AITER_RMSNORM", "True").lower() in ("true", "1")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #758f26131b63a56e Environment-variable access.
repo/vllm/envs.py:1211
        os.getenv("VLLM_ROCM_USE_AITER_MLA", "True").lower() in ("true", "1")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #4f3c5cdaf9d57801 Environment-variable access.
repo/vllm/envs.py:1216
        os.getenv("VLLM_ROCM_USE_AITER_MHA", "True").lower() in ("true", "1")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #6b536fe13fae5132 Environment-variable access.
repo/vllm/envs.py:1221
        os.getenv("VLLM_ROCM_USE_AITER_FP4_ASM_GEMM", "False").lower() in ("true", "1")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #f6765e527b7b6c71 Environment-variable access.
repo/vllm/envs.py:1226
        os.getenv("VLLM_ROCM_USE_AITER_TRITON_ROPE", "False").lower() in ("true", "1")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #44210f2ba1940ad0 Environment-variable access.
repo/vllm/envs.py:1231
        os.getenv("VLLM_ROCM_USE_AITER_FP8BMM", "True").lower() in ("true", "1")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #b24e6a3e80d22c29 Environment-variable access.
repo/vllm/envs.py:1236
        os.getenv("VLLM_ROCM_USE_AITER_FP4BMM", "True").lower() in ("true", "1")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #9a088a0890e8830c Environment-variable access.
repo/vllm/envs.py:1240
        os.getenv("VLLM_ROCM_USE_AITER_UNIFIED_ATTENTION", "False").lower()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #ca7312c2b414bed3 Environment-variable access.
repo/vllm/envs.py:1246
        os.getenv("VLLM_ROCM_USE_AITER_FUSION_SHARED_EXPERTS", "False").lower()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #f094ac597f03f09f Environment-variable access.
repo/vllm/envs.py:1252
        os.getenv("VLLM_ROCM_USE_AITER_TRITON_GEMM", "True").lower() in ("true", "1")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #09fad6c35c73af90 Environment-variable access.
repo/vllm/envs.py:1256
        os.getenv("VLLM_ROCM_USE_SKINNY_GEMM", "True").lower() in ("true", "1")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #a31bd48b36361c8e Environment-variable access.
repo/vllm/envs.py:1259
    "VLLM_ROCM_FP8_PADDING": lambda: bool(int(os.getenv("VLLM_ROCM_FP8_PADDING", "1"))),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #5af0307dd1e55701 Environment-variable access.
repo/vllm/envs.py:1261
    "VLLM_ROCM_MOE_PADDING": lambda: bool(int(os.getenv("VLLM_ROCM_MOE_PADDING", "1"))),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #a9cc8e90985368ea Environment-variable access.
repo/vllm/envs.py:1264
        os.getenv("VLLM_ROCM_SHUFFLE_KV_CACHE_LAYOUT", "False").lower() in ("true", "1")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #670e316f7c22a4db Environment-variable access.
repo/vllm/envs.py:1279
        os.getenv("VLLM_ROCM_QUICK_REDUCE_CAST_BF16_TO_FP16", "True").lower()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #0db4637a9fef9a31 Environment-variable access.
repo/vllm/envs.py:1289
        os.environ.get("VLLM_ROCM_QUICK_REDUCE_MAX_SIZE_BYTES_MB", None)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #a00f55f64cf96505 Environment-variable access.
repo/vllm/envs.py:1296
        os.environ.get("VLLM_ROCM_QUICK_REDUCE_MIN_SIZE_BYTES_MB", None)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #915365713134f520 Environment-variable access.
repo/vllm/envs.py:1302
        os.environ.get("VLLM_ROCM_QUICK_REDUCE_QUANTIZATION_MIN_SIZE_KB", None)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #920e1f5f75e4eb1e Environment-variable access.
repo/vllm/envs.py:1305
    "Q_SCALE_CONSTANT": lambda: int(os.getenv("Q_SCALE_CONSTANT", "200")),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #709a7be84b03c8e5 Environment-variable access.
repo/vllm/envs.py:1307
    "K_SCALE_CONSTANT": lambda: int(os.getenv("K_SCALE_CONSTANT", "200")),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #846d13fa6113dd52 Environment-variable access.
repo/vllm/envs.py:1309
    "V_SCALE_CONSTANT": lambda: int(os.getenv("V_SCALE_CONSTANT", "100")),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #0a0eeb3afee57d47 Environment-variable access.
repo/vllm/envs.py:1312
        int(os.getenv("VLLM_ENABLE_V1_MULTIPROCESSING", "1"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #70e3203feabbe394 Environment-variable access.
repo/vllm/envs.py:1315
        os.getenv("VLLM_LOG_BATCHSIZE_INTERVAL", "-1")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #11ae3c9510ae57c1 Environment-variable access.
repo/vllm/envs.py:1320
    "VLLM_USE_LAYERNAME": lambda: bool(int(os.getenv("VLLM_USE_LAYERNAME", "1"))),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #61eb3a561be1a627 Environment-variable access.
repo/vllm/envs.py:1324
        int(os.getenv("VLLM_USE_RUST_FRONTEND", "0"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #b86d2058767be2ee Environment-variable access.
repo/vllm/envs.py:1333
    "VLLM_SERVER_DEV_MODE": lambda: bool(int(os.getenv("VLLM_SERVER_DEV_MODE", "0"))),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #add2f6e6489d8a29 Environment-variable access.
repo/vllm/envs.py:1342
        os.getenv("VLLM_V1_OUTPUT_PROC_CHUNK_SIZE", "128")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #9c211874836c053f Environment-variable access.
repo/vllm/envs.py:1345
    "VLLM_MLA_DISABLE": lambda: bool(int(os.getenv("VLLM_MLA_DISABLE", "0"))),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #bfd24f79ad988eba Environment-variable access.
repo/vllm/envs.py:1351
        os.getenv("VLLM_RAY_PER_WORKER_GPUS", "1.0")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #d5407df3192ea87f Environment-variable access.
repo/vllm/envs.py:1356
    "VLLM_RAY_BUNDLE_INDICES": lambda: os.getenv("VLLM_RAY_BUNDLE_INDICES", ""),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #ff68b739ddef8804 Environment-variable access.
repo/vllm/envs.py:1359
    "VLLM_CUDART_SO_PATH": lambda: os.getenv("VLLM_CUDART_SO_PATH", None),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #1a71b6ab4e7a0564 Environment-variable access.
repo/vllm/envs.py:1361
    "VLLM_DP_RANK": lambda: int(os.getenv("VLLM_DP_RANK", "0")),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #b51deecff51a3d5d Environment-variable access.
repo/vllm/envs.py:1365
        os.getenv("VLLM_DP_RANK_LOCAL", sys.modules[__name__].VLLM_DP_RANK)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #d597689f40586d9f Environment-variable access.
repo/vllm/envs.py:1368
    "VLLM_DP_SIZE": lambda: int(os.getenv("VLLM_DP_SIZE", "1")),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #0ca654dda7b08683 Environment-variable access.
repo/vllm/envs.py:1370
    "VLLM_DP_MASTER_IP": lambda: os.getenv("VLLM_DP_MASTER_IP", "127.0.0.1"),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #d8afd22473b94e55 Environment-variable access.
repo/vllm/envs.py:1372
    "VLLM_DP_MASTER_PORT": lambda: int(os.getenv("VLLM_DP_MASTER_PORT", "0")),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #2309ae98f2d534e7 Environment-variable access.
repo/vllm/envs.py:1375
        os.environ.get("VLLM_RANDOMIZE_DP_DUMMY_INPUTS", "0") == "1"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #52e6e2fac2beb187 Environment-variable access.
repo/vllm/envs.py:1388
    "VLLM_RAY_DP_PACK_STRATEGY": lambda: os.getenv(
        "VLLM_RAY_DP_PACK_STRATEGY", "strict"
    ),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #9d56e947e4fed9ea Environment-variable access.
repo/vllm/envs.py:1395
    "VLLM_RAY_DP_PLACEMENT_NODE_IPS": lambda: os.getenv(
        "VLLM_RAY_DP_PLACEMENT_NODE_IPS", ""
    ),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #b1f84fece1f71cb6 Environment-variable access.
repo/vllm/envs.py:1401
    "VLLM_RAY_EXTRA_ENV_VAR_PREFIXES_TO_COPY": lambda: os.getenv(
        "VLLM_RAY_EXTRA_ENV_VAR_PREFIXES_TO_COPY", ""
    ),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #e40105300eae56e7 Environment-variable access.
repo/vllm/envs.py:1408
    "VLLM_RAY_EXTRA_ENV_VARS_TO_COPY": lambda: os.getenv(
        "VLLM_RAY_EXTRA_ENV_VARS_TO_COPY", ""
    ),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #f238dee41b66a6b8 Environment-variable access.
repo/vllm/envs.py:1412
    "VLLM_CI_USE_S3": lambda: os.environ.get("VLLM_CI_USE_S3", "0") == "1",

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #959d5d1942a4c9a0 Environment-variable access.
repo/vllm/envs.py:1419
    "VLLM_MODEL_REDIRECT_PATH": lambda: os.environ.get(

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #652f1937f8604796 Environment-variable access.
repo/vllm/envs.py:1419
    "VLLM_MODEL_REDIRECT_PATH": lambda: os.environ.get(
        "VLLM_MODEL_REDIRECT_PATH", None
    ),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #a672b13ac11e82bd Environment-variable access.
repo/vllm/envs.py:1424
        os.environ.get("VLLM_MARLIN_USE_ATOMIC_ADD", "0") == "1"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #2e25251f2842d594 Environment-variable access.
repo/vllm/envs.py:1432
        os.environ.get("VLLM_HUMMING_ONLINE_QUANT_CONFIG", None)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #a6946a88924d2cc8 Environment-variable access.
repo/vllm/envs.py:1436
        os.environ.get("VLLM_HUMMING_INPUT_QUANT_CONFIG", None)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #cc379fb0b88d35d4 Environment-variable access.
repo/vllm/envs.py:1440
        os.environ.get("VLLM_HUMMING_USE_F16_ACCUM", "0")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #ba33ecc2ab54667f Environment-variable access.
repo/vllm/envs.py:1446
    "VLLM_HUMMING_MOE_GEMM_TYPE": lambda: os.environ.get(

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #39a22fee81bddfa2 Environment-variable access.
repo/vllm/envs.py:1446
    "VLLM_HUMMING_MOE_GEMM_TYPE": lambda: os.environ.get(
        "VLLM_HUMMING_MOE_GEMM_TYPE", None
    ),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #0a6edc2cdde1c27a Environment-variable access.
repo/vllm/envs.py:1453
        int(os.getenv("VLLM_DEEPEPLL_NVFP4_DISPATCH", "0"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #178c41c091da56c1 Environment-variable access.
repo/vllm/envs.py:1459
        os.environ.get("VLLM_V1_USE_OUTLINES_CACHE", "0") == "1"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #8ea380b9f824730d Environment-variable access.
repo/vllm/envs.py:1464
        int(os.environ["VLLM_TPU_BUCKET_PADDING_GAP"])

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #a1cdaf95f50257ae Environment-variable access.
repo/vllm/envs.py:1465
        if "VLLM_TPU_BUCKET_PADDING_GAP" in os.environ

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #93a6dcc5ba80e433 Environment-variable access.
repo/vllm/envs.py:1469
        os.environ.get("VLLM_TPU_MOST_MODEL_LEN", None)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #a05dc616f6866cf9 Environment-variable access.
repo/vllm/envs.py:1473
        "proxy" in os.getenv("JAX_PLATFORMS", "").lower()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #4b340867ad80e74f Environment-variable access.
repo/vllm/envs.py:1476
    "VLLM_USE_DEEP_GEMM": lambda: bool(int(os.getenv("VLLM_USE_DEEP_GEMM", "1"))),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #ecc9e4d5227af725 Environment-variable access.
repo/vllm/envs.py:1479
        int(os.getenv("VLLM_MOE_USE_DEEP_GEMM", "1"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #75fa6e6a99eb44fe Environment-variable access.
repo/vllm/envs.py:1483
        int(os.getenv("VLLM_USE_DEEP_GEMM_E8M0", "1"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #30f7c7c445104242 Environment-variable access.
repo/vllm/envs.py:1487
        int(os.getenv("VLLM_USE_DEEP_GEMM_TMA_ALIGNED_SCALES", "1"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #bf28b9045c7a11a5 Environment-variable access.
repo/vllm/envs.py:1511
        int(os.getenv("VLLM_USE_FUSED_MOE_GROUPED_TOPK", "1"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #78de77cb4fe9f011 Environment-variable access.
repo/vllm/envs.py:1517
    "VLLM_MOE_SKIP_PADDING": lambda: bool(int(os.getenv("VLLM_MOE_SKIP_PADDING", "0"))),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #0664e370a4b9d81a Environment-variable access.
repo/vllm/envs.py:1521
        int(os.getenv("VLLM_BLOCKSCALE_FP8_GEMM_FLASHINFER", "1"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #98b0bbb0c98deef0 Environment-variable access.
repo/vllm/envs.py:1525
        int(os.getenv("VLLM_USE_FLASHINFER_MOE_INT4", "0"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #4a804a238a573326 Environment-variable access.
repo/vllm/envs.py:1530
    "VLLM_XGRAMMAR_CACHE_MB": lambda: int(os.getenv("VLLM_XGRAMMAR_CACHE_MB", "512")),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #057e9091f208a78b Environment-variable access.
repo/vllm/envs.py:1536
        os.getenv("VLLM_REGEX_COMPILATION_TIMEOUT_S", "5")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #2a7d915f9c3a613b Environment-variable access.
repo/vllm/envs.py:1546
        os.getenv("VLLM_MSGPACK_ZERO_COPY_THRESHOLD", "256")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #1c611a3c7007ce86 Environment-variable access.
repo/vllm/envs.py:1552
        int(os.getenv("VLLM_ALLOW_INSECURE_SERIALIZATION", "0"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #5644d7c479a8d98f Environment-variable access.
repo/vllm/envs.py:1557
        int(os.getenv("VLLM_DISABLE_REQUEST_ID_RANDOMIZATION", "0"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #bb8102c1689bb2db Environment-variable access.
repo/vllm/envs.py:1560
    "VLLM_NIXL_SIDE_CHANNEL_HOST": lambda: os.getenv(
        "VLLM_NIXL_SIDE_CHANNEL_HOST", "localhost"
    ),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #1c9927c3710422a7 Environment-variable access.
repo/vllm/envs.py:1565
        os.getenv("VLLM_NIXL_SIDE_CHANNEL_PORT", "5600")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #e971dbb451dd12d2 Environment-variable access.
repo/vllm/envs.py:1569
        os.getenv("VLLM_MOONCAKE_BOOTSTRAP_PORT", "8998")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #f810ec3b860e072d Environment-variable access.
repo/vllm/envs.py:1573
        os.getenv("VLLM_MOONCAKE_STORE_TIER_LOG", "False").lower() in ("true", "1")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #a888f8eab4ff39f1 Environment-variable access.
repo/vllm/envs.py:1581
        os.getenv("VLLM_MOONCAKE_LOAD_RECV_THREADS", "1")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #f089256ae7f9e84b Environment-variable access.
repo/vllm/envs.py:1585
        os.getenv("VLLM_MOONCAKE_DISK_STAGING_USABLE_RATIO", "0.9")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #3cdac4320b6c0a79 Environment-variable access.
repo/vllm/envs.py:1588
    "MOONCAKE_PREFERRED_SEGMENT": lambda: os.getenv("MOONCAKE_PREFERRED_SEGMENT"),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #644e6a5840ac4e3e Environment-variable access.
repo/vllm/envs.py:1590
    "MOONCAKE_REQUESTER_LOCAL_HOSTNAME": lambda: os.getenv(
        "MOONCAKE_REQUESTER_LOCAL_HOSTNAME"
    ),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #132eb7423c3f492b Environment-variable access.
repo/vllm/envs.py:1594
    "VLLM_FLASHINFER_AUTOTUNE_CACHE_DIR": lambda: os.getenv(
        "VLLM_FLASHINFER_AUTOTUNE_CACHE_DIR", None
    ),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #5f2214befc8ace78 Environment-variable access.
repo/vllm/envs.py:1605
        os.getenv("VLLM_FLASHINFER_WORKSPACE_BUFFER_SIZE", str(394 * 1024 * 1024))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #a03592f945eb66ce Environment-variable access.
repo/vllm/envs.py:1612
        os.getenv("VLLM_MAX_TOKENS_PER_EXPERT_FP4_MOE", "163840")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #0a3d031d6ddc1156 Environment-variable access.
repo/vllm/envs.py:1621
        os.getenv("VLLM_FLASHINFER_ALLREDUCE_FUSION_THRESHOLDS_MB", "{}")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #109fd5d633d95276 Environment-variable access.
repo/vllm/envs.py:1629
    "VLLM_MOE_ROUTING_SIMULATION_STRATEGY": lambda: os.environ.get(

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #096f03bbed04f58b Environment-variable access.
repo/vllm/envs.py:1629
    "VLLM_MOE_ROUTING_SIMULATION_STRATEGY": lambda: os.environ.get(
        "VLLM_MOE_ROUTING_SIMULATION_STRATEGY", ""
    ).lower(),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #7986cbff299dda55 Environment-variable access.
repo/vllm/envs.py:1634
        os.getenv("VLLM_TOOL_PARSE_REGEX_TIMEOUT_SECONDS", "1")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #d46074e99931015b Environment-variable access.
repo/vllm/envs.py:1638
        os.getenv("VLLM_ENFORCE_STRICT_TOOL_CALLING", "True").lower() in ("true", "1")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #d9a743e83ad8d664 Environment-variable access.
repo/vllm/envs.py:1644
        os.getenv("VLLM_MQ_MAX_CHUNK_BYTES_MB", "16")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #ff5203de7e4648dc Environment-variable access.
repo/vllm/envs.py:1649
        os.getenv("VLLM_EXECUTE_MODEL_TIMEOUT_SECONDS", "300")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #5155a380ced36bdb Environment-variable access.
repo/vllm/envs.py:1653
        os.getenv("VLLM_WORKER_SHUTDOWN_TIMEOUT_SECONDS", "5")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #65305402f3d85aef Environment-variable access.
repo/vllm/envs.py:1676
        int(os.getenv("VLLM_COMPUTE_NANS_IN_LOGITS", "0"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #0f142ba6252726f6 Environment-variable access.
repo/vllm/envs.py:1680
        os.getenv("VLLM_MOONCAKE_ABORT_REQUEST_TIMEOUT", "480")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #16cb076a82085d79 Environment-variable access.
repo/vllm/envs.py:1685
        int(os.getenv("VLLM_HAS_FLASHINFER_CUBIN", "0"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #705352e217f1b46f Environment-variable access.
repo/vllm/envs.py:1691
        int(os.getenv("VLLM_ENABLE_CUDAGRAPH_GC", "0"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #5906e3b170267d6d Environment-variable access.
repo/vllm/envs.py:1694
    "VLLM_LOOPBACK_IP": lambda: os.getenv("VLLM_LOOPBACK_IP", ""),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #fa88c5c0bcf5b371 Environment-variable access.
repo/vllm/envs.py:1698
    "VLLM_PROCESS_NAME_PREFIX": lambda: os.getenv("VLLM_PROCESS_NAME_PREFIX", "VLLM"),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #75b6c69a04f40b58 Environment-variable access.
repo/vllm/envs.py:1707
        int(os.getenv("VLLM_ALLOW_CHUNKED_LOCAL_ATTN_WITH_HYBRID_KV_CACHE", "1"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #d71d3cb7c5247f60 Environment-variable access.
repo/vllm/envs.py:1719
        int(os.getenv("VLLM_ENABLE_RESPONSES_API_STORE", "0"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #1d7393d3cc12016f Environment-variable access.
repo/vllm/envs.py:1723
        int(os.getenv("VLLM_ROCM_FP8_MFMA_PAGE_ATTN", "0"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #9358e5c93f138868 Environment-variable access.
repo/vllm/envs.py:1727
        int(os.getenv("VLLM_ALLREDUCE_USE_SYMM_MEM", "1"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #29916049a4c4d8e0 Environment-variable access.
repo/vllm/envs.py:1731
        int(os.getenv("VLLM_ALLREDUCE_USE_FLASHINFER", "0"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #9eeb7021835d7811 Environment-variable access.
repo/vllm/envs.py:1735
        int(os.getenv("VLLM_USE_EXPERIMENTAL_PARSER_CONTEXT", "0"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #07bb9366a646813c Environment-variable access.
repo/vllm/envs.py:1741
    "VLLM_TUNED_CONFIG_FOLDER": lambda: os.getenv("VLLM_TUNED_CONFIG_FOLDER", None),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #1ea338380d8c4d13 Environment-variable access.
repo/vllm/envs.py:1750
        int(os.getenv("VLLM_ENABLE_STARTUP_PLAN", "0"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #294ba4ace452b544 Environment-variable access.
repo/vllm/envs.py:1763
        int(os.getenv("VLLM_GPT_OSS_HARMONY_SYSTEM_INSTRUCTIONS", "0"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #d46f3ee75382eb64 Environment-variable access.
repo/vllm/envs.py:1770
    "VLLM_SYSTEM_START_DATE": lambda: os.getenv("VLLM_SYSTEM_START_DATE", None),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #ecb0ebc0f76e235a Environment-variable access.
repo/vllm/envs.py:1775
        int(os.getenv("VLLM_TOOL_JSON_ERROR_AUTOMATIC_RETRY", "0"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #8d11dcb9bf249cf9 Environment-variable access.
repo/vllm/envs.py:1779
        int(os.getenv("VLLM_CUSTOM_SCOPES_FOR_PROFILING", "0"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #d4bee9b8575b6994 Environment-variable access.
repo/vllm/envs.py:1783
        int(os.getenv("VLLM_NVTX_SCOPES_FOR_PROFILING", "0"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #da1c5d85646df4e6 Environment-variable access.
repo/vllm/envs.py:1788
        int(os.getenv("VLLM_KV_EVENTS_USE_INT_BLOCK_HASHES", "1"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #ddb119e960422cab Environment-variable access.
repo/vllm/envs.py:1800
        os.getenv("VLLM_DEEPEP_BUFFER_SIZE_MB", "1024")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #06b5485362d4389c Environment-variable access.
repo/vllm/envs.py:1806
        int(os.getenv("VLLM_DEEPEP_HIGH_THROUGHPUT_FORCE_INTRA_NODE", "0"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #4c65f2107c34dfa6 Environment-variable access.
repo/vllm/envs.py:1811
        int(os.getenv("VLLM_DEEPEP_LOW_LATENCY_USE_MNNVL", "0"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #4e47aac427c98d82 Environment-variable access.
repo/vllm/envs.py:1815
        int(os.getenv("VLLM_DEEPEP_V2_ALLOW_HYBRID_MODE", "0"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #b50d33daf2d04d18 Environment-variable access.
repo/vllm/envs.py:1819
        int(os.getenv("VLLM_DEEPEP_V2_PREFER_OVERLAP", "0"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #7e6417311b255a1a Environment-variable access.
repo/vllm/envs.py:1823
        int(os.getenv("VLLM_DEEPEP_V2_ALLOW_MULTIPLE_REDUCTION", "0"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #82417bd3043839fa Environment-variable access.
repo/vllm/envs.py:1829
        os.getenv(
            "VLLM_DBO_COMM_SMS",
            "64"
            if hasattr(__import__("torch").version, "hip")
            and __import__("torch").version.hip is not None
            else "20",
        )

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #25a950b6284571fc Environment-variable access.
repo/vllm/envs.py:1841
        int(os.getenv("VLLM_ENABLE_INDUCTOR_MAX_AUTOTUNE", "1"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #50694fac8521f9d2 Environment-variable access.
repo/vllm/envs.py:1846
        int(os.getenv("VLLM_ENABLE_INDUCTOR_COORDINATE_DESCENT_TUNING", "1"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #745e05e1555285ce Environment-variable access.
repo/vllm/envs.py:1850
        int(os.getenv("VLLM_USE_NCCL_SYMM_MEM", "0"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #c5dd9fd19bd69e4e Environment-variable access.
repo/vllm/envs.py:1853
    "VLLM_NCCL_INCLUDE_PATH": lambda: os.environ.get("VLLM_NCCL_INCLUDE_PATH", None),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #35055165f934ebc0 Environment-variable access.
repo/vllm/envs.py:1859
    "VLLM_GC_DEBUG": lambda: os.getenv("VLLM_GC_DEBUG", ""),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #d51e2ccf55fdd7db Environment-variable access.
repo/vllm/envs.py:1862
    "VLLM_DEBUG_WORKSPACE": lambda: bool(int(os.getenv("VLLM_DEBUG_WORKSPACE", "0"))),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #632d56c1fe38a5cc Environment-variable access.
repo/vllm/envs.py:1865
        int(os.getenv("VLLM_DISABLE_SHARED_EXPERTS_STREAM", "0"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #c3e13a252018fb0e Environment-variable access.
repo/vllm/envs.py:1872
        int(os.getenv("VLLM_SHARED_EXPERTS_STREAM_TOKEN_THRESHOLD", 256))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #284198a050d710cf Environment-variable access.
repo/vllm/envs.py:1883
        os.getenv("VLLM_MULTI_STREAM_GEMM_TOKEN_THRESHOLD", "1024")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #a0c73052f6f5e546 Environment-variable access.
repo/vllm/envs.py:1896
        os.getenv("VLLM_USE_V2_MODEL_RUNNER", None)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #e40d0adeb8a80b88 Environment-variable access.
repo/vllm/envs.py:1902
        int(os.getenv("VLLM_LOG_MODEL_INSPECTION", "0"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #14cd8dda89dcb437 Environment-variable access.
repo/vllm/envs.py:1906
        int(os.getenv("VLLM_DEBUG_MFU_METRICS", "0"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #5352587c6fd6c79e Environment-variable access.
repo/vllm/envs.py:1910
        int(os.getenv("VLLM_WEIGHT_OFFLOADING_DISABLE_PIN_MEMORY", "0"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #5218c295c4cc6077 Environment-variable access.
repo/vllm/envs.py:1914
        int(os.getenv("VLLM_WEIGHT_OFFLOADING_DISABLE_UVA", "0"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #7000940b7ae527d7 Environment-variable access.
repo/vllm/envs.py:1921
        int(os.getenv("VLLM_WSL2_ENABLE_PIN_MEMORY", "0"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #00155924be7e4ed8 Environment-variable access.
repo/vllm/envs.py:1924
    "VLLM_DISABLE_LOG_LOGO": lambda: bool(int(os.getenv("VLLM_DISABLE_LOG_LOGO", "0"))),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #09a679f7dd4df6fc Environment-variable access.
repo/vllm/envs.py:1927
    "VLLM_LORA_DISABLE_PDL": lambda: bool(int(os.getenv("VLLM_LORA_DISABLE_PDL", "0"))),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #47d748ac3ee944b9 Environment-variable access.
repo/vllm/envs.py:1931
        os.environ.get("VLLM_ENABLE_CUDA_COMPATIBILITY", "0").strip().lower()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #68ff96d6c12be8dc Environment-variable access.
repo/vllm/envs.py:1935
    "VLLM_CUDA_COMPATIBILITY_PATH": lambda: os.environ.get(

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #dfa40e52c542a53c Environment-variable access.
repo/vllm/envs.py:1935
    "VLLM_CUDA_COMPATIBILITY_PATH": lambda: os.environ.get(
        "VLLM_CUDA_COMPATIBILITY_PATH", None
    ),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #1ae5a864f63abb9e Environment-variable access.
repo/vllm/envs.py:1943
        os.getenv("VLLM_SKIP_MODEL_NAME_VALIDATION", "0").strip().lower()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #b735ddcaa66349aa Environment-variable access.
repo/vllm/envs.py:1949
        int(os.getenv("VLLM_ELASTIC_EP_SCALE_UP_LAUNCH", "0"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #cf13e792104e8e9f Environment-variable access.
repo/vllm/envs.py:1954
        int(os.getenv("VLLM_ELASTIC_EP_DRAIN_REQUESTS", "0"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #5e2ede299bc7f436 Environment-variable access.
repo/vllm/envs.py:1960
        int(os.getenv("VLLM_MEMORY_PROFILER_ESTIMATE_CUDAGRAPHS", "1"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #6e8a1e8e8d0fb106 Environment-variable access.
repo/vllm/envs.py:1964
        os.getenv("VLLM_NIXL_EP_MAX_NUM_RANKS", "32")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #d3b52934c1591981 Environment-variable access.
repo/vllm/envs.py:1968
        int(os.getenv("VLLM_XPU_ENABLE_XPU_GRAPH", "0"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #a39eecda4a0a2d9f Environment-variable access.
repo/vllm/envs.py:1972
        int(os.getenv("VLLM_XPU_USE_SAMPLER_KERNEL", "1"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #4a88b900233b781c Environment-variable access.
repo/vllm/envs.py:1976
        int(os.getenv("VLLM_USE_SIMPLE_KV_OFFLOAD", "0"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #bc617a7a298e4311 Environment-variable access.
repo/vllm/envs.py:1982
        int(os.getenv("VLLM_LORA_ENABLE_DUAL_STREAM", "0"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #d19d413396f9caac Environment-variable access.
repo/vllm/envs.py:1986
    "VLLM_USE_SPINLOOP_EXT": lambda: bool(int(os.getenv("VLLM_USE_SPINLOOP_EXT", "0"))),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #9d5d56cb4c0bb49d Environment-variable access.
repo/vllm/envs.py:1989
    "VLLM_GPU_NIC_PCIE_MAPPING": lambda: os.getenv("VLLM_GPU_NIC_PCIE_MAPPING", ""),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #cfbdd250fd4eaedc Environment-variable access.
repo/vllm/envs.py:1993
    "VLLM_NIC_SELECTION_VARS": lambda: os.getenv("VLLM_NIC_SELECTION_VARS", ""),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #78e917161d9ec508 Environment-variable access.
repo/vllm/envs.py:2059
        return name in os.environ

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #2784c115655e4b0f Environment-variable access.
repo/vllm/envs.py:2064
    for env in os.environ:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #5764310c63afa68f Environment-variable access.
repo/vllm/envs.py:2193
        factors[var] = normalize_value(os.getenv(var))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #a2415e51374d8c36 Filesystem access.
repo/vllm/ir/util.py:26
            src_str = src.read_text()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #d01a67989af9067f Filesystem access.
repo/vllm/kernels/helion/config_manager.py:235
            test_file.write_text("test")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #2f11d4b6f1701efd Filesystem access.
repo/vllm/kernels/helion/config_manager.py:247
            with open(config_path) as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #fe9c7e00e5396df4 Filesystem access.
repo/vllm/kernels/helion/config_manager.py:262
                with open(platform_file) as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #edbb9251b3a3d5f2 Filesystem access.
repo/vllm/kernels/helion/config_manager.py:293
            with open(platform_path, "w") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #14b8406994cbc880 Filesystem access.
repo/vllm/kernels/helion/config_manager.py:317
        with open(platform_path, "w") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #20157a1ea3f67ad6 Filesystem access.
repo/vllm/logger.py:185
        with open(envs.VLLM_LOGGING_CONFIG_PATH, encoding="utf-8") as file:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #9cc5138122cfa0b9 Filesystem access.
repo/vllm/logger.py:272
            with open(log_path, "a") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #4f814e6ec41f6ed4 Filesystem access.
repo/vllm/lora/ops/triton_ops/utils.py:189
        with open(str(config_path)) as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #df0afdf3e5fc3fd7 Filesystem access.
repo/vllm/lora/peft_helper.py:110
            with open(lora_config_path) as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #d516d194ad91b009 Filesystem access.
repo/vllm/model_executor/layers/attention/mm_encoder_attention.py:71
    with open(path, encoding="utf-8") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #7d58d4a6a30897ad Filesystem access.
repo/vllm/model_executor/layers/attention/mm_encoder_attention.py:140
    with open(path, "w", encoding="utf-8") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #1b8d2d9c4ea63f8a Environment-variable access.
repo/vllm/model_executor/layers/batch_invariant.py:918
        os.environ["CUBLAS_WORKSPACE_CONFIG"] = ":16:8"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #0b3fb80ede630c91 Environment-variable access.
repo/vllm/model_executor/layers/batch_invariant.py:919
        os.environ["CUBLASLT_WORKSPACE_SIZE"] = "1"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #a599d9ea8350f7ae Environment-variable access.
repo/vllm/model_executor/layers/batch_invariant.py:954
    os.environ["VLLM_ALLREDUCE_USE_SYMM_MEM"] = "0"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #98b9e371546d1ca8 Environment-variable access.
repo/vllm/model_executor/layers/batch_invariant.py:956
    os.environ["CUBLAS_WORKSPACE_CONFIG"] = ":4096:8"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #8d5d15299bddd451 Environment-variable access.
repo/vllm/model_executor/layers/batch_invariant.py:959
    os.environ["NCCL_LAUNCH_MODE"] = "GROUP"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #7f2365a7e0325d88 Environment-variable access.
repo/vllm/model_executor/layers/batch_invariant.py:960
    os.environ["NCCL_COLLNET_ENABLE"] = "0"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #333eda6c462d984b Environment-variable access.
repo/vllm/model_executor/layers/batch_invariant.py:961
    os.environ["NCCL_NVLS_ENABLE"] = "0"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #ab380002d549e65e Environment-variable access.
repo/vllm/model_executor/layers/batch_invariant.py:962
    os.environ["NCCL_P2P_NET_DISABLE"] = "1"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #7aea3b0e3d973653 Environment-variable access.
repo/vllm/model_executor/layers/batch_invariant.py:963
    os.environ["NCCL_MIN_NCHANNELS"] = "1"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #5d75363fe6995e84 Environment-variable access.
repo/vllm/model_executor/layers/batch_invariant.py:964
    os.environ["NCCL_MAX_NCHANNELS"] = "1"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #992ddfd380921dbf Environment-variable access.
repo/vllm/model_executor/layers/batch_invariant.py:965
    os.environ["NCCL_PROTO"] = "Simple"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #d568cdb49cb139a5 Environment-variable access.
repo/vllm/model_executor/layers/batch_invariant.py:966
    os.environ["NCCL_ALGO"] = "allreduce:tree"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #5d7e586284b8da7d Environment-variable access.
repo/vllm/model_executor/layers/batch_invariant.py:967
    os.environ["NCCL_NTHREADS"] = "1"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #439598ab43a0989e Environment-variable access.
repo/vllm/model_executor/layers/batch_invariant.py:968
    os.environ["NCCL_SOCKET_NTHREADS"] = "1"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #ff73ed9f6e1ac84e Environment-variable access.
repo/vllm/model_executor/layers/batch_invariant.py:971
    os.environ["VLLM_USE_AOT_COMPILE"] = "0"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #23c51889f875d1ec Environment-variable access.
repo/vllm/model_executor/layers/fla/ops/l2norm.py:18
USE_DEFAULT_FLA_NORM = int(os.getenv("USE_DEFAULT_FLA_NORM", "0"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #c0e68fcf83dbad5b Environment-variable access.
repo/vllm/model_executor/layers/fla/ops/op.py:16
if os.environ.get("FLA_USE_FAST_OPS", "0") == "1":

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #5f7fd7b11d1a02c6 Environment-variable access.
repo/vllm/model_executor/layers/fla/ops/solve_tril.py:21
FLA_TRIL_PRECISION = os.environ.get("FLA_TRIL_PRECISION", "ieee")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #aa9934d77a71b40f Environment-variable access.
repo/vllm/model_executor/layers/fla/ops/utils.py:25
COMPILER_MODE = os.getenv("FLA_COMPILER_MODE") == "1"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #c47bedaebfb68d2f Environment-variable access.
repo/vllm/model_executor/layers/fla/ops/utils.py:26
FLA_CI_ENV = os.getenv("FLA_CI_ENV") == "1"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #f1526c15802f7dc3 Environment-variable access.
repo/vllm/model_executor/layers/fla/ops/utils.py:28
SUPPRESS_LEVEL = int(os.getenv("GDN_RECOMPUTE_SUPPRESS_LEVEL", "0"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #c0af829b6ff2c66c Environment-variable access.
repo/vllm/model_executor/layers/fla/ops/utils.py:155
use_cuda_graph = is_nvidia and os.environ.get("FLA_USE_CUDA_GRAPH", "0") == "1"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #a3138f5b9c014a8f Environment-variable access.
repo/vllm/model_executor/layers/fla/ops/utils.py:159
    and os.getenv("FLA_USE_TMA", "0") == "1"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #bbe1056c619312ae Filesystem access.
repo/vllm/model_executor/layers/fused_moe/fused_flydsl_moe.py:118
        with open(config_file_path) as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #6936b538fb1794da Filesystem access.
repo/vllm/model_executor/layers/fused_moe/fused_moe.py:1093
            with open(config_file_path) as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #d92b8e465bd52ea6 Environment-variable access.
repo/vllm/model_executor/layers/fused_moe/oracle/mxfp4.py:1449
        os.environ["AITER_BF16_FP8_MOE_BOUND"] = "0"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #eddef5322565cd8f Filesystem access.
repo/vllm/model_executor/layers/mamba/gdn/qwen_gdn_linear_attn.py:139
            with open(pkg_path.locate(), "rb") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #9bebb561de6b84cf Filesystem access.
repo/vllm/model_executor/layers/mamba/ops/mamba_ssm.py:96
            with open(path) as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #d470c5695da1ce3f Filesystem access.
repo/vllm/model_executor/layers/quantization/torchao.py:224
        with open(config_file) as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #a5fd40e1e3cdce9e Filesystem access.
repo/vllm/model_executor/layers/quantization/utils/fp8_utils.py:875
        with open(config_file_path) as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #3ca62a52722b2f33 Filesystem access.
repo/vllm/model_executor/layers/quantization/utils/int8_utils.py:340
        with open(config_file_path) as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #de0234fa4d480146 Environment-variable access.
repo/vllm/model_executor/model_loader/runai_streamer_loader.py:73
            os.environ.update(env_updates)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #cb089677d1f66c05 Environment-variable access.
repo/vllm/model_executor/model_loader/runai_streamer_loader.py:75
            runai_streamer_s3_endpoint = os.getenv("RUNAI_STREAMER_S3_ENDPOINT")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #a8cacb01556e2351 Environment-variable access.
repo/vllm/model_executor/model_loader/runai_streamer_loader.py:76
            aws_endpoint_url = os.getenv("AWS_ENDPOINT_URL")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #b3b6b8f504936f46 Environment-variable access.
repo/vllm/model_executor/model_loader/runai_streamer_loader.py:78
                os.environ["RUNAI_STREAMER_S3_ENDPOINT"] = aws_endpoint_url

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #97636351aafc863b Filesystem access.
repo/vllm/model_executor/model_loader/tensorizer.py:648
                open(artifact.path, "rb") as f,

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #86861b071a5c81d8 Filesystem access.
repo/vllm/model_executor/model_loader/tensorizer.py:673
        with open(keyfile, "rb") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #4a8130b9f8eeb843 Filesystem access.
repo/vllm/model_executor/model_loader/tensorizer.py:773
    with open(config_path) as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #bc8ff5b7ed926b9a Environment-variable access.
repo/vllm/model_executor/model_loader/weight_utils.py:76
    if "HF_XET_HIGH_PERFORMANCE" not in os.environ:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #0182c4be375a375d Filesystem access.
repo/vllm/model_executor/model_loader/weight_utils.py:380
    with open(quant_config_file) as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #83ad6cd72e2d571d Filesystem access.
repo/vllm/model_executor/model_loader/weight_utils.py:423
    with open(config_file) as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #c0f66bc1674b4bb1 Filesystem access.
repo/vllm/model_executor/model_loader/weight_utils.py:483
                with open(index_path) as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #3ff09baeef134135 Filesystem access.
repo/vllm/model_executor/model_loader/weight_utils.py:593
    with open(index_file_name) as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #4aa18b96201c51a3 Filesystem access.
repo/vllm/model_executor/model_loader/weight_utils.py:665
                    with open(param_path, "wb") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #1720e79ed371e5bd Filesystem access.
repo/vllm/model_executor/model_loader/weight_utils.py:668
            with open(weight_names_file, "w") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #fa9775e575222e20 Filesystem access.
repo/vllm/model_executor/model_loader/weight_utils.py:671
    with open(weight_names_file) as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #bfda0cbbcefb7768 Filesystem access.
repo/vllm/model_executor/model_loader/weight_utils.py:676
        with open(param_path, "rb") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #7107f97209a3e1dc Filesystem access.
repo/vllm/model_executor/model_loader/weight_utils.py:709
        with open("/proc/mounts") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #1160f165e39a7b09 Filesystem access.
repo/vllm/model_executor/model_loader/weight_utils.py:740
    with open(file_path, "rb") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #26007a48dcdcd56d Filesystem access.
repo/vllm/model_executor/model_loader/weight_utils.py:913
            with open(st_file, "rb") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #e25f7a99e536e232 Filesystem access.
repo/vllm/model_executor/models/llava_onevision2.py:173
        with open(config_file, encoding="utf-8") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #749330c32cddfbd5 Filesystem access.
repo/vllm/model_executor/models/mimo_audio.py:1258
        with open(config_path) as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #7620e504a2a8625e Environment-variable access.
repo/vllm/model_executor/models/minicpmo.py:81
if os.getenv("USE_FLAGOS") == "1":

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #75dc38c25bf710ed Filesystem access.
repo/vllm/model_executor/models/registry.py:869
            hasher.update(path.read_bytes())

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #2865d13fc5ad2db1 Filesystem access.
repo/vllm/model_executor/models/registry.py:877
                with open(modelinfo_path, encoding="utf-8") as file:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #ad4009fce17e6f53 Filesystem access.
repo/vllm/model_executor/models/registry.py:1440
        with open(output_filepath, "rb") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #1a01271fa28e9e22 Filesystem access.
repo/vllm/model_executor/models/registry.py:1454
    with open(output_file, "wb") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #e9b58b712457df44 Filesystem access.
repo/vllm/model_executor/warmup/flashinfer_sparse_mla_warmup.py:164
        with open(cache_path, "rb") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #0c06f939fe718af0 Filesystem access.
repo/vllm/model_executor/warmup/kernel_warmup.py:193
        with open(cache_path, "rb") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #6b0a1298992dc17c Filesystem access.
repo/vllm/multimodal/media/connector.py:234
            return cache_path.read_bytes()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #da9c54332bb00fb9 Filesystem access.
repo/vllm/multimodal/media/image.py:95
        return self.load_bytes(filepath.read_bytes())

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #b894940e6f2e05cb Environment-variable access.
repo/vllm/multimodal/video.py:870
                pool_size = int(os.environ.get("VLLM_MEDIA_LOADING_THREAD_COUNT", 8))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #e6c045ea838740da Filesystem access.
repo/vllm/platforms/__init__.py:157
    with open("/proc/cpuinfo") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #44102c88f9922faa Environment-variable access.
repo/vllm/platforms/cpu.py:138
        if env_key in os.environ and os.environ[env_key] != "":

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #a3da098489c10b42 Environment-variable access.
repo/vllm/platforms/cpu.py:139
            kv_cache_space = int(os.environ[env_key])

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #84ef8ac6f6f4028a Environment-variable access.
repo/vllm/platforms/cpu.py:148
            os.environ.get("VLLM_ENABLE_V1_MULTIPROCESSING", "1") == "1"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #ee3bd46dedd28445 Environment-variable access.
repo/vllm/platforms/cpu.py:177
            if os.environ.get("VLLM_CPU_CI_ENV", "0") != "0":

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #768a9c27a085951d Environment-variable access.
repo/vllm/platforms/cpu.py:225
        os.environ["VLLM_WORKER_MULTIPROC_METHOD"] = "spawn"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #93f46191fc85102f Environment-variable access.
repo/vllm/platforms/cpu.py:229
        os.environ["NUMEXPR_MAX_THREADS"] = str(get_max_threads())

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #ffdbac5f1afb1f8c Environment-variable access.
repo/vllm/platforms/cpu.py:232
        os.environ["TORCHINDUCTOR_COMPILE_THREADS"] = "1"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #e0941b77e9948f5b Environment-variable access.
repo/vllm/platforms/cpu.py:235
        os.environ["VLLM_DISABLE_SHARED_EXPERTS_STREAM"] = "1"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #1721584345ac1d3f Environment-variable access.
repo/vllm/platforms/cpu.py:238
        os.environ["TORCHINDUCTOR_CPP_DYNAMIC_THREADS"] = "1"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #a6d510ce2259de51 Environment-variable access.
repo/vllm/platforms/cpu.py:242
            os.environ["VLLM_SSM_CONV_STATE_LAYOUT"] = "SD"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #c73659153e88aba8 Environment-variable access.
repo/vllm/platforms/cpu.py:244
        ld_preload_str = os.getenv("LD_PRELOAD", "")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #d76c2dfec65f612b Environment-variable access.
repo/vllm/platforms/cpu.py:282
                os.environ["LD_PRELOAD"] = ld_preload_str

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #ad030bb1ceae569c Environment-variable access.
repo/vllm/platforms/cpu.py:306
                os.environ["LD_PRELOAD"] = ld_preload_str

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #652b5e6cbb737aff Environment-variable access.
repo/vllm/platforms/cpu.py:308
        os.environ["LOCAL_WORLD_SIZE"] = str(

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #e3cf7d33ce6bd778 Filesystem access.
repo/vllm/platforms/cpu.py:365
                        with open(path) as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #c6dd124b0c3c43fd Filesystem access.
repo/vllm/platforms/cuda.py:846
            return cpulist_file.read_text().strip() != ""

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #91ad83da2ae5fa5f Filesystem access.
repo/vllm/platforms/cuda.py:886
                    cpulist = cpulist_file.read_text().strip()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #91e659b9b7c97f34 Environment-variable access.
repo/vllm/platforms/cuda.py:951
                and os.environ.get("CUDA_DEVICE_ORDER") != "PCI_BUS_ID"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #f87dca77c6133700 Environment-variable access.
repo/vllm/platforms/interface.py:305
            cls.device_control_env_var in os.environ

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #ec0b0be9ba514f72 Environment-variable access.
repo/vllm/platforms/interface.py:306
            and os.environ[cls.device_control_env_var] != ""

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #3fc7cedbc8f6556c Environment-variable access.
repo/vllm/platforms/interface.py:308
            device_ids = os.environ[cls.device_control_env_var].split(",")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #784be0fa892fd36c Environment-variable access.
repo/vllm/platforms/interface.py:324
        device_control_env = os.environ.get(cls.device_control_env_var, "")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #8a9d639f2c63deb1 Environment-variable access.
repo/vllm/platforms/interface.py:349
        device_control_env = os.environ.get(cls.device_control_env_var, "")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #885383351e3ebe78 Environment-variable access.
repo/vllm/platforms/rocm.py:119
    hip_val = os.environ.get("HIP_VISIBLE_DEVICES") or None

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #34e2f721b361fbb6 Environment-variable access.
repo/vllm/platforms/rocm.py:120
    cuda_val = os.environ.get("CUDA_VISIBLE_DEVICES") or None

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #f3c87685c7414df3 Environment-variable access.
repo/vllm/platforms/rocm.py:139
        os.environ["CUDA_VISIBLE_DEVICES"] = hip_val

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #301367f34fa30c6f Environment-variable access.
repo/vllm/platforms/rocm.py:141
        os.environ["HIP_VISIBLE_DEVICES"] = cuda_val

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #9523cab433cb77fb Environment-variable access.
repo/vllm/platforms/rocm.py:342
    os.environ["HIP_ONLINE_TUNING"] = "1"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #d79d75bfb571c37e Environment-variable access.
repo/vllm/platforms/rocm.py:396
        if os.environ.get("FLASH_ATTENTION_TRITON_AMD_ENABLE") != "TRUE":

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #0c908a5b194f8416 Environment-variable access.
repo/vllm/platforms/rocm.py:845
        os.environ["VLLM_USE_TRITON_AWQ"] = "1"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #1e5f663726082c86 Environment-variable access.
repo/vllm/platforms/xpu.py:240
        xpu_use_triton_kernel = os.getenv("XPU_USE_TRITON_KERNEL", "0") == "1"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #d88722650cfa5d9c Environment-variable access.
repo/vllm/platforms/xpu.py:323
        os.environ["UCX_MEMTYPE_CACHE"] = "n"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #ce68d149b37f7578 Environment-variable access.
repo/vllm/platforms/xpu.py:326
        if "VLLM_WORKER_MULTIPROC_METHOD" not in os.environ:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #86f4d1ca526f54ed Environment-variable access.
repo/vllm/platforms/xpu.py:327
            os.environ["VLLM_WORKER_MULTIPROC_METHOD"] = "spawn"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #5ad80546febe4c06 Filesystem access.
repo/vllm/plugins/lora_resolvers/filesystem_resolver.py:34
                with open(adapter_config_path) as file:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #3c77fb2a5e6720f8 Filesystem access.
repo/vllm/profiler/wrapper.py:258
            with open(profiler_out_file, "w") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #d5a7493591c6e9fa Filesystem access.
repo/vllm/ray/ray_env.py:20
        with open(RAY_NON_CARRY_OVER_ENV_VARS_FILE) as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #ac01fd0721a87f81 Environment-variable access.
repo/vllm/ray/ray_env.py:90
    result |= {name for name in os.environ if any(name.startswith(p) for p in prefixes)}

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #f8b9923b7278dcd0 Environment-variable access.
repo/vllm/ray/ray_env.py:104
        sorted(v for v in result if v in os.environ),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #683a313f50482309 Environment-variable access.
repo/vllm/third_party/pynvml.py:2413
                            nvmlLib = CDLL(os.path.join(os.getenv("WINDIR", "C:/Windows"), "System32/nvml.dll"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #5721bda624e29217 Environment-variable access.
repo/vllm/third_party/pynvml.py:2417
                            nvmlLib = CDLL(os.path.join(os.getenv("ProgramFiles", "C:/Program Files"), "NVIDIA Corporation/NVSMI/nvml.dll"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #27751be7d6119676 Filesystem access.
repo/vllm/tokenizers/kimi_audio.py:29
    with open(vocab_file, encoding="utf-8") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #7ead635ece4b99fd Filesystem access.
repo/vllm/tokenizers/kimi_audio.py:136
            with open(tokenizer_config, encoding="utf-8") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #4ef8773e5886eb6a Environment-variable access.
repo/vllm/tracing/otel.py:74
    os.environ["OTEL_EXPORTER_OTLP_TRACES_ENDPOINT"] = otlp_traces_endpoint

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #d44a9d1fca33ff50 Environment-variable access.
repo/vllm/tracing/otel.py:95
    protocol = os.environ.get(OTEL_EXPORTER_OTLP_TRACES_PROTOCOL, "grpc")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #c8b61e8622b872b5 Environment-variable access.
repo/vllm/tracing/otel.py:115
    otlp_endpoint = os.environ.get("OTEL_EXPORTER_OTLP_TRACES_ENDPOINT")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #728ad2f9d2b67544 Environment-variable access.
repo/vllm/tracing/otel.py:228
    if tp := os.environ.get("traceparent", os.environ.get("TRACEPARENT")):  # noqa: SIM112

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #038e7fa80b857f56 Environment-variable access.
repo/vllm/tracing/otel.py:231
    if ts := os.environ.get("tracestate", os.environ.get("TRACESTATE")):  # noqa: SIM112

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #88c8847a5fa23692 Environment-variable access.
repo/vllm/tracing/otel.py:235
        carrier = dict(os.environ)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #546b320d8b7ffbda Environment-variable access.
repo/vllm/tracing/otel.py:252
    original_state = {k: os.environ.get(k) for k in TRACE_HEADERS}

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #8e3cf71548197179 Environment-variable access.
repo/vllm/tracing/otel.py:256
        inject(os.environ)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #584d06b2e32e2c8e Environment-variable access.
repo/vllm/tracing/otel.py:263
                os.environ.pop(key, None)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #b61896910b6dbbf9 Environment-variable access.
repo/vllm/tracing/otel.py:265
                os.environ[key] = original_value

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #8a62495b9bf944e4 Environment-variable access.
repo/vllm/transformers_utils/config.py:742
                os.environ["VLLM_USE_DEEP_GEMM_E8M0"] = "1"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #be969331e0887cf7 Filesystem access.
repo/vllm/transformers_utils/processors/funasr.py:64
    with open(cmvn_file, encoding="utf-8") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #5c797ce8646057f8 Environment-variable access.
repo/vllm/transformers_utils/repo_utils.py:102
                    token=os.getenv("MODELSCOPE_API_TOKEN", None),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #26baac13028f1973 Filesystem access.
repo/vllm/transformers_utils/repo_utils.py:296
        with open(file_path, "rb") as file:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #ebd15e85c982a8a1 Filesystem access.
repo/vllm/transformers_utils/repo_utils.py:357
        with open(file_path) as file:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #8e3049d0748caa6f Filesystem access.
repo/vllm/transformers_utils/utils.py:63
    with open(path) as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #0b553621afab4c4f Filesystem access.
repo/vllm/transformers_utils/utils.py:72
    with open(path) as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #d54064d332e3d03b Filesystem access.
repo/vllm/transformers_utils/utils.py:113
    with open(path, "rb") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #e03057641ec6d825 Environment-variable access.
repo/vllm/triton_utils/importing.py:38
        visible_devices = os.environ.get(visible_devices_env)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #374807e66b20e5fc Filesystem access.
repo/vllm/usage/usage_lib.py:96
            file_content = path.read_text().lower()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #d731719ea56cb968 Environment-variable access.
repo/vllm/usage/usage_lib.py:106
        if os.environ.get(env_var):

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #3bc2e0ebf129c739 Filesystem access.
repo/vllm/usage/usage_lib.py:277
        with open(_USAGE_STATS_JSON_PATH, "a") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #d5d8505df077c603 Filesystem access.
repo/vllm/utils/argparse_utils.py:563
            with open(file_path) as config_file:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #70349ae0210a14ef Filesystem access.
repo/vllm/utils/cpu_resource_utils.py:55
        with open(path) as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #51a5738ed75d21bf Filesystem access.
repo/vllm/utils/cpu_resource_utils.py:97
    with open(path) as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #b67b714a17d32c47 Filesystem access.
repo/vllm/utils/cpu_resource_utils.py:140
    with open(meminfo_path) as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #4af5911b7bbbf9b2 Environment-variable access.
repo/vllm/utils/cpu_resource_utils.py:191
        ("VLLM_CPU_SIM_MULTI_NUMA" not in os.environ)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #bf019d2f61332c5c Environment-variable access.
repo/vllm/utils/cpu_resource_utils.py:192
        and env_key in os.environ

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #82b40aec50b46155 Environment-variable access.
repo/vllm/utils/cpu_resource_utils.py:193
        and os.environ[env_key] != ""

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #242b3014c0f5306a Environment-variable access.
repo/vllm/utils/cpu_resource_utils.py:195
        visible_nodes = [int(s) for s in os.environ[env_key].split(",")]

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #75f176b966959a2a Environment-variable access.
repo/vllm/utils/deep_gemm.py:251
    if not os.environ.get(DEEP_GEMM_JIT_CACHE_ENV_NAME, None):

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #edae2f45437aa66f Environment-variable access.
repo/vllm/utils/deep_gemm.py:252
        os.environ[DEEP_GEMM_JIT_CACHE_ENV_NAME] = os.path.join(

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #6819a287aa9a89a8 Environment-variable access.
repo/vllm/utils/flashinfer.py:30
FLASHINFER_CUBINS_REPOSITORY = os.environ.get(

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #fc4383306bf7bbc3 Environment-variable access.
repo/vllm/utils/flashinfer.py:30
FLASHINFER_CUBINS_REPOSITORY = os.environ.get(
    "FLASHINFER_CUBINS_REPOSITORY",
    "https://edge.urm.nvidia.com/artifactory/sw-kernelinferencelibrary-public-generic-local/",  # noqa: E501
)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #7de03f977fae8471 Environment-variable access.
repo/vllm/utils/jit_monitor.py:97
    user_val = os.environ.get("TRITON_PRINT_AUTOTUNING")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #545f012556f001a6 Environment-variable access.
repo/vllm/utils/jit_monitor.py:519
    previous_env = os.environ.get(key)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #acaa9725ceea23b0 Environment-variable access.
repo/vllm/utils/jit_monitor.py:521
    os.environ[key] = "workqueue"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #64c6a5e5e023ffc7 Environment-variable access.
repo/vllm/utils/jit_monitor.py:527
            os.environ.pop(key, None)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #9c64bbeb5c223c52 Environment-variable access.
repo/vllm/utils/jit_monitor.py:529
            os.environ[key] = previous_env

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #662b061dbcacac3a Environment-variable access.
repo/vllm/utils/network_utils.py:35
    if "HOST_IP" in os.environ and "VLLM_HOST_IP" not in os.environ:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #c58a023519ca250d Environment-variable access.
repo/vllm/utils/network_utils.py:159
    if "VLLM_DP_MASTER_PORT" in os.environ:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #5dbfa3ba26c185ad Filesystem access.
repo/vllm/utils/numa_utils.py:185
        with open(_PROC_CPUINFO_PATH) as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #c422d9d94251dc15 Filesystem access.
repo/vllm/utils/numa_utils.py:217
        with open(_PCT_HIGHEST_PERF_PATH) as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #83addbe1f2b523dc Filesystem access.
repo/vllm/utils/numa_utils.py:299
            cpulist_raw = cpulist_path.read_text().strip()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #88ca245c38bb8583 Environment-variable access.
repo/vllm/utils/numa_utils.py:563
    old_numactl_args = os.environ.get(_NUMACTL_ARGS_ENV)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #76dfd8118e2cd399 Environment-variable access.
repo/vllm/utils/numa_utils.py:564
    old_python_executable = os.environ.get(_NUMACTL_PYTHON_EXECUTABLE_ENV)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #1c0e1d10a081f37a Environment-variable access.
repo/vllm/utils/numa_utils.py:565
    os.environ[_NUMACTL_ARGS_ENV] = numactl_args

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #a359ee2e71de2277 Environment-variable access.
repo/vllm/utils/numa_utils.py:566
    os.environ[_NUMACTL_PYTHON_EXECUTABLE_ENV] = python_executable

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #b9f239dc877bd690 Environment-variable access.
repo/vllm/utils/numa_utils.py:571
            os.environ.pop(_NUMACTL_ARGS_ENV, None)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #f1df9c7b875ac548 Environment-variable access.
repo/vllm/utils/numa_utils.py:573
            os.environ[_NUMACTL_ARGS_ENV] = old_numactl_args

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #19ddbd71c77974f4 Environment-variable access.
repo/vllm/utils/numa_utils.py:576
            os.environ.pop(_NUMACTL_PYTHON_EXECUTABLE_ENV, None)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #9cca7e13fbe94d2c Environment-variable access.
repo/vllm/utils/numa_utils.py:578
            os.environ[_NUMACTL_PYTHON_EXECUTABLE_ENV] = old_python_executable

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #62b122b23b629ac0 Environment-variable access.
repo/vllm/utils/ompmultiprocessing.py:36
        self.simulate_multi_node = os.environ.get("VLLM_CPU_SIM_MULTI_NUMA", "0") != "0"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #c74ef9778e514ecd Environment-variable access.
repo/vllm/utils/ompmultiprocessing.py:37
        ld_preload_str = os.getenv("LD_PRELOAD", "")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #c9be50691af363d7 Environment-variable access.
repo/vllm/utils/ompmultiprocessing.py:107
            old_envs_dict[k] = os.environ.get(k)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #ed1d22e9fa83b3aa Environment-variable access.
repo/vllm/utils/ompmultiprocessing.py:112
                os.environ[k] = v

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #629cc931888a43dc Environment-variable access.
repo/vllm/utils/ompmultiprocessing.py:118
                    os.environ.pop(k, None)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #a53e899efd603da3 Environment-variable access.
repo/vllm/utils/ompmultiprocessing.py:120
                    os.environ[k] = v

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #0b210b2551cc24a4 Environment-variable access.
repo/vllm/utils/system_utils.py:37
        if k in os.environ and os.environ[k] != v:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #b77a69853e7f629b Environment-variable access.
repo/vllm/utils/system_utils.py:41
                os.environ[k],

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #d74df3afdc4c63cb Environment-variable access.
repo/vllm/utils/system_utils.py:44
        os.environ[k] = v

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #dd2048bf089e255b Environment-variable access.
repo/vllm/utils/system_utils.py:50
    old = os.environ.get(key)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #83097d0c205337e4 Environment-variable access.
repo/vllm/utils/system_utils.py:51
    os.environ[key] = value

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #3a2517cd65f12c95 Environment-variable access.
repo/vllm/utils/system_utils.py:56
            os.environ.pop(key, None)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #791a3b63ae7cd058 Environment-variable access.
repo/vllm/utils/system_utils.py:58
            os.environ[key] = old

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #50213bf54c38b2d7 Environment-variable access.
repo/vllm/utils/system_utils.py:130
    if os.environ.get("VLLM_WORKER_MULTIPROC_METHOD") == "spawn":

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #cbf3f9debe01b3d7 Environment-variable access.
repo/vllm/utils/system_utils.py:140
        os.environ["RAY_ADDRESS"] = ray.get_runtime_context().gcs_address

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #654a834dcf820282 Environment-variable access.
repo/vllm/utils/system_utils.py:165
        os.environ["VLLM_WORKER_MULTIPROC_METHOD"] = "spawn"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #d46d47b1020fa80d Filesystem access.
repo/vllm/utils/system_utils.py:323
    with open("/proc/self/maps") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #5d8c601875ab1d52 Environment-variable access.
repo/vllm/utils/torch_utils.py:165
            num_threads = int(os.environ["OMP_NUM_THREADS"])

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #a21ab5f295adceea Environment-variable access.
repo/vllm/utils/torch_utils.py:195
    old_value = os.environ.get("CUDA_VISIBLE_DEVICES")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #155588b49b751037 Environment-variable access.
repo/vllm/utils/torch_utils.py:196
    os.environ["CUDA_VISIBLE_DEVICES"] = ""

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #7e9ac8a94c2a36ce Environment-variable access.
repo/vllm/utils/torch_utils.py:207
            del os.environ["CUDA_VISIBLE_DEVICES"]

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #1c70884fd47c1009 Environment-variable access.
repo/vllm/utils/torch_utils.py:209
            os.environ["CUDA_VISIBLE_DEVICES"] = old_value

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #3a1da3a523d05573 Filesystem access.
repo/vllm/v1/attention/backends/cpu_attn.py:453
        with open("/proc/cpuinfo") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #d0b00a1e900f3e83 Environment-variable access.
repo/vllm/v1/attention/backends/mla/cutlass_mla.py:163
        force_num_kv_splits = os.environ.get("FORCE_NUM_KV_SPLITS", None)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #166bb4af673e646f Environment-variable access.
repo/vllm/v1/core/kv_cache_utils.py:102
    hash_seed = os.getenv("PYTHONHASHSEED")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #6c2719f0cd764cfa Environment-variable access.
repo/vllm/v1/engine/core.py:2170
        os.environ.setdefault(

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #6ee9faa79a2a0b25 Environment-variable access.
repo/vllm/v1/engine/core.py:2207
                f'base value: "{os.getenv(device_control_env_var)}"'

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #94f293c18a7867bf Environment-variable access.
repo/vllm/v1/engine/utils.py:354
            f'"{os.getenv(device_control_env_var)}"'

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #bf183405d940a500 Environment-variable access.
repo/vllm/v1/engine/utils.py:411
            name: os.environ[name] for name in env_vars_list if name in os.environ

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #6f896d24e34281e6 Environment-variable access.
repo/vllm/v1/executor/multiproc_executor.py:1066
            "OMP_NUM_THREADS" not in os.environ

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #6cc0fe6d5c3b511b Environment-variable access.
repo/vllm/v1/executor/multiproc_executor.py:1077
            os.environ["OMP_NUM_THREADS"] = str(default_omp_num_threads)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #eaf66fcbebcb83bd Environment-variable access.
repo/vllm/v1/executor/ray_env_utils.py:18
    return {key: value for key, value in os.environ.items() if key not in exclude_vars}

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #9ccf4469f05db004 Environment-variable access.
repo/vllm/v1/executor/ray_executor.py:75
            os.environ["VLLM_USE_RAY_COMPILED_DAG_CHANNEL_TYPE"] = "shm"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #5a8914537bb60a71 Environment-variable access.
repo/vllm/v1/executor/ray_executor.py:82
        ray_usage = os.environ.get("RAY_USAGE_STATS_ENABLED", "0")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #5a1ac7e7474c4f83 Environment-variable access.
repo/vllm/v1/executor/ray_executor.py:84
            os.environ["RAY_USAGE_STATS_ENABLED"] = "0"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #fcb419c86e225411 Environment-variable access.
repo/vllm/v1/executor/ray_executor.py:320
                if name in os.environ:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #1a8b89e0188cc493 Environment-variable access.
repo/vllm/v1/executor/ray_executor.py:321
                    args[name] = os.environ[name]

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #dd4fe37b6991018d Environment-variable access.
repo/vllm/v1/executor/ray_executor.py:537
        os.environ.setdefault("RAY_CGRAPH_get_timeout", "300")  # noqa: SIM112

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #000cc3f43c4701f3 Environment-variable access.
repo/vllm/v1/executor/ray_executor.py:542
            os.environ["RAY_CGRAPH_get_timeout"],  # noqa: SIM112

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #8e64f2518433e733 Environment-variable access.
repo/vllm/v1/executor/ray_executor_v2.py:155
                os.environ.setdefault(key, value)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #a587660898303c9a Environment-variable access.
repo/vllm/v1/executor/ray_executor_v2.py:157
            os.environ[key] = value

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #9f7745709d91a090 Environment-variable access.
repo/vllm/v1/executor/ray_utils.py:180
            os.environ.update(vars)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #e7e672c95f9a583d Environment-variable access.
repo/vllm/v1/executor/ray_utils.py:552
    if os.environ.get("RAY_USAGE_STATS_ENABLED", "0") != "1":

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #920724d4b336f584 Environment-variable access.
repo/vllm/v1/executor/ray_utils.py:553
        os.environ["RAY_USAGE_STATS_ENABLED"] = "0"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #44f1c0e7b1faded7 Environment-variable access.
repo/vllm/v1/executor/uniproc_executor.py:184
        rank = int(os.environ["RANK"])

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #98ee1b6bafd244f3 Environment-variable access.
repo/vllm/v1/executor/uniproc_executor.py:185
        local_rank = int(os.environ["LOCAL_RANK"])

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #707911f987617614 Environment-variable access.
repo/vllm/v1/executor/vllm_net_devices.py:177
        existing = os.environ.get(var_name, "").strip()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #d0a9ffc29fe49ed1 Environment-variable access.
repo/vllm/v1/executor/vllm_net_devices.py:180
        os.environ[var_name] = value

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #9e75d7fee908e1fc Filesystem access.
repo/vllm/v1/kv_offload/tiering/fs/manager.py:161
            with open(config_path, "w") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #6eb4ccc5c7d7f36b Environment-variable access.
repo/vllm/v1/metrics/prometheus.py:21
    if "PROMETHEUS_MULTIPROC_DIR" not in os.environ:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #f25dfb2badee1c89 Environment-variable access.
repo/vllm/v1/metrics/prometheus.py:26
        os.environ["PROMETHEUS_MULTIPROC_DIR"] = _prometheus_multiproc_dir.name

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #ac7ccec3588de1e5 Environment-variable access.
repo/vllm/v1/metrics/prometheus.py:46
    if os.getenv("PROMETHEUS_MULTIPROC_DIR") is not None:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #c5188e993f4190d4 Environment-variable access.
repo/vllm/v1/structured_output/backend_guidance.py:121
            log_level=int(os.environ.get("LLGUIDANCE_LOG_LEVEL", "1")),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #ace307ef5851446d Environment-variable access.
repo/vllm/v1/structured_output/utils.py:195
    outlines_cache_dir = os.getenv("OUTLINES_CACHE_DIR")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #825b946ac716ed55 Environment-variable access.
repo/vllm/v1/structured_output/utils.py:196
    xdg_cache_home = os.getenv("XDG_CACHE_HOME")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #0d8bd4e1c0a84bbc Environment-variable access.
repo/vllm/v1/worker/cpu_worker.py:112
            ld_preload_list = os.environ.get("LD_PRELOAD", "")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #b69899db570e9b8f Environment-variable access.
repo/vllm/v1/worker/cpu_worker.py:148
        os.environ["VLLM_DIST_IDENT"] = self.distributed_init_method.split(":")[-1]

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #ff119a1725fddb9a Environment-variable access.
repo/vllm/v1/worker/gpu_worker.py:267
        conf = os.environ.get("PYTORCH_CUDA_ALLOC_CONF", "")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #fc2b49ce69d4bacc Environment-variable access.
repo/vllm/v1/worker/gpu_worker.py:286
            os.environ.pop("NCCL_ASYNC_ERROR_HANDLING", None)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #024f29a8834f4a84 Filesystem access.
repo/vllm/v1/worker/startup_plan.py:91
        with open(path) as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #03768f2a35fa0b37 Filesystem access.
repo/vllm/v1/worker/startup_plan.py:186
        with open(tmp, "w") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #6c6c6fc355f839cf Environment-variable access.
repo/vllm/v1/worker/xpu_worker.py:87
        ENV_CCL_ATL_TRANSPORT = os.getenv("CCL_ATL_TRANSPORT", "ofi")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #7433e49c68f2ea15 Environment-variable access.
repo/vllm/v1/worker/xpu_worker.py:88
        ENV_LOCAL_WORLD_SIZE = os.getenv(
            "LOCAL_WORLD_SIZE", str(self.parallel_config.world_size)
        )

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #e869d3f388d7cdcd Environment-variable access.
repo/vllm/v1/worker/xpu_worker.py:91
        os.environ["CCL_ATL_TRANSPORT"] = ENV_CCL_ATL_TRANSPORT

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #14c1e67109468327 Environment-variable access.
repo/vllm/v1/worker/xpu_worker.py:92
        os.environ["LOCAL_WORLD_SIZE"] = ENV_LOCAL_WORLD_SIZE

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #078e737a609c90cb Environment-variable access.
repo/vllm/v1/worker/xpu_worker.py:93
        os.environ["LOCAL_RANK"] = str(self.local_rank)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

first-party (python): examples/features/structured_outputs

python first-party
expand_more 1 low-confidence finding(s)
low env_fs production #6ca847d6ce31c458 Environment-variable access.
repo/examples/features/structured_outputs/structured_outputs_client.py:224
    base_url = os.getenv("OPENAI_BASE_URL", "http://localhost:8000/v1")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

</> Dependencies

openai

python dependency
high pii_flow dependency Excluded from app score #76c76a96938cdb78 User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
pkgs/python/[email protected]/src/openai/lib/azure.py:249 · flow /tmp/closeopen-3c5vkb17/pkgs/python/[email protected]/src/openai/lib/azure.py:213 → /tmp/closeopen-3c5vkb17/pkgs/python/[email protected]/src/openai/lib/azure.py:249
        self._azure_endpoint = httpx.URL(azure_endpoint) if azure_endpoint else None

User/PII-bearing data flows to an external sink — the classic data-exfiltration shape.

Fix: Confirm no user identifiers reach this sink; redact/hash before sending, or remove the flow.

high pii_flow dependency Excluded from app score #078f72390f7e1de9 User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
pkgs/python/[email protected]/src/openai/lib/azure.py:523 · flow /tmp/closeopen-3c5vkb17/pkgs/python/[email protected]/src/openai/lib/azure.py:487 → /tmp/closeopen-3c5vkb17/pkgs/python/[email protected]/src/openai/lib/azure.py:523
        self._azure_endpoint = httpx.URL(azure_endpoint) if azure_endpoint else None

User/PII-bearing data flows to an external sink — the classic data-exfiltration shape.

Fix: Confirm no user identifiers reach this sink; redact/hash before sending, or remove the flow.

expand_more 53 low-confidence finding(s)
low env_fs tooling reachable #fca8ac38a0f673a9 Environment-variable access.
pkgs/python/[email protected]/examples/realtime/azure_realtime.py:25
        azure_endpoint=os.environ["AZURE_OPENAI_ENDPOINT"],

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling Excluded from app score unreachable #41c4bd52bd57083c Filesystem access.
pkgs/python/[email protected]/examples/uploads.py:30
    data = file.read_bytes()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #deded07e9e5a9c91 Environment-variable access.
pkgs/python/[email protected]/src/openai/__init__.py:137
api_type: _ApiType | None = _t.cast(_ApiType, _os.environ.get("OPENAI_API_TYPE"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #110eb50a0a702387 Environment-variable access.
pkgs/python/[email protected]/src/openai/__init__.py:139
api_version: str | None = _os.environ.get("OPENAI_API_VERSION")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #0cf3aa143387c7b4 Environment-variable access.
pkgs/python/[email protected]/src/openai/__init__.py:141
azure_endpoint: str | None = _os.environ.get("AZURE_OPENAI_ENDPOINT")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #4e5d3a236b2b0775 Environment-variable access.
pkgs/python/[email protected]/src/openai/__init__.py:143
azure_ad_token: str | None = _os.environ.get("AZURE_OPENAI_AD_TOKEN")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #85b9c30a5ea34f39 Environment-variable access.
pkgs/python/[email protected]/src/openai/__init__.py:265
    return _os.environ.get("OPENAI_API_KEY") is not None

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #ce8494e7fd38199d Environment-variable access.
pkgs/python/[email protected]/src/openai/__init__.py:269
    return azure_endpoint is not None or _os.environ.get("AZURE_OPENAI_API_KEY") is not None

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #0b31f8fd74e185e8 Environment-variable access.
pkgs/python/[email protected]/src/openai/__init__.py:274
        _os.environ.get("AZURE_OPENAI_AD_TOKEN") is not None

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #c0a7fcc05e28e8a7 Environment-variable access.
pkgs/python/[email protected]/src/openai/__init__.py:290
            azure_endpoint = _os.environ.get("AZURE_OPENAI_ENDPOINT")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #87c8189f44c07b70 Environment-variable access.
pkgs/python/[email protected]/src/openai/__init__.py:293
            azure_ad_token = _os.environ.get("AZURE_OPENAI_AD_TOKEN")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #8d47b1699dd1cb51 Environment-variable access.
pkgs/python/[email protected]/src/openai/__init__.py:296
            api_version = _os.environ.get("OPENAI_API_VERSION")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #182090714d199444 Environment-variable access.
pkgs/python/[email protected]/src/openai/__init__.py:306
            if (azure_ad_token is not None or azure_ad_token_provider is not None) and _os.environ.get(

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #2890338a0395b056 Environment-variable access.
pkgs/python/[email protected]/src/openai/__init__.py:306
            if (azure_ad_token is not None or azure_ad_token_provider is not None) and _os.environ.get(
                "AZURE_OPENAI_API_KEY"
            ) is not None:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #fcaacbc3396bad14 Environment-variable access.
pkgs/python/[email protected]/src/openai/_client.py:122
            api_key = os.environ.get("OPENAI_API_KEY")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #8da7507056c459f4 Environment-variable access.
pkgs/python/[email protected]/src/openai/_client.py:130
            organization = os.environ.get("OPENAI_ORG_ID")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #1307242d637777d5 Environment-variable access.
pkgs/python/[email protected]/src/openai/_client.py:134
            project = os.environ.get("OPENAI_PROJECT_ID")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #e21ac0c68911153a Environment-variable access.
pkgs/python/[email protected]/src/openai/_client.py:140
            base_url = os.environ.get("OPENAI_BASE_URL")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #e2670240097fdd8f Environment-variable access.
pkgs/python/[email protected]/src/openai/_client.py:417
            api_key = os.environ.get("OPENAI_API_KEY")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #829b3ac8d6d51cbb Environment-variable access.
pkgs/python/[email protected]/src/openai/_client.py:425
            organization = os.environ.get("OPENAI_ORG_ID")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #e0e383560fc8b50b Environment-variable access.
pkgs/python/[email protected]/src/openai/_client.py:429
            project = os.environ.get("OPENAI_PROJECT_ID")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #b11633d2b065b5ff Environment-variable access.
pkgs/python/[email protected]/src/openai/_client.py:435
            base_url = os.environ.get("OPENAI_BASE_URL")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #92abcf1b534adf17 Filesystem access.
pkgs/python/[email protected]/src/openai/_files.py:67
            return (path.name, path.read_bytes())

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #40f42d2a84b6e12e Filesystem access.
pkgs/python/[email protected]/src/openai/_files.py:79
        return pathlib.Path(file).read_bytes()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #090dcc6c41847b9d Filesystem access.
pkgs/python/[email protected]/src/openai/_files.py:109
            return (path.name, await path.read_bytes())

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #f847d41d43f17c89 Filesystem access.
pkgs/python/[email protected]/src/openai/_files.py:121
        return await anyio.Path(file).read_bytes()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #d0594a8687e22230 Filesystem access.
pkgs/python/[email protected]/src/openai/_legacy_response.py:438
        with open(file, mode="wb") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #ade7d80d7199d978 Filesystem access.
pkgs/python/[email protected]/src/openai/_legacy_response.py:451
        with open(file, mode="wb") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #c15e38c716293bb5 Environment-variable access.
pkgs/python/[email protected]/src/openai/_models.py:88
            extra="allow", defer_build=coerce_boolean(os.environ.get("DEFER_PYDANTIC_BUILD", "true"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #d7ff019660725531 Filesystem access.
pkgs/python/[email protected]/src/openai/_response.py:510
        with open(file, mode="wb") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #1a27c87fafbf16c1 Filesystem access.
pkgs/python/[email protected]/src/openai/_response.py:552
        with open(file, mode="wb") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #2ce2b7c245af1b01 Environment-variable access.
pkgs/python/[email protected]/src/openai/_utils/_logs.py:23
    env = os.environ.get("OPENAI_LOG")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #07363eba2a041170 Filesystem access.
pkgs/python/[email protected]/src/openai/_utils/_transform.py:242
            binary = data.read_bytes()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #e888387be7cc4e7f Filesystem access.
pkgs/python/[email protected]/src/openai/_utils/_transform.py:404
            binary = await anyio.Path(data).read_bytes()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #79fa204322fd62f6 Filesystem access.
pkgs/python/[email protected]/src/openai/_utils/_utils.py:372
    contents = Path(path).read_bytes()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #dfac4339d2fdce75 Filesystem access.
pkgs/python/[email protected]/src/openai/cli/_api/audio.py:67
        with open(args.file, "rb") as file_reader:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #201b6165be1885d0 Filesystem access.
pkgs/python/[email protected]/src/openai/cli/_api/audio.py:90
        with open(args.file, "rb") as file_reader:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #ad1013eb26988f84 Filesystem access.
pkgs/python/[email protected]/src/openai/cli/_api/files.py:55
        with open(args.file, "rb") as file_reader:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #9ea0d44e4ccab9ff Filesystem access.
pkgs/python/[email protected]/src/openai/cli/_api/image.py:103
        with open(args.image, "rb") as file_reader:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #4c16ddcbaa990c6a Filesystem access.
pkgs/python/[email protected]/src/openai/cli/_api/image.py:119
        with open(args.image, "rb") as file_reader:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #db004e859e2bc2ae Filesystem access.
pkgs/python/[email protected]/src/openai/cli/_api/image.py:125
            with open(args.mask, "rb") as file_reader:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #4cf3e4097119c681 Environment-variable access.
pkgs/python/[email protected]/src/openai/cli/_tools/migrate.py:68
    xdg = os.environ.get("XDG_CACHE_HOME")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #602aedb43e3dddfc Environment-variable access.
pkgs/python/[email protected]/src/openai/cli/_tools/migrate.py:76
    if not os.environ.get("DEBUG"):

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #a1667f633c60c68d Filesystem access.
pkgs/python/[email protected]/src/openai/cli/_tools/migrate.py:121
        with open(temp_file, "wb") as file:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #a176e4271539765d Filesystem access.
pkgs/python/[email protected]/src/openai/lib/_validators.py:485
                with open(fname, "r") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #c16c59f9a30a0f3c Environment-variable access.
pkgs/python/[email protected]/src/openai/lib/azure.py:188
            api_key = os.environ.get("AZURE_OPENAI_API_KEY")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #3827663d3034a4b3 Environment-variable access.
pkgs/python/[email protected]/src/openai/lib/azure.py:191
            azure_ad_token = os.environ.get("AZURE_OPENAI_AD_TOKEN")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #acb592f314a23380 Environment-variable access.
pkgs/python/[email protected]/src/openai/lib/azure.py:199
            api_version = os.environ.get("OPENAI_API_VERSION")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #cd19d322b2437811 Environment-variable access.
pkgs/python/[email protected]/src/openai/lib/azure.py:213
                azure_endpoint = os.environ.get("AZURE_OPENAI_ENDPOINT")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #a8b2af3939d0141c Environment-variable access.
pkgs/python/[email protected]/src/openai/lib/azure.py:462
            api_key = os.environ.get("AZURE_OPENAI_API_KEY")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #1ba20f2c0b103f05 Environment-variable access.
pkgs/python/[email protected]/src/openai/lib/azure.py:465
            azure_ad_token = os.environ.get("AZURE_OPENAI_AD_TOKEN")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #aa8ad6418e25b3ad Environment-variable access.
pkgs/python/[email protected]/src/openai/lib/azure.py:473
            api_version = os.environ.get("OPENAI_API_VERSION")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #14ba6190e3204ef6 Environment-variable access.
pkgs/python/[email protected]/src/openai/lib/azure.py:487
                azure_endpoint = os.environ.get("AZURE_OPENAI_ENDPOINT")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

pydantic

python dependency
expand_more 10 low-confidence finding(s)
low env_fs dependency Excluded from app score #a5b589bb2b1b12d5 Environment-variable access.
pkgs/python/[email protected]/pydantic/_internal/_core_utils.py:113
    if os.getenv('PYDANTIC_VALIDATE_CORE_SCHEMAS'):

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #1d00fd569386b65f Filesystem access.
pkgs/python/[email protected]/pydantic/deprecated/parse.py:71
    b = path.read_bytes()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #87f2bbb59f958c38 Environment-variable access.
pkgs/python/[email protected]/pydantic/json_schema.py:321
                if os.getenv('PYDANTIC_PRIVATE_ALLOW_UNHANDLED_SCHEMA_TYPES'):

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #3ac7c35edcca0585 Filesystem access.
pkgs/python/[email protected]/pydantic/mypy.py:1379
    with open(config_file, 'rb') as rf:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #a235419af2219f79 Environment-variable access.
pkgs/python/[email protected]/pydantic/plugin/_loader.py:27
    disabled_plugins = os.getenv('PYDANTIC_DISABLE_PLUGINS')

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #0070dea7aa61efb4 Environment-variable access.
pkgs/python/[email protected]/pydantic/v1/env_settings.py:173
            env_vars: Mapping[str, Optional[str]] = os.environ

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #1e66e6197ffb8dec Environment-variable access.
pkgs/python/[email protected]/pydantic/v1/env_settings.py:175
            env_vars = {k.lower(): v for k, v in os.environ.items()}

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #dcfb0e36a994c5d3 Filesystem access.
pkgs/python/[email protected]/pydantic/v1/env_settings.py:307
                    secret_value = path.read_text().strip()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #044422f4caf2432d Filesystem access.
pkgs/python/[email protected]/pydantic/v1/mypy.py:948
    with open(config_file, read_mode) as rf:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #17a1d86f4277e22a Filesystem access.
pkgs/python/[email protected]/pydantic/v1/parse.py:57
    b = path.read_bytes()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.