Close Open Privacy Scan

bolt Snapshot: commit a666ba5
science engine v3
schedule 2026-07-07T23:05:45.480120+00:00

verified_user No application data leak found

No high-confidence exfiltration was found in application code.

App Privacy Score

97 /100
Low privacy risk

Low risk · 9 finding(s)

Dependency score: 100 (Low risk)

bar_chart Score Breakdown

env_fs −3

list Scan Summary

0 high 0 medium 9 low
First-party packages: 1
Dependency packages: 0
Ecosystem: npm

swap_horiz Application data flows

No high- or medium-confidence application data-flow findings in this scan.

</> First-Party Code

first-party (npm)

npm first-party
expand_more 9 low-confidence finding(s)
low env_fs production #49c365aed68a2838 Filesystem access.
repo/lib/common/file.js:35
    result[key] = _.template(fs.readFileSync(filePath, 'utf8'));

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #7c772df7acc2b523 Filesystem access.
repo/lib/common/minify.js:36
  fs.writeFile(destPath, output.code, 'utf-8', callback);

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #25e8e8f35ffa0409 Filesystem access.
repo/lib/fp/build-doc.js:75
  fs.writeFile(target, template.wiki(templateData), util.pitch);

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #bc3485b593e99345 Filesystem access.
repo/lib/main/build-doc.js:80
  fs.writeFile(readmePath, postprocess(markdown), util.pitch);

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #1c06b7c827442dd2 Filesystem access.
repo/lib/main/build-site.js:5
const fs = require('fs');

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #867125d525a7edc6 Filesystem access.
repo/lib/main/build-site.js:182
  const markdown = fs
    // Load markdown.
    .readFileSync(readmePath, 'utf8')

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #494ca1f682d66f9d Filesystem access.
repo/lib/main/build-site.js:236
  fs.writeFile(path.join(docPath, version + '.html'), html, util.pitch);

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #e5db80dee09d3d00 Filesystem access.
repo/perf/perf.js:46
        result = require('fs').realpathSync(result);

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #33214c82d2f725d4 Environment-variable access.
repo/playwright.config.js:7
    retries: process.env.CI ? 2 : 0,

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.