Close Open Privacy Scan

bolt Snapshot: commit 1b30ae4
science engine v1.5
schedule 2026-07-15T11:09:15.393940+00:00

verified_user Application data leak confirmed

High-confidence data exfiltration identified in application code.

smart_toy AI deps detected: openai — detected in dependencies, not a safety judgment.

App Privacy Score

32 /100
High privacy risk — application leak confirmed

High risk · 990 finding(s)

Dependency score: 37 (High risk)

bar_chart Score Breakdown

pii_flow −30
telemetry −25
egress −10
env_fs −3

list Scan Summary

3 high 16 medium 971 low
First-party packages: 2
Dependency packages: 2
Ecosystem: python

swap_horiz Confirmed data exfiltration in application code

External domains: a.slack-edge.comapi.github.comapi.openai.comarxiv.orgbugs.python.orgcookbook.openai.comdatatracker.ietf.orgdavidism.comdev-discuss.pytorch.orgdeveloper.mozilla.orgdiscuss.python.orgdiscuss.vllm.aidocs.anthropic.comdocs.cohere.comdocs.google.comdocs.nvidia.comdocs.pydantic.devdocs.python.orgdocs.ray.iodocs.rsdocs.vllm.aiedge.urm.nvidia.comen.wikipedia.orgendpoint.openai.azure.comerrors.pydantic.devexam_ple.comexample-resource.azure.openai.comfastapi.tiangolo.comfb.mefoo.comforums.developer.nvidia.comgist.github.comgithub.comhelp.openai.comhuggingfacehuggingface.cohypothesis.readthedocs.ioieeexplore.ieee.orgjson-schema.orgkexue.fmlark-parser.readthedocs.iolearn.microsoft.comman7.orgmeta-pytorch.orgmypy.readthedocs.ionats.ioopenai.comopenreview.netpeps.python.orgplatform.openai.comproceedings.neurips.ccpydantic-docs.helpmanual.iopypi.amd.compypi.orgpython-devtools.helpmanual.iopytorch.orgpyzmq.readthedocs.ioraw.githubusercontent.comrich.readthedocs.ioslack.vllm.aistackoverflow.comstats.vllm.aitimeapi.iotinyurl.comvllm-public-assets.s3.us-west-2.amazonaws.comwebsockets.readthedocs.iowheels.vllm.aiwidget.runllm.comwww.arxiv.orgwww.example.珠宝www.github.comwww.iana.orgwww.microsoft.comwww.python.orgwww.reddit.comwww.w3.orgwww.xudongz.comwww.аррӏе.com

high first-party (python) User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/vllm/utils/flashinfer.py:30 repo/vllm/utils/flashinfer.py:358
hub Dependency data flows (2)
high openai dependency User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
pkgs/python/[email protected]/src/openai/lib/azure.py:213 pkgs/python/[email protected]/src/openai/lib/azure.py:249
high openai dependency User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
pkgs/python/[email protected]/src/openai/lib/azure.py:487 pkgs/python/[email protected]/src/openai/lib/azure.py:523

</> First-Party Code

first-party (python)

python first-party
high pii_flow production #ed715767ed04cc7e User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/vllm/utils/flashinfer.py:358 · flow /tmp/closeopen-bm5vdfjm/repo/vllm/utils/flashinfer.py:30 → /tmp/closeopen-bm5vdfjm/repo/vllm/utils/flashinfer.py:358
        response = requests.get(FLASHINFER_CUBINS_REPOSITORY, timeout=5)

User/PII-bearing data flows to an external sink — the classic data-exfiltration shape.

Fix: Confirm no user identifiers reach this sink; redact/hash before sending, or remove the flow.

medium telemetry test-only #ec6fdf713cf5c07e Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
repo/examples/observability/opentelemetry/dummy_client.py:5
from opentelemetry.exporter.otlp.proto.grpc.trace_exporter import OTLPSpanExporter

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry test-only #b4b1800f9a589562 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
repo/examples/observability/opentelemetry/dummy_client.py:6
from opentelemetry.sdk.trace import TracerProvider

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry test-only #7bafb5cf01a7135f Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
repo/examples/observability/opentelemetry/dummy_client.py:7
from opentelemetry.sdk.trace.export import BatchSpanProcessor, ConsoleSpanExporter

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry test-only #890a1b25bf51bae0 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
repo/examples/observability/opentelemetry/dummy_client.py:8
from opentelemetry.trace import SpanKind, set_tracer_provider

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry test-only #a26dd658ddf05913 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
repo/examples/observability/opentelemetry/dummy_client.py:9
from opentelemetry.trace.propagation.tracecontext import TraceContextTextMapPropagator

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry production #ab2d1d670e665bbb Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
repo/vllm/tracing/otel.py:19
    from opentelemetry import trace

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry production #94bab2506700ac88 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
repo/vllm/tracing/otel.py:20
    from opentelemetry.context.context import Context

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry production #b5e026d08b3ad57d Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
repo/vllm/tracing/otel.py:21
    from opentelemetry.exporter.otlp.proto.grpc.trace_exporter import (
        OTLPSpanExporter as OTLPGrpcExporter,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry production #905e712460de3ce5 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
repo/vllm/tracing/otel.py:24
    from opentelemetry.exporter.otlp.proto.http.trace_exporter import (
        OTLPSpanExporter as OTLPHttpExporter,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry production #3ad111760300db5f Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
repo/vllm/tracing/otel.py:27
    from opentelemetry.propagate import inject

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry production #813db129d6053ad5 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
repo/vllm/tracing/otel.py:28
    from opentelemetry.sdk.environment_variables import (
        OTEL_EXPORTER_OTLP_TRACES_PROTOCOL,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry production #e68b6c558b6cacf6 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
repo/vllm/tracing/otel.py:31
    from opentelemetry.sdk.resources import Resource

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry production #07b82a5119a8da17 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
repo/vllm/tracing/otel.py:32
    from opentelemetry.sdk.trace import TracerProvider

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry production #899e9b0ab3df4b18 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
repo/vllm/tracing/otel.py:33
    from opentelemetry.sdk.trace.export import BatchSpanProcessor

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry production #5fdece2308d473b5 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
repo/vllm/tracing/otel.py:34
    from opentelemetry.trace import (
        SpanKind,  # noqa: F401
        Tracer,
        set_tracer_provider,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry production #82cc40d482070cc5 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
repo/vllm/tracing/otel.py:39
    from opentelemetry.trace.propagation.tracecontext import (
        TraceContextTextMapPropagator,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

expand_more 907 low-confidence finding(s)
low env_fs production #64c66a6e5de6ff3e Environment-variable access.
repo/.buildkite/check-wheel-size.py:12
VLLM_MAX_SIZE_MB = int(os.environ.get("VLLM_MAX_SIZE_MB", 500))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #85534296f1585e54 Filesystem access.
repo/.buildkite/lm-eval-harness/conftest.py:38
        with open(config_list_file, encoding="utf-8") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #48fb5093c502ae70 Environment-variable access.
repo/.buildkite/lm-eval-harness/test_lm_eval_correctness.py:36
            if key in os.environ:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #657bd66448009db3 Environment-variable access.
repo/.buildkite/lm-eval-harness/test_lm_eval_correctness.py:37
                old_values[key] = os.environ[key]

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #bd8af1d32a6db79a Environment-variable access.
repo/.buildkite/lm-eval-harness/test_lm_eval_correctness.py:40
            os.environ[key] = str(value)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #0e740d1c8834cc7b Environment-variable access.
repo/.buildkite/lm-eval-harness/test_lm_eval_correctness.py:45
            os.environ[key] = value

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #eb4ce9813ed3761b Environment-variable access.
repo/.buildkite/lm-eval-harness/test_lm_eval_correctness.py:47
            os.environ.pop(key, None)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #4f1e14a79ccb5fb8 Filesystem access.
repo/.buildkite/lm-eval-harness/test_lm_eval_correctness.py:132
    eval_config = yaml.safe_load(config_filename.read_text(encoding="utf-8"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #7631dde3828de33e Filesystem access.
repo/.buildkite/performance-benchmarks/scripts/compare-json-results.py:239
    with open(input_file, encoding="utf-8") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #76ecb566316242bd Filesystem access.
repo/.buildkite/performance-benchmarks/scripts/compare-json-results.py:466
    lines = env_path.read_text(encoding="utf-8", errors="replace").splitlines()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #18c72a7e9b0b30ee Environment-variable access.
repo/.buildkite/performance-benchmarks/scripts/compare-json-results.py:1141
    disable_excel = os.getenv("VLLM_COMPARE_DISABLE_EXCEL", "0") == "1"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #1dd7deade4bd6f3c Environment-variable access.
repo/.buildkite/performance-benchmarks/scripts/compare-json-results.py:1145
        os.getenv("VLLM_COMPARE_EXCEL_ENGINE", "xlsxwriter").strip() or "xlsxwriter"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #f5045633b3509bd3 Filesystem access.
repo/.buildkite/performance-benchmarks/scripts/compare-json-results.py:1181
        with open("perf_comparison.html", "w", encoding="utf-8") as main_fh:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #38f3462678c9fdba Filesystem access.
repo/.buildkite/performance-benchmarks/scripts/compare-json-results.py:1212
                with open(sub_path, "w", encoding="utf-8") as sub_fh:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #c9dc5ccb511b2ba0 Filesystem access.
repo/.buildkite/performance-benchmarks/scripts/convert-results-json-to-markdown.py:79
        with open(file) as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #fdbbd3b91cce4cb5 Filesystem access.
repo/.buildkite/performance-benchmarks/scripts/convert-results-json-to-markdown.py:209
        with open(test_file) as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #10e9c3e4563c080b Filesystem access.
repo/.buildkite/performance-benchmarks/scripts/convert-results-json-to-markdown.py:216
                with open(test_file.with_suffix(".commands")) as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #7316af746bc00e67 Filesystem access.
repo/.buildkite/performance-benchmarks/scripts/convert-results-json-to-markdown.py:268
                with open(test_file.with_suffix(".commands")) as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #979f948cc66fd768 Filesystem access.
repo/.buildkite/performance-benchmarks/scripts/convert-results-json-to-markdown.py:296
                with open(test_file.with_suffix(".commands")) as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #bd0bf0369342c1c8 Filesystem access.
repo/.buildkite/performance-benchmarks/scripts/convert-results-json-to-markdown.py:393
    with open(results_folder / md_file, "w") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #d82df1b3185cb92b Filesystem access.
repo/.buildkite/performance-benchmarks/scripts/convert-results-json-to-markdown.py:408
    with open(results_folder / json_file, "w") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #29a648cb6f7ded7b Filesystem access.
repo/.buildkite/scripts/generate-nightly-index.py:306
            with open(variant_dir / "index.html", "w") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #0bb0b96afa2e4591 Filesystem access.
repo/.buildkite/scripts/generate-nightly-index.py:319
            with open(package_dir / "index.html", "w") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #e80d84d7f15a3dd3 Filesystem access.
repo/.buildkite/scripts/generate-nightly-index.py:321
            with open(package_dir / "metadata.json", "w") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #2840434df5f4a37c Filesystem access.
repo/.buildkite/scripts/generate-nightly-index.py:326
    with open(index_base_dir / "index.html", "w") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #57f936b734cc7599 Filesystem access.
repo/.buildkite/scripts/generate-nightly-index.py:397
    with open(current_objects_path) as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs test-only #40885f3c51d8c0be Filesystem access.
repo/benchmarks/attention_benchmarks/benchmark.py:393
    with open(config_path) as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs test-only #bb14c4fdcb9f6a92 Environment-variable access.
repo/benchmarks/attention_benchmarks/benchmark.py:791
    if args.ncu_profile and "_NCU_INNER" not in os.environ:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs test-only #86d458d4bef7f364 Environment-variable access.
repo/benchmarks/attention_benchmarks/benchmark.py:809
        env = os.environ.copy()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs test-only #ef5925ed84740aa7 Filesystem access.
repo/benchmarks/attention_benchmarks/common.py:447
        with open(path, "w", newline="") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs test-only #ce6e24b60e2d3eeb Filesystem access.
repo/benchmarks/attention_benchmarks/common.py:484
        with open(path, "w") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs test-only #a2b4c8cd2337d819 Filesystem access.
repo/benchmarks/attention_benchmarks/mla_runner.py:178
    with open(config_path, "w") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs test-only #d7e578c01cdd9d81 Environment-variable access.
repo/benchmarks/backend_request_func.py:223
        headers = {"Authorization": f"Bearer {os.environ.get('OPENAI_API_KEY')}"}

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs test-only #133cf4002a633a24 Environment-variable access.
repo/benchmarks/backend_request_func.py:297
        headers = {"Authorization": f"Bearer {os.environ.get('OPENAI_API_KEY')}"}

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs test-only #d0d79729652b7f31 Environment-variable access.
repo/benchmarks/backend_request_func.py:410
            "Authorization": f"Bearer {os.environ.get('OPENAI_API_KEY')}",

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs test-only #b406fac0e2fdbfa6 Environment-variable access.
repo/benchmarks/backend_request_func.py:508
            "Authorization": f"Bearer {os.environ.get('OPENAI_API_KEY')}",

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs test-only #0818ab99350496d4 Environment-variable access.
repo/benchmarks/backend_request_func.py:589
    if os.getenv("VLLM_USE_MODELSCOPE", "False").lower() == "true":

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs test-only #6c3145c9ffe265fc Environment-variable access.
repo/benchmarks/benchmark_batch_invariance.py:108
        os.environ["VLLM_BATCH_INVARIANT"] = "1"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs test-only #55bd4ccef0fdaea1 Environment-variable access.
repo/benchmarks/benchmark_batch_invariance.py:110
        os.environ["VLLM_BATCH_INVARIANT"] = "0"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs test-only #7a09de63a4f50ee3 Environment-variable access.
repo/benchmarks/benchmark_batch_invariance.py:241
    model = os.getenv("VLLM_BENCH_MODEL", "Qwen/Qwen3-1.7B")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs test-only #dd9d893adc5b9fd9 Environment-variable access.
repo/benchmarks/benchmark_batch_invariance.py:242
    tp_size = int(os.getenv("VLLM_BENCH_TP_SIZE", "1"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs test-only #eee96ed00bad7b16 Environment-variable access.
repo/benchmarks/benchmark_batch_invariance.py:243
    max_batch_size = int(os.getenv("VLLM_BENCH_BATCH_SIZE", "128"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs test-only #8bb19ebdfd477362 Environment-variable access.
repo/benchmarks/benchmark_batch_invariance.py:244
    num_trials = int(os.getenv("VLLM_BENCH_NUM_TRIALS", "5"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs test-only #39204e511e67ff74 Environment-variable access.
repo/benchmarks/benchmark_batch_invariance.py:245
    min_prompt = int(os.getenv("VLLM_BENCH_MIN_PROMPT", "1024"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs test-only #4dc33998f16909a0 Environment-variable access.
repo/benchmarks/benchmark_batch_invariance.py:246
    max_prompt = int(os.getenv("VLLM_BENCH_MAX_PROMPT", "2048"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs test-only #031a103f95ab4d8e Environment-variable access.
repo/benchmarks/benchmark_batch_invariance.py:247
    max_tokens = int(os.getenv("VLLM_BENCH_MAX_TOKENS", "128"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs test-only #3d162249e6572612 Environment-variable access.
repo/benchmarks/benchmark_batch_invariance.py:248
    temperature = float(os.getenv("VLLM_BENCH_TEMPERATURE", "0.0"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs test-only #938077bf1036aceb Environment-variable access.
repo/benchmarks/benchmark_batch_invariance.py:249
    gpu_mem_util = float(os.getenv("VLLM_BENCH_GPU_MEMORY_UTILIZATION", "0.4"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs test-only #a8527eadf1648025 Environment-variable access.
repo/benchmarks/benchmark_batch_invariance.py:250
    max_model_len = int(os.getenv("VLLM_BENCH_MAX_MODEL_LEN", "5120"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs test-only #5e2d223dcbea9af1 Environment-variable access.
repo/benchmarks/benchmark_batch_invariance.py:251
    backend = os.getenv("VLLM_BENCH_BACKEND", "FLASH_ATTN")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs test-only #29e890f464705b81 Environment-variable access.
repo/benchmarks/benchmark_pin_memory.py:95
            runner = "v2" if os.environ.get("VLLM_USE_V2_MODEL_RUNNER") == "1" else "v1"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs test-only #09cb4e9aedd4edb1 Filesystem access.
repo/benchmarks/benchmark_pin_memory.py:156
    with open(tmp_path) as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs test-only #b301d970b8c46e54 Filesystem access.
repo/benchmarks/benchmark_pin_memory.py:226
    with open(tmp_path) as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs test-only #640e775ed9d497e9 Filesystem access.
repo/benchmarks/benchmark_prefix_caching.py:88
    with open(dataset_path) as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs test-only #1dcd294ea73251a0 Filesystem access.
repo/benchmarks/benchmark_prioritization.py:31
    with open(dataset_path) as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs test-only #1350fef39b357b5c Filesystem access.
repo/benchmarks/benchmark_prioritization.py:158
        with open(args.output_json, "w") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs test-only #28bfd5d7433ee9c5 Filesystem access.
repo/benchmarks/benchmark_serving_structured_output.py:158
        with open(args.json_schema_path) as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs test-only #f8f19b264ca3eb66 Filesystem access.
repo/benchmarks/benchmark_serving_structured_output.py:883
        with open(result_file_name, "w", encoding="utf-8") as outfile:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs test-only #994bb833ebadd261 Filesystem access.
repo/benchmarks/cutlass_benchmarks/w8a8_benchmarks.py:233
    with open(f"{base_description}-{timestamp}.pkl", "wb") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs test-only #bf70dd6fe8cd80d5 Filesystem access.
repo/benchmarks/cutlass_benchmarks/w8a8_benchmarks.py:292
    with open(f"model_bench-{args.dtype}-{timestamp}.pkl", "wb") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs test-only #5707334f3a8c3d49 Filesystem access.
repo/benchmarks/fused_kernels/layernorm_rms_benchmarks.py:307
    with open(f"rms_norm_dpt_quant-{timestamp}.pkl", "wb") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs test-only #099accc0de6087bd Environment-variable access.
repo/benchmarks/kernels/benchmark_block_fp8_gemm.py:7
os.environ["VLLM_USE_DEEP_GEMM"] = "0"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs test-only #809ac8b4e6fffb66 Environment-variable access.
repo/benchmarks/kernels/benchmark_device_communicators.py:301
            saved_env = {key: os.environ.get(key) for key in env_dict}

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs test-only #e0ca487b8f2850a2 Environment-variable access.
repo/benchmarks/kernels/benchmark_device_communicators.py:303
                os.environ[key] = value

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs test-only #3bce736406a44320 Environment-variable access.
repo/benchmarks/kernels/benchmark_device_communicators.py:321
                        os.environ.pop(key, None)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs test-only #17d9acd12b657655 Environment-variable access.
repo/benchmarks/kernels/benchmark_device_communicators.py:323
                        os.environ[key] = original_value

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs test-only #47d606c8dfd4967a Environment-variable access.
repo/benchmarks/kernels/benchmark_device_communicators.py:505
    os.environ["VLLM_ALLREDUCE_USE_SYMM_MEM"] = "0"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs test-only #16a156d823e24e90 Filesystem access.
repo/benchmarks/kernels/benchmark_device_communicators.py:560
            with open(args.output_json, "w") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs test-only #18fc0263ca3024c6 Filesystem access.
repo/benchmarks/kernels/benchmark_flydsl_moe_w4a16.py:269
            with open(store_path, "w") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs test-only #8b79c308110cb090 Environment-variable access.
repo/benchmarks/kernels/benchmark_fused_collective.py:92
    b for b in os.environ.get("FI_BACKENDS", "trtllm,mnnvl").split(",") if b

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs test-only #aa345513559b7420 Filesystem access.
repo/benchmarks/kernels/benchmark_fused_collective.py:924
        with open(output_path, "a") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs test-only #0c223511e5859076 Environment-variable access.
repo/benchmarks/kernels/benchmark_fused_collective.py:992
    if "RANK" not in os.environ or "WORLD_SIZE" not in os.environ:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs test-only #c40573553ff36eda Environment-variable access.
repo/benchmarks/kernels/benchmark_fused_collective.py:999
    rank = int(os.environ["RANK"])

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs test-only #23adcaf5461e0c5b Environment-variable access.
repo/benchmarks/kernels/benchmark_fused_collective.py:1000
    world_size = int(os.environ["WORLD_SIZE"])

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs test-only #5b4b68b8d2111107 Environment-variable access.
repo/benchmarks/kernels/benchmark_fused_collective.py:1004
    local_rank = int(os.environ.get("LOCAL_RANK", rank))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs test-only #d4ca07b790b29e20 Filesystem access.
repo/benchmarks/kernels/benchmark_lora.py:1216
        with open(pkl_file, "wb") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs test-only #53e741563ad6a324 Environment-variable access.
repo/benchmarks/kernels/benchmark_machete.py:42
NVTX_PROFILE = os.environ.get("NVTX_PROFILE", False)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs test-only #f775cca9b21ef07d Filesystem access.
repo/benchmarks/kernels/benchmark_machete.py:530
    with open(f"{base_description}-{timestamp}.pkl", "wb") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs test-only #d2c55931e8266765 Filesystem access.
repo/benchmarks/kernels/benchmark_machete.py:601
    with open(f"model_bench-{type_string}-{timestr}.pkl", "wb") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs test-only #1d0a0159b2e1a90f Environment-variable access.
repo/benchmarks/kernels/benchmark_moe.py:44
TRITON_CACHE_CLEAR_INTERVAL = int(os.environ.get(_CACHE_CLEAR_INTERVAL_ENV, "50"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs test-only #7ebc9fa23e2f1e7a Environment-variable access.
repo/benchmarks/kernels/benchmark_moe.py:625
            visible_device = os.environ.get("ROCR_VISIBLE_DEVICES", None)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs test-only #8e3e3f84dfa9c16e Filesystem access.
repo/benchmarks/kernels/benchmark_moe.py:725
    with open(filename, "w") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs test-only #9a7d22a3d1650095 Environment-variable access.
repo/benchmarks/kernels/benchmark_moe.py:937
    if current_platform.is_rocm() and "HIP_VISIBLE_DEVICES" in os.environ:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs test-only #2bf636a3bc7eedcb Environment-variable access.
repo/benchmarks/kernels/benchmark_moe.py:943
        val = os.environ["HIP_VISIBLE_DEVICES"]

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs test-only #e209c8d385602167 Environment-variable access.
repo/benchmarks/kernels/benchmark_moe.py:944
        os.environ["ROCR_VISIBLE_DEVICES"] = val

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs test-only #14efb51129b800e3 Environment-variable access.
repo/benchmarks/kernels/benchmark_moe.py:945
        del os.environ["HIP_VISIBLE_DEVICES"]

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs test-only #84f895270420158c Filesystem access.
repo/benchmarks/kernels/benchmark_mrope.py:245
    with open(csv_filename, "w", newline="") as csvfile:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs test-only #61bb7c2ff1f2b892 Filesystem access.
repo/benchmarks/kernels/benchmark_selective_state_update.py:464
    with open(file_path, "w") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs test-only #4638a785703b2753 Filesystem access.
repo/benchmarks/kernels/benchmark_selective_state_update.py:560
    with open(results_file, "w") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs test-only #2b693f6741d2312a Filesystem access.
repo/benchmarks/kernels/benchmark_trtllm_decode_attention.py:237
    with open(filename, "a", newline="") as csvfile:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs test-only #29d32e0f6c75b07f Filesystem access.
repo/benchmarks/kernels/benchmark_trtllm_prefill_attention.py:253
    with open(filename, "a", newline="") as csvfile:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs test-only #f681a2aed6e26c0a Filesystem access.
repo/benchmarks/kernels/benchmark_w8a8_block_fp8.py:277
    with open(config_file_path, "w") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs test-only #f96bc5c33cb40833 Filesystem access.
repo/benchmarks/kernels/graph_machete_bench.py:25
    with open(args.filename, "rb") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs test-only #abd041c4a70254bc Filesystem access.
repo/benchmarks/kernels/ir/bench_ir_ops.py:36
    with open(os.devnull, "w") as _devnull:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs test-only #a4e8bbbe304a3d67 Filesystem access.
repo/benchmarks/kernels/ir/bench_ir_ops.py:256
    with open(path, "w", newline="") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs test-only #b9c7e9d986cc5d90 Filesystem access.
repo/benchmarks/multi_turn/bench_dataset.py:417
        with open(filename) as file:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs test-only #903f956ebcbc902c Environment-variable access.
repo/benchmarks/multi_turn/benchmark_serving_multi_turn.py:1452
        default=int(os.environ.get("MULTITURN_BENCH_MAX_RETRIES", "0")),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs test-only #26b2133c867663c8 Filesystem access.
repo/benchmarks/multi_turn/benchmark_serving_multi_turn.py:1600
    with open(args.input_file) as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs test-only #9fd104553d38808b Environment-variable access.
repo/benchmarks/multi_turn/benchmark_serving_multi_turn.py:1625
        os.environ["TOKENIZERS_PARALLELISM"] = "true"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs test-only #317c5040de530764 Filesystem access.
repo/benchmarks/multi_turn/benchmark_serving_multi_turn.py:1751
        with open(args.stats_json_output, "w") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs test-only #cec6dd6c0c1eb879 Filesystem access.
repo/benchmarks/multi_turn/benchmark_serving_multi_turn.py:1761
        with open(args.output_file, "w") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs test-only #881a4ba0480ca908 Filesystem access.
repo/benchmarks/multi_turn/convert_sharegpt_to_openai.py:140
    with open(input_file, encoding="utf-8") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs test-only #4855e5870fbf538e Filesystem access.
repo/benchmarks/multi_turn/convert_sharegpt_to_openai.py:286
    with open(output_file, "w", encoding="utf-8") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #b4bcee8a269cfc45 Filesystem access.
repo/csrc/cpu/generate_cpu_attn_dispatch.py:271
    with open(output_path, "w") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #7ea7b7300e58e8c8 Filesystem access.
repo/csrc/libtorch_stable/moe/marlin_moe_wna16/generate_kernels.py:299
            with open(os.path.join(os.path.dirname(__file__), filename), "w") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #d28729535dda81fc Filesystem access.
repo/csrc/libtorch_stable/moe/marlin_moe_wna16/generate_kernels.py:309
    with open(os.path.join(os.path.dirname(__file__), "kernel_selector.h"), "w") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #c9bf0828212ee8cd Filesystem access.
repo/csrc/libtorch_stable/quantization/machete/generate.py:688
        with open(filepath, "w") as output_file:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #a532bb2307989886 Filesystem access.
repo/csrc/libtorch_stable/quantization/marlin/generate_kernels.py:300
            with open(os.path.join(os.path.dirname(__file__), filename), "w") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #bcce7ddbb146e4ed Filesystem access.
repo/csrc/libtorch_stable/quantization/marlin/generate_kernels.py:310
    with open(os.path.join(os.path.dirname(__file__), "kernel_selector.h"), "w") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #0e76ac82902222e0 Filesystem access.
repo/docs/mkdocs/hooks/autoref_code.py:73
        source = filepath.read_text(encoding="utf-8")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #bbb17ad13a7c4c6e Filesystem access.
repo/docs/mkdocs/hooks/generate_argparse.py:62
with open(ROOT_DIR / "requirements/test/cuda.txt") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #af5b524f98d444d7 Filesystem access.
repo/docs/mkdocs/hooks/generate_argparse.py:283
        with open(doc_path, "w", encoding="utf-8") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #c6dad26a8fe9ded1 Filesystem access.
repo/docs/mkdocs/hooks/generate_examples.py:112
        with open(self.main_file, encoding="utf-8") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #c6257c28d176f017 Filesystem access.
repo/docs/mkdocs/hooks/generate_examples.py:170
                with open(self.main_file, encoding="utf-8") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #35e6e09146512b51 Filesystem access.
repo/docs/mkdocs/hooks/generate_examples.py:237
        with open(doc_path, "w+", encoding="utf-8") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #a97a2cba16d1594e Filesystem access.
repo/docs/mkdocs/hooks/generate_metrics.py:81
        with open(filepath, encoding="utf-8") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #6bc1074ab4f74475 Filesystem access.
repo/docs/mkdocs/hooks/generate_metrics.py:136
        with open(output_path, "w", encoding="utf-8") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #b774a7ce794acdc0 Environment-variable access.
repo/docs/mkdocs/hooks/remove_announcement.py:10
    if os.getenv("READTHEDOCS_VERSION_TYPE") == "tag":

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs test-only #21987061754728c3 Environment-variable access.
repo/examples/applications/chatbot/streamlit_openai_chatbot_webserver.py:39
openai_api_key = os.getenv("VLLM_API_KEY", "EMPTY")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs test-only #a2469f6b8ef5000b Environment-variable access.
repo/examples/applications/chatbot/streamlit_openai_chatbot_webserver.py:40
openai_api_base = os.getenv("VLLM_API_BASE", "http://localhost:8000/v1")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs test-only #0e32e7495203ce14 Filesystem access.
repo/examples/basic/offline_inference/chat.py:87
        with open(chat_template_path) as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs test-only #3ca096d2960e54e8 Environment-variable access.
repo/examples/disaggregated/disaggregated_encoder/disagg_epd_proxy.py:500
    headers = {"Authorization": f"Bearer {os.getenv('OPENAI_API_KEY', '')}"}

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs test-only #e20540f9ee500d0b Environment-variable access.
repo/examples/disaggregated/disaggregated_serving/disagg_proxy_demo.py:96
        expected_api_key = os.environ.get("ADMIN_API_KEY")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs test-only #50a45d7229046986 Environment-variable access.
repo/examples/disaggregated/disaggregated_serving/disagg_proxy_demo.py:198
            headers = {"Authorization": f"Bearer {os.environ.get('OPENAI_API_KEY')}"}

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs test-only #a3a27e89cf01c137 Environment-variable access.
repo/examples/disaggregated/disaggregated_serving/disagg_proxy_multiturn.py:196
    api_key = os.environ.get("OPENAI_API_KEY")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs test-only #7e659431f8d85509 Environment-variable access.
repo/examples/disaggregated/disaggregated_serving/disagg_proxy_pushconnector_demo.py:222
        api_key = os.environ.get("OPENAI_API_KEY")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs test-only #0dfe9bd707778060 Environment-variable access.
repo/examples/disaggregated/disaggregated_serving/moriio_toy_proxy_server.py:163
            "Authorization": f"Bearer {os.environ.get('OPENAI_API_KEY')}",

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs test-only #d0e1efcf6e5f0b2f Environment-variable access.
repo/examples/disaggregated/disaggregated_serving/moriio_toy_proxy_server.py:189
        "Authorization": f"Bearer {os.environ.get('OPENAI_API_KEY')}",

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs test-only #a4c00e24c32979c4 Environment-variable access.
repo/examples/disaggregated/disaggregated_serving/moriio_toy_proxy_server.py:371
        "Authorization": f"Bearer {os.environ.get('OPENAI_API_KEY')}",

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs test-only #02b3ec4415db3c10 Filesystem access.
repo/examples/disaggregated/example_connector/decode_example.py:12
        with open("output.txt") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs test-only #58f17091e8b74906 Filesystem access.
repo/examples/disaggregated/example_connector/prefill_example.py:51
    with open("output.txt", "w") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs test-only #bc3463a5052e1e2d Filesystem access.
repo/examples/disaggregated/flexkv_connector/prefix_caching_flexkv.py:82
    with open(flexkv_config_path, "w") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs test-only #fcea799829bf4078 Environment-variable access.
repo/examples/disaggregated/flexkv_connector/prefix_caching_flexkv.py:84
    os.environ["FLEXKV_CONFIG_PATH"] = flexkv_config_path

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs test-only #ee1797ee55216510 Filesystem access.
repo/examples/disaggregated/kv_load_failure_recovery_offline/decode_example.py:13
        with open("prefill_output.txt") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs test-only #a85187371db3fd0c Filesystem access.
repo/examples/disaggregated/kv_load_failure_recovery_offline/decode_example.py:74
    with open(out_file, "w", encoding="utf-8") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs test-only #03fe2ede02c237ac Filesystem access.
repo/examples/disaggregated/kv_load_failure_recovery_offline/prefill_example.py:51
    with open("prefill_output.txt", "w") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs test-only #5fbd5c0201e4b661 Environment-variable access.
repo/examples/disaggregated/lmcache/cpu_offload_lmcache.py:30
    os.environ["LMCACHE_CHUNK_SIZE"] = "256"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs test-only #5bd87f59a21b03aa Environment-variable access.
repo/examples/disaggregated/lmcache/cpu_offload_lmcache.py:32
    os.environ["LMCACHE_LOCAL_CPU"] = "True"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs test-only #c68ad59db07cdb1d Environment-variable access.
repo/examples/disaggregated/lmcache/cpu_offload_lmcache.py:34
    os.environ["LMCACHE_MAX_LOCAL_CPU_SIZE"] = "5.0"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs test-only #2fe43a5a96c9480f Environment-variable access.
repo/examples/disaggregated/lmcache/disagg_prefill_lmcache_v1/disagg_proxy_server.py:117
    headers = {"Authorization": f"Bearer {os.environ.get('OPENAI_API_KEY')}"}

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs test-only #f6e63faf70f0e051 Environment-variable access.
repo/examples/disaggregated/lmcache/disagg_prefill_lmcache_v1/disagg_proxy_server.py:134
    headers = {"Authorization": f"Bearer {os.environ.get('OPENAI_API_KEY')}"}

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs test-only #f6f3925971a0485d Environment-variable access.
repo/examples/disaggregated/lmcache/kv_cache_sharing_lmcache_v1.py:30
os.environ["LMCACHE_CHUNK_SIZE"] = "256"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs test-only #09ec613595ed0213 Environment-variable access.
repo/examples/disaggregated/lmcache/kv_cache_sharing_lmcache_v1.py:32
os.environ["LMCACHE_LOCAL_CPU"] = "False"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs test-only #44828dc7d9737bc5 Environment-variable access.
repo/examples/disaggregated/lmcache/kv_cache_sharing_lmcache_v1.py:34
os.environ["LMCACHE_MAX_LOCAL_CPU_SIZE"] = "5.0"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs test-only #2f4c8b5e3f93f25e Environment-variable access.
repo/examples/disaggregated/lmcache/kv_cache_sharing_lmcache_v1.py:36
os.environ["LMCACHE_REMOTE_URL"] = f"lm://localhost:{port}"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs test-only #e8c5463d3badcca9 Environment-variable access.
repo/examples/disaggregated/lmcache/kv_cache_sharing_lmcache_v1.py:39
os.environ["LMCACHE_REMOTE_SERDE"] = "naive"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs test-only #2a0bd414ffab0fef Environment-variable access.
repo/examples/disaggregated/lmcache/kv_cache_sharing_lmcache_v1.py:48
    os.environ["CUDA_VISIBLE_DEVICES"] = "0"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs test-only #19bf271e73f16601 Environment-variable access.
repo/examples/disaggregated/lmcache/kv_cache_sharing_lmcache_v1.py:76
    os.environ["CUDA_VISIBLE_DEVICES"] = "1"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs test-only #ac9dca3f7fd8ac71 Environment-variable access.
repo/examples/disaggregated/mooncake_connector/mooncake_connector_proxy.py:269
        "Authorization": f"Bearer {os.environ.get('OPENAI_API_KEY')}",

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs test-only #dc5533d105b9a788 Environment-variable access.
repo/examples/disaggregated/mooncake_connector/mooncake_connector_proxy.py:295
        "Authorization": f"Bearer {os.environ.get('OPENAI_API_KEY')}",

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs test-only #47279c03257d685f Environment-variable access.
repo/examples/features/batch_invariance/reproducibility_offline.py:16
os.environ["VLLM_ENABLE_V1_MULTIPROCESSING"] = "0"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs test-only #7183aea1a6a7a767 Environment-variable access.
repo/examples/features/batch_invariance/reproducibility_offline.py:18
os.environ["VLLM_BATCH_INVARIANT"] = "1"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs test-only #ad184671a6e07bf9 Environment-variable access.
repo/examples/features/data_parallel/data_parallel_offline.py:94
    os.environ["VLLM_DP_RANK"] = str(global_dp_rank)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs test-only #f6be858135749454 Environment-variable access.
repo/examples/features/data_parallel/data_parallel_offline.py:95
    os.environ["VLLM_DP_RANK_LOCAL"] = str(local_dp_rank)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs test-only #f2687683f63910d9 Environment-variable access.
repo/examples/features/data_parallel/data_parallel_offline.py:96
    os.environ["VLLM_DP_SIZE"] = str(dp_size)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs test-only #ba67b1a648c9d391 Environment-variable access.
repo/examples/features/data_parallel/data_parallel_offline.py:97
    os.environ["VLLM_DP_MASTER_IP"] = dp_master_ip

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs test-only #184a7096735e65f9 Environment-variable access.
repo/examples/features/data_parallel/data_parallel_offline.py:98
    os.environ["VLLM_DP_MASTER_PORT"] = str(dp_master_port)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs test-only #2ef4b474e7c9ed9f Environment-variable access.
repo/examples/features/tensorize_vllm_model.py:309
    s3_access_key_id = getattr(args, "s3_access_key_id", None) or os.environ.get(

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs test-only #fc7f7308b9276876 Environment-variable access.
repo/examples/features/tensorize_vllm_model.py:309
    s3_access_key_id = getattr(args, "s3_access_key_id", None) or os.environ.get(
        "S3_ACCESS_KEY_ID", None
    )

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs test-only #29e172683f36a891 Environment-variable access.
repo/examples/features/tensorize_vllm_model.py:314
    ) or os.environ.get("S3_SECRET_ACCESS_KEY", None)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs test-only #a3023b06566f1f19 Environment-variable access.
repo/examples/features/tensorize_vllm_model.py:315
    s3_endpoint = getattr(args, "s3_endpoint", None) or os.environ.get(

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs test-only #988c2f8a6772c692 Environment-variable access.
repo/examples/features/tensorize_vllm_model.py:315
    s3_endpoint = getattr(args, "s3_endpoint", None) or os.environ.get(
        "S3_ENDPOINT_URL", None
    )

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs test-only #798cc9016b8bf710 Environment-variable access.
repo/examples/generate/batched_chat_completions_online.py:23
BASE_URL = os.environ.get("VLLM_BASE_URL", "http://localhost:8000")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs test-only #b8f5ac74a1a19c19 Environment-variable access.
repo/examples/generate/batched_chat_completions_online.py:24
MODEL = os.environ.get("VLLM_MODEL", "Qwen/Qwen2.5-1.5B-Instruct")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low pii_flow test-only Excluded from app score #361da522938e4fa9 User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration. Non-production path — not application runtime.
repo/examples/generate/batched_chat_completions_online.py:29 · flow /tmp/closeopen-bm5vdfjm/repo/examples/generate/batched_chat_completions_online.py:23 → /tmp/closeopen-bm5vdfjm/repo/examples/generate/batched_chat_completions_online.py:29
    response = httpx.post(BATCH_URL, json=payload, timeout=60)

User/PII-bearing data flows to an external sink — the classic data-exfiltration shape.

Fix: Confirm no user identifiers reach this sink; redact/hash before sending, or remove the flow.

low pii_flow test-only Excluded from app score #d1537a7aff4a03ba User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration. Non-production path — not application runtime.
repo/examples/generate/batched_chat_completions_online.py:36 · flow /tmp/closeopen-bm5vdfjm/repo/examples/generate/batched_chat_completions_online.py:23 → /tmp/closeopen-bm5vdfjm/repo/examples/generate/batched_chat_completions_online.py:36
    response = httpx.post(
        f"{BASE_URL}/v1/chat/completions",
        json={
            "model": MODEL,
            "messages": [{"role": "user", "content": "What is the capital of Japan?"}],
        },
        timeout=60,
    )

User/PII-bearing data flows to an external sink — the classic data-exfiltration shape.

Fix: Confirm no user identifiers reach this sink; redact/hash before sending, or remove the flow.

low env_fs test-only #a0f559e5404a51cc Environment-variable access.
repo/examples/generate/multimodal/encoder_decoder_multimodal_offline.py:24
    os.environ["VLLM_WORKER_MULTIPROC_METHOD"] = "spawn"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs test-only #7689b65752b03332 Filesystem access.
repo/examples/generate/multimodal/openai_chat_completion_client_for_multimodal.py:57
    with open(file_path, "rb") as file:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs test-only #2e22c763cb42157f Environment-variable access.
repo/examples/generate/qwen_1m_offline.py:8
os.environ["VLLM_ALLOW_LONG_MAX_MODEL_LEN"] = "1"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low egress test-only #798822b46c21c540 Hardcoded external endpoint. Review what data is sent to this destination.
repo/examples/generate/qwen_1m_offline.py:19
    with urlopen(
        "https://qianwen-res.oss-cn-beijing.aliyuncs.com/Qwen2.5-1M/test-data/600k.txt",
        timeout=5,
    ) as response:

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low env_fs test-only #098ed76e20b02eb5 Filesystem access.
repo/examples/pooling/plugin/prithvi_geospatial_mae_io_processor.py:53
    with open(file_path, "wb") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs test-only #2fb26dbcfca923c7 Filesystem access.
repo/examples/pooling/plugin/prithvi_geospatial_mae_online.py:49
    with open(out_path, "wb") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs test-only #aff1a1a0f24538ff Filesystem access.
repo/examples/pooling/score/qwen3_reranker_offline.py:74
    chat_template = (template_home / template_path).read_text()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs test-only #3f8882676706a410 Filesystem access.
repo/examples/pooling/score/using_template_offline.py:65
    return (template_home / template_path).read_text()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs test-only #7df8fec3d766f089 Filesystem access.
repo/examples/pooling/score/vision_reranker_offline.py:92
    chat_template = (TEMPLATE_HOME / chat_template_path).read_text()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs test-only #6fd6c3459e7f0f43 Filesystem access.
repo/examples/pooling/token_classify/forced_alignment_online.py:56
    audio_base64 = base64.b64encode(audio_path.read_bytes()).decode("utf-8")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs test-only #98156754892d61b6 Filesystem access.
repo/examples/ray_serving/batch_llm_inference.py:38
ds = ray.data.read_text("s3://anonymous@air-example-data/prompts.txt")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs test-only #b2232a55613d76e7 Environment-variable access.
repo/examples/rl/rlhf_http_ipc.py:58
os.environ["VLLM_ALLOW_INSECURE_SERIALIZATION"] = "1"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs test-only #0dba45134c10b2c9 Environment-variable access.
repo/examples/rl/rlhf_ipc.py:44
        os.environ.pop("CUDA_VISIBLE_DEVICES", None)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs test-only #b293e606fcee9f39 Environment-variable access.
repo/examples/rl/rlhf_ipc.py:46
        os.environ["VLLM_RAY_PER_WORKER_GPUS"] = "0.4"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs test-only #d06a50fd993b84fd Environment-variable access.
repo/examples/rl/rlhf_ipc.py:47
        os.environ["VLLM_RAY_BUNDLE_INDICES"] = "0"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs test-only #c7286041af04f0ff Environment-variable access.
repo/examples/rl/rlhf_ipc.py:49
        os.environ["VLLM_ALLOW_INSECURE_SERIALIZATION"] = "1"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs test-only #52df7a5ab9946d12 Environment-variable access.
repo/examples/rl/rlhf_ipc_fsdp_ep.py:47
TRAIN_GPU_FRACTION = float(os.environ.get("RLHF_IPC_TRAIN_GPU_FRACTION", "0.42"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs test-only #b079892d0a1fd8fa Environment-variable access.
repo/examples/rl/rlhf_ipc_fsdp_ep.py:48
VLLM_GPU_FRACTION = float(os.environ.get("RLHF_IPC_VLLM_GPU_FRACTION", "0.42"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs test-only #0f821ebf0a42c1dc Environment-variable access.
repo/examples/rl/rlhf_ipc_fsdp_ep.py:69
        os.environ.pop("CUDA_VISIBLE_DEVICES", None)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs test-only #c503e7561852416d Environment-variable access.
repo/examples/rl/rlhf_ipc_fsdp_ep.py:70
        os.environ["VLLM_RAY_PER_WORKER_GPUS"] = str(VLLM_GPU_FRACTION)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs test-only #3dfbc5e4bb532a06 Environment-variable access.
repo/examples/rl/rlhf_ipc_fsdp_ep.py:71
        os.environ["VLLM_RAY_BUNDLE_INDICES"] = "0"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs test-only #7f3e4211320d8e69 Environment-variable access.
repo/examples/rl/rlhf_ipc_fsdp_ep.py:72
        os.environ["VLLM_ALLOW_INSECURE_SERIALIZATION"] = "1"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs test-only #b7536a935c855a05 Environment-variable access.
repo/examples/rl/rlhf_ipc_fsdp_ep.py:74
        os.environ["VLLM_DP_RANK"] = str(dp_rank)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs test-only #234aae498e3c3b57 Environment-variable access.
repo/examples/rl/rlhf_ipc_fsdp_ep.py:75
        os.environ["VLLM_DP_RANK_LOCAL"] = str(dp_rank)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs test-only #82f209d88072301a Environment-variable access.
repo/examples/rl/rlhf_ipc_fsdp_ep.py:76
        os.environ["VLLM_DP_SIZE"] = str(dp_size)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs test-only #d4b24ca6ba962a56 Environment-variable access.
repo/examples/rl/rlhf_ipc_fsdp_ep.py:77
        os.environ["VLLM_DP_MASTER_IP"] = dp_master_ip

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs test-only #3a24d633071819e1 Environment-variable access.
repo/examples/rl/rlhf_ipc_fsdp_ep.py:78
        os.environ["VLLM_DP_MASTER_PORT"] = str(dp_master_port)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs test-only #6a099d7887ddfb38 Environment-variable access.
repo/examples/rl/rlhf_ipc_fsdp_ep.py:100
        os.environ["MASTER_ADDR"] = fsdp_master_addr

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs test-only #046d7c9d52fa5e15 Environment-variable access.
repo/examples/rl/rlhf_ipc_fsdp_ep.py:101
        os.environ["MASTER_PORT"] = str(fsdp_master_port)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs test-only #b61a5c9d87c899b2 Environment-variable access.
repo/examples/rl/rlhf_nccl.py:55
    os.environ.pop("CUDA_VISIBLE_DEVICES", None)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs test-only #0878cf7158d66f61 Environment-variable access.
repo/examples/rl/rlhf_nccl.py:56
    os.environ.pop("HIP_VISIBLE_DEVICES", None)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs test-only #72d6874903d0e8c0 Environment-variable access.
repo/examples/rl/rlhf_nccl.py:65
        os.environ["VLLM_RAY_BUNDLE_INDICES"] = "0,1"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs test-only #01dad23b9677f28d Environment-variable access.
repo/examples/rl/rlhf_nccl_fsdp_ep.py:82
        os.environ["MASTER_ADDR"] = fsdp_master_addr

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs test-only #3bfe4ddfb009df91 Environment-variable access.
repo/examples/rl/rlhf_nccl_fsdp_ep.py:83
        os.environ["MASTER_PORT"] = str(fsdp_master_port)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs test-only #0723cbebc0311e68 Environment-variable access.
repo/examples/rl/rlhf_sparse_nccl.py:73
        os.environ["VLLM_RAY_BUNDLE_INDICES"] = "0"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs test-only #b30a1a3567c1a765 Environment-variable access.
repo/examples/rl/routed_experts_e2e.py:296
    os.environ.setdefault("VLLM_BATCH_INVARIANT", "1")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs test-only #2106e7956e14972f Filesystem access.
repo/examples/speech_to_text/lid/openai_lid_client.py:60
    with open(audio_path, "rb") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs test-only #10943a435dee3385 Filesystem access.
repo/examples/speech_to_text/lid/openai_lid_client.py:82
    with open(audio_path, "rb") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs test-only #8fcb609bd89e974d Filesystem access.
repo/examples/speech_to_text/lid/openai_lid_client.py:106
    with open(audio_path, "rb") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs test-only #72af4d052dbe9a2e Filesystem access.
repo/examples/speech_to_text/openai/openai_transcription_client.py:47
    with open(audio_path, "rb") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs test-only #1eea1769e08e57ce Filesystem access.
repo/examples/speech_to_text/openai/openai_transcription_client.py:76
    with open(audio_path, "rb") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs test-only #f10a29089055549a Filesystem access.
repo/examples/speech_to_text/openai/openai_transcription_client.py:111
    with open(audio_path, "rb") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs test-only #ef287ed9b8502dbc Filesystem access.
repo/examples/speech_to_text/openai/openai_translation_client.py:13
    with open(audio_path, "rb") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs test-only #e4a7253dbf5c90c1 Filesystem access.
repo/examples/speech_to_text/openai/openai_translation_client.py:42
        with open(audio_path, "rb") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #2ca01fe36257a8b5 Environment-variable access.
repo/setup.py:58
    value = os.getenv("VLLM_REQUIRE_RUST_FRONTEND", "")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #101581abd67bf3c5 Environment-variable access.
repo/setup.py:92
elif sys.platform.startswith("linux") and os.getenv("VLLM_TARGET_DEVICE") is None:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #346e865f1b672472 Environment-variable access.
repo/setup.py:108
        int(os.getenv("VLLM_DISABLE_SCCACHE", "0"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #064fb10c9fd996ad Environment-variable access.
repo/setup.py:289
        fc_base_dir = os.environ.get("FETCHCONTENT_BASE_DIR", fc_base_dir)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #e0acff069d340a8c Environment-variable access.
repo/setup.py:315
        other_cmake_args = os.environ.get("CMAKE_ARGS")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #6fc70fbb59d7d5d7 Environment-variable access.
repo/setup.py:514
        if os.getenv("ROCM_PATH"):

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #8e04bdd11c43b836 Environment-variable access.
repo/setup.py:628
        index_url = os.getenv(
            "VLLM_ROCM_WHEEL_INDEX", "https://pypi.amd.com/vllm-rocm/simple"
        )

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #5a91aeb288ebc1b5 Environment-variable access.
repo/setup.py:652
        wheel_location = os.getenv("VLLM_PRECOMPILED_WHEEL_LOCATION", None)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #1f5b70e9e6b70d98 Environment-variable access.
repo/setup.py:667
            variant = os.getenv("VLLM_PRECOMPILED_WHEEL_VARIANT", None)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #c22f5e88149d2778 Environment-variable access.
repo/setup.py:670
            commit = os.getenv("VLLM_PRECOMPILED_WHEEL_COMMIT", "").lower()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #47e644f56e245148 Filesystem access.
repo/setup.py:841
                        open(target_path, "wb") as dst,

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #fe95aeee52a76243 Environment-variable access.
repo/setup.py:868
            github_token = os.getenv("GH_TOKEN", os.getenv("GITHUB_TOKEN"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #e2ad80b6bd7fd60a Environment-variable access.
repo/setup.py:1007
    if env_version := os.getenv("VLLM_VERSION_OVERRIDE"):

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #e6830c34cc474fa6 Environment-variable access.
repo/setup.py:1009
        os.environ["SETUPTOOLS_SCM_PRETEND_VERSION"] = env_version

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #52e74dc900d2cd26 Filesystem access.
repo/setup.py:1053
        with open(requirements_dir / filename) as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #955fcf8b51f0ff2c Environment-variable access.
repo/tools/build_deepgemm_C.py:58
    os.environ.get("CXX", "g++"),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #e6ddfe44476bdec3 Filesystem access.
repo/tools/check_wheel_deepgemm.py:25
    spec = tomllib.loads(pyproject.read_text())["project"]["requires-python"]

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #ea3cd6d39b42e58c Environment-variable access.
repo/tools/generate_cmake_presets.py:16
    CUDA_HOME = os.environ.get("CUDA_HOME")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #28d82b086e22ed99 Filesystem access.
repo/tools/generate_cmake_presets.py:159
        with open(output_file_path, "w") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #effcf4e4d7938ec5 Filesystem access.
repo/tools/generate_versions_json.py:119
        existing_content = VERSIONS_JSON.read_text()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #b5800becb1b5d640 Filesystem access.
repo/tools/generate_versions_json.py:129
    VERSIONS_JSON.write_text(new_content)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #2346b09118406351 Environment-variable access.
repo/tools/install_nixl_from_source_ubuntu.py:13
WHEELS_CACHE_HOME = os.environ.get("WHEELS_CACHE_HOME", "/tmp/wheels_cache")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low egress production #ed5bc3327b4b8d06 Hardcoded external endpoint. Review what data is sent to this destination.
repo/tools/install_nixl_from_source_ubuntu.py:27
        with urllib.request.urlopen(nixl_release_url) as response:

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low env_fs production #d0458e941f578d9d Environment-variable access.
repo/tools/install_nixl_from_source_ubuntu.py:34
NIXL_VERSION = os.environ.get("NIXL_VERSION", get_latest_nixl_version())

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #b3fe51c1a1022510 Environment-variable access.
repo/tools/install_nixl_from_source_ubuntu.py:171
    build_env = os.environ.copy()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #38fce49c07d64efe Environment-variable access.
repo/tools/install_nixl_from_source_ubuntu.py:175
    existing_ld_path = os.environ.get("LD_LIBRARY_PATH", "")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #3b4d0a6b0d4df537 Filesystem access.
repo/tools/pre_commit/check_boolean_context_manager.py:23
        with open(filepath, encoding="utf-8") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #8282c17c653f0888 Filesystem access.
repo/tools/pre_commit/check_forbidden_imports.py:89
    with open(path, encoding="utf-8") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #84a3ead1c240f9e0 Filesystem access.
repo/tools/pre_commit/check_init_lazy_imports.py:45
    source = INIT_PATH.read_text(encoding="utf-8")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #69dd33cfd16213f0 Filesystem access.
repo/tools/pre_commit/check_spdx_header.py:63
    with open(file_path, encoding="UTF-8") as file:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #0550bb66b6fbb6f2 Filesystem access.
repo/tools/pre_commit/check_spdx_header.py:99
    with open(file_path, "r+", encoding="UTF-8") as file:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #3591fbd264f63336 Filesystem access.
repo/tools/pre_commit/check_torch_cuda.py:28
    with open(path, encoding="utf-8") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #78b0b4ec6adaeebe Filesystem access.
repo/tools/pre_commit/generate_attention_backend_docs.py:290
    tree = ast.parse(REGISTRY_FILE.read_text())

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #89f88d7e857ec503 Filesystem access.
repo/tools/pre_commit/generate_attention_backend_docs.py:330
        tree = ast.parse(MLA_PREFILL_REGISTRY_FILE.read_text())

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #afa9e1066fd446f5 Filesystem access.
repo/tools/pre_commit/generate_attention_backend_docs.py:351
        tree = ast.parse(MLA_PREFILL_SELECTOR_FILE.read_text())

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #8e50c565a50b7612 Filesystem access.
repo/tools/pre_commit/generate_attention_backend_docs.py:576
        tree = ast.parse(file_path.read_text())

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #a3fb9a6f5905c8cb Filesystem access.
repo/tools/pre_commit/generate_attention_backend_docs.py:939
                parent_tree = ast.parse(parent_file.read_text())

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #c3b3412b2347e13f Filesystem access.
repo/tools/pre_commit/generate_attention_backend_docs.py:961
        tree = ast.parse(file_path.read_text())

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #e01b815b8bdf09f2 Filesystem access.
repo/tools/pre_commit/generate_attention_backend_docs.py:1044
        tree = ast.parse(fa_interface_file.read_text())

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #c9f4e66dfca87ae8 Filesystem access.
repo/tools/pre_commit/generate_attention_backend_docs.py:1081
        tree = ast.parse(FA_UTILS_FILE.read_text())

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #64a4dee87ede608c Filesystem access.
repo/tools/pre_commit/generate_attention_backend_docs.py:1219
        tree = ast.parse(FLASHINFER_UTILS_FILE.read_text())

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #eab9413503c1aa89 Filesystem access.
repo/tools/pre_commit/generate_attention_backend_docs.py:1400
        source = CUDA_PLATFORM_FILE.read_text()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #7c2d7f792bcbc42f Filesystem access.
repo/tools/pre_commit/generate_attention_backend_docs.py:2033
            not output_path.exists() or output_path.read_text() != new_content

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #447cf8a28d92daf9 Filesystem access.
repo/tools/pre_commit/generate_attention_backend_docs.py:2037
            output_path.write_text(new_content)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #e61a2fb1d814baa0 Filesystem access.
repo/tools/pre_commit/generate_attention_backend_docs.py:2044
    output_path.write_text(new_content)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #7f414568c4729b1c Filesystem access.
repo/tools/pre_commit/generate_nightly_torch_test.py:21
with open(input_file) as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #0f812f2af49153ec Filesystem access.
repo/tools/pre_commit/validate_config.py:137
        with open(file_path, encoding="utf-8") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #8f904df17719479f Filesystem access.
repo/tools/pre_commit/validate_config.py:159
        with open(filename, encoding="utf-8") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #6ef3945b1a10f6a7 Filesystem access.
repo/tools/profiler/nsys_profile_tools/gputrc2graph.py:28
        with open(fname, encoding="utf-8") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #b710a71907f6ea29 Filesystem access.
repo/tools/profiler/nsys_profile_tools/gputrc2graph.py:153
            open(f"{output_name}.html", "a", encoding="utf-8") as outfile,

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #105be48077785e99 Filesystem access.
repo/tools/profiler/nsys_profile_tools/gputrc2graph.py:154
            open("temp.html", encoding="utf-8") as infile,

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #3da0642f5325d2b8 Filesystem access.
repo/tools/profiler/print_layerwise_table.py:59
    with open(args.json_trace) as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #aa8e0887206c44cc Filesystem access.
repo/tools/profiler/visualize_layerwise_profile.py:523
    with open(json_trace) as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #dd2bb5ce17a0f5f8 Filesystem access.
repo/tools/report_build_time_ninja.py:316
        with open(log_file) as log:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #a3ad219663e70023 Filesystem access.
repo/tools/vllm-rocm/pin_rocm_dependencies.py:122
    with open(requirements_file) as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #430021a3c94ddc17 Filesystem access.
repo/tools/vllm-rocm/pin_rocm_dependencies.py:126
    with open(backup_file, "w") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #f6027f6cbf07b624 Filesystem access.
repo/tools/vllm-rocm/pin_rocm_dependencies.py:167
    with open(requirements_file, "w") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #0170fd4465521396 Filesystem access.
repo/use_existing_torch.py:37
        with open(file) as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #305312bd1494261b Filesystem access.
repo/use_existing_torch.py:40
            with open(file, "w") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #00ec7475f6c3b75a Filesystem access.
repo/vllm/assets/image.py:62
        return p.read_bytes()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs test-only #e072ae5f8bb45200 Filesystem access.
repo/vllm/benchmarks/datasets/create_txt_slices_dataset.py:52
    with open(path, encoding="utf-8") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs test-only #e4f4c9a66d62547a Filesystem access.
repo/vllm/benchmarks/datasets/create_txt_slices_dataset.py:112
    with open(output_path, "w", encoding="utf-8") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs test-only #3050723a3b2366c9 Filesystem access.
repo/vllm/benchmarks/datasets/datasets.py:1006
            with open(temp_path, "rb") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs test-only #3b7468fe50eaaf76 Filesystem access.
repo/vllm/benchmarks/datasets/datasets.py:1360
        with open(self.dataset_path, encoding="utf-8") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs test-only #90ad0ade27db9d01 Filesystem access.
repo/vllm/benchmarks/datasets/datasets.py:1474
        with open(self.dataset_path) as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs test-only #bb939906ab00f7ce Filesystem access.
repo/vllm/benchmarks/datasets/datasets.py:2650
        with open(self.dataset_path, encoding="utf-8") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs test-only #8ead4f390ef0bf15 Filesystem access.
repo/vllm/benchmarks/datasets/datasets.py:3097
        with open(self.dataset_path, encoding="utf-8") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs test-only #a84cc8023ca6164d Filesystem access.
repo/vllm/benchmarks/datasets/datasets.py:4592
        with open(path) as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs test-only #da96c98dfde95159 Filesystem access.
repo/vllm/benchmarks/latency.py:171
        with open(args.output_json, "w") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs test-only #57203dade3ae1776 Environment-variable access.
repo/vllm/benchmarks/lib/endpoint_request_func.py:152
    api_key = os.environ.get("OPENAI_API_KEY")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs test-only #8372ecb2b9d709c1 Filesystem access.
repo/vllm/benchmarks/lib/endpoint_request_func.py:572
        with open(audio_path, "rb") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs test-only #dd6d3884c6201f5a Environment-variable access.
repo/vllm/benchmarks/lib/utils.py:47
    if not os.environ.get("SAVE_TO_PYTORCH_BENCHMARK_FORMAT", False):

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs test-only #ef77627327feef86 Filesystem access.
repo/vllm/benchmarks/lib/utils.py:114
    with open(filename, "w") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs test-only #f25ea471183190a7 Filesystem access.
repo/vllm/benchmarks/mm_processor.py:530
        with open(args.output_json, "w") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs test-only #3d47955490c84aea Filesystem access.
repo/vllm/benchmarks/serve.py:2275
        with open(
            file_name, mode="a+" if args.append_result else "w", encoding="utf-8"
        ) as outfile:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs test-only #39af60bda22cca4e Environment-variable access.
repo/vllm/benchmarks/startup.py:119
    original_cache_root = os.environ.get("VLLM_CACHE_ROOT")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs test-only #28cca8e250f1aa20 Environment-variable access.
repo/vllm/benchmarks/startup.py:122
        os.environ["VLLM_CACHE_ROOT"] = temp_cache_dir

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs test-only #9c761eb616cbbdc4 Environment-variable access.
repo/vllm/benchmarks/startup.py:129
            os.environ["VLLM_CACHE_ROOT"] = original_cache_root

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs test-only #5dfc1dc2a164afca Environment-variable access.
repo/vllm/benchmarks/startup.py:131
            os.environ.pop("VLLM_CACHE_ROOT", None)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs test-only #ce8af9375e62a423 Environment-variable access.
repo/vllm/benchmarks/startup.py:261
    os.environ["VLLM_ENABLE_V1_MULTIPROCESSING"] = "0"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs test-only #6ce10c4425c4a641 Filesystem access.
repo/vllm/benchmarks/startup.py:304
        with open(args.output_json, "w") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs test-only #c6a738ba6312d237 Filesystem access.
repo/vllm/benchmarks/sweep/param_sweep.py:10
        with open(filepath, "rb") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs test-only #34feabb4d042cc81 Environment-variable access.
repo/vllm/benchmarks/sweep/server.py:53
            env=os.environ | {"VLLM_SERVER_DEV_MODE": "1"},

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs test-only #e4b50160d32fb1d0 Environment-variable access.
repo/vllm/benchmarks/throughput.py:725
    global_rank = int(os.environ["RANK"])

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs test-only #afba94214f5a16be Environment-variable access.
repo/vllm/benchmarks/throughput.py:726
    world_size = int(os.environ["WORLD_SIZE"])

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs test-only #19dd3c19c9011723 Filesystem access.
repo/vllm/benchmarks/throughput.py:1286
        with open(args.output_json, "w") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #3345260c143385c1 Environment-variable access.
repo/vllm/collect_env.py:163
    conda = os.environ.get("CONDA_EXE", "conda")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #ff4933b92583e587 Environment-variable access.
repo/vllm/collect_env.py:232
        system_root = os.environ.get("SYSTEMROOT", "C:\\Windows")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #baac3cfe712b55fb Environment-variable access.
repo/vllm/collect_env.py:233
        cuda_path = os.environ.get("CUDA_PATH", "%CUDA_PATH%")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #0d363f19a3d4d3c4 Environment-variable access.
repo/vllm/collect_env.py:247
        l = os.environ.get("CUDNN_LIBRARY")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #876105eefb79157a Environment-variable access.
repo/vllm/collect_env.py:270
        system_root = os.environ.get("SYSTEMROOT", "C:\\Windows")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #ca90801a02c62357 Environment-variable access.
repo/vllm/collect_env.py:271
        program_files_root = os.environ.get("PROGRAMFILES", "C:\\Program Files")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #79075180eb38bd95 Environment-variable access.
repo/vllm/collect_env.py:441
        os.environ.get("TORCH_CUDA_ARCH_LIST", "Not Set"),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #9dd84717735e79a4 Environment-variable access.
repo/vllm/collect_env.py:442
        "Enabled" if os.environ.get("ROCM_HOME") else "Disabled",

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #c383548e9a32c1f3 Environment-variable access.
repo/vllm/collect_env.py:572
    system_root = os.environ.get("SYSTEMROOT", "C:\\Windows")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #ec9f1a3e95c552a2 Environment-variable access.
repo/vllm/collect_env.py:638
    if os.environ.get("UV"):

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #cbf6cbf52a4c9be9 Filesystem access.
repo/vllm/collect_env.py:642
        with open(pyvenv_cfg_path, "r") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #0c36f27e309742c2 Environment-variable access.
repo/vllm/collect_env.py:682
    ca_config = os.environ.get("PYTORCH_CUDA_ALLOC_CONF", "")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #e3d007b3ace9e711 Environment-variable access.
repo/vllm/collect_env.py:689
        config = os.environ.get("CUDA_MODULE_LOADING", "")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #096e61a9f9551920 Environment-variable access.
repo/vllm/collect_env.py:725
    for k, v in os.environ.items():

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #181bf640af02f059 Filesystem access.
repo/vllm/compilation/backends.py:187
            with open(self.cache_file_path) as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #d330aebd22df21e1 Filesystem access.
repo/vllm/compilation/backends.py:220
        with open(self.cache_file_path, "w") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #caeb4a145b90eed0 Filesystem access.
repo/vllm/compilation/backends.py:1045
                with open(filepath) as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #3021f996b9d5e4e0 Filesystem access.
repo/vllm/compilation/backends.py:1118
                with open(meta_path, "w") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #8c57fd62321f9bad Filesystem access.
repo/vllm/compilation/backends.py:1264
            with open(graph_path, "w") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #903833e98ea4067a Filesystem access.
repo/vllm/compilation/caching.py:610
            with open(filepath) as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #b167e3b8074f7f59 Environment-variable access.
repo/vllm/compilation/compiler_interface.py:477
        os.environ["TORCHINDUCTOR_CACHE_DIR"] = inductor_cache

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #7155b79951a674ab Environment-variable access.
repo/vllm/compilation/compiler_interface.py:480
        os.environ["TRITON_CACHE_DIR"] = triton_cache

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #633ebd9a82cadde0 Filesystem access.
repo/vllm/compilation/decorators.py:297
                open(aot_compilation_path, "rb") as f,

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #7d07d18dcdfc56c2 Environment-variable access.
repo/vllm/compilation/decorators.py:558
            os.environ["TORCHINDUCTOR_CACHE_DIR"] = inductor_cache

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #9e6e9ff254c164cb Filesystem access.
repo/vllm/compilation/wrapper.py:243
                    with open(decompiled_file, "w") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #bf8b69d2080b4255 Environment-variable access.
repo/vllm/config/parallel.py:831
                self.data_parallel_rank = int(os.environ["RANK"]) // (

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #db4abb8599fec9c6 Environment-variable access.
repo/vllm/config/parallel.py:867
            os.environ["VLLM_ENABLE_V1_MULTIPROCESSING"] = "0"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #0cc27da90e043b1f Environment-variable access.
repo/vllm/config/utils.py:444
        value = os.environ.get(env_name)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #97ee6ce10ab7c7be Environment-variable access.
repo/vllm/config/vllm.py:897
        if "expandable_segments:True" not in os.environ.get(

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #feeb25050754240f Environment-variable access.
repo/vllm/config/vllm.py:897
        if "expandable_segments:True" not in os.environ.get(
            "PYTORCH_CUDA_ALLOC_CONF", ""
        ):

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #b20ea35483bd7777 Environment-variable access.
repo/vllm/config/vllm.py:1124
            and os.environ.get("VLLM_WORKER_MULTIPROC_METHOD") != "spawn"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #8fbe7759f5fbc003 Environment-variable access.
repo/vllm/config/vllm.py:1151
        if os.environ.get("TORCH_COMPILE_DISABLE") == "1":

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #9c3145658ba077eb Environment-variable access.
repo/vllm/config/vllm.py:1163
            and "VLLM_USE_BREAKABLE_CUDAGRAPH" not in os.environ

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #af170be4fa1f8a6f Environment-variable access.
repo/vllm/config/vllm.py:1175
            os.environ["VLLM_USE_BREAKABLE_CUDAGRAPH"] = "1"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #90d9e810df368854 Environment-variable access.
repo/vllm/config/vllm.py:1404
            and os.environ.get("VLLM_WORKER_MULTIPROC_METHOD") != "spawn"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #bfa05b7a5455fc8a Environment-variable access.
repo/vllm/device_allocator/cumem.py:330
        conf = os.environ.get("PYTORCH_CUDA_ALLOC_CONF", "")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #5e3aa8fa2b2cef23 Filesystem access.
repo/vllm/distributed/device_communicators/all_reduce_utils.py:397
            with open(output_file.name, "rb") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #5c34a2bbf16b4d10 Filesystem access.
repo/vllm/distributed/device_communicators/all_reduce_utils.py:404
        with open(path, "w") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #18c2f905cdf84aa8 Filesystem access.
repo/vllm/distributed/device_communicators/all_reduce_utils.py:409
    with open(path) as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #192eaedd1316c4c3 Filesystem access.
repo/vllm/distributed/device_communicators/all_reduce_utils.py:420
    with open(output_file, "wb") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #16b44af89a3e4a6e Environment-variable access.
repo/vllm/distributed/device_communicators/cpu_communicator.py:241
        instance_identifier = os.environ["VLLM_DIST_IDENT"]

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #276c8447d6601867 Environment-variable access.
repo/vllm/distributed/eplb/eplb_utils.py:97
        current_value_str = os.getenv("NCCL_MAX_CTAS")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #94e36afc004ff3e4 Environment-variable access.
repo/vllm/distributed/eplb/eplb_utils.py:103
        os.environ["NCCL_MAX_CTAS"] = str(override_value)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #0ae2e5456d88a48e Filesystem access.
repo/vllm/distributed/kv_transfer/kv_connector/v1/example_hidden_states_connector.py:59
    with open(lock_path) as lf:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #6f4506cfdbab6580 Filesystem access.
repo/vllm/distributed/kv_transfer/kv_connector/v1/hf3fs/utils/hf3fs_mock_client.py:27
            with open(self._file_path, "w+b") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #4a79fbc1e0c50615 Filesystem access.
repo/vllm/distributed/kv_transfer/kv_connector/v1/hf3fs/utils/hf3fs_mock_client.py:35
            with open(self._file_path, "rb") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #5a4e954fdd3997bf Filesystem access.
repo/vllm/distributed/kv_transfer/kv_connector/v1/hf3fs/utils/hf3fs_mock_client.py:90
            with open(self._file_path, "r+b") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #8bdbf57b14979be0 Environment-variable access.
repo/vllm/distributed/kv_transfer/kv_connector/v1/lmcache_integration/utils.py:47
                if "LMCACHE_CONFIG_FILE" not in os.environ:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #5422a3558066038e Environment-variable access.
repo/vllm/distributed/kv_transfer/kv_connector/v1/lmcache_integration/utils.py:58
                    config_file = os.environ["LMCACHE_CONFIG_FILE"]

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #06510bc2b1c931fd Environment-variable access.
repo/vllm/distributed/kv_transfer/kv_connector/v1/lmcache_integration/vllm_v1_adapter.py:681
        self.force_skip_save = bool(os.environ.get("LMCACHE_FORCE_SKIP_SAVE", False))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #c6aa32d4ba2480a3 Environment-variable access.
repo/vllm/distributed/kv_transfer/kv_connector/v1/lmcache_mp_connector.py:1201
    if os.environ.get("LMCACHE_USE_UPSTREAM_MP"):

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #7be32329c24737a6 Filesystem access.
repo/vllm/distributed/kv_transfer/kv_connector/v1/mooncake/store/worker.py:128
        with open(file_path) as file:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #0ccbf48b2825e814 Environment-variable access.
repo/vllm/distributed/kv_transfer/kv_connector/v1/mooncake/store/worker.py:147
        config_path = os.getenv("MOONCAKE_CONFIG_PATH")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #3b3fa843386dc1ea Environment-variable access.
repo/vllm/distributed/kv_transfer/kv_connector/v1/moriio/moriio_common.py:216
        if env_var in os.environ:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #3dbf4b69ed134ad8 Environment-variable access.
repo/vllm/distributed/nixl_utils.py:21
    if "UCX_RCACHE_MAX_UNRELEASED" in os.environ:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #2420b1ee68aad397 Environment-variable access.
repo/vllm/distributed/nixl_utils.py:36
    os.environ["UCX_RCACHE_MAX_UNRELEASED"] = "1024"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #614168a2f427ba92 Environment-variable access.
repo/vllm/engine/arg_utils.py:1792
            os.environ.get(current_platform.device_control_env_var),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #d7c20bfa39ac642b Filesystem access.
repo/vllm/entrypoints/chat_utils.py:1310
        with open(chat_template) as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #aa503e778fc6cda0 Filesystem access.
repo/vllm/entrypoints/chat_utils.py:1325
                with open(builtin_template_path) as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #7871eea904f7d190 Environment-variable access.
repo/vllm/entrypoints/cli/openai.py:34
    api_key = args.api_key or os.environ.get("OPENAI_API_KEY", "EMPTY")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #2009ae09e709599f Environment-variable access.
repo/vllm/entrypoints/mcp/tool.py:62
        exa_api_key = os.getenv("EXA_API_KEY")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #0b803fdae1060642 Environment-variable access.
repo/vllm/entrypoints/openai/api_server.py:123
    if os.getenv("VLLM_WORKER_MULTIPROC_METHOD") == "forkserver":

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #f1b56261da603099 Filesystem access.
repo/vllm/entrypoints/openai/run_batch.py:340
        with open(path_or_url, encoding="utf-8") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #e0a9cc9b9eb03ebf Filesystem access.
repo/vllm/entrypoints/openai/run_batch.py:354
    with open(output_path, "w", encoding="utf-8") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #126dbf1829b55108 Filesystem access.
repo/vllm/entrypoints/openai/run_batch.py:380
                    with open(data_or_file, "rb") as file:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #6a23699208945136 Environment-variable access.
repo/vllm/entrypoints/serve/utils/api_utils.py:165
    if "VLLM_WORKER_MULTIPROC_METHOD" not in os.environ:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #3f8186f6576fee08 Environment-variable access.
repo/vllm/entrypoints/serve/utils/api_utils.py:167
        os.environ["VLLM_WORKER_MULTIPROC_METHOD"] = "spawn"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #e7e87887543c302a Filesystem access.
repo/vllm/entrypoints/serve/utils/server_utils.py:131
        with open(log_config_file) as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #925fee59afe3a326 Environment-variable access.
repo/vllm/env_override.py:50
    enable = os.environ.get("VLLM_ENABLE_CUDA_COMPATIBILITY", "0").strip().lower() in (

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #69641f98bd3ce4be Environment-variable access.
repo/vllm/env_override.py:57
    cuda_compat_path = os.environ.get("VLLM_CUDA_COMPATIBILITY_PATH", "")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #e89ebbdf762c27c6 Environment-variable access.
repo/vllm/env_override.py:59
        conda_prefix = os.environ.get("CONDA_PREFIX", "")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #621d152d16d0e9ac Environment-variable access.
repo/vllm/env_override.py:73
    existing = os.environ.get("LD_LIBRARY_PATH", "")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #34590c5f34f900d0 Environment-variable access.
repo/vllm/env_override.py:82
    os.environ["LD_LIBRARY_PATH"] = os.pathsep.join(new_paths)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #6380da982b9e7e1b Environment-variable access.
repo/vllm/env_override.py:101
os.environ["PYTORCH_NVML_BASED_CUDA_CHECK"] = "1"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #fede4b7e2d8c0628 Environment-variable access.
repo/vllm/env_override.py:105
os.environ["TORCHINDUCTOR_COMPILE_THREADS"] = "1"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #6e5cf924a1ababc0 Environment-variable access.
repo/vllm/env_override.py:113
os.environ.setdefault("TRITON_CACHE_AUTOTUNING", "1")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #833b789aa81e401f Environment-variable access.
repo/vllm/env_override.py:120
os.environ.setdefault("TILELANG_CLEANUP_TEMP_FILES", "1")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #706266ff5f9d1d33 Environment-variable access.
repo/vllm/env_override.py:865
if os.environ.get("VLLM_TRITON_FORCE_FIRST_CONFIG", "0").strip().lower() in (

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #2b76b0808f719418 Environment-variable access.
repo/vllm/envs.py:302
    return os.getenv(
        "XDG_CACHE_HOME",
        os.path.join(os.path.expanduser("~"), ".cache"),
    )

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #f452cb1829b2307b Environment-variable access.
repo/vllm/envs.py:309
    return os.getenv(
        "XDG_CONFIG_HOME",
        os.path.join(os.path.expanduser("~"), ".config"),
    )

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #9990bfa1708814c0 Filesystem access.
repo/vllm/envs.py:331
        with open(value) as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #ebff9258ac3a59bc Environment-variable access.
repo/vllm/envs.py:337
    return bool(int(os.getenv("VLLM_DISABLE_COMPILE_CACHE", "0")))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #0d3285e086b81856 Environment-variable access.
repo/vllm/envs.py:349
    return os.environ.get("VLLM_USE_AOT_COMPILE", default_value) == "1"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #2f0a640e5b076c8a Environment-variable access.
repo/vllm/envs.py:359
    return os.environ.get("VLLM_USE_MEGA_AOT_ARTIFACT", default_value) == "1"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #39dd2b9caab7ae3a Environment-variable access.
repo/vllm/envs.py:382
        value = os.getenv(env_name)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #197ee96e32c1c6d1 Environment-variable access.
repo/vllm/envs.py:429
        value = os.getenv(env_name)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #c22ea5599eaa4851 Environment-variable access.
repo/vllm/envs.py:489
    if "VLLM_PORT" not in os.environ:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #6b63d0d346d59796 Environment-variable access.
repo/vllm/envs.py:492
    port = os.getenv("VLLM_PORT", "0")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #64939e440ab62cd9 Environment-variable access.
repo/vllm/envs.py:519
        value = os.getenv(env_name)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #a925c55a7552c7a6 Environment-variable access.
repo/vllm/envs.py:524
        os.environ[env_name] = default_value

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #96cad9e78d1bfd31 Environment-variable access.
repo/vllm/envs.py:543
    if "VLLM_TRITON_ATTN_USE_TD" in os.environ:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #725d058a3b1dd308 Environment-variable access.
repo/vllm/envs.py:558
    use_rust = bool(int(os.environ.get("VLLM_USE_RUST_FRONTEND", "0")))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #ff497f87b2dfa955 Environment-variable access.
repo/vllm/envs.py:559
    raw = os.environ.get("VLLM_RUST_FRONTEND_PATH", "auto")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #63e28bd51315cff3 Environment-variable access.
repo/vllm/envs.py:562
        if os.environ.get("VLLM_RUST_FRONTEND_PATH") is not None:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #98f59b28b364e5f8 Environment-variable access.
repo/vllm/envs.py:588
    "VLLM_TARGET_DEVICE": lambda: os.getenv("VLLM_TARGET_DEVICE", "cuda").lower(),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #c6ab3aa1832ee8d6 Environment-variable access.
repo/vllm/envs.py:591
        os.getenv("VLLM_MAIN_CUDA_VERSION", "").lower() or "13.0"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #a0199e4b0c11e3ed Environment-variable access.
repo/vllm/envs.py:603
    "VLLM_BATCH_INVARIANT": lambda: bool(int(os.getenv("VLLM_BATCH_INVARIANT", "0"))),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #9806b71ef8295492 Environment-variable access.
repo/vllm/envs.py:612
        os.getenv("VLLM_TRITON_USE_TD", "").strip()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #f7774d1749819eae Environment-variable access.
repo/vllm/envs.py:627
    "MAX_JOBS": lambda: os.getenv("MAX_JOBS", None),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #5ade235edbdc6d4a Environment-variable access.
repo/vllm/envs.py:631
    "NVCC_THREADS": lambda: os.getenv("NVCC_THREADS", None),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #dc054084513c194d Environment-variable access.
repo/vllm/envs.py:634
        os.environ.get("VLLM_USE_PRECOMPILED", "").strip().lower() in ("1", "true")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #4c63137b587115b5 Environment-variable access.
repo/vllm/envs.py:635
        or bool(os.environ.get("VLLM_PRECOMPILED_WHEEL_LOCATION"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #9b91c72daee8d25f Environment-variable access.
repo/vllm/envs.py:639
        os.environ.get("VLLM_USE_PRECOMPILED_RUST", "").strip().lower() in ("1", "true")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #9738924a3ec31771 Environment-variable access.
repo/vllm/envs.py:643
        int(os.environ.get("VLLM_SKIP_PRECOMPILED_VERSION_SUFFIX", "0"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #4823e866e6665d23 Environment-variable access.
repo/vllm/envs.py:648
        os.environ.get("VLLM_DOCKER_BUILD_CONTEXT", "").strip().lower() in ("1", "true")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #eb3d33f667167825 Environment-variable access.
repo/vllm/envs.py:652
    "VLLM_BUILD_COMMIT": lambda: os.environ.get("VLLM_BUILD_COMMIT", "unknown"),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #3895a37b46fa22c3 Environment-variable access.
repo/vllm/envs.py:653
    "VLLM_BUILD_PIPELINE": lambda: os.environ.get("VLLM_BUILD_PIPELINE", "local"),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #e46c187bb881bd1d Environment-variable access.
repo/vllm/envs.py:654
    "VLLM_BUILD_URL": lambda: os.environ.get("VLLM_BUILD_URL", ""),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #8cdf3e7d9b8667ba Environment-variable access.
repo/vllm/envs.py:655
    "VLLM_IMAGE_TAG": lambda: os.environ.get("VLLM_IMAGE_TAG", ""),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #a7e0b8fb23fefffe Environment-variable access.
repo/vllm/envs.py:663
    "VERBOSE": lambda: bool(int(os.getenv("VERBOSE", "0"))),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #66ea0dd4129f94f4 Environment-variable access.
repo/vllm/envs.py:670
        os.getenv(
            "VLLM_CONFIG_ROOT",
            os.path.join(get_default_config_root(), "vllm"),
        )

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #ece0c674a766bdbe Environment-variable access.
repo/vllm/envs.py:679
        os.getenv(
            "VLLM_CACHE_ROOT",
            os.path.join(get_default_cache_root(), "vllm"),
        )

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #ad5246c462e7c446 Environment-variable access.
repo/vllm/envs.py:688
    "VLLM_HOST_IP": lambda: os.getenv("VLLM_HOST_IP", ""),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #a3b7f6e66021bf10 Environment-variable access.
repo/vllm/envs.py:696
    "VLLM_RPC_BASE_PATH": lambda: os.getenv(
        "VLLM_RPC_BASE_PATH", tempfile.gettempdir()
    ),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #13706cced8aa2cf8 Environment-variable access.
repo/vllm/envs.py:702
        os.environ.get("VLLM_USE_MODELSCOPE", "False").lower() == "true"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #a9a8273fb30cd906 Environment-variable access.
repo/vllm/envs.py:709
    "VLLM_USE_FASTOKENS": lambda: bool(int(os.getenv("VLLM_USE_FASTOKENS", "0"))),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #0c80e37fc602b351 Environment-variable access.
repo/vllm/envs.py:712
        os.environ.get("VLLM_RINGBUFFER_WARNING_INTERVAL", "60")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #fc6568141d9023a0 Environment-variable access.
repo/vllm/envs.py:716
    "CUDA_HOME": lambda: os.environ.get("CUDA_HOME", None),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #74b5ef8d333a3ca4 Environment-variable access.
repo/vllm/envs.py:719
    "VLLM_NCCL_SO_PATH": lambda: os.environ.get("VLLM_NCCL_SO_PATH", None),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #c76b4a3294d4f0c6 Environment-variable access.
repo/vllm/envs.py:722
    "LD_LIBRARY_PATH": lambda: os.environ.get("LD_LIBRARY_PATH", None),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #fe1ba67ed7fac76a Environment-variable access.
repo/vllm/envs.py:725
        os.environ.get("VLLM_ROCM_SLEEP_MEM_CHUNK_SIZE", "256")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #f1fe4a10f863ed79 Environment-variable access.
repo/vllm/envs.py:731
        os.environ.get("VLLM_USE_STANDALONE_COMPILE", "1") == "1"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #a4adfd10aedca0f3 Environment-variable access.
repo/vllm/envs.py:740
        os.environ.get("VLLM_ENABLE_PREGRAD_PASSES", "1") == "1"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #46148a8c6a3631bf Environment-variable access.
repo/vllm/envs.py:744
        os.environ.get("VLLM_USE_BREAKABLE_CUDAGRAPH", "0") == "1"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #86956a0b82c5b415 Environment-variable access.
repo/vllm/envs.py:748
    "VLLM_PATTERN_MATCH_DEBUG": lambda: os.environ.get(

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #bd70db27cb803f10 Environment-variable access.
repo/vllm/envs.py:748
    "VLLM_PATTERN_MATCH_DEBUG": lambda: os.environ.get(
        "VLLM_PATTERN_MATCH_DEBUG", None
    ),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #48caa3f1c020a2de Environment-variable access.
repo/vllm/envs.py:753
    "VLLM_DEBUG_DUMP_PATH": lambda: os.environ.get("VLLM_DEBUG_DUMP_PATH", None),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #dd004fbda126405b Environment-variable access.
repo/vllm/envs.py:761
        int(os.environ.get("VLLM_USE_BYTECODE_HOOK", "1"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #9ba7f232cff15e82 Environment-variable access.
repo/vllm/envs.py:766
    "VLLM_FORCE_AOT_LOAD": lambda: os.environ.get("VLLM_FORCE_AOT_LOAD", "0") == "1",

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #01ed5795df16b160 Environment-variable access.
repo/vllm/envs.py:773
    "LOCAL_RANK": lambda: int(os.environ.get("LOCAL_RANK", "0")),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #e84daef98a8e0ac4 Environment-variable access.
repo/vllm/envs.py:775
    "CUDA_VISIBLE_DEVICES": lambda: os.environ.get("CUDA_VISIBLE_DEVICES", None),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #cecc6e93e982c971 Environment-variable access.
repo/vllm/envs.py:778
        os.environ.get("VLLM_ENGINE_ITERATION_TIMEOUT_S", "60")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #083d32b0a2699f0c Environment-variable access.
repo/vllm/envs.py:783
        os.environ.get("VLLM_ENGINE_READY_TIMEOUT_S", "600")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #383f8614803552b1 Environment-variable access.
repo/vllm/envs.py:786
    "VLLM_API_KEY": lambda: os.environ.get("VLLM_API_KEY", None),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #86175ddd68234428 Environment-variable access.
repo/vllm/envs.py:789
        os.environ.get("VLLM_DEBUG_LOG_API_SERVER_RESPONSE", "False").lower() == "true"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #fa7ee19759074d3c Environment-variable access.
repo/vllm/envs.py:792
    "S3_ACCESS_KEY_ID": lambda: os.environ.get("S3_ACCESS_KEY_ID", None),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #74079b6bced8f509 Environment-variable access.
repo/vllm/envs.py:793
    "S3_SECRET_ACCESS_KEY": lambda: os.environ.get("S3_SECRET_ACCESS_KEY", None),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #0358c22b83f827b2 Environment-variable access.
repo/vllm/envs.py:794
    "S3_ENDPOINT_URL": lambda: os.environ.get("S3_ENDPOINT_URL", None),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #e8fdfe958107bd4b Environment-variable access.
repo/vllm/envs.py:796
    "VLLM_USAGE_STATS_SERVER": lambda: os.environ.get(

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #bea01f2fac8c2a87 Environment-variable access.
repo/vllm/envs.py:796
    "VLLM_USAGE_STATS_SERVER": lambda: os.environ.get(
        "VLLM_USAGE_STATS_SERVER", "https://stats.vllm.ai"
    ),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #d367874d87d5faa3 Environment-variable access.
repo/vllm/envs.py:799
    "VLLM_NO_USAGE_STATS": lambda: os.environ.get("VLLM_NO_USAGE_STATS", "0") == "1",

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #75206176f924183a Environment-variable access.
repo/vllm/envs.py:802
            os.environ.get("VLLM_DO_NOT_TRACK", None)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #ff498b8774c00262 Environment-variable access.
repo/vllm/envs.py:803
            or os.environ.get("DO_NOT_TRACK", None)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #72c1e73a20693514 Environment-variable access.
repo/vllm/envs.py:808
    "VLLM_USAGE_SOURCE": lambda: os.environ.get("VLLM_USAGE_SOURCE", "production"),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #224b7cf75f0a55d0 Environment-variable access.
repo/vllm/envs.py:814
        int(os.getenv("VLLM_CONFIGURE_LOGGING", "1"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #68819f698ce95d8f Environment-variable access.
repo/vllm/envs.py:816
    "VLLM_LOGGING_CONFIG_PATH": lambda: os.getenv("VLLM_LOGGING_CONFIG_PATH"),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #d6db90a81723da90 Environment-variable access.
repo/vllm/envs.py:818
    "VLLM_LOGGING_LEVEL": lambda: os.getenv("VLLM_LOGGING_LEVEL", "INFO").upper(),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #0e18daa723add147 Environment-variable access.
repo/vllm/envs.py:820
    "VLLM_LOGGING_STREAM": lambda: os.getenv("VLLM_LOGGING_STREAM", "ext://sys.stdout"),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #df8879694f0cc220 Environment-variable access.
repo/vllm/envs.py:822
    "VLLM_LOGGING_PREFIX": lambda: os.getenv("VLLM_LOGGING_PREFIX", ""),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #314322f6a9650e17 Environment-variable access.
repo/vllm/envs.py:825
    "VLLM_LOGGING_COLOR": lambda: os.getenv("VLLM_LOGGING_COLOR", "auto"),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #9e5c1dbca627e070 Environment-variable access.
repo/vllm/envs.py:827
    "NO_COLOR": lambda: os.getenv("NO_COLOR", "0") != "0",

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #8c47406a5296dc62 Environment-variable access.
repo/vllm/envs.py:832
        if (val := float(os.getenv("VLLM_LOG_STATS_INTERVAL", "10."))) > 0.0

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #921ea775eb391ec4 Environment-variable access.
repo/vllm/envs.py:838
    "VLLM_TRACE_FUNCTION": lambda: int(os.getenv("VLLM_TRACE_FUNCTION", "0")),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #4095cf603020fe85 Environment-variable access.
repo/vllm/envs.py:843
        bool(int(os.environ["VLLM_USE_FLASHINFER_SAMPLER"]))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #b58793184d858d0f Environment-variable access.
repo/vllm/envs.py:844
        if "VLLM_USE_FLASHINFER_SAMPLER" in os.environ

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #860c585f68026107 Environment-variable access.
repo/vllm/envs.py:848
    "VLLM_PP_LAYER_PARTITION": lambda: os.getenv("VLLM_PP_LAYER_PARTITION", None),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #a38cb10827a9b46b Environment-variable access.
repo/vllm/envs.py:852
        int(os.getenv("VLLM_CPU_KVCACHE_SPACE", "0"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #6863595b73605996 Environment-variable access.
repo/vllm/envs.py:853
        if "VLLM_CPU_KVCACHE_SPACE" in os.environ

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #4baf0cb2cde76b75 Environment-variable access.
repo/vllm/envs.py:858
    "VLLM_CPU_OMP_THREADS_BIND": lambda: os.getenv("VLLM_CPU_OMP_THREADS_BIND", "auto"),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #8f0a5f1fec7c9765 Environment-variable access.
repo/vllm/envs.py:862
        int(os.getenv("VLLM_CPU_NUM_OF_RESERVED_CPU", "0"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #56cb4d60d65666f3 Environment-variable access.
repo/vllm/envs.py:863
        if "VLLM_CPU_NUM_OF_RESERVED_CPU" in os.environ

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #b92eb67a02501b16 Environment-variable access.
repo/vllm/envs.py:867
    "VLLM_CPU_SGL_KERNEL": lambda: bool(int(os.getenv("VLLM_CPU_SGL_KERNEL", "0"))),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #3b3dc96656a04480 Environment-variable access.
repo/vllm/envs.py:870
        int(os.getenv("VLLM_CPU_ATTN_SPLIT_KV", "1"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #0af3da78e268b753 Environment-variable access.
repo/vllm/envs.py:875
        int(os.getenv("VLLM_ZENTORCH_WEIGHT_PREPACK", "1"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #6d75796bfd29786c Environment-variable access.
repo/vllm/envs.py:878
    "VLLM_CPU_INT4_W4A8": lambda: bool(int(os.getenv("VLLM_CPU_INT4_W4A8", "1"))),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #ba1fa70d4ceb62a8 Environment-variable access.
repo/vllm/envs.py:892
        int(os.getenv("VLLM_USE_RAY_COMPILED_DAG_OVERLAP_COMM", "0"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #2563930b583d96e6 Environment-variable access.
repo/vllm/envs.py:898
        int(os.getenv("VLLM_USE_RAY_WRAPPED_PP_COMM", "1"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #e81b862c821d9c45 Environment-variable access.
repo/vllm/envs.py:903
        int(os.getenv("VLLM_USE_RAY_V2_EXECUTOR_BACKEND", "1"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #b5813b43bf0d5d5c Environment-variable access.
repo/vllm/envs.py:910
        int(os.getenv("VLLM_DISTRIBUTED_USE_SPLIT_GROUP", "0"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #9118da1b2aeb513f Environment-variable access.
repo/vllm/envs.py:919
        os.getenv(
            "VLLM_ASSETS_CACHE",
            os.path.join(get_default_cache_root(), "vllm", "assets"),
        )

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #ffe09698741de7f2 Environment-variable access.
repo/vllm/envs.py:927
        int(os.getenv("VLLM_ASSETS_CACHE_MODEL_CLEAN", "0"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #56b6dc5b2b8d649d Environment-variable access.
repo/vllm/envs.py:931
    "VLLM_IMAGE_FETCH_TIMEOUT": lambda: int(os.getenv("VLLM_IMAGE_FETCH_TIMEOUT", "5")),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #a2162333e84de10e Environment-variable access.
repo/vllm/envs.py:935
        os.getenv("VLLM_VIDEO_FETCH_TIMEOUT", "30")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #586dc85f658d7b1f Environment-variable access.
repo/vllm/envs.py:940
        os.getenv("VLLM_AUDIO_FETCH_TIMEOUT", "10")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #a847ffb02f05c2d6 Environment-variable access.
repo/vllm/envs.py:944
    "VLLM_MEDIA_CACHE": lambda: os.getenv("VLLM_MEDIA_CACHE", ""),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #f616b50dca557911 Environment-variable access.
repo/vllm/envs.py:948
        os.getenv("VLLM_MEDIA_CACHE_MAX_SIZE_MB", "5120")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #3e73a71e9f08ae8b Environment-variable access.
repo/vllm/envs.py:953
        os.getenv("VLLM_MEDIA_CACHE_TTL_HOURS", "24")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #82daec54af2b5812 Environment-variable access.
repo/vllm/envs.py:958
        os.getenv("VLLM_MEDIA_FETCH_MAX_RETRIES", "3")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #aa8e9b8480c06cc5 Environment-variable access.
repo/vllm/envs.py:963
        int(os.getenv("VLLM_MEDIA_URL_ALLOW_REDIRECTS", "1"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #47e869584977997b Environment-variable access.
repo/vllm/envs.py:969
        os.getenv("VLLM_MEDIA_LOADING_THREAD_COUNT", "8")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #d3c65d0213d65b58 Environment-variable access.
repo/vllm/envs.py:975
        os.getenv("VLLM_MAX_AUDIO_CLIP_FILESIZE_MB", "25")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #812b9ba6f3d7b5a5 Environment-variable access.
repo/vllm/envs.py:982
        os.getenv("VLLM_MAX_AUDIO_DECODE_DURATION_S", "600")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #9be7e3ef7f1ed733 Environment-variable access.
repo/vllm/envs.py:988
        os.getenv(
            "VLLM_MAX_AUDIO_PREPROCESS_WORKERS",
            str(max(1, min(os.cpu_count() or 1, 2))),
        )

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #af77ee32a9965d74 Environment-variable access.
repo/vllm/envs.py:998
        os.getenv("VLLM_MAX_IMAGE_PIXELS", "178956970")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #403aac00a766fc8e Environment-variable access.
repo/vllm/envs.py:1009
    "VLLM_VIDEO_LOADER_BACKEND": lambda: os.getenv(
        "VLLM_VIDEO_LOADER_BACKEND", "opencv"
    ),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #c92d5b2374cc5e2f Environment-variable access.
repo/vllm/envs.py:1019
    "VLLM_MEDIA_CONNECTOR": lambda: os.getenv("VLLM_MEDIA_CONNECTOR", "http"),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #93638bcc59c3e8d1 Environment-variable access.
repo/vllm/envs.py:1034
        os.getenv(
            "VLLM_XLA_CACHE_PATH",
            os.path.join(get_default_cache_root(), "vllm", "xla_cache"),
        )

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #55db3078c3d3cbe0 Environment-variable access.
repo/vllm/envs.py:1041
        int(os.getenv("VLLM_XLA_CHECK_RECOMPILATION", "0"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #4d4741863a5a8d14 Environment-variable access.
repo/vllm/envs.py:1044
    "VLLM_XLA_USE_SPMD": lambda: bool(int(os.getenv("VLLM_XLA_USE_SPMD", "0"))),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #aa43aaa8ce9b5916 Environment-variable access.
repo/vllm/envs.py:1049
        os.getenv("VLLM_SPARSE_INDEXER_MAX_LOGITS_MB", "512")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #6af7423fcf227c38 Environment-variable access.
repo/vllm/envs.py:1054
        int(os.getenv("VLLM_KEEP_ALIVE_ON_ENGINE_DEATH", "0"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #75213d9289bc7982 Environment-variable access.
repo/vllm/envs.py:1061
        os.environ.get("VLLM_ALLOW_LONG_MAX_MODEL_LEN", "0").strip().lower()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #5c40b0ec66a1d7cd Environment-variable access.
repo/vllm/envs.py:1067
        os.environ.get("VLLM_TEST_FORCE_FP8_MARLIN", "0").strip().lower()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #9f7f3c0afc1dae92 Environment-variable access.
repo/vllm/envs.py:1070
    "VLLM_TEST_FORCE_LOAD_FORMAT": lambda: os.getenv(
        "VLLM_TEST_FORCE_LOAD_FORMAT", "dummy"
    ),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #f1033b3925c89a24 Environment-variable access.
repo/vllm/envs.py:1083
        os.getenv("VLLM_FASTSAFETENSORS_QUEUE_SIZE", "0")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #51a75be3b4a770ef Environment-variable access.
repo/vllm/envs.py:1087
        os.environ.get("VLLM_HTTP_TIMEOUT_KEEP_ALIVE", "5")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #932c3ced6ec6d6d3 Environment-variable access.
repo/vllm/envs.py:1093
        os.environ.get("VLLM_MAX_N_SEQUENCES", "16384")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #9d722ee53066c92d Environment-variable access.
repo/vllm/envs.py:1099
        os.environ.get("VLLM_MAX_COMPLETION_PROMPTS", "1024")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #08a1cfd6bc5c000d Environment-variable access.
repo/vllm/envs.py:1106
        if "VLLM_PLUGINS" not in os.environ

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #42f42acd0d565d29 Environment-variable access.
repo/vllm/envs.py:1107
        else os.environ["VLLM_PLUGINS"].split(",")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #e4325426c0c539f0 Environment-variable access.
repo/vllm/envs.py:1116
        int(os.environ["VLLM_PREFIX_CACHE_RETENTION_INTERVAL"])

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #e8932e5b78b5d795 Environment-variable access.
repo/vllm/envs.py:1117
        if "VLLM_PREFIX_CACHE_RETENTION_INTERVAL" in os.environ

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #016f670524a78728 Environment-variable access.
repo/vllm/envs.py:1123
    "VLLM_LORA_RESOLVER_CACHE_DIR": lambda: os.getenv(
        "VLLM_LORA_RESOLVER_CACHE_DIR", None
    ),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #f24fc5372c888a95 Environment-variable access.
repo/vllm/envs.py:1130
    "VLLM_LORA_RESOLVER_HF_REPO_LIST": lambda: os.getenv(
        "VLLM_LORA_RESOLVER_HF_REPO_LIST", None
    ),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #296d64d07db43b84 Environment-variable access.
repo/vllm/envs.py:1134
    "VLLM_USE_TRITON_AWQ": lambda: bool(int(os.getenv("VLLM_USE_TRITON_AWQ", "0"))),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #9d4816ac3a570357 Environment-variable access.
repo/vllm/envs.py:1140
        os.environ.get("VLLM_TRITON_FORCE_FIRST_CONFIG", "0").strip().lower()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #3e1cc14bedf17204 Environment-variable access.
repo/vllm/envs.py:1145
        os.environ.get("VLLM_ALLOW_RUNTIME_LORA_UPDATING", "0").strip().lower()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #20992498e5e71655 Environment-variable access.
repo/vllm/envs.py:1154
    "VLLM_SKIP_P2P_CHECK": lambda: os.getenv("VLLM_SKIP_P2P_CHECK", "1") == "1",

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #8cc2801241e8a62e Environment-variable access.
repo/vllm/envs.py:1161
        if "VLLM_DISABLED_KERNELS" not in os.environ

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #94eda0abb5aa9b78 Environment-variable access.
repo/vllm/envs.py:1162
        else os.environ["VLLM_DISABLED_KERNELS"].split(",")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #76d3ad7ac012ac74 Environment-variable access.
repo/vllm/envs.py:1165
        int(os.getenv("VLLM_ENABLE_FLA_PACKED_RECURRENT_DECODE", "1"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #8bd5c5fb6a89eec6 Environment-variable access.
repo/vllm/envs.py:1169
        os.getenv("VLLM_DISABLE_PYNCCL", "False").lower() in ("true", "1")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #78e27d9ab564ebce Environment-variable access.
repo/vllm/envs.py:1174
        os.getenv("VLLM_USE_OINK_OPS", "False").lower() in ("true", "1")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #93420c2a518be7fb Environment-variable access.
repo/vllm/envs.py:1184
        os.getenv("VLLM_MXFP8_EMULATION_DEQUANT_AT_LOAD", "True").lower()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #2ebf65e08061f43c Environment-variable access.
repo/vllm/envs.py:1188
        os.getenv("VLLM_ROCM_USE_AITER", "False").lower() in ("true", "1")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #07ed3ac82e9d657e Environment-variable access.
repo/vllm/envs.py:1193
        os.getenv("VLLM_ROCM_USE_AITER_CUSTOM_AR", "True").lower() in ("true", "1")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #6f01ad7b061ff485 Environment-variable access.
repo/vllm/envs.py:1198
        os.getenv("VLLM_ROCM_USE_AITER_PAGED_ATTN", "False").lower() in ("true", "1")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #e726a4de69c4325a Environment-variable access.
repo/vllm/envs.py:1205
        os.getenv("VLLM_ROCM_USE_AITER_LINEAR", "True").lower() in ("true", "1")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #0ec5c4ec83116708 Environment-variable access.
repo/vllm/envs.py:1208
        os.getenv("VLLM_ROCM_USE_AITER_LINEAR_HIPBMM", "False").lower() in ("true", "1")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #43e6bf11fa2ce403 Environment-variable access.
repo/vllm/envs.py:1213
        os.getenv("VLLM_ROCM_USE_AITER_MOE", "True").lower() in ("true", "1")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #195e91f115fe1613 Environment-variable access.
repo/vllm/envs.py:1224
        os.getenv("VLLM_ROCM_AITER_MOE_DISPATCH_POLICY", "0")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #9a78cbb99de3988b Environment-variable access.
repo/vllm/envs.py:1228
        os.getenv("VLLM_ROCM_USE_AITER_RMSNORM", "True").lower() in ("true", "1")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #512614a3cd37896f Environment-variable access.
repo/vllm/envs.py:1233
        os.getenv("VLLM_ROCM_USE_AITER_MLA", "True").lower() in ("true", "1")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #233125269ace55ae Environment-variable access.
repo/vllm/envs.py:1238
        os.getenv("VLLM_ROCM_USE_AITER_MHA", "True").lower() in ("true", "1")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #1ca4371f46a2a7c5 Environment-variable access.
repo/vllm/envs.py:1243
        os.getenv("VLLM_ROCM_USE_AITER_FP4_ASM_GEMM", "False").lower() in ("true", "1")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #981cff6c35ab87b9 Environment-variable access.
repo/vllm/envs.py:1248
        os.getenv("VLLM_ROCM_USE_AITER_TRITON_ROPE", "False").lower() in ("true", "1")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #85c249208aad6ac7 Environment-variable access.
repo/vllm/envs.py:1253
        os.getenv("VLLM_ROCM_USE_AITER_FP8BMM", "True").lower() in ("true", "1")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #bcd4cbbb93a15c1d Environment-variable access.
repo/vllm/envs.py:1258
        os.getenv("VLLM_ROCM_USE_AITER_FP4BMM", "True").lower() in ("true", "1")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #fa1a14e9aba68bca Environment-variable access.
repo/vllm/envs.py:1262
        os.getenv("VLLM_ROCM_USE_AITER_UNIFIED_ATTENTION", "False").lower()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #c0e2cb45d562c9f8 Environment-variable access.
repo/vllm/envs.py:1268
        os.getenv("VLLM_ROCM_USE_AITER_FUSION_SHARED_EXPERTS", "False").lower()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #3943bb96a1c4f09d Environment-variable access.
repo/vllm/envs.py:1274
        os.getenv("VLLM_ROCM_USE_AITER_TRITON_GEMM", "True").lower() in ("true", "1")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #7fd852a89f4bed3a Environment-variable access.
repo/vllm/envs.py:1278
        os.getenv("VLLM_ROCM_USE_SKINNY_GEMM", "True").lower() in ("true", "1")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #b688a9991b7734a1 Environment-variable access.
repo/vllm/envs.py:1281
    "VLLM_ROCM_FP8_PADDING": lambda: bool(int(os.getenv("VLLM_ROCM_FP8_PADDING", "1"))),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #52ce791cc4fde4fc Environment-variable access.
repo/vllm/envs.py:1283
    "VLLM_ROCM_MOE_PADDING": lambda: bool(int(os.getenv("VLLM_ROCM_MOE_PADDING", "1"))),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #38c059b3a42ec99f Environment-variable access.
repo/vllm/envs.py:1286
        os.getenv("VLLM_ROCM_SHUFFLE_KV_CACHE_LAYOUT", "False").lower() in ("true", "1")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #e915e23de7476bac Environment-variable access.
repo/vllm/envs.py:1301
        os.getenv("VLLM_ROCM_QUICK_REDUCE_CAST_BF16_TO_FP16", "True").lower()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #0fab989148269b5d Environment-variable access.
repo/vllm/envs.py:1311
        os.environ.get("VLLM_ROCM_QUICK_REDUCE_MAX_SIZE_BYTES_MB", None)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #d99c85fff6e881a4 Environment-variable access.
repo/vllm/envs.py:1318
        os.environ.get("VLLM_ROCM_QUICK_REDUCE_MIN_SIZE_BYTES_MB", None)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #8abffe167931ef90 Environment-variable access.
repo/vllm/envs.py:1324
        os.environ.get("VLLM_ROCM_QUICK_REDUCE_QUANTIZATION_MIN_SIZE_KB", None)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #8bb0e060925b91f7 Environment-variable access.
repo/vllm/envs.py:1327
    "Q_SCALE_CONSTANT": lambda: int(os.getenv("Q_SCALE_CONSTANT", "200")),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #984fb5fe7d24e481 Environment-variable access.
repo/vllm/envs.py:1329
    "K_SCALE_CONSTANT": lambda: int(os.getenv("K_SCALE_CONSTANT", "200")),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #3217aaedf894e102 Environment-variable access.
repo/vllm/envs.py:1331
    "V_SCALE_CONSTANT": lambda: int(os.getenv("V_SCALE_CONSTANT", "100")),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #0ba085da9203e2db Environment-variable access.
repo/vllm/envs.py:1334
        int(os.getenv("VLLM_ENABLE_V1_MULTIPROCESSING", "1"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #d145fc991b645b71 Environment-variable access.
repo/vllm/envs.py:1337
        os.getenv("VLLM_LOG_BATCHSIZE_INTERVAL", "-1")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #5404693cb30a42b9 Environment-variable access.
repo/vllm/envs.py:1342
    "VLLM_USE_LAYERNAME": lambda: bool(int(os.getenv("VLLM_USE_LAYERNAME", "1"))),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #33066cf410d60024 Environment-variable access.
repo/vllm/envs.py:1346
        int(os.getenv("VLLM_USE_RUST_FRONTEND", "0"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #25bc117eeca84856 Environment-variable access.
repo/vllm/envs.py:1355
    "VLLM_SERVER_DEV_MODE": lambda: bool(int(os.getenv("VLLM_SERVER_DEV_MODE", "0"))),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #64b30fb9aad75d61 Environment-variable access.
repo/vllm/envs.py:1364
        os.getenv("VLLM_V1_OUTPUT_PROC_CHUNK_SIZE", "128")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #5e89052a1e38664d Environment-variable access.
repo/vllm/envs.py:1367
    "VLLM_MLA_DISABLE": lambda: bool(int(os.getenv("VLLM_MLA_DISABLE", "0"))),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #aabb87e55d851470 Environment-variable access.
repo/vllm/envs.py:1373
        os.getenv("VLLM_RAY_PER_WORKER_GPUS", "1.0")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #6724dc10c57c784b Environment-variable access.
repo/vllm/envs.py:1378
    "VLLM_RAY_BUNDLE_INDICES": lambda: os.getenv("VLLM_RAY_BUNDLE_INDICES", ""),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #8683d0243773d52b Environment-variable access.
repo/vllm/envs.py:1381
    "VLLM_CUDART_SO_PATH": lambda: os.getenv("VLLM_CUDART_SO_PATH", None),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #7acba0ed8daf324a Environment-variable access.
repo/vllm/envs.py:1383
    "VLLM_DP_RANK": lambda: int(os.getenv("VLLM_DP_RANK", "0")),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #16f878b92689282e Environment-variable access.
repo/vllm/envs.py:1387
        os.getenv("VLLM_DP_RANK_LOCAL", sys.modules[__name__].VLLM_DP_RANK)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #c5ac84478e643ec4 Environment-variable access.
repo/vllm/envs.py:1390
    "VLLM_DP_SIZE": lambda: int(os.getenv("VLLM_DP_SIZE", "1")),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #91818349af311830 Environment-variable access.
repo/vllm/envs.py:1392
    "VLLM_DP_MASTER_IP": lambda: os.getenv("VLLM_DP_MASTER_IP", "127.0.0.1"),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #e68ea955004a7e6b Environment-variable access.
repo/vllm/envs.py:1394
    "VLLM_DP_MASTER_PORT": lambda: int(os.getenv("VLLM_DP_MASTER_PORT", "0")),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #3ddb80f429db7fb8 Environment-variable access.
repo/vllm/envs.py:1397
        os.environ.get("VLLM_RANDOMIZE_DP_DUMMY_INPUTS", "0") == "1"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #e82cbbe59737519f Environment-variable access.
repo/vllm/envs.py:1410
    "VLLM_RAY_DP_PACK_STRATEGY": lambda: os.getenv(
        "VLLM_RAY_DP_PACK_STRATEGY", "strict"
    ),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #60ff45c69cca03bf Environment-variable access.
repo/vllm/envs.py:1417
    "VLLM_RAY_DP_PLACEMENT_NODE_IPS": lambda: os.getenv(
        "VLLM_RAY_DP_PLACEMENT_NODE_IPS", ""
    ),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #4d4749d7eeb72571 Environment-variable access.
repo/vllm/envs.py:1423
    "VLLM_RAY_EXTRA_ENV_VAR_PREFIXES_TO_COPY": lambda: os.getenv(
        "VLLM_RAY_EXTRA_ENV_VAR_PREFIXES_TO_COPY", ""
    ),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #0bf99737f22ae812 Environment-variable access.
repo/vllm/envs.py:1430
    "VLLM_RAY_EXTRA_ENV_VARS_TO_COPY": lambda: os.getenv(
        "VLLM_RAY_EXTRA_ENV_VARS_TO_COPY", ""
    ),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #1a34adbce6e580bc Environment-variable access.
repo/vllm/envs.py:1434
    "VLLM_CI_USE_S3": lambda: os.environ.get("VLLM_CI_USE_S3", "0") == "1",

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #a29035f96d5bbe7e Environment-variable access.
repo/vllm/envs.py:1441
    "VLLM_MODEL_REDIRECT_PATH": lambda: os.environ.get(

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #ebb216deb0c9b5ee Environment-variable access.
repo/vllm/envs.py:1441
    "VLLM_MODEL_REDIRECT_PATH": lambda: os.environ.get(
        "VLLM_MODEL_REDIRECT_PATH", None
    ),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #d8e8c2291a7c20a7 Environment-variable access.
repo/vllm/envs.py:1446
        os.environ.get("VLLM_MARLIN_USE_ATOMIC_ADD", "0") == "1"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #ffa83e8bf33c8eb2 Environment-variable access.
repo/vllm/envs.py:1454
        os.environ.get("VLLM_HUMMING_ONLINE_QUANT_CONFIG", None)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #97a02892dd5c8e6a Environment-variable access.
repo/vllm/envs.py:1458
        os.environ.get("VLLM_HUMMING_INPUT_QUANT_CONFIG", None)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #b1368367a4b45449 Environment-variable access.
repo/vllm/envs.py:1462
        os.environ.get("VLLM_HUMMING_USE_F16_ACCUM", "0")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #fa6485f6f0a697fb Environment-variable access.
repo/vllm/envs.py:1468
    "VLLM_HUMMING_MOE_GEMM_TYPE": lambda: os.environ.get(

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #f3f6e20042ce95b8 Environment-variable access.
repo/vllm/envs.py:1468
    "VLLM_HUMMING_MOE_GEMM_TYPE": lambda: os.environ.get(
        "VLLM_HUMMING_MOE_GEMM_TYPE", None
    ),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #6e01630a34bc79c9 Environment-variable access.
repo/vllm/envs.py:1475
        int(os.getenv("VLLM_DEEPEPLL_NVFP4_DISPATCH", "0"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #005c566eccf48f3e Environment-variable access.
repo/vllm/envs.py:1481
        os.environ.get("VLLM_V1_USE_OUTLINES_CACHE", "0") == "1"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #340f285b77998de9 Environment-variable access.
repo/vllm/envs.py:1486
        int(os.environ["VLLM_TPU_BUCKET_PADDING_GAP"])

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #88663c3c0a9b9481 Environment-variable access.
repo/vllm/envs.py:1487
        if "VLLM_TPU_BUCKET_PADDING_GAP" in os.environ

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #879fa6d540453701 Environment-variable access.
repo/vllm/envs.py:1491
        os.environ.get("VLLM_TPU_MOST_MODEL_LEN", None)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #b43b0d7a626431a6 Environment-variable access.
repo/vllm/envs.py:1495
        "proxy" in os.getenv("JAX_PLATFORMS", "").lower()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #4068529b59ce9131 Environment-variable access.
repo/vllm/envs.py:1498
    "VLLM_USE_DEEP_GEMM": lambda: bool(int(os.getenv("VLLM_USE_DEEP_GEMM", "1"))),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #9f5573a528ccdaf7 Environment-variable access.
repo/vllm/envs.py:1501
        int(os.getenv("VLLM_MOE_USE_DEEP_GEMM", "1"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #071272d84bc0f622 Environment-variable access.
repo/vllm/envs.py:1505
        int(os.getenv("VLLM_USE_DEEP_GEMM_E8M0", "1"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #ff89d3dce4ed5d8a Environment-variable access.
repo/vllm/envs.py:1509
        int(os.getenv("VLLM_USE_DEEP_GEMM_TMA_ALIGNED_SCALES", "1"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #c8f829f4a723089f Environment-variable access.
repo/vllm/envs.py:1533
        int(os.getenv("VLLM_USE_FUSED_MOE_GROUPED_TOPK", "1"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #99505fd76f3673a3 Environment-variable access.
repo/vllm/envs.py:1539
    "VLLM_MOE_SKIP_PADDING": lambda: bool(int(os.getenv("VLLM_MOE_SKIP_PADDING", "0"))),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #ea418e2937eb0488 Environment-variable access.
repo/vllm/envs.py:1543
        int(os.getenv("VLLM_BLOCKSCALE_FP8_GEMM_FLASHINFER", "1"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #5546f5451fda96fb Environment-variable access.
repo/vllm/envs.py:1547
        int(os.getenv("VLLM_USE_FLASHINFER_MOE_INT4", "0"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #9b5c3e1c5da11d0e Environment-variable access.
repo/vllm/envs.py:1552
    "VLLM_XGRAMMAR_CACHE_MB": lambda: int(os.getenv("VLLM_XGRAMMAR_CACHE_MB", "512")),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #27543a57765be4f9 Environment-variable access.
repo/vllm/envs.py:1558
        os.getenv("VLLM_REGEX_COMPILATION_TIMEOUT_S", "5")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #cd964c31a971d578 Environment-variable access.
repo/vllm/envs.py:1568
        os.getenv("VLLM_MSGPACK_ZERO_COPY_THRESHOLD", "256")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #6ea40a5af40665e3 Environment-variable access.
repo/vllm/envs.py:1574
        int(os.getenv("VLLM_ALLOW_INSECURE_SERIALIZATION", "0"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #4b368e2f129c4487 Environment-variable access.
repo/vllm/envs.py:1579
        int(os.getenv("VLLM_DISABLE_REQUEST_ID_RANDOMIZATION", "0"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #9671f9d391604e8e Environment-variable access.
repo/vllm/envs.py:1582
    "VLLM_NIXL_SIDE_CHANNEL_HOST": lambda: os.getenv(
        "VLLM_NIXL_SIDE_CHANNEL_HOST", "localhost"
    ),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #14860f2d1dcb2066 Environment-variable access.
repo/vllm/envs.py:1587
        os.getenv("VLLM_NIXL_SIDE_CHANNEL_PORT", "5600")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #f8d10c59979c06b8 Environment-variable access.
repo/vllm/envs.py:1591
    "VLLM_EC_SIDE_CHANNEL_HOST": lambda: os.getenv(
        "VLLM_EC_SIDE_CHANNEL_HOST", "localhost"
    ),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #3d0d1519e893fa89 Environment-variable access.
repo/vllm/envs.py:1597
        os.getenv("VLLM_EC_SIDE_CHANNEL_PORT", "5601")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #b4769009af9a083e Environment-variable access.
repo/vllm/envs.py:1601
        os.getenv("VLLM_MOONCAKE_BOOTSTRAP_PORT", "8998")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #2a55d82f3e5e59c0 Environment-variable access.
repo/vllm/envs.py:1605
        os.getenv("VLLM_MOONCAKE_STORE_TIER_LOG", "False").lower() in ("true", "1")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #13fb1effd9ff6e19 Environment-variable access.
repo/vllm/envs.py:1613
        os.getenv("VLLM_MOONCAKE_LOAD_RECV_THREADS", "1")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #b422b8e4706b7760 Environment-variable access.
repo/vllm/envs.py:1617
        os.getenv("VLLM_MOONCAKE_DISK_STAGING_USABLE_RATIO", "0.9")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #3fb28ea63b20c4a4 Environment-variable access.
repo/vllm/envs.py:1620
    "MOONCAKE_PREFERRED_SEGMENT": lambda: os.getenv("MOONCAKE_PREFERRED_SEGMENT"),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #8190984436bf67c2 Environment-variable access.
repo/vllm/envs.py:1622
    "MOONCAKE_REQUESTER_LOCAL_HOSTNAME": lambda: os.getenv(
        "MOONCAKE_REQUESTER_LOCAL_HOSTNAME"
    ),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #76f3c43d0db80b89 Environment-variable access.
repo/vllm/envs.py:1626
    "VLLM_FLASHINFER_AUTOTUNE_CACHE_DIR": lambda: os.getenv(
        "VLLM_FLASHINFER_AUTOTUNE_CACHE_DIR", None
    ),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #52f0cf00e00a1e16 Environment-variable access.
repo/vllm/envs.py:1634
        if "VLLM_FLASHINFER_AUTOTUNE_SKIP_OPS" not in os.environ

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #b98503dc45540391 Environment-variable access.
repo/vllm/envs.py:1637
            for v in os.environ["VLLM_FLASHINFER_AUTOTUNE_SKIP_OPS"].split(",")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #c03d2afe85a17f93 Environment-variable access.
repo/vllm/envs.py:1649
        os.getenv("VLLM_FLASHINFER_WORKSPACE_BUFFER_SIZE", str(394 * 1024 * 1024))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #42fbe548a2627169 Environment-variable access.
repo/vllm/envs.py:1656
        os.getenv("VLLM_MAX_TOKENS_PER_EXPERT_FP4_MOE", "163840")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #5c201d115ba0e191 Environment-variable access.
repo/vllm/envs.py:1665
        os.getenv("VLLM_FLASHINFER_ALLREDUCE_FUSION_THRESHOLDS_MB", "{}")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #48e84a219506ed73 Environment-variable access.
repo/vllm/envs.py:1673
    "VLLM_MOE_ROUTING_SIMULATION_STRATEGY": lambda: os.environ.get(

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #0bad7acb4de91a84 Environment-variable access.
repo/vllm/envs.py:1673
    "VLLM_MOE_ROUTING_SIMULATION_STRATEGY": lambda: os.environ.get(
        "VLLM_MOE_ROUTING_SIMULATION_STRATEGY", ""
    ).lower(),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #270c4cbe64d495d6 Environment-variable access.
repo/vllm/envs.py:1678
        os.getenv("VLLM_TOOL_PARSE_REGEX_TIMEOUT_SECONDS", "1")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #61037d0957a3c434 Environment-variable access.
repo/vllm/envs.py:1682
        os.getenv("VLLM_ENFORCE_STRICT_TOOL_CALLING", "True").lower() in ("true", "1")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #3334c4eaa25d1f49 Environment-variable access.
repo/vllm/envs.py:1688
        os.getenv("VLLM_MQ_MAX_CHUNK_BYTES_MB", "16")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #fe29cebd4943c614 Environment-variable access.
repo/vllm/envs.py:1693
        os.getenv("VLLM_EXECUTE_MODEL_TIMEOUT_SECONDS", "300")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #b76b259dc6d34c6c Environment-variable access.
repo/vllm/envs.py:1697
        os.getenv("VLLM_WORKER_SHUTDOWN_TIMEOUT_SECONDS", "5")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #e9fec93f3dc0ec55 Environment-variable access.
repo/vllm/envs.py:1720
        int(os.getenv("VLLM_COMPUTE_NANS_IN_LOGITS", "0"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #33140b24eeed9edd Environment-variable access.
repo/vllm/envs.py:1724
        os.getenv("VLLM_MOONCAKE_ABORT_REQUEST_TIMEOUT", "480")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #0d1c27b02a295751 Environment-variable access.
repo/vllm/envs.py:1729
        int(os.getenv("VLLM_HAS_FLASHINFER_CUBIN", "0"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #4fe1b859a351a5c6 Environment-variable access.
repo/vllm/envs.py:1735
        int(os.getenv("VLLM_ENABLE_CUDAGRAPH_GC", "0"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #b0a861e2722ddfbd Environment-variable access.
repo/vllm/envs.py:1738
    "VLLM_LOOPBACK_IP": lambda: os.getenv("VLLM_LOOPBACK_IP", ""),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #4f3f4800daef8113 Environment-variable access.
repo/vllm/envs.py:1742
    "VLLM_PROCESS_NAME_PREFIX": lambda: os.getenv("VLLM_PROCESS_NAME_PREFIX", "VLLM"),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #eb293d5ec22c4843 Environment-variable access.
repo/vllm/envs.py:1751
        int(os.getenv("VLLM_ALLOW_CHUNKED_LOCAL_ATTN_WITH_HYBRID_KV_CACHE", "1"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #9b69b32369ea1eea Environment-variable access.
repo/vllm/envs.py:1763
        int(os.getenv("VLLM_ENABLE_RESPONSES_API_STORE", "0"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #d2d5f5bd2ec0323c Environment-variable access.
repo/vllm/envs.py:1767
        int(os.getenv("VLLM_ROCM_FP8_MFMA_PAGE_ATTN", "0"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #a7a5a1a331a1b3af Environment-variable access.
repo/vllm/envs.py:1771
        int(os.getenv("VLLM_ALLREDUCE_USE_SYMM_MEM", "1"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #c46d7f425268ddd0 Environment-variable access.
repo/vllm/envs.py:1775
        int(os.getenv("VLLM_ALLREDUCE_USE_FLASHINFER", "0"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #2c344792134bff67 Environment-variable access.
repo/vllm/envs.py:1779
        int(os.getenv("VLLM_USE_EXPERIMENTAL_PARSER_CONTEXT", "0"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #0157544464bc5828 Environment-variable access.
repo/vllm/envs.py:1785
    "VLLM_TUNED_CONFIG_FOLDER": lambda: os.getenv("VLLM_TUNED_CONFIG_FOLDER", None),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #a04694291fce71ed Environment-variable access.
repo/vllm/envs.py:1794
        int(os.getenv("VLLM_ENABLE_STARTUP_PLAN", "0"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #f9cc3fe527a07bce Environment-variable access.
repo/vllm/envs.py:1807
        int(os.getenv("VLLM_GPT_OSS_HARMONY_SYSTEM_INSTRUCTIONS", "0"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #fcb55c3b4bef6ed6 Environment-variable access.
repo/vllm/envs.py:1814
    "VLLM_SYSTEM_START_DATE": lambda: os.getenv("VLLM_SYSTEM_START_DATE", None),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #0c108c0e436ee5de Environment-variable access.
repo/vllm/envs.py:1819
        int(os.getenv("VLLM_TOOL_JSON_ERROR_AUTOMATIC_RETRY", "0"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #7b061ccb4d22275a Environment-variable access.
repo/vllm/envs.py:1823
        int(os.getenv("VLLM_CUSTOM_SCOPES_FOR_PROFILING", "0"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #3eff1a3bf96f4248 Environment-variable access.
repo/vllm/envs.py:1827
        int(os.getenv("VLLM_NVTX_SCOPES_FOR_PROFILING", "0"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #129f61ae3ff5b1bf Environment-variable access.
repo/vllm/envs.py:1832
        int(os.getenv("VLLM_KV_EVENTS_USE_INT_BLOCK_HASHES", "1"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #df2b1436fb8861ae Environment-variable access.
repo/vllm/envs.py:1844
        os.getenv("VLLM_DEEPEP_BUFFER_SIZE_MB", "1024")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #a4e7e73b85a08674 Environment-variable access.
repo/vllm/envs.py:1850
        int(os.getenv("VLLM_DEEPEP_HIGH_THROUGHPUT_FORCE_INTRA_NODE", "0"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #917b4762f35c131f Environment-variable access.
repo/vllm/envs.py:1855
        int(os.getenv("VLLM_DEEPEP_LOW_LATENCY_USE_MNNVL", "0"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #6659b9256d08b4e4 Environment-variable access.
repo/vllm/envs.py:1859
        int(os.getenv("VLLM_DEEPEP_V2_ALLOW_HYBRID_MODE", "0"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #9ef66ddb3494cbf1 Environment-variable access.
repo/vllm/envs.py:1863
        int(os.getenv("VLLM_DEEPEP_V2_PREFER_OVERLAP", "0"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #bd455d4f6f67d5eb Environment-variable access.
repo/vllm/envs.py:1867
        int(os.getenv("VLLM_DEEPEP_V2_ALLOW_MULTIPLE_REDUCTION", "0"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #0df9804570702d81 Environment-variable access.
repo/vllm/envs.py:1873
        os.getenv(
            "VLLM_DBO_COMM_SMS",
            "64"
            if hasattr(__import__("torch").version, "hip")
            and __import__("torch").version.hip is not None
            else "20",
        )

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #744483174de5338a Environment-variable access.
repo/vllm/envs.py:1885
        int(os.getenv("VLLM_ENABLE_INDUCTOR_MAX_AUTOTUNE", "1"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #6bb7bf0420df34c5 Environment-variable access.
repo/vllm/envs.py:1890
        int(os.getenv("VLLM_ENABLE_INDUCTOR_COORDINATE_DESCENT_TUNING", "1"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #8cc1bf73767a0d79 Environment-variable access.
repo/vllm/envs.py:1894
        int(os.getenv("VLLM_USE_NCCL_SYMM_MEM", "0"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #077cde732200f57a Environment-variable access.
repo/vllm/envs.py:1897
    "VLLM_NCCL_INCLUDE_PATH": lambda: os.environ.get("VLLM_NCCL_INCLUDE_PATH", None),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #1805d3eb47486728 Environment-variable access.
repo/vllm/envs.py:1903
    "VLLM_GC_DEBUG": lambda: os.getenv("VLLM_GC_DEBUG", ""),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #0650881ff270fc3d Environment-variable access.
repo/vllm/envs.py:1906
    "VLLM_DEBUG_WORKSPACE": lambda: bool(int(os.getenv("VLLM_DEBUG_WORKSPACE", "0"))),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #0cba6eba9941415c Environment-variable access.
repo/vllm/envs.py:1909
        int(os.getenv("VLLM_DISABLE_SHARED_EXPERTS_STREAM", "0"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #81ab679848acddf3 Environment-variable access.
repo/vllm/envs.py:1916
        int(os.getenv("VLLM_SHARED_EXPERTS_STREAM_TOKEN_THRESHOLD", 256))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #e3261cd31eb53ee8 Environment-variable access.
repo/vllm/envs.py:1927
        os.getenv("VLLM_MULTI_STREAM_GEMM_TOKEN_THRESHOLD", "1024")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #847a1b0ae5b59f7b Environment-variable access.
repo/vllm/envs.py:1940
        os.getenv("VLLM_USE_V2_MODEL_RUNNER", None)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #e5f4e127c1b67ca4 Environment-variable access.
repo/vllm/envs.py:1946
        int(os.getenv("VLLM_LOG_MODEL_INSPECTION", "0"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #6352101793dc3b7f Environment-variable access.
repo/vllm/envs.py:1950
        int(os.getenv("VLLM_DEBUG_MFU_METRICS", "0"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #e2925e226a0d4f2a Environment-variable access.
repo/vllm/envs.py:1954
        int(os.getenv("VLLM_WEIGHT_OFFLOADING_DISABLE_PIN_MEMORY", "0"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #2a95f79f568cd545 Environment-variable access.
repo/vllm/envs.py:1958
        int(os.getenv("VLLM_WEIGHT_OFFLOADING_DISABLE_UVA", "0"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #bda0414f00dd335d Environment-variable access.
repo/vllm/envs.py:1965
        int(os.getenv("VLLM_WSL2_ENABLE_PIN_MEMORY", "0"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #633f639a96b991b8 Environment-variable access.
repo/vllm/envs.py:1968
    "VLLM_DISABLE_LOG_LOGO": lambda: bool(int(os.getenv("VLLM_DISABLE_LOG_LOGO", "0"))),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #a90d78d2edde7cc2 Environment-variable access.
repo/vllm/envs.py:1971
    "VLLM_LORA_DISABLE_PDL": lambda: bool(int(os.getenv("VLLM_LORA_DISABLE_PDL", "0"))),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #1da2d9ab092966f1 Environment-variable access.
repo/vllm/envs.py:1975
        os.environ.get("VLLM_ENABLE_CUDA_COMPATIBILITY", "0").strip().lower()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #1fabad6d2e73fd30 Environment-variable access.
repo/vllm/envs.py:1979
    "VLLM_CUDA_COMPATIBILITY_PATH": lambda: os.environ.get(

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #e50dadeb3cbd0d57 Environment-variable access.
repo/vllm/envs.py:1979
    "VLLM_CUDA_COMPATIBILITY_PATH": lambda: os.environ.get(
        "VLLM_CUDA_COMPATIBILITY_PATH", None
    ),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #dad7bbd5bbfd0f53 Environment-variable access.
repo/vllm/envs.py:1987
        os.getenv("VLLM_SKIP_MODEL_NAME_VALIDATION", "0").strip().lower()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #23fc3eb5560403c3 Environment-variable access.
repo/vllm/envs.py:1993
        int(os.getenv("VLLM_ELASTIC_EP_SCALE_UP_LAUNCH", "0"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #7811513e1e0b3e37 Environment-variable access.
repo/vllm/envs.py:1998
        int(os.getenv("VLLM_ELASTIC_EP_DRAIN_REQUESTS", "0"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #bcc10e03765e5b16 Environment-variable access.
repo/vllm/envs.py:2004
        int(os.getenv("VLLM_MEMORY_PROFILER_ESTIMATE_CUDAGRAPHS", "1"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #60b0a4d1e137ce39 Environment-variable access.
repo/vllm/envs.py:2008
        os.getenv("VLLM_NIXL_EP_MAX_NUM_RANKS", "32")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #204dae57b0333b96 Environment-variable access.
repo/vllm/envs.py:2012
        int(os.getenv("VLLM_XPU_ENABLE_XPU_GRAPH", "0"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #14ff579f825937fe Environment-variable access.
repo/vllm/envs.py:2016
        int(os.getenv("VLLM_XPU_USE_SAMPLER_KERNEL", "1"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #ea23639c33553fed Environment-variable access.
repo/vllm/envs.py:2020
        int(os.getenv("VLLM_USE_SIMPLE_KV_OFFLOAD", "0"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #7292b33d5b486f07 Environment-variable access.
repo/vllm/envs.py:2026
        int(os.getenv("VLLM_LORA_ENABLE_DUAL_STREAM", "0"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #66328ed1014b2504 Environment-variable access.
repo/vllm/envs.py:2030
    "VLLM_USE_SPINLOOP_EXT": lambda: bool(int(os.getenv("VLLM_USE_SPINLOOP_EXT", "0"))),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #eddae58ea83b5148 Environment-variable access.
repo/vllm/envs.py:2033
    "VLLM_GPU_NIC_PCIE_MAPPING": lambda: os.getenv("VLLM_GPU_NIC_PCIE_MAPPING", ""),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #288124a84537edfd Environment-variable access.
repo/vllm/envs.py:2037
    "VLLM_NIC_SELECTION_VARS": lambda: os.getenv("VLLM_NIC_SELECTION_VARS", ""),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #61243f52b9775e4f Environment-variable access.
repo/vllm/envs.py:2103
        return name in os.environ

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #7e70db3e8645b114 Environment-variable access.
repo/vllm/envs.py:2108
    for env in os.environ:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #cc310774c91ce022 Environment-variable access.
repo/vllm/envs.py:2238
        factors[var] = normalize_value(os.getenv(var))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #a6a26c693d7f8170 Filesystem access.
repo/vllm/ir/util.py:26
            src_str = src.read_text()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #fe40b598257dc18d Filesystem access.
repo/vllm/kernels/helion/config_manager.py:235
            test_file.write_text("test")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #a00769d89e133e51 Filesystem access.
repo/vllm/kernels/helion/config_manager.py:247
            with open(config_path) as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #308b377249b814df Filesystem access.
repo/vllm/kernels/helion/config_manager.py:262
                with open(platform_file) as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #f4fbb514643156bb Filesystem access.
repo/vllm/kernels/helion/config_manager.py:293
            with open(platform_path, "w") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #53bed147db339c74 Filesystem access.
repo/vllm/kernels/helion/config_manager.py:317
        with open(platform_path, "w") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #2ac1ec62fae1594d Filesystem access.
repo/vllm/logger.py:185
        with open(envs.VLLM_LOGGING_CONFIG_PATH, encoding="utf-8") as file:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #31364697d042812b Filesystem access.
repo/vllm/logger.py:272
            with open(log_path, "a") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #e132491a40695611 Filesystem access.
repo/vllm/lora/ops/triton_ops/utils.py:189
        with open(str(config_path)) as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #1a5c9bfb2647bf13 Filesystem access.
repo/vllm/lora/peft_helper.py:110
            with open(lora_config_path) as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #cbbb60449724619d Filesystem access.
repo/vllm/model_executor/layers/attention/mm_encoder_attention.py:71
    with open(path, encoding="utf-8") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #2b90e2b3f2c5ae5e Filesystem access.
repo/vllm/model_executor/layers/attention/mm_encoder_attention.py:140
    with open(path, "w", encoding="utf-8") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #be2d2d126ac4b548 Environment-variable access.
repo/vllm/model_executor/layers/batch_invariant.py:918
        os.environ["CUBLAS_WORKSPACE_CONFIG"] = ":16:8"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #463764ec07bfd58b Environment-variable access.
repo/vllm/model_executor/layers/batch_invariant.py:919
        os.environ["CUBLASLT_WORKSPACE_SIZE"] = "1"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #fe1d7997794c776c Environment-variable access.
repo/vllm/model_executor/layers/batch_invariant.py:954
    os.environ["VLLM_ALLREDUCE_USE_SYMM_MEM"] = "0"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #91f080ab303f04b2 Environment-variable access.
repo/vllm/model_executor/layers/batch_invariant.py:956
    os.environ["CUBLAS_WORKSPACE_CONFIG"] = ":4096:8"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #1081255c80848c0e Environment-variable access.
repo/vllm/model_executor/layers/batch_invariant.py:959
    os.environ["NCCL_LAUNCH_MODE"] = "GROUP"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #afce32a249508c02 Environment-variable access.
repo/vllm/model_executor/layers/batch_invariant.py:960
    os.environ["NCCL_COLLNET_ENABLE"] = "0"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #5505e3064c33b7fe Environment-variable access.
repo/vllm/model_executor/layers/batch_invariant.py:961
    os.environ["NCCL_NVLS_ENABLE"] = "0"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #f41b80afbae3cdf2 Environment-variable access.
repo/vllm/model_executor/layers/batch_invariant.py:962
    os.environ["NCCL_P2P_NET_DISABLE"] = "1"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #ea94a41ec5796627 Environment-variable access.
repo/vllm/model_executor/layers/batch_invariant.py:963
    os.environ["NCCL_MIN_NCHANNELS"] = "1"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #f206fc2fd5a63705 Environment-variable access.
repo/vllm/model_executor/layers/batch_invariant.py:964
    os.environ["NCCL_MAX_NCHANNELS"] = "1"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #f4c5203048457291 Environment-variable access.
repo/vllm/model_executor/layers/batch_invariant.py:965
    os.environ["NCCL_PROTO"] = "Simple"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #bb7197ed915a1df7 Environment-variable access.
repo/vllm/model_executor/layers/batch_invariant.py:966
    os.environ["NCCL_ALGO"] = "allreduce:tree"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #c61b1a4197caddb5 Environment-variable access.
repo/vllm/model_executor/layers/batch_invariant.py:967
    os.environ["NCCL_NTHREADS"] = "1"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #73f0ae48f0f5d7b6 Environment-variable access.
repo/vllm/model_executor/layers/batch_invariant.py:968
    os.environ["NCCL_SOCKET_NTHREADS"] = "1"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #a0198a94b8ab8a9a Environment-variable access.
repo/vllm/model_executor/layers/batch_invariant.py:971
    os.environ["VLLM_USE_AOT_COMPILE"] = "0"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #e989081ba6fcf48e Environment-variable access.
repo/vllm/model_executor/layers/fla/ops/l2norm.py:18
USE_DEFAULT_FLA_NORM = int(os.getenv("USE_DEFAULT_FLA_NORM", "0"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #73d1e5278f95248b Environment-variable access.
repo/vllm/model_executor/layers/fla/ops/op.py:16
if os.environ.get("FLA_USE_FAST_OPS", "0") == "1":

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #0958838052d6ab2b Environment-variable access.
repo/vllm/model_executor/layers/fla/ops/solve_tril.py:21
FLA_TRIL_PRECISION = os.environ.get("FLA_TRIL_PRECISION", "ieee")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #800ee3021ce6ba23 Environment-variable access.
repo/vllm/model_executor/layers/fla/ops/utils.py:25
COMPILER_MODE = os.getenv("FLA_COMPILER_MODE") == "1"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #3c4b7b7db32d7133 Environment-variable access.
repo/vllm/model_executor/layers/fla/ops/utils.py:26
FLA_CI_ENV = os.getenv("FLA_CI_ENV") == "1"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #18e2a8a940b0cf43 Environment-variable access.
repo/vllm/model_executor/layers/fla/ops/utils.py:28
SUPPRESS_LEVEL = int(os.getenv("GDN_RECOMPUTE_SUPPRESS_LEVEL", "0"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #1447ca66df94b533 Environment-variable access.
repo/vllm/model_executor/layers/fla/ops/utils.py:155
use_cuda_graph = is_nvidia and os.environ.get("FLA_USE_CUDA_GRAPH", "0") == "1"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #5dfd3603511728f7 Environment-variable access.
repo/vllm/model_executor/layers/fla/ops/utils.py:159
    and os.getenv("FLA_USE_TMA", "0") == "1"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #9cc2341e22edce39 Filesystem access.
repo/vllm/model_executor/layers/fused_moe/fused_flydsl_moe.py:118
        with open(config_file_path) as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #a6ac701827e1cf52 Filesystem access.
repo/vllm/model_executor/layers/fused_moe/fused_moe.py:1093
            with open(config_file_path) as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #11e5f6c78c8951f8 Environment-variable access.
repo/vllm/model_executor/layers/fused_moe/oracle/mxfp4.py:1449
        os.environ["AITER_BF16_FP8_MOE_BOUND"] = "0"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #f103b5a8b3394164 Filesystem access.
repo/vllm/model_executor/layers/mamba/gdn/qwen_gdn_linear_attn.py:139
            with open(pkg_path.locate(), "rb") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #4473e524afa6e749 Filesystem access.
repo/vllm/model_executor/layers/mamba/ops/mamba_ssm.py:96
            with open(path) as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #14134385af3299ec Filesystem access.
repo/vllm/model_executor/layers/quantization/torchao.py:224
        with open(config_file) as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #630e4c952b6961a5 Filesystem access.
repo/vllm/model_executor/layers/quantization/utils/fp8_utils.py:875
        with open(config_file_path) as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #ea393e8d29eedd7d Filesystem access.
repo/vllm/model_executor/layers/quantization/utils/int8_utils.py:340
        with open(config_file_path) as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #d7d2b287ea1dd3c0 Environment-variable access.
repo/vllm/model_executor/model_loader/runai_streamer_loader.py:73
            os.environ.update(env_updates)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #b7ea12dc76d6e7f4 Environment-variable access.
repo/vllm/model_executor/model_loader/runai_streamer_loader.py:75
            runai_streamer_s3_endpoint = os.getenv("RUNAI_STREAMER_S3_ENDPOINT")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #ce8c1daff51b2884 Environment-variable access.
repo/vllm/model_executor/model_loader/runai_streamer_loader.py:76
            aws_endpoint_url = os.getenv("AWS_ENDPOINT_URL")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #b8afd6f6eee4792a Environment-variable access.
repo/vllm/model_executor/model_loader/runai_streamer_loader.py:78
                os.environ["RUNAI_STREAMER_S3_ENDPOINT"] = aws_endpoint_url

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #07038e846a9dfe42 Filesystem access.
repo/vllm/model_executor/model_loader/tensorizer.py:648
                open(artifact.path, "rb") as f,

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #6621ee17bb39b4ec Filesystem access.
repo/vllm/model_executor/model_loader/tensorizer.py:673
        with open(keyfile, "rb") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #1249bb28bce6fb4c Filesystem access.
repo/vllm/model_executor/model_loader/tensorizer.py:773
    with open(config_path) as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #b264f3e9dd2551cd Environment-variable access.
repo/vllm/model_executor/model_loader/weight_utils.py:76
    if "HF_XET_HIGH_PERFORMANCE" not in os.environ:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #384c13110fb36dba Filesystem access.
repo/vllm/model_executor/model_loader/weight_utils.py:380
    with open(quant_config_file) as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #9bbffb91b014e88e Filesystem access.
repo/vllm/model_executor/model_loader/weight_utils.py:423
    with open(config_file) as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #48c8a2fe82f2c196 Filesystem access.
repo/vllm/model_executor/model_loader/weight_utils.py:483
                with open(index_path) as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #d802e38fb490de1d Filesystem access.
repo/vllm/model_executor/model_loader/weight_utils.py:593
    with open(index_file_name) as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #7e485672ee3b1c08 Filesystem access.
repo/vllm/model_executor/model_loader/weight_utils.py:673
                    with open(param_path, "wb") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #6894602ae460c526 Filesystem access.
repo/vllm/model_executor/model_loader/weight_utils.py:676
            with open(weight_names_file, "w") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #bed41c93e06d16d2 Filesystem access.
repo/vllm/model_executor/model_loader/weight_utils.py:679
    with open(weight_names_file) as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #bdb5ab0a134aef63 Filesystem access.
repo/vllm/model_executor/model_loader/weight_utils.py:684
        with open(param_path, "rb") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #1c8dcdd90693ad8c Filesystem access.
repo/vllm/model_executor/model_loader/weight_utils.py:729
        with open("/proc/mounts") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #f65963569f786a05 Filesystem access.
repo/vllm/model_executor/model_loader/weight_utils.py:760
    with open(file_path, "rb") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #8098db51b7b5ac57 Filesystem access.
repo/vllm/model_executor/model_loader/weight_utils.py:933
            with open(st_file, "rb") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #efffeaf5a83eb162 Filesystem access.
repo/vllm/model_executor/models/llava_onevision2.py:173
        with open(config_file, encoding="utf-8") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #940fb6c16ff8c826 Filesystem access.
repo/vllm/model_executor/models/mimo_audio.py:1258
        with open(config_path) as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #197b7e0bb818a43c Environment-variable access.
repo/vllm/model_executor/models/minicpmo.py:81
if os.getenv("USE_FLAGOS") == "1":

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #7e9b5eac03ff9a45 Filesystem access.
repo/vllm/model_executor/models/registry.py:878
            hasher.update(path.read_bytes())

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #42a9d11ec46c44a5 Filesystem access.
repo/vllm/model_executor/models/registry.py:886
                with open(modelinfo_path, encoding="utf-8") as file:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #fe90092bf949e3ff Filesystem access.
repo/vllm/model_executor/models/registry.py:1449
        with open(output_filepath, "rb") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #25163cfc0c3117ba Filesystem access.
repo/vllm/model_executor/models/registry.py:1463
    with open(output_file, "wb") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #619e3808b7b35da8 Filesystem access.
repo/vllm/model_executor/warmup/flashinfer_sparse_mla_warmup.py:164
        with open(cache_path, "rb") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #5e8c19593a63f02f Filesystem access.
repo/vllm/model_executor/warmup/kernel_warmup.py:251
        with open(cache_path, "rb") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #129878ee7786094f Filesystem access.
repo/vllm/multimodal/media/connector.py:234
            return cache_path.read_bytes()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #5c47ce64271321ec Filesystem access.
repo/vllm/multimodal/media/image.py:96
        return self.load_bytes(filepath.read_bytes())

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #b5aeff31548a1e37 Environment-variable access.
repo/vllm/multimodal/video.py:870
                pool_size = int(os.environ.get("VLLM_MEDIA_LOADING_THREAD_COUNT", 8))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #96042c985717f191 Filesystem access.
repo/vllm/platforms/__init__.py:157
    with open("/proc/cpuinfo") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #6795bc10b0dc626e Environment-variable access.
repo/vllm/platforms/cpu.py:138
        if env_key in os.environ and os.environ[env_key] != "":

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #8882e3befd24b1e3 Environment-variable access.
repo/vllm/platforms/cpu.py:139
            kv_cache_space = int(os.environ[env_key])

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #63c739b566fd5c51 Environment-variable access.
repo/vllm/platforms/cpu.py:148
            os.environ.get("VLLM_ENABLE_V1_MULTIPROCESSING", "1") == "1"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #0631ab20741e79ac Environment-variable access.
repo/vllm/platforms/cpu.py:177
            if os.environ.get("VLLM_CPU_CI_ENV", "0") != "0":

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #31df91a926f6743c Environment-variable access.
repo/vllm/platforms/cpu.py:225
        os.environ["VLLM_WORKER_MULTIPROC_METHOD"] = "spawn"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #9c681f5ecdc6ddc2 Environment-variable access.
repo/vllm/platforms/cpu.py:229
        os.environ["NUMEXPR_MAX_THREADS"] = str(get_max_threads())

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #e5eb52d16d0b615f Environment-variable access.
repo/vllm/platforms/cpu.py:232
        os.environ["TORCHINDUCTOR_COMPILE_THREADS"] = "1"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #441e65cc12da0e8b Environment-variable access.
repo/vllm/platforms/cpu.py:235
        os.environ["VLLM_DISABLE_SHARED_EXPERTS_STREAM"] = "1"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #10b0c2015ff628c3 Environment-variable access.
repo/vllm/platforms/cpu.py:238
        os.environ["TORCHINDUCTOR_CPP_DYNAMIC_THREADS"] = "1"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #c8ea45a8de1d4fd0 Environment-variable access.
repo/vllm/platforms/cpu.py:242
            os.environ["VLLM_SSM_CONV_STATE_LAYOUT"] = "SD"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #d232d3d2c1743075 Environment-variable access.
repo/vllm/platforms/cpu.py:244
        ld_preload_str = os.getenv("LD_PRELOAD", "")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #1b34ac154a986346 Environment-variable access.
repo/vllm/platforms/cpu.py:287
                os.environ["LD_PRELOAD"] = ld_preload_str

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #2921327085d78e23 Environment-variable access.
repo/vllm/platforms/cpu.py:311
                os.environ["LD_PRELOAD"] = ld_preload_str

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #68870cacf181ec51 Environment-variable access.
repo/vllm/platforms/cpu.py:313
        os.environ["LOCAL_WORLD_SIZE"] = str(

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #3b5b5d00f334d509 Filesystem access.
repo/vllm/platforms/cpu.py:370
                        with open(path) as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #836f5462a2924958 Filesystem access.
repo/vllm/platforms/cuda.py:846
            return cpulist_file.read_text().strip() != ""

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #79436a98713f5fa7 Filesystem access.
repo/vllm/platforms/cuda.py:886
                    cpulist = cpulist_file.read_text().strip()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #56fab5992776572f Environment-variable access.
repo/vllm/platforms/cuda.py:951
                and os.environ.get("CUDA_DEVICE_ORDER") != "PCI_BUS_ID"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #7d6a9925bf93fad2 Environment-variable access.
repo/vllm/platforms/interface.py:305
            cls.device_control_env_var in os.environ

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #e1756fc495069c09 Environment-variable access.
repo/vllm/platforms/interface.py:306
            and os.environ[cls.device_control_env_var] != ""

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #273d456f3ea79a67 Environment-variable access.
repo/vllm/platforms/interface.py:308
            device_ids = os.environ[cls.device_control_env_var].split(",")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #50a720dac422df4c Environment-variable access.
repo/vllm/platforms/interface.py:324
        device_control_env = os.environ.get(cls.device_control_env_var, "")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #886f7fe661d630ad Environment-variable access.
repo/vllm/platforms/interface.py:349
        device_control_env = os.environ.get(cls.device_control_env_var, "")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #ef3cfde0f1d693a2 Environment-variable access.
repo/vllm/platforms/rocm.py:119
    hip_val = os.environ.get("HIP_VISIBLE_DEVICES") or None

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #bab8dc6a87ebe1d1 Environment-variable access.
repo/vllm/platforms/rocm.py:120
    cuda_val = os.environ.get("CUDA_VISIBLE_DEVICES") or None

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #2ef902dcec0a1889 Environment-variable access.
repo/vllm/platforms/rocm.py:139
        os.environ["CUDA_VISIBLE_DEVICES"] = hip_val

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #70ed22470282bb03 Environment-variable access.
repo/vllm/platforms/rocm.py:141
        os.environ["HIP_VISIBLE_DEVICES"] = cuda_val

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #8c31a86dfe77e9b9 Environment-variable access.
repo/vllm/platforms/rocm.py:342
    os.environ["HIP_ONLINE_TUNING"] = "1"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #c3f40865d2da1b49 Environment-variable access.
repo/vllm/platforms/rocm.py:396
        if os.environ.get("FLASH_ATTENTION_TRITON_AMD_ENABLE") != "TRUE":

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #2afd644c44901c1f Environment-variable access.
repo/vllm/platforms/rocm.py:859
        os.environ["VLLM_USE_TRITON_AWQ"] = "1"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #ab07346c4c0e1111 Environment-variable access.
repo/vllm/platforms/xpu.py:240
        xpu_use_triton_kernel = os.getenv("XPU_USE_TRITON_KERNEL", "0") == "1"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #5b5c00a1b1ea3f48 Environment-variable access.
repo/vllm/platforms/xpu.py:323
        os.environ["UCX_MEMTYPE_CACHE"] = "n"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #d888bcab31a826c4 Environment-variable access.
repo/vllm/platforms/xpu.py:326
        if "VLLM_WORKER_MULTIPROC_METHOD" not in os.environ:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #468f6e6e80d965b9 Environment-variable access.
repo/vllm/platforms/xpu.py:327
            os.environ["VLLM_WORKER_MULTIPROC_METHOD"] = "spawn"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #70a174d856991b2e Filesystem access.
repo/vllm/plugins/lora_resolvers/filesystem_resolver.py:34
                with open(adapter_config_path) as file:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #f4f839159a58eec6 Filesystem access.
repo/vllm/profiler/wrapper.py:258
            with open(profiler_out_file, "w") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #8502420e44fcb86d Filesystem access.
repo/vllm/ray/ray_env.py:20
        with open(RAY_NON_CARRY_OVER_ENV_VARS_FILE) as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #e82d664590ce6c08 Environment-variable access.
repo/vllm/ray/ray_env.py:90
    result |= {name for name in os.environ if any(name.startswith(p) for p in prefixes)}

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #4515d02ed072c1fd Environment-variable access.
repo/vllm/ray/ray_env.py:104
        sorted(v for v in result if v in os.environ),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #1ce633d10d07ee25 Environment-variable access.
repo/vllm/third_party/pynvml.py:2413
                            nvmlLib = CDLL(os.path.join(os.getenv("WINDIR", "C:/Windows"), "System32/nvml.dll"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #52864e3953962c38 Environment-variable access.
repo/vllm/third_party/pynvml.py:2417
                            nvmlLib = CDLL(os.path.join(os.getenv("ProgramFiles", "C:/Program Files"), "NVIDIA Corporation/NVSMI/nvml.dll"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #acc5377778de9471 Filesystem access.
repo/vllm/tokenizers/kimi_audio.py:29
    with open(vocab_file, encoding="utf-8") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #dd661ab99edab5d6 Filesystem access.
repo/vllm/tokenizers/kimi_audio.py:136
            with open(tokenizer_config, encoding="utf-8") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #571b31058c0c0c67 Environment-variable access.
repo/vllm/tracing/otel.py:74
    os.environ["OTEL_EXPORTER_OTLP_TRACES_ENDPOINT"] = otlp_traces_endpoint

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #2705a3c3e7ed80be Environment-variable access.
repo/vllm/tracing/otel.py:95
    protocol = os.environ.get(OTEL_EXPORTER_OTLP_TRACES_PROTOCOL, "grpc")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #be2e2be5d5f8b757 Environment-variable access.
repo/vllm/tracing/otel.py:115
    otlp_endpoint = os.environ.get("OTEL_EXPORTER_OTLP_TRACES_ENDPOINT")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #12c352b2b656f260 Environment-variable access.
repo/vllm/tracing/otel.py:228
    if tp := os.environ.get("traceparent", os.environ.get("TRACEPARENT")):  # noqa: SIM112

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #ac8e193597908e84 Environment-variable access.
repo/vllm/tracing/otel.py:231
    if ts := os.environ.get("tracestate", os.environ.get("TRACESTATE")):  # noqa: SIM112

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #0ba2b6da27ee329e Environment-variable access.
repo/vllm/tracing/otel.py:235
        carrier = dict(os.environ)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #61c69a3a35f07c29 Environment-variable access.
repo/vllm/tracing/otel.py:252
    original_state = {k: os.environ.get(k) for k in TRACE_HEADERS}

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #f18a531b5e8761b0 Environment-variable access.
repo/vllm/tracing/otel.py:256
        inject(os.environ)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #9c26f55fcb14fe93 Environment-variable access.
repo/vllm/tracing/otel.py:263
                os.environ.pop(key, None)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #106e2c4edb1dac9a Environment-variable access.
repo/vllm/tracing/otel.py:265
                os.environ[key] = original_value

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #b626986ea768ff9a Environment-variable access.
repo/vllm/transformers_utils/config.py:772
                os.environ["VLLM_USE_DEEP_GEMM_E8M0"] = "1"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #854c62ae62c73347 Filesystem access.
repo/vllm/transformers_utils/processors/funasr.py:64
    with open(cmvn_file, encoding="utf-8") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #b11bd416bb6b551b Environment-variable access.
repo/vllm/transformers_utils/repo_utils.py:102
                    token=os.getenv("MODELSCOPE_API_TOKEN", None),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #756b703310e46f1f Filesystem access.
repo/vllm/transformers_utils/repo_utils.py:296
        with open(file_path, "rb") as file:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #e49eaec33483813d Filesystem access.
repo/vllm/transformers_utils/repo_utils.py:357
        with open(file_path) as file:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #fcfc01f3bb2d12c5 Filesystem access.
repo/vllm/transformers_utils/utils.py:63
    with open(path) as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #f42958d16ef9a609 Filesystem access.
repo/vllm/transformers_utils/utils.py:72
    with open(path) as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #876122e5158bb0bd Filesystem access.
repo/vllm/transformers_utils/utils.py:113
    with open(path, "rb") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #eeb15b4077ce0a5d Environment-variable access.
repo/vllm/triton_utils/importing.py:38
        visible_devices = os.environ.get(visible_devices_env)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #dace43a12580bf35 Filesystem access.
repo/vllm/usage/usage_lib.py:96
            file_content = path.read_text().lower()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #7cf6ee87ff53f2ef Environment-variable access.
repo/vllm/usage/usage_lib.py:106
        if os.environ.get(env_var):

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #769bd228c2d0c5b8 Filesystem access.
repo/vllm/usage/usage_lib.py:277
        with open(_USAGE_STATS_JSON_PATH, "a") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #010c30d2714dc1f0 Filesystem access.
repo/vllm/utils/argparse_utils.py:563
            with open(file_path) as config_file:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #f5b5e14a1578807f Filesystem access.
repo/vllm/utils/cpu_resource_utils.py:56
        with open(path) as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #556cbb9da3adb242 Filesystem access.
repo/vllm/utils/cpu_resource_utils.py:98
    with open(path) as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #899f32e5a82aec37 Filesystem access.
repo/vllm/utils/cpu_resource_utils.py:141
    with open(meminfo_path) as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #60853224f684ecee Environment-variable access.
repo/vllm/utils/cpu_resource_utils.py:192
        ("VLLM_CPU_SIM_MULTI_NUMA" not in os.environ)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #5e14eb1a020dbd27 Environment-variable access.
repo/vllm/utils/cpu_resource_utils.py:193
        and env_key in os.environ

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #d46d34f66b5dfe2e Environment-variable access.
repo/vllm/utils/cpu_resource_utils.py:194
        and os.environ[env_key] != ""

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #e531b728efa82a74 Environment-variable access.
repo/vllm/utils/cpu_resource_utils.py:196
        visible_nodes = [int(s) for s in os.environ[env_key].split(",")]

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #e86d313819f16254 Environment-variable access.
repo/vllm/utils/deep_gemm.py:251
    if not os.environ.get(DEEP_GEMM_JIT_CACHE_ENV_NAME, None):

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #6a23e0b4ea13f2af Environment-variable access.
repo/vllm/utils/deep_gemm.py:252
        os.environ[DEEP_GEMM_JIT_CACHE_ENV_NAME] = os.path.join(

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #2d691c288d3b0ffa Environment-variable access.
repo/vllm/utils/flashinfer.py:30
FLASHINFER_CUBINS_REPOSITORY = os.environ.get(

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #bd92b60d91e822af Environment-variable access.
repo/vllm/utils/flashinfer.py:30
FLASHINFER_CUBINS_REPOSITORY = os.environ.get(
    "FLASHINFER_CUBINS_REPOSITORY",
    "https://edge.urm.nvidia.com/artifactory/sw-kernelinferencelibrary-public-generic-local/",  # noqa: E501
)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #dee43cc2b426aa24 Environment-variable access.
repo/vllm/utils/jit_monitor.py:97
    user_val = os.environ.get("TRITON_PRINT_AUTOTUNING")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #9520eae9d6c680be Environment-variable access.
repo/vllm/utils/jit_monitor.py:519
    previous_env = os.environ.get(key)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #827d6dbb458503d9 Environment-variable access.
repo/vllm/utils/jit_monitor.py:521
    os.environ[key] = "workqueue"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #64138781d8ed024b Environment-variable access.
repo/vllm/utils/jit_monitor.py:527
            os.environ.pop(key, None)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #c04c87022cc3cdd7 Environment-variable access.
repo/vllm/utils/jit_monitor.py:529
            os.environ[key] = previous_env

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #77ee59a1741ee4b6 Environment-variable access.
repo/vllm/utils/network_utils.py:35
    if "HOST_IP" in os.environ and "VLLM_HOST_IP" not in os.environ:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #c10d46c9f2db27cd Environment-variable access.
repo/vllm/utils/network_utils.py:159
    if "VLLM_DP_MASTER_PORT" in os.environ:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #b45fb3fd9fb526f5 Filesystem access.
repo/vllm/utils/numa_utils.py:185
        with open(_PROC_CPUINFO_PATH) as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #8396a9d70ad20038 Filesystem access.
repo/vllm/utils/numa_utils.py:217
        with open(_PCT_HIGHEST_PERF_PATH) as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #d6c82e6f05bc4d4c Filesystem access.
repo/vllm/utils/numa_utils.py:299
            cpulist_raw = cpulist_path.read_text().strip()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #472a7e16fc665180 Environment-variable access.
repo/vllm/utils/numa_utils.py:563
    old_numactl_args = os.environ.get(_NUMACTL_ARGS_ENV)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #b90f98398d329e1f Environment-variable access.
repo/vllm/utils/numa_utils.py:564
    old_python_executable = os.environ.get(_NUMACTL_PYTHON_EXECUTABLE_ENV)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #ea4c1231cb1bd123 Environment-variable access.
repo/vllm/utils/numa_utils.py:565
    os.environ[_NUMACTL_ARGS_ENV] = numactl_args

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #8263eef735a09116 Environment-variable access.
repo/vllm/utils/numa_utils.py:566
    os.environ[_NUMACTL_PYTHON_EXECUTABLE_ENV] = python_executable

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #73e519b11a2521da Environment-variable access.
repo/vllm/utils/numa_utils.py:571
            os.environ.pop(_NUMACTL_ARGS_ENV, None)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #412637bf790b3224 Environment-variable access.
repo/vllm/utils/numa_utils.py:573
            os.environ[_NUMACTL_ARGS_ENV] = old_numactl_args

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #95903fda3644e7e4 Environment-variable access.
repo/vllm/utils/numa_utils.py:576
            os.environ.pop(_NUMACTL_PYTHON_EXECUTABLE_ENV, None)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #bc7f1a5ed6ed903f Environment-variable access.
repo/vllm/utils/numa_utils.py:578
            os.environ[_NUMACTL_PYTHON_EXECUTABLE_ENV] = old_python_executable

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #87f2d6ab9e92b8ff Environment-variable access.
repo/vllm/utils/ompmultiprocessing.py:36
        self.simulate_multi_node = os.environ.get("VLLM_CPU_SIM_MULTI_NUMA", "0") != "0"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #46bf3f0ba9260a99 Environment-variable access.
repo/vllm/utils/ompmultiprocessing.py:37
        ld_preload_str = os.getenv("LD_PRELOAD", "")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #de56c1d8bcc2a5ea Environment-variable access.
repo/vllm/utils/ompmultiprocessing.py:107
            old_envs_dict[k] = os.environ.get(k)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #61fd47b6bec7db8c Environment-variable access.
repo/vllm/utils/ompmultiprocessing.py:112
                os.environ[k] = v

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #3404d4c934449639 Environment-variable access.
repo/vllm/utils/ompmultiprocessing.py:118
                    os.environ.pop(k, None)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #87880944ed85d43d Environment-variable access.
repo/vllm/utils/ompmultiprocessing.py:120
                    os.environ[k] = v

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #9b5584e2665c3602 Environment-variable access.
repo/vllm/utils/system_utils.py:37
        if k in os.environ and os.environ[k] != v:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #b8a9fcbdafc3274e Environment-variable access.
repo/vllm/utils/system_utils.py:41
                os.environ[k],

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #8fcadeb910a22195 Environment-variable access.
repo/vllm/utils/system_utils.py:44
        os.environ[k] = v

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #ae184df75f226b4b Environment-variable access.
repo/vllm/utils/system_utils.py:50
    old = os.environ.get(key)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #d0e9a4632df317c1 Environment-variable access.
repo/vllm/utils/system_utils.py:51
    os.environ[key] = value

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #c162651de6a94b02 Environment-variable access.
repo/vllm/utils/system_utils.py:56
            os.environ.pop(key, None)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #61cd192d64c9c3e4 Environment-variable access.
repo/vllm/utils/system_utils.py:58
            os.environ[key] = old

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #b16ab61f9f5da269 Environment-variable access.
repo/vllm/utils/system_utils.py:130
    if os.environ.get("VLLM_WORKER_MULTIPROC_METHOD") == "spawn":

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #1256a1551a5034d3 Environment-variable access.
repo/vllm/utils/system_utils.py:140
        os.environ["RAY_ADDRESS"] = ray.get_runtime_context().gcs_address

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #176846dda7fe4a06 Environment-variable access.
repo/vllm/utils/system_utils.py:165
        os.environ["VLLM_WORKER_MULTIPROC_METHOD"] = "spawn"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #c69250bc2269b91f Filesystem access.
repo/vllm/utils/system_utils.py:323
    with open("/proc/self/maps") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #32c3c174fa0ba920 Environment-variable access.
repo/vllm/utils/torch_utils.py:165
            num_threads = int(os.environ["OMP_NUM_THREADS"])

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #fe07492e53e8fe0c Environment-variable access.
repo/vllm/utils/torch_utils.py:195
    old_value = os.environ.get("CUDA_VISIBLE_DEVICES")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #40a3c0fd275e5eba Environment-variable access.
repo/vllm/utils/torch_utils.py:196
    os.environ["CUDA_VISIBLE_DEVICES"] = ""

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #20d7f814d1978160 Environment-variable access.
repo/vllm/utils/torch_utils.py:207
            del os.environ["CUDA_VISIBLE_DEVICES"]

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #a8106a2a832da403 Environment-variable access.
repo/vllm/utils/torch_utils.py:209
            os.environ["CUDA_VISIBLE_DEVICES"] = old_value

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #ee7692132c8f2e80 Filesystem access.
repo/vllm/v1/attention/backends/cpu_attn.py:457
        with open("/proc/cpuinfo") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #3641b9093cffe53c Environment-variable access.
repo/vllm/v1/attention/backends/mla/cutlass_mla.py:163
        force_num_kv_splits = os.environ.get("FORCE_NUM_KV_SPLITS", None)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #4a05502bba0a5f55 Environment-variable access.
repo/vllm/v1/core/kv_cache_utils.py:102
    hash_seed = os.getenv("PYTHONHASHSEED")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #8611f3dca0ce1d0b Environment-variable access.
repo/vllm/v1/engine/core.py:2237
        os.environ.setdefault(

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #0518c55ef4e3bf19 Environment-variable access.
repo/vllm/v1/engine/core.py:2274
                f'base value: "{os.getenv(device_control_env_var)}"'

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #6a6c7e45369e95a4 Environment-variable access.
repo/vllm/v1/engine/utils.py:354
            f'"{os.getenv(device_control_env_var)}"'

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #28aa6202f8b32cf8 Environment-variable access.
repo/vllm/v1/engine/utils.py:411
            name: os.environ[name] for name in env_vars_list if name in os.environ

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #658f6242d70211c8 Environment-variable access.
repo/vllm/v1/executor/multiproc_executor.py:1066
            "OMP_NUM_THREADS" not in os.environ

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #a9ba944d8e73128b Environment-variable access.
repo/vllm/v1/executor/multiproc_executor.py:1077
            os.environ["OMP_NUM_THREADS"] = str(default_omp_num_threads)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #c62b049d7a040ff9 Environment-variable access.
repo/vllm/v1/executor/ray_env_utils.py:18
    return {key: value for key, value in os.environ.items() if key not in exclude_vars}

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #6b5760b219e04343 Environment-variable access.
repo/vllm/v1/executor/ray_executor.py:75
            os.environ["VLLM_USE_RAY_COMPILED_DAG_CHANNEL_TYPE"] = "shm"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #9ad3688ae0046102 Environment-variable access.
repo/vllm/v1/executor/ray_executor.py:82
        ray_usage = os.environ.get("RAY_USAGE_STATS_ENABLED", "0")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #8449764fd6997539 Environment-variable access.
repo/vllm/v1/executor/ray_executor.py:84
            os.environ["RAY_USAGE_STATS_ENABLED"] = "0"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #7174189f602c4ad8 Environment-variable access.
repo/vllm/v1/executor/ray_executor.py:320
                if name in os.environ:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #d71032dc04f5f9a2 Environment-variable access.
repo/vllm/v1/executor/ray_executor.py:321
                    args[name] = os.environ[name]

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #83bdeaef4978eec1 Environment-variable access.
repo/vllm/v1/executor/ray_executor.py:537
        os.environ.setdefault("RAY_CGRAPH_get_timeout", "300")  # noqa: SIM112

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #7b92730c6eb1ea36 Environment-variable access.
repo/vllm/v1/executor/ray_executor.py:542
            os.environ["RAY_CGRAPH_get_timeout"],  # noqa: SIM112

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #4ee8b962234eaefb Environment-variable access.
repo/vllm/v1/executor/ray_executor_v2.py:155
                os.environ.setdefault(key, value)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #c212e78bd5290f54 Environment-variable access.
repo/vllm/v1/executor/ray_executor_v2.py:157
            os.environ[key] = value

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #567bd35b80b9a041 Environment-variable access.
repo/vllm/v1/executor/ray_utils.py:180
            os.environ.update(vars)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #0ce4408bfe515b1d Environment-variable access.
repo/vllm/v1/executor/ray_utils.py:552
    if os.environ.get("RAY_USAGE_STATS_ENABLED", "0") != "1":

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #bba188a38d8b846f Environment-variable access.
repo/vllm/v1/executor/ray_utils.py:553
        os.environ["RAY_USAGE_STATS_ENABLED"] = "0"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #980fcf549d75bd20 Environment-variable access.
repo/vllm/v1/executor/uniproc_executor.py:184
        rank = int(os.environ["RANK"])

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #b96100ab4b15f37f Environment-variable access.
repo/vllm/v1/executor/uniproc_executor.py:185
        local_rank = int(os.environ["LOCAL_RANK"])

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #3273964e15ac879a Environment-variable access.
repo/vllm/v1/executor/vllm_net_devices.py:177
        existing = os.environ.get(var_name, "").strip()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #b53dc46175bb19fc Environment-variable access.
repo/vllm/v1/executor/vllm_net_devices.py:180
        os.environ[var_name] = value

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #90896e4e87fe72f4 Filesystem access.
repo/vllm/v1/kv_offload/tiering/fs/manager.py:161
            with open(config_path, "w") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #bfdd1d6900aefee1 Environment-variable access.
repo/vllm/v1/metrics/prometheus.py:21
    if "PROMETHEUS_MULTIPROC_DIR" not in os.environ:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #3a31cad37e68d95d Environment-variable access.
repo/vllm/v1/metrics/prometheus.py:26
        os.environ["PROMETHEUS_MULTIPROC_DIR"] = _prometheus_multiproc_dir.name

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #9606a357609640f6 Environment-variable access.
repo/vllm/v1/metrics/prometheus.py:46
    if os.getenv("PROMETHEUS_MULTIPROC_DIR") is not None:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #8ecb16cd946e8cfd Environment-variable access.
repo/vllm/v1/structured_output/backend_guidance.py:121
            log_level=int(os.environ.get("LLGUIDANCE_LOG_LEVEL", "1")),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #0315c73c56ed3d54 Environment-variable access.
repo/vllm/v1/structured_output/utils.py:196
    outlines_cache_dir = os.getenv("OUTLINES_CACHE_DIR")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #3bdfc02b571f5e00 Environment-variable access.
repo/vllm/v1/structured_output/utils.py:197
    xdg_cache_home = os.getenv("XDG_CACHE_HOME")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #fa29ae17eed0fcbf Environment-variable access.
repo/vllm/v1/worker/cpu_worker.py:125
            ld_preload_list = os.environ.get("LD_PRELOAD", "")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #5843896fce352868 Environment-variable access.
repo/vllm/v1/worker/cpu_worker.py:161
        os.environ["VLLM_DIST_IDENT"] = self.distributed_init_method.split(":")[-1]

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #952029126d4e6f9c Environment-variable access.
repo/vllm/v1/worker/gpu_worker.py:281
        conf = os.environ.get("PYTORCH_CUDA_ALLOC_CONF", "")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #d18058e4e1266a58 Environment-variable access.
repo/vllm/v1/worker/gpu_worker.py:300
            os.environ.pop("NCCL_ASYNC_ERROR_HANDLING", None)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #08f3d6543f07bb65 Filesystem access.
repo/vllm/v1/worker/startup_plan.py:91
        with open(path) as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #6c6c24bcc50cb545 Filesystem access.
repo/vllm/v1/worker/startup_plan.py:186
        with open(tmp, "w") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #b0ce0edac14bf5e3 Environment-variable access.
repo/vllm/v1/worker/xpu_worker.py:87
        ENV_CCL_ATL_TRANSPORT = os.getenv("CCL_ATL_TRANSPORT", "ofi")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #485ea32d2fb28617 Environment-variable access.
repo/vllm/v1/worker/xpu_worker.py:88
        ENV_LOCAL_WORLD_SIZE = os.getenv(
            "LOCAL_WORLD_SIZE", str(self.parallel_config.world_size)
        )

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #1f78f6460b9f9324 Environment-variable access.
repo/vllm/v1/worker/xpu_worker.py:91
        os.environ["CCL_ATL_TRANSPORT"] = ENV_CCL_ATL_TRANSPORT

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #8df3571b82c432d7 Environment-variable access.
repo/vllm/v1/worker/xpu_worker.py:92
        os.environ["LOCAL_WORLD_SIZE"] = ENV_LOCAL_WORLD_SIZE

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #cfb12263db5bb9fa Environment-variable access.
repo/vllm/v1/worker/xpu_worker.py:93
        os.environ["LOCAL_RANK"] = str(self.local_rank)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

first-party (python): examples/features/structured_outputs

python first-party
expand_more 1 low-confidence finding(s)
low env_fs test-only #52345ab5cc85e5d2 Environment-variable access.
repo/examples/features/structured_outputs/structured_outputs_client.py:224
    base_url = os.getenv("OPENAI_BASE_URL", "http://localhost:8000/v1")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

</> Dependencies

openai

python dependency
high pii_flow dependency Excluded from app score #f273786123842bfd User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
pkgs/python/[email protected]/src/openai/lib/azure.py:249 · flow /tmp/closeopen-bm5vdfjm/pkgs/python/[email protected]/src/openai/lib/azure.py:213 → /tmp/closeopen-bm5vdfjm/pkgs/python/[email protected]/src/openai/lib/azure.py:249
        self._azure_endpoint = httpx.URL(azure_endpoint) if azure_endpoint else None

User/PII-bearing data flows to an external sink — the classic data-exfiltration shape.

Fix: Confirm no user identifiers reach this sink; redact/hash before sending, or remove the flow.

high pii_flow dependency Excluded from app score #7b41de3e7e4d11e9 User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
pkgs/python/[email protected]/src/openai/lib/azure.py:523 · flow /tmp/closeopen-bm5vdfjm/pkgs/python/[email protected]/src/openai/lib/azure.py:487 → /tmp/closeopen-bm5vdfjm/pkgs/python/[email protected]/src/openai/lib/azure.py:523
        self._azure_endpoint = httpx.URL(azure_endpoint) if azure_endpoint else None

User/PII-bearing data flows to an external sink — the classic data-exfiltration shape.

Fix: Confirm no user identifiers reach this sink; redact/hash before sending, or remove the flow.

expand_more 53 low-confidence finding(s)
low env_fs tooling reachable #cd30063753609bc4 Environment-variable access.
pkgs/python/[email protected]/examples/realtime/azure_realtime.py:25
        azure_endpoint=os.environ["AZURE_OPENAI_ENDPOINT"],

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling Excluded from app score unreachable #a5470d58ded50446 Filesystem access.
pkgs/python/[email protected]/examples/uploads.py:30
    data = file.read_bytes()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #d76db3ed42ac9afd Environment-variable access.
pkgs/python/[email protected]/src/openai/__init__.py:137
api_type: _ApiType | None = _t.cast(_ApiType, _os.environ.get("OPENAI_API_TYPE"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #1f2d577ec3fb9417 Environment-variable access.
pkgs/python/[email protected]/src/openai/__init__.py:139
api_version: str | None = _os.environ.get("OPENAI_API_VERSION")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #d8ed4df80bdfb8b0 Environment-variable access.
pkgs/python/[email protected]/src/openai/__init__.py:141
azure_endpoint: str | None = _os.environ.get("AZURE_OPENAI_ENDPOINT")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #3e6e2e855fd09a75 Environment-variable access.
pkgs/python/[email protected]/src/openai/__init__.py:143
azure_ad_token: str | None = _os.environ.get("AZURE_OPENAI_AD_TOKEN")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #74740bbf94f69ffd Environment-variable access.
pkgs/python/[email protected]/src/openai/__init__.py:265
    return _os.environ.get("OPENAI_API_KEY") is not None

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #0847bb7c7314d79e Environment-variable access.
pkgs/python/[email protected]/src/openai/__init__.py:269
    return azure_endpoint is not None or _os.environ.get("AZURE_OPENAI_API_KEY") is not None

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #555d8dc250467a26 Environment-variable access.
pkgs/python/[email protected]/src/openai/__init__.py:274
        _os.environ.get("AZURE_OPENAI_AD_TOKEN") is not None

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #5856c3d8fdad4ad1 Environment-variable access.
pkgs/python/[email protected]/src/openai/__init__.py:290
            azure_endpoint = _os.environ.get("AZURE_OPENAI_ENDPOINT")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #08e4f275f9c4f0f5 Environment-variable access.
pkgs/python/[email protected]/src/openai/__init__.py:293
            azure_ad_token = _os.environ.get("AZURE_OPENAI_AD_TOKEN")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #50407bb61afc9285 Environment-variable access.
pkgs/python/[email protected]/src/openai/__init__.py:296
            api_version = _os.environ.get("OPENAI_API_VERSION")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #2af9ee7866327869 Environment-variable access.
pkgs/python/[email protected]/src/openai/__init__.py:306
            if (azure_ad_token is not None or azure_ad_token_provider is not None) and _os.environ.get(

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #5fc5ace1e6726c84 Environment-variable access.
pkgs/python/[email protected]/src/openai/__init__.py:306
            if (azure_ad_token is not None or azure_ad_token_provider is not None) and _os.environ.get(
                "AZURE_OPENAI_API_KEY"
            ) is not None:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #79ab562fdc33e322 Environment-variable access.
pkgs/python/[email protected]/src/openai/_client.py:122
            api_key = os.environ.get("OPENAI_API_KEY")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #b333593f37e169bf Environment-variable access.
pkgs/python/[email protected]/src/openai/_client.py:130
            organization = os.environ.get("OPENAI_ORG_ID")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #a153112713f7d194 Environment-variable access.
pkgs/python/[email protected]/src/openai/_client.py:134
            project = os.environ.get("OPENAI_PROJECT_ID")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #e59356c12450537a Environment-variable access.
pkgs/python/[email protected]/src/openai/_client.py:140
            base_url = os.environ.get("OPENAI_BASE_URL")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #dfbfff8173e29090 Environment-variable access.
pkgs/python/[email protected]/src/openai/_client.py:417
            api_key = os.environ.get("OPENAI_API_KEY")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #93d585df0c2f7f52 Environment-variable access.
pkgs/python/[email protected]/src/openai/_client.py:425
            organization = os.environ.get("OPENAI_ORG_ID")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #f3630dcfe7954084 Environment-variable access.
pkgs/python/[email protected]/src/openai/_client.py:429
            project = os.environ.get("OPENAI_PROJECT_ID")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #f7be9bdb487ffe8c Environment-variable access.
pkgs/python/[email protected]/src/openai/_client.py:435
            base_url = os.environ.get("OPENAI_BASE_URL")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #08adb78876b1a9bf Filesystem access.
pkgs/python/[email protected]/src/openai/_files.py:67
            return (path.name, path.read_bytes())

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #6090af788094c1fb Filesystem access.
pkgs/python/[email protected]/src/openai/_files.py:79
        return pathlib.Path(file).read_bytes()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #b2696fc6eb207ec4 Filesystem access.
pkgs/python/[email protected]/src/openai/_files.py:109
            return (path.name, await path.read_bytes())

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #79fe383a24b0a787 Filesystem access.
pkgs/python/[email protected]/src/openai/_files.py:121
        return await anyio.Path(file).read_bytes()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #c9c2e1b11d956d2c Filesystem access.
pkgs/python/[email protected]/src/openai/_legacy_response.py:438
        with open(file, mode="wb") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #c6fd79e41610bd3b Filesystem access.
pkgs/python/[email protected]/src/openai/_legacy_response.py:451
        with open(file, mode="wb") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #cb9c7b792271f92b Environment-variable access.
pkgs/python/[email protected]/src/openai/_models.py:88
            extra="allow", defer_build=coerce_boolean(os.environ.get("DEFER_PYDANTIC_BUILD", "true"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #f734cbe9b39af6f6 Filesystem access.
pkgs/python/[email protected]/src/openai/_response.py:510
        with open(file, mode="wb") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #2a8bb5a79f20ea0d Filesystem access.
pkgs/python/[email protected]/src/openai/_response.py:552
        with open(file, mode="wb") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #fc953750ced346c3 Environment-variable access.
pkgs/python/[email protected]/src/openai/_utils/_logs.py:23
    env = os.environ.get("OPENAI_LOG")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #a5e02740edb44542 Filesystem access.
pkgs/python/[email protected]/src/openai/_utils/_transform.py:242
            binary = data.read_bytes()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #06c459819957ff95 Filesystem access.
pkgs/python/[email protected]/src/openai/_utils/_transform.py:404
            binary = await anyio.Path(data).read_bytes()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #a12425bed75aeb99 Filesystem access.
pkgs/python/[email protected]/src/openai/_utils/_utils.py:372
    contents = Path(path).read_bytes()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #01586e133e62eeb5 Filesystem access.
pkgs/python/[email protected]/src/openai/cli/_api/audio.py:67
        with open(args.file, "rb") as file_reader:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #2b571287563944ba Filesystem access.
pkgs/python/[email protected]/src/openai/cli/_api/audio.py:90
        with open(args.file, "rb") as file_reader:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #e45c0f3cd2a02d9e Filesystem access.
pkgs/python/[email protected]/src/openai/cli/_api/files.py:55
        with open(args.file, "rb") as file_reader:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #cce476fcc07e7273 Filesystem access.
pkgs/python/[email protected]/src/openai/cli/_api/image.py:103
        with open(args.image, "rb") as file_reader:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #760568b4c03dd5e5 Filesystem access.
pkgs/python/[email protected]/src/openai/cli/_api/image.py:119
        with open(args.image, "rb") as file_reader:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #dc223b76014fde7d Filesystem access.
pkgs/python/[email protected]/src/openai/cli/_api/image.py:125
            with open(args.mask, "rb") as file_reader:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #7cadd1593864c7af Environment-variable access.
pkgs/python/[email protected]/src/openai/cli/_tools/migrate.py:68
    xdg = os.environ.get("XDG_CACHE_HOME")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #7747c6bf7b2e4f5a Environment-variable access.
pkgs/python/[email protected]/src/openai/cli/_tools/migrate.py:76
    if not os.environ.get("DEBUG"):

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #3adbac55ec053ffc Filesystem access.
pkgs/python/[email protected]/src/openai/cli/_tools/migrate.py:121
        with open(temp_file, "wb") as file:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #310e4edd55adb517 Filesystem access.
pkgs/python/[email protected]/src/openai/lib/_validators.py:485
                with open(fname, "r") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #d1e6a8cb5ed688f5 Environment-variable access.
pkgs/python/[email protected]/src/openai/lib/azure.py:188
            api_key = os.environ.get("AZURE_OPENAI_API_KEY")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #19efc3525fd61fa4 Environment-variable access.
pkgs/python/[email protected]/src/openai/lib/azure.py:191
            azure_ad_token = os.environ.get("AZURE_OPENAI_AD_TOKEN")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #081426763ef75555 Environment-variable access.
pkgs/python/[email protected]/src/openai/lib/azure.py:199
            api_version = os.environ.get("OPENAI_API_VERSION")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #b3927fc5c591ed61 Environment-variable access.
pkgs/python/[email protected]/src/openai/lib/azure.py:213
                azure_endpoint = os.environ.get("AZURE_OPENAI_ENDPOINT")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #b885a0e220ffe87e Environment-variable access.
pkgs/python/[email protected]/src/openai/lib/azure.py:462
            api_key = os.environ.get("AZURE_OPENAI_API_KEY")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #96d4c927f2b4f790 Environment-variable access.
pkgs/python/[email protected]/src/openai/lib/azure.py:465
            azure_ad_token = os.environ.get("AZURE_OPENAI_AD_TOKEN")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #1b9942430d89893f Environment-variable access.
pkgs/python/[email protected]/src/openai/lib/azure.py:473
            api_version = os.environ.get("OPENAI_API_VERSION")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #3f9c0f6dcfe249ca Environment-variable access.
pkgs/python/[email protected]/src/openai/lib/azure.py:487
                azure_endpoint = os.environ.get("AZURE_OPENAI_ENDPOINT")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

pydantic

python dependency
expand_more 10 low-confidence finding(s)
low env_fs dependency Excluded from app score #3aa22656599386a4 Environment-variable access.
pkgs/python/[email protected]/pydantic/_internal/_core_utils.py:113
    if os.getenv('PYDANTIC_VALIDATE_CORE_SCHEMAS'):

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #98f09c45e372f0d9 Filesystem access.
pkgs/python/[email protected]/pydantic/deprecated/parse.py:71
    b = path.read_bytes()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #f909fc94ae042a1e Environment-variable access.
pkgs/python/[email protected]/pydantic/json_schema.py:321
                if os.getenv('PYDANTIC_PRIVATE_ALLOW_UNHANDLED_SCHEMA_TYPES'):

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #b9fd2bfd88b61b77 Filesystem access.
pkgs/python/[email protected]/pydantic/mypy.py:1379
    with open(config_file, 'rb') as rf:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #322f9978a9bb986a Environment-variable access.
pkgs/python/[email protected]/pydantic/plugin/_loader.py:27
    disabled_plugins = os.getenv('PYDANTIC_DISABLE_PLUGINS')

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #a8cbaa4c2b4d663d Environment-variable access.
pkgs/python/[email protected]/pydantic/v1/env_settings.py:173
            env_vars: Mapping[str, Optional[str]] = os.environ

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #4f7d5ae4e5401fdf Environment-variable access.
pkgs/python/[email protected]/pydantic/v1/env_settings.py:175
            env_vars = {k.lower(): v for k, v in os.environ.items()}

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #a9239b032cdca81a Filesystem access.
pkgs/python/[email protected]/pydantic/v1/env_settings.py:307
                    secret_value = path.read_text().strip()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #bd436b7f7f47a3a6 Filesystem access.
pkgs/python/[email protected]/pydantic/v1/mypy.py:948
    with open(config_file, read_mode) as rf:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #3ff9a3fbe8134bb9 Filesystem access.
pkgs/python/[email protected]/pydantic/v1/parse.py:57
    b = path.read_bytes()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.