Close Open Privacy Scan

bolt Snapshot: commit a2bcc5c
science engine v3
schedule 2026-07-10T13:08:08.537037+00:00

verified_user No application data leak found

No high-confidence exfiltration was found in application code.

App Privacy Score

100 /100
Low privacy risk

Low risk · 1 finding(s)

Dependency score: 98 (Low risk)

bar_chart Score Breakdown

No category deductions recorded.

list Scan Summary

0 high 0 medium 1 low
First-party packages: 0
Dependency packages: 1
Ecosystem: java

swap_horiz Application data flows

No high- or medium-confidence application data-flow findings in this scan.

</> Dependencies

com.google.code.gson:gson

java dependency
expand_more 1 low-confidence finding(s)
low env_fs dependency Excluded from app score #6b514d5702238502 Environment-variable access.
pkgs/java/[email protected]/com/google/gson/internal/JavaVersion.java:29
    String javaVersion = System.getProperty("java.version");

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

Skipped dependencies

Production

  • torch prod — no sdist (wheels only)
  • androidx.core:core-ktx prod — no sources jar (404)
  • androidx.lifecycle:lifecycle-runtime-ktx prod — no sources jar (404)
  • com.github.jeziellago:compose-markdown prod — no sources jar (404)
  • androidx.activity:activity-compose prod — no sources jar (404)
  • androidx.lifecycle:lifecycle-viewmodel-compose prod — no sources jar (404)
  • androidx.compose.material3:material3 prod — no sources jar (404)
  • androidx.appcompat:appcompat prod — no sources jar (404)
  • androidx.navigation:navigation-compose prod — no sources jar (404)
  • com.google.android.material:material prod — no sources jar (404)
  • org.jetbrains.kotlinx:kotlinx-serialization-json prod — no java source in jar