Replit

Security Review

5 snippets

Scan Bash Script for Insecure Practices

Check a Bash script for dangerous patterns or unsafe commands.

Review this Bash script. Find insecure command usage or practices. Script: #!/bin/bash FOLDER=$1 rm -rf $FOLDER

Validate JWT Usage in Auth Flow

Review use of JWTs for access control and storage strategy.

Review the security of this JWT usage. What’s good, what’s missing, what’s risky? Code: const token = jwt.sign({ id: user.id }, 'secret', { expiresIn: '1h' }); res.cookie('token', token);

Check for Insecure Password Storage

Review how passwords are stored and suggest secure practices.

Is this password storage safe? Suggest a secure alternative. Code: const users = []; function register(username, password) { users.push({ username, password }); }

Find XSS Vulnerability in Frontend Code

Check frontend code for potential XSS vectors and output sanitization.

Find potential XSS vulnerabilities in this code. Suggest fixes or best practices. Code: <input type="text" id="nameInput" /> <div id="greeting"></div> <script> const name = document.getElementById('nameInput').value; ...

Identify SQL Injection Risk

Detect and fix potential SQL injection in backend code.

Review this Python code for SQL injection risks. Suggest secure fixes using parameterized queries. Code: def get_user(email): query = f"SELECT * FROM users WHERE email = '{email}'" return db.execute(query)