Path traversal sequencesmediuminfiniflow-ragflow-8b065d3/.agents/skills/go-naming/SKILL.md
'../' present in content or name
External endpoints declaredlowinfiniflow-ragflow-8b065d3/.github/ISSUE_TEMPLATE/agent_scenario_request.yml
1 distinct host(s)
Suspicious network referencesmediuminfiniflow-ragflow-8b065d3/.github/copilot-instructions.md
raw IP URL (1 URLs)
Egress to a private/loopback hosthighinfiniflow-ragflow-8b065d3/.github/copilot-instructions.md
127.0.0.1
Broad capability surfacelowinfiniflow-ragflow-8b065d3/.github/workflows/release.yml
3 high-impact capability categories referenced — verify least-privilege
External endpoints declaredlowinfiniflow-ragflow-8b065d3/.github/workflows/release.yml
2 distinct host(s)
Internal host / private infrastructure referencemediuminfiniflow-ragflow-8b065d3/.github/workflows/sep-tests.yml
shipped content references a private IP range or internal-only host
External endpoints declaredlowinfiniflow-ragflow-8b065d3/.github/workflows/sep-tests.yml
3 distinct host(s)
External endpoints declaredlowinfiniflow-ragflow-8b065d3/.gitignore
7 distinct host(s)
Suspicious code patternshighinfiniflow-ragflow-8b065d3/Dockerfile
destructive rm -rf /; pipe-to-shell install
External endpoints declaredlowinfiniflow-ragflow-8b065d3/Dockerfile
9 distinct host(s)
Suspicious code patternshighinfiniflow-ragflow-8b065d3/Dockerfile.scratch.oc9
pipe-to-shell install
Suspicious code patternshighinfiniflow-ragflow-8b065d3/Dockerfile_deepdoc_oss
destructive rm -rf /
External endpoints declaredlowinfiniflow-ragflow-8b065d3/Dockerfile_deepdoc_oss
4 distinct host(s)
External endpoints declaredmediuminfiniflow-ragflow-8b065d3/README.md
15 distinct host(s)
Suspicious network referenceslowinfiniflow-ragflow-8b065d3/README_tzh.md
suspicious TLD (68 URLs)
External endpoints declaredmediuminfiniflow-ragflow-8b065d3/README_tzh.md
17 distinct host(s)
Suspicious code patternsmediuminfiniflow-ragflow-8b065d3/SECURITY.md
pickle deserialization
Potentially unbounded loopmediuminfiniflow-ragflow-8b065d3/admin/client/ragflow_cli.py
an infinite loop (while True / while(1) / for(;;)) may cause runaway consumption
Suspicious network referenceslowinfiniflow-ragflow-8b065d3/agent/sandbox/executor_manager/Dockerfile
suspicious TLD (4 URLs)
Suspicious code patternsmediuminfiniflow-ragflow-8b065d3/agent/sandbox/executor_manager/services/execution.py
dynamic code execution
Suspicious code patternsmediuminfiniflow-ragflow-8b065d3/agent/sandbox/executor_manager/services/security.py
child_process exec; dynamic code execution
Suspicious code patternsmediuminfiniflow-ragflow-8b065d3/agent/sandbox/providers/local.py
OS command execution
Suspicious network referenceslowinfiniflow-ragflow-8b065d3/agent/sandbox/pyproject.toml
suspicious TLD (1 URLs)
Suspicious network referenceslowinfiniflow-ragflow-8b065d3/agent/sandbox/sandbox_base_image/python/Dockerfile
suspicious TLD (3 URLs)
External endpoints declaredlowinfiniflow-ragflow-8b065d3/agent/sandbox/sandbox_spec.md
8 distinct host(s)
Suspicious code patternsmediuminfiniflow-ragflow-8b065d3/agent/sandbox/tests/sandbox_security_tests_full.py
OS command execution; dynamic code execution
Possible obfuscationmediuminfiniflow-ragflow-8b065d3/agent/templates/advanced_ingestion_pipeline.json
very long lines
Possible obfuscationmediuminfiniflow-ragflow-8b065d3/agent/templates/text2sql_data_expert.json
large base64 blob
Zero-width characterslowinfiniflow-ragflow-8b065d3/agent/templates/trip_planner.json
9 hidden characters
External endpoints declaredlowinfiniflow-ragflow-8b065d3/api/channels/whatsapp/gateway-node/package-lock.json
6 distinct host(s)
Suspicious code patternsmediuminfiniflow-ragflow-8b065d3/api/db/services/compilation_template_service.py
unsafe yaml.load
Prompt-injection phrasinghighexpected for this capabilityinfiniflow-ragflow-8b065d3/common/data_source/rest_api_connector.py
instruction-subversion language detected
Suspicious network referencesmediuminfiniflow-ragflow-8b065d3/common/data_source/webdav_connector.py
raw IP URL (2 URLs)
Egress to a private/loopback hosthighinfiniflow-ragflow-8b065d3/common/data_source/webdav_connector.py
172.17.0.1
Broad capability surfacelowinfiniflow-ragflow-8b065d3/common/settings.py
4 high-impact capability categories referenced — verify least-privilege
Suspicious network referenceslowinfiniflow-ragflow-8b065d3/conf/llm_factories.json
suspicious TLD (22 URLs)
External endpoints declaredmediuminfiniflow-ragflow-8b065d3/conf/llm_factories.json
22 distinct host(s)
Suspicious network referenceslowinfiniflow-ragflow-8b065d3/conf/models/astraflow.json
suspicious TLD (2 URLs)
Suspicious network referencesmediuminfiniflow-ragflow-8b065d3/docker/README.md
raw IP URL (5 URLs)
External endpoints declaredlowinfiniflow-ragflow-8b065d3/docker/README.md
5 distinct host(s)
Suspicious network referencesmediuminfiniflow-ragflow-8b065d3/docker/docker-compose.yml
raw IP URL (6 URLs)
Suspicious network referencesmediuminfiniflow-ragflow-8b065d3/docker/entrypoint.sh
raw IP URL, suspicious TLD (3 URLs)
Suspicious network referencesmediuminfiniflow-ragflow-8b065d3/docker/nginx/ragflow.conf.golang
raw IP URL (3 URLs)
Suspicious network referencesmediuminfiniflow-ragflow-8b065d3/docker/nginx/ragflow.conf.hybrid
raw IP URL (12 URLs)
Suspicious network referencesmediuminfiniflow-ragflow-8b065d3/docs/administrator/configurations/configurations.md
raw IP URL (23 URLs)
Suspicious network referencesmediuminfiniflow-ragflow-8b065d3/docs/develop/mcp/launch_mcp_server.md
raw IP URL (18 URLs)
Egress to a private/loopback hosthighinfiniflow-ragflow-8b065d3/docs/develop/mcp/launch_mcp_server.md
127.0.0.1, 0.0.0.0, 172.19.0.6
Suspicious network referencesmediuminfiniflow-ragflow-8b065d3/docs/develop/mcp/mcp_client_example.md
raw IP URL (14 URLs)
Suspicious network referencesmediuminfiniflow-ragflow-8b065d3/docs/faq.mdx
raw IP URL (41 URLs)
Suspicious network referencesmediuminfiniflow-ragflow-8b065d3/docs/guides/models/deploy_local_llm.mdx
raw IP URL (29 URLs)
Egress to a private/loopback hosthighinfiniflow-ragflow-8b065d3/docs/guides/models/deploy_local_llm.mdx
0.0.0.0
External endpoints declaredlowinfiniflow-ragflow-8b065d3/docs/guides/models/deploy_local_llm.mdx
10 distinct host(s)
Suspicious network referenceslowinfiniflow-ragflow-8b065d3/docs/guides/models/supported_models.mdx
suspicious TLD (56 URLs)
External endpoints declaredmediuminfiniflow-ragflow-8b065d3/docs/guides/models/supported_models.mdx
55 distinct host(s)
Suspicious network referencesmediuminfiniflow-ragflow-8b065d3/internal/agent/component/invoke_test.go
raw IP URL (11 URLs)
Egress to a private/loopback hosthighinfiniflow-ragflow-8b065d3/internal/agent/component/invoke_test.go
169.254.169.254, 127.0.0.1
Embedded credentialshighexpected for this capabilityinfiniflow-ragflow-8b065d3/internal/agent/tool/exesql_trino_test.go
found: credentials in URL, hardcoded credential
Suspicious network referencesmediuminfiniflow-ragflow-8b065d3/internal/agent/tool/keenable_test.go
raw IP URL (21 URLs)
Egress to a private/loopback hosthighinfiniflow-ragflow-8b065d3/internal/agent/tool/keenable_test.go
127.0.0.1, [::1]
External endpoints declaredmediuminfiniflow-ragflow-8b065d3/internal/agent/tool/keenable_test.go
12 distinct host(s)
Suspicious network referencesmediuminfiniflow-ragflow-8b065d3/internal/agent/tool/ssrf_test.go
raw IP URL (32 URLs)
Egress to a private/loopback hosthighinfiniflow-ragflow-8b065d3/internal/agent/tool/ssrf_test.go
127.0.0.1, [::1], 0.0.0.0, [::], 10.0.0.1, 192.168.1.1, 172.16.0.1, 169.254.169.254, [fe80::1], 224.0.0.1
External endpoints declaredmediuminfiniflow-ragflow-8b065d3/internal/agent/tool/ssrf_test.go
21 distinct host(s)
Suspicious network referencesmediuminfiniflow-ragflow-8b065d3/internal/development.md
raw IP URL, suspicious TLD (8 URLs)
Egress to a private/loopback hosthighinfiniflow-ragflow-8b065d3/internal/development.md
192.168.1.96
Suspicious network referenceslowinfiniflow-ragflow-8b065d3/internal/entity/models/302ai_test.go
suspicious TLD (19 URLs)