Security report for asim1417/hakeem-platform
Scanned by Merge Risk — the free A–F security grade for AI-built apps.
Merge Risk — Security Report17 July 2026
asim1417/hakeem-platform · branch main · 80 files scanned
C
Needs work
asim1417/hakeem-platform
80 files scanned·Next.js · React
Not on fire, but auth secret has a hardcoded fallback need attention before you call this shipped.
Security score75/100
Auth secret has a hardcoded fallbackHigh
`.env.example` falls back to a literal secret when the env var is missing. That default signs your sessions/tokens in any environment where the variable isn't set — and it's public in the repo. Remove the fallback and fail loudly instead.
.env.example:8
Fix it with your AI agentEvery finding, with file and line, as a prompt for Claude Code, Codex or Cursor. It starts fixing instead of hunting — and it ends by re-scanning, so “done” is proven rather than claimed.
Is your repo leaking too?
Free, unlimited, every finding. No signup, no card, and we never store your code.
Scan my repo free