Security report for royallit/lookrides
Scanned by Merge Risk — the free A–F security grade for AI-built apps.
Not on fire, but unescaped html render and 11 more need attention before you call this shipped.
`src/app/fleet/page.tsx` passes a variable to `dangerouslySetInnerHTML`. If any part of that string comes from user input, it's a cross-site scripting hole. Sanitize it (e.g. DOMPurify) or render as text.
`src/app/contact/page.tsx` passes a variable to `dangerouslySetInnerHTML`. If any part of that string comes from user input, it's a cross-site scripting hole. Sanitize it (e.g. DOMPurify) or render as text.
`src/app/routes/page.tsx` passes a variable to `dangerouslySetInnerHTML`. If any part of that string comes from user input, it's a cross-site scripting hole. Sanitize it (e.g. DOMPurify) or render as text.
Is your repo leaking too?
Free, unlimited, every finding. No signup, no card, and we never store your code.
Scan my repo free