Last scan: 2 hours ago
⚠️ 3 Critical Blind Spots Detected β€” High-risk code paths with insufficient security attention
3
Critical Blind Spots
↑ 2 from last week
8
Warning Areas
↓ 1 from last week
67%
Coverage Score
↓ 3% from last week
12
Over-Reviewed Files
Same as last week

πŸ—ΊοΈ Codebase Risk Heatmap

Critical Blind Spot
Needs Attention
Well Covered
Over-Reviewed

πŸ”΄ Critical Blind Spots

High-risk code with low attention

πŸ“Š Risk vs Attention Distribution

Directory
Risk Level Attention Level
Gap

πŸ”— Integration Status

πŸ™ GitHub Connected 247 PRs analyzed
πŸ”„ GitHub Actions Connected 1,284 scan runs
πŸ› Snyk Connected 89 scans this month
πŸ΄β€β˜ οΈ HackerOne Not Connected

πŸ“ˆ Attention Drift (30 days)

πŸ“‰ Auth middleware attention dropped 23% after team change
πŸ“Š New /api/v2 endpoints have 3x less coverage than /api/v1

/src/api/payments/webhook.js

Critical Blind Spot
Risk Score
0.92
Attention Score
0.18
Blind Spot Index
+0.74

Risk Factors

  • +0.25 Handles payment processing
  • +0.25 Webhook endpoint (external input)
  • +0.15 Database write operations
  • +0.15 Signature verification logic
  • +0.12 Error handling with sensitive data

Attention History

  • Feb 28 Modified (no review)
  • Feb 15 Modified (no review)
  • Jan 22 Last security review
  • Jan 10 Snyk scan (0 findings)