Reporte público de escaneoRepositorio
openai/codex
Escaneado el 11 jun 2026
78
Puntuación de riesgo/ 100
Riesgo alto
Resumen
Critical quantum vulnerabilities detected across 4 locations in production code. SHA-1 is cryptographically broken and used in analytics modules for hashing operations, posing immediate integrity risks. X25519 elliptic curve cryptography in agent identity management is vulnerable to quantum attacks via Shor's algorithm, threatening future confidentiality.
Crítico
3
Alto
1
Medio
0
Bajo
0
Hallazgos principales
- CríticoSHA-1
codex-rs/analytics/src/accepted_lines.rs:7
SHA-256 or SHA3-256
Evidencia
use sha1::Digest; - CríticoSHA-1
codex-rs/analytics/src/accepted_lines.rs:86
SHA-256 or SHA3-256
Evidencia
let mut hasher = sha1::Sha1::new(); - CríticoSHA-1
codex-rs/analytics/src/reducer.rs:131
SHA-256 or SHA3-256
Evidencia
use sha1::Digest; - AltoX25519 / Curve25519
codex-rs/agent-identity/src/lib.rs:13
ML-KEM (CRYSTALS-Kyber)
Evidencia
use crypto_box::SecretKey as Curve25519SecretKey;
Escanea tu propio repositorio
Gratis. Resultados en ~90 segundos. CBOM + PDF DORA/NIS2 incluidos.