A
92/100 First Seen
Feb 18, 2026
Last Scanned
Feb 20, 2026
Findings
1
Score
92/100
MEDIUM 1
Findings (1)
MEDIUM
Kubernetes service discovery
L156 Detects Kubernetes internal service URLs and secret paths
kubernetes.default.svc FIX
Validate and sanitize all user-provided URLs before making server-side requests. Resolve DNS and verify the IP is not in a private range before connecting.
FP?
Likely FP if the URL fetch is for a well-known public API endpoint that is hardcoded (not user-controlled) in the tool configuration.