# screenly/anthias — Trust Profile

Trust profile for screenly/anthias. 4 exploitable paths across 0 endpoints.

## Structure

- **Total routes:** 65
- **Public:** 0
- **Protected:** 0
- **Exploitable:** 0
- **Auth coverage:** null%

## Summary

- **Exploitable paths:** 4
- **Confirmed findings:** 27
- **Review findings:** 3

## Attack Paths (4)

###  

- **Sink:** subprocess.run()
- **Impact:** Command execution on server
- **File:** src/anthias_server/app/views.py:995

###  

- **Sink:** open()
- **Impact:** Abuse of File system access
- **File:** src/anthias_server/api/views/mixins.py:257

###  

- **Sink:** open()
- **Impact:** Abuse of File system access
- **File:** src/anthias_server/app/views.py:265

###  

- **Sink:** logger.warning()
- **Impact:** Abuse of Log injection
- **File:** src/anthias_server/api/views/mixins.py:115

## Review Items (2)

- **Possible Sensitive Field Exposure in Response** (1 locations)
- **Insecure Direct Object Reference (IDOR)** (2 locations)