psf/black
Public repo scorecard generated from a pinned commit using deterministic Skylos scoring. The grade comes from static analysis only, while Skylos agent runs as an optional second pass for deeper context.
Finding summary
Top findings
Untrusted deserialization via pickle.load
src/black/cache.py:80
Untrusted deserialization via pickle.load
src/blib2to3/pgen2/grammar.py:124
Untrusted deserialization via pickle.loads
src/blib2to3/pgen2/grammar.py:129
Use of os.system()
tests/data/cases/preview_long_strings__regression.py:21
Possible command injection (os.system): tainted input.
tests/data/cases/preview_long_strings__regression.py:21
Use of os.system()
tests/data/cases/preview_long_strings__regression.py:606
Possible command injection (os.system): tainted input.
tests/data/cases/preview_long_strings__regression.py:606
Use of os.system()
tests/test_black.py:1805
Use of os.system()
tests/test_black.py:1812
Cyclomatic complexity is 45 (threshold: 10). Consider splitting branches.
src/black/__init__.py:537
Cognitive complexity is 71 (threshold: 15). Consider simplifying nested logic.
src/black/__init__.py:537
Cyclomatic complexity is 68 (threshold: 10). Consider splitting branches.
src/black/__init__.py:1361
Analysis pipeline
Static analysis produced the public Judge grade on this page.
Judge can publish static-only pages. Agent analysis is an optional second pass.