Scan codebase for SQL injection, XSS, exposed secrets, missing input validation, IDOR, rate-limit gaps. Per-finding: severity, location, danger, fix.
Discovered on Twitter via @eng_khairallah1