Sample scan
This is a public example of the type of output HZSec produces: clear findings, severity, and a concrete next step.
A token-looking value appears in config.ts and should be moved to an environment variable.
A route accepts unauthenticated requests and should be gated or rate limited.
The remediation notes can be improved with a short playbook for the owning team.
A sample scan reduces uncertainty and helps users understand the value before they download.