Sample output · Fictional data only · No real code was analyzed

Sample report

Clipboard.ai — Launch Passport Report

Generated: June 2026

Report scope and disclaimer

This report was generated from fictional source code for demonstration purposes. Clipboard.ai is not a real company and no real product was analyzed.

This is a sample report generated from fictional data. No real code or product was analyzed.

Readiness score

62 / 100

Risk tier

Medium

Evidence confidence

74%

Top findings

CRITICALExposed .env credentials in git history

Scanner: Gitleaks · File: .env · Line: 1 · API keys are recoverable from commit history.

HIGHNo authentication rate limiting on /api/login

Scanner: Semgrep · Missing request throttling creates predictable brute-force risk.

MEDIUMMissing CORS policy — all origins accepted

Static analysis · Global allowlist fallback to "*" increases data exposure risk.

Claim matrix

ClaimStatusEvidence
Uses JWT authentication✅ Supportedauth.ts:47
No third-party data sharing❌ UnsupportedNo privacy policy found
GDPR compliant⚠️ Insufficient evidenceNo DPIA / process controls located

Artifact coverage

4 of 7 expected files present (missing: privacy policy, SECURITY.md, deployment docs)

Safe-fix prompts

Add rate limiting: `npm install express-rate-limit` → add to /api/login
Rotate leaked credentials immediately, add `.env` to `.gitignore`

Unknowns register

Ready to scan your real app?

Run a real review with your codebase, scan findings, and get a complete Launch Passport.

Run your scan →