{ "id": 12, "category": "hard", "title": "Deep Logic", "description": "A secret is embedded as a local variable inside a function.", "scan_mode": "dir", "exclude_paths": [ ".env" ], "secrets": [ { "id": "s1", "type": "github_token", "path": "crypto.py", "line": 4, "visibility": "surface" }, { "id": "s2", "type": "assignment_secret", "path": "crypto.py", "line": 4, "visibility": "deep", "requires_action": "inspect_git_history" }, { "id": "s3", "type": "github_token", "path": "crypto.py", "line": 4, "visibility": "cascading", "trigger_secret_id": "s1" } ], "conflict_map": { "s1": { "reveals": [ "s3" ], "blocks": [], "note": "Removing the inline secret reveals that the function still falls back to env var without validation" }, "s2": { "reveals": [], "blocks": [ "s3" ], "note": "Git history secret must be purged before the cascading env-var leak can be addressed" } } }