You are viewing a Sample Report for OWASP Juice Shop. Ready to see your own code's health?
bkimminich/juice-shop
Executive Overview
System Health
42/100
Critical Attention Needed
Total Remediation Cost
167.6 eng-days
Estimated cost: ~$67,000 USD
Monthly Velocity Loss
25%
Development time lost to tech debt maintenance
AI Diagnostic SummaryGPT-4o
Automatically generated from static analysis data
The OWASP Juice Shop codebase exhibits clear indicators of a monolithic architecture pattern that is creating severe delivery bottlenecks. Core business logic is densely coupled across authentication, payment, and product modules — meaning a single change in one area cascades unpredictably into others. This structure adds an estimated 167 engineering-days of remediation overhead and is the primary driver behind the project's low health score.
Of particular concern is the extremely high cyclomatic complexity in the routes/login.ts and lib/insecurity.ts modules. These files handle authentication and security operations with deeply nested conditional branches, making them both a critical security risk and a maintenance nightmare. Any patch to these modules carries a high probability of introducing regressions. Immediate refactoring — starting with extracting pure functions and adding comprehensive test coverage — is strongly recommended.
Critical Hotspots
| File | Risk | Complexity | Issue | Actions |
|---|---|---|---|---|
| routes/login.ts | High | 85 | Spaghetti Code & Security Risk | |
| lib/insecurity.ts | High | 72 | God Object | |
| frontend/src/app.module.ts | Medium | 45 | Outdated Dependencies |
This is just a sample. What does your codebase look like?
Get a full AI-powered audit of your own repository in under 60 seconds. Subscribe for $15/month. Unlimited scans, cancel whenever you want. Backed by our 14-Day Money-Back Guarantee.
Scan Your Repository Now