critical
suspicious.exposed_secret_literal
- Location
- references/代码示例/Node.js/APP支付/APP支付.md:25
- Finding
- File appears to expose a hardcoded API secret or token.
WeChat Pay Integration
AdvisoryAudited by Static analysis on May 11, 2026.
Overview
Detected: suspicious.exposed_secret_literal
Findings (14)
critical
suspicious.exposed_secret_literal
- Location
- references/代码示例/Node.js/JSAPI支付/JSAPI支付.md:22
- Finding
- File appears to expose a hardcoded API secret or token.
critical
suspicious.exposed_secret_literal
- Location
- references/代码示例/Node.js/Native支付/Native支付.md:16
- Finding
- File appears to expose a hardcoded API secret or token.
critical
suspicious.exposed_secret_literal
- Location
- references/代码示例/Node.js/回调处理/回调处理.md:17
- Finding
- File appears to expose a hardcoded API secret or token.
critical
suspicious.exposed_secret_literal
- Location
- references/代码示例/Node.js/小程序支付/小程序支付.md:25
- Finding
- File appears to expose a hardcoded API secret or token.
critical
suspicious.exposed_secret_literal
- Location
- references/代码示例/Node.js/退款/退款.md:16
- Finding
- File appears to expose a hardcoded API secret or token.
critical
suspicious.exposed_secret_literal
- Location
- references/代码示例/Python/APP支付/APP支付.md:45
- Finding
- File appears to expose a hardcoded API secret or token.
critical
suspicious.exposed_secret_literal
- Location
- references/代码示例/Python/JSAPI支付/JSAPI支付.md:46
- Finding
- File appears to expose a hardcoded API secret or token.
critical
suspicious.exposed_secret_literal
- Location
- references/代码示例/Python/Native支付/Native支付.md:45
- Finding
- File appears to expose a hardcoded API secret or token.
critical
suspicious.exposed_secret_literal
- Location
- references/代码示例/Python/小程序支付/小程序支付.md:45
- Finding
- File appears to expose a hardcoded API secret or token.
critical
suspicious.exposed_secret_literal
- Location
- references/代码示例/Python/退款/退款.md:44
- Finding
- File appears to expose a hardcoded API secret or token.
critical
suspicious.exposed_secret_literal
- Location
- references/商户模式/签名与验签/签名与验签规则.md:47
- Finding
- File appears to expose a hardcoded API secret or token.
critical
suspicious.exposed_secret_literal
- Location
- scripts/Node.js/signature_demo.js:16
- Finding
- File appears to expose a hardcoded API secret or token.
critical
suspicious.exposed_secret_literal
- Location
- scripts/Python/signature_demo.py:55
- Finding
- File appears to expose a hardcoded API secret or token.