SiteShadow
Back to vulnerability library
Detected byEngineering-practice checks (QP)Pro

QP08 Standards & Style Guides Practices

What this means

SiteShadow flagged missing or disabled language/stack standards (formatting, linting, and project conventions). Inconsistent standards slow down review and increase security drift.

Why it matters

Skipping standards can lead to inconsistent code and higher defect rates.

Safer examples

1) Adopt stack-appropriate standards

Examples: ESLint + Prettier (JS/TS), Black/Ruff (Python), gofmt/golangci-lint (Go).

2) Enforce standards automatically

Run formatters/linters in CI and via pre-commit hooks.

3) Document conventions

Add a short CONTRIBUTING.md / "How to run checks" section to make compliance easy.

How SiteShadow detects it (high level)

References

---

← Back to Vulnerability Library

Catch this with SiteShadow Pro.

This vulnerability class is detected by SiteShadow's Pro-tier engines, two-pass interprocedural taint analysis, heuristic flow checks, AI-context scanning, and cross-file detection. The free tier catches OWASP Top 10 single-file patterns; Pro adds the data-flow depth that finds this class of bug.