SiteShadow
Back to vulnerability library
Detected byEngineering-practice checks (QP)Pro

QP13 Large Classes

What this means

SiteShadow flagged very large classes that likely violate single-responsibility boundaries. In security-sensitive systems, large classes often hide privilege decisions, data access, and risky side effects.

Why it matters

Large classes are difficult to test and often hide security-sensitive behavior.

Safer examples

1) Split by responsibility

Separate "controller/service/repository" roles and keep security boundaries explicit.

2) Extract policy and validation into shared components

Centralize authorization checks and validation rather than sprinkling them across methods.

3) Add tests per responsibility

After splitting, test each component's contract (especially auth and data access).

How SiteShadow detects it (high level)

References

---

← Back to Vulnerability Library

Catch this with SiteShadow Pro.

This vulnerability class is detected by SiteShadow's Pro-tier engines, two-pass interprocedural taint analysis, heuristic flow checks, AI-context scanning, and cross-file detection. The free tier catches OWASP Top 10 single-file patterns; Pro adds the data-flow depth that finds this class of bug.