glm-5.1-agentic-v1 — RealVuln Scanner Detail

Repository	F2	Recall	Precision	TP	FP	FN
damn-vulnerable-flask-application	87.7	90.0	79.9	14	4	2
damn-vulnerable-graphql-application	46.4	45.7	52.5	16	16	19
djangoat	40.5	37.0	66.6	18	10	32
dsvpwa	77.7	77.1	80.5	25	6	7
dsvw	73.6	72.2	79.5	20	5	8
dvblab	69.6	69.7	69.8	15	7	7
dvpwa	59.6	57.6	70.2	13	6	9
extremely-vulnerable-flask-app	55.4	51.8	76.9	14	4	14
flask-xss	47.9	42.9	90.8	12	1	16
insecure-web	76.7	77.8	72.6	7	3	2
intentionally-vulnerable-python-application	67.8	71.4	58.4	5	4	2
lets-be-bad-guys	64.0	59.7	90.1	14	2	10
owasp-web-playground	60.9	58.6	72.5	17	6	12
pygoat	59.0	56.4	71.8	40	16	30
python-app	70.0	70.0	70.0	14	6	6
python-insecure-app	83.2	81.2	93.8	6	0	2
pythonssti	100.0	100.0	100.0	2	0	0
threatbyte	59.5	56.9	73.1	14	5	10
vfapi	90.0	96.3	72.8	9	4	0
vulnerable-api	76.9	78.6	71.5	11	4	3
vulnerable-flask-app	64.1	62.5	71.6	12	5	8
vulnerable-python-apps	57.0	54.5	70.9	12	5	10
vulnerable-tornado-app	75.6	73.8	84.7	10	2	4
vulnpy	64.7	61.5	81.6	48	11	30
vulpy	37.8	34.0	70.5	18	8	36

Repository	Broken Access Co..	Code Injection /..	Command / OS Inj..	Denial of Service	Hardcoded Creden..	HTTP Header Inje..	Insecure Deseria..	Missing Authenti..	Open Redirect	Other	Path Traversal	Security Misconf..	Sensitive Data E..	SQL Injection	Server-Side Requ..	XPath Injection	Cross-Site Scrip..	XML External Ent..
damn-vulnerable-flask-application	—	100%	100%	—	100%	—	—	100%	—	67%	—	—	—	0%	—	—	75%	100%
damn-vulnerable-graphql-application	100%	—	100%	0%	0%	—	—	17%	—	27%	100%	0%	40%	100%	100%	—	100%	—
djangoat	50%	100%	100%	—	50%	—	100%	29%	0%	15%	100%	50%	25%	100%	—	—	14%	—
dsvpwa	—	—	100%	—	50%	—	100%	100%	100%	50%	100%	100%	67%	100%	100%	—	67%	—
dsvw	—	100%	100%	100%	100%	100%	100%	—	100%	0%	100%	100%	50%	100%	100%	100%	100%	100%
dvblab	100%	—	—	—	50%	—	100%	100%	—	62%	—	0%	0%	100%	—	—	—	—
dvpwa	—	—	—	—	—	—	—	67%	—	22%	—	100%	100%	100%	—	—	80%	—
extremely-vulnerable-flask-app	100%	—	—	0%	33%	—	100%	100%	—	17%	—	0%	50%	100%	100%	—	60%	—
flask-xss	0%	—	—	—	100%	—	—	33%	100%	12%	—	100%	33%	0%	—	—	56%	—
insecure-web	—	—	—	—	100%	—	—	100%	—	33%	—	100%	—	100%	—	—	100%	—
intentionally-vulnerable-python-application	—	—	100%	—	100%	—	100%	—	—	0%	—	—	—	100%	0%	—	100%	—
lets-be-bad-guys	100%	100%	—	—	100%	—	—	100%	100%	43%	100%	0%	0%	0%	—	—	100%	—
owasp-web-playground	100%	—	—	—	50%	—	100%	0%	—	56%	—	0%	25%	100%	100%	—	100%	0%
pygoat	40%	100%	67%	—	78%	—	100%	75%	—	54%	100%	67%	40%	100%	100%	—	0%	100%
python-app	—	—	100%	—	100%	—	100%	100%	—	50%	100%	—	0%	100%	—	—	50%	100%
python-insecure-app	—	—	—	—	100%	—	—	—	—	100%	—	0%	100%	—	0%	—	100%	—
pythonssti	—	—	—	—	—	—	—	—	—	100%	—	—	—	—	—	—	100%	—
threatbyte	100%	—	—	—	50%	—	—	100%	—	33%	100%	50%	0%	100%	100%	—	100%	—
vfapi	—	—	—	—	—	—	—	100%	—	100%	—	—	0%	100%	—	—	—	—
vulnerable-api	—	—	—	—	100%	100%	—	0%	—	100%	50%	—	50%	100%	50%	—	100%	—
vulnerable-flask-app	0%	—	—	—	100%	—	100%	—	—	57%	0%	—	50%	100%	—	—	0%	100%
vulnerable-python-apps	—	—	—	—	50%	—	50%	0%	—	60%	0%	—	0%	80%	100%	—	100%	—
vulnerable-tornado-app	—	—	100%	—	100%	—	—	0%	—	60%	100%	100%	100%	100%	—	—	100%	—
vulnpy	—	100%	67%	0%	—	—	100%	—	—	62%	100%	50%	—	100%	31%	100%	92%	100%
vulpy	100%	—	0%	—	25%	—	—	0%	—	23%	50%	0%	0%	83%	—	—	50%	—