As requested — agents searched every subsystem, each finding adversarially verified.
15 confirmed bugs. 46 found, 31 refuted. Grouped by area.
get_vote.rs (server crash cluster)
get_vote.rs:64 — high — panics if LLM response has no valid prefix char (A–T). Fix: continue instead of unwrap.get_vote.rs:158 — high — unwrap_leaf() panics if node is Branch. Fix: pattern-match PfxTree::Leaf(i) directly.get_vote.rs:178 — high — fallback voting path has chained unwraps; same crash on tree mismatch. Fix: if let guard.get_vote.rs:28 — medium — Regex::new().unwrap() on dynamic pattern. Fix: .expect("descriptive msg").
CLI
streaming.rs:235 — critical — panic! on malformed JSON from instance runner. Fix: return Err(Error::Instance(...)).context.rs:157 — high — IPv6 ::1:8080 missing brackets; RFC 3986 requires [::1]:8080. Test asserts wrong value too.pipes.rs:78 — high — TOCTOU race: probe socket liveness then remove isn't atomic. True fix needs advisory lock.handshake.rs:42 — high — .expect() on serialization; function already returns io::Result. Fix: .map_err()?.
Rust SDK
API (OpenRouter)
client.rs:60 — high — .eventsource().unwrap() crashes on CannotCloneRequestError. Fix: return Result.
WASM
lib.rs:268 — high — u64 as u32 silently truncates compile_output_length. Fix: u32::try_from().
Go SDK
client.go:113 — high — json.Marshal error discarded; sends empty auth header. Fix: check err, skip header on failure.- generated types (100+ files) — high — unchecked
json.Unmarshal in every MarshalJSON; silent corruption. Fix: fix the code generator.
Viewer
useSessionStorage.ts:31 — medium — async effect missing cancellation; same file's second effect does it right. Fix: add cancelled flag + cleanup.
Needs your review
release.yml — 12 mcp-filesystem jobs build Linux musl but name artifacts macOS/Windows. Intentional if MCP-FS ships containerized?
Full reference with exact fix code for each bug + refutation reasoning for the 31 rejected findings is in audit/2026-06-03-bug-hunt-reference.md on maya/web.
As requested — agents searched every subsystem, each finding adversarially verified.
15 confirmed bugs. 46 found, 31 refuted. Grouped by area.
get_vote.rs (server crash cluster)
get_vote.rs:64— high — panics if LLM response has no valid prefix char (A–T). Fix:continueinstead of unwrap.get_vote.rs:158— high —unwrap_leaf()panics if node is Branch. Fix: pattern-matchPfxTree::Leaf(i)directly.get_vote.rs:178— high — fallback voting path has chained unwraps; same crash on tree mismatch. Fix:if letguard.get_vote.rs:28— medium —Regex::new().unwrap()on dynamic pattern. Fix:.expect("descriptive msg").CLI
streaming.rs:235— critical —panic!on malformed JSON from instance runner. Fix:return Err(Error::Instance(...)).context.rs:157— high — IPv6::1:8080missing brackets; RFC 3986 requires[::1]:8080. Test asserts wrong value too.pipes.rs:78— high — TOCTOU race: probe socket liveness then remove isn't atomic. True fix needs advisory lock.handshake.rs:42— high —.expect()on serialization; function already returnsio::Result. Fix:.map_err()?.Rust SDK
retry_token.rs:33— high — unboundedself.0[index + i]with no bounds check. Fix:assert!guard.retry_token.rs:16— high — same bug, duplicate location.API (OpenRouter)
client.rs:60— high —.eventsource().unwrap()crashes onCannotCloneRequestError. Fix: returnResult.WASM
lib.rs:268— high —u64 as u32silently truncatescompile_output_length. Fix:u32::try_from().Go SDK
client.go:113— high —json.Marshalerror discarded; sends empty auth header. Fix: check err, skip header on failure.json.Unmarshalin everyMarshalJSON; silent corruption. Fix: fix the code generator.Viewer
useSessionStorage.ts:31— medium — async effect missing cancellation; same file's second effect does it right. Fix: addcancelledflag + cleanup.Needs your review
release.yml— 12 mcp-filesystem jobs build Linux musl but name artifacts macOS/Windows. Intentional if MCP-FS ships containerized?Full reference with exact fix code for each bug + refutation reasoning for the 31 rejected findings is in
audit/2026-06-03-bug-hunt-reference.mdonmaya/web.