Understanding Reports

Every Nexdge review returns a structured report with findings from each specialist.

Severity grades

CRITICAL: Immediate exploitation possible. Fix before deploying. HIGH: Significant risk under specific conditions. Fix this sprint. MEDIUM: Technical debt or limited risk. Add to your backlog. LOW: Best practice violation. Fix when convenient. PASS: No issues found by this specialist.

Reading a finding

Each finding contains: a short title describing the issue, a plain English explanation of what the problem is and why it matters, the file name and line number where the issue was found, and a verified rewrite — a corrected version of the affected code that has been re-scanned and confirmed clean.

Applying a fix

In the web app: click "Apply fix" on any finding to replace the affected code with the verified rewrite. In VS Code: click the lightbulb on the affected line and select "Apply Nexdge fix". In GitHub: copy the rewrite from the PR comment and commit it.

The verified rewrite loop

Every suggested fix is verified before you see it. After rewriting the code, Nexdge runs the same static analysis on the rewrite. If issues remain, the loop runs again. Maximum three iterations. If something cannot be resolved, it is flagged honestly with a note that manual review is recommended.

Overall score

The overall score is a weighted average across all specialists. 90 to 100: excellent, ship with confidence. 70 to 89: good, minor issues to address. 50 to 69: needs work, resolve HIGH findings before deploying. Below 50: significant issues, do not deploy without fixes.