Docs

ANL-001: Hardcoded Value

Hardcoded credential or sensitive value detected.

criticalhardcoded valueuipath

What it detects

Hardcoded credential or sensitive value detected. Flowcerta currently surfaces this finding from the active validation pipeline for supported patterns.

Why it matters

Hardcoded sensitive values create security and operational debt. Rotating the value now requires code change, retesting, and redeployment instead of a simple secret update.

Example violation

A UiPath Assign activity stores a password-like string literal directly in a workflow variable.

Fix guidance

UiPath

  • Move value to orchestrator asset or environment variable.
  • Use platform-native assets, credentials, bounded retries, and Log Message checkpoints instead of hardcoded literals or silent failure paths.
  • Revalidate the workflow after the change and confirm the finding no longer appears.

Verification steps

  1. Run validation again and confirm the rule no longer appears in the finding list.
  2. Review the changed workflow artifact directly to verify the risky pattern is gone.
  3. Capture the new validation result as evidence for the relevant owner or compliance review.

Compliance references

    Related rules

    This page is generated from the current runtime rule mapping and is not yet backed by canonical database rule metadata.

    Browse all rule playbooks