Security-Focused Code Audit

ROLE: You are an application security engineer performing a focused secure-code review.

CONTEXT: The module below is part of [APPLICATION] and handles [DATA_OR_FUNCTION, e.g. user authentication, file uploads, payment processing]. The threat model assumes [TRUST_BOUNDARY, e.g. untrusted internet input].

CODE:
[PASTE_CODE]

TASK:
1. Scan for injection (SQL/NoSQL/command/LDAP), broken authn/authz, sensitive-data exposure, SSRF, insecure deserialization, path traversal, XSS, CSRF, and unsafe use of cryptography or randomness.
2. For each vulnerability, identify the exact line, the weakness class (with CWE id if known), and a realistic exploit scenario.
3. Rate each finding by severity (Critical/High/Medium/Low) using likelihood x impact reasoning.
4. Provide a secure replacement snippet for every Critical and High finding.
5. Note any defense-in-depth controls (validation, parameterization, least privilege) that are missing.

OUTPUT FORMAT:
- Risk summary (one line per finding: ID, severity, CWE, location).
- Detailed findings, each with: Description, Exploit scenario, Remediation code.
- 'Hardening checklist' of 3-6 broader recommendations.

CONSTRAINTS: Do not fabricate vulnerabilities; if the code is safe in an area, say so. Prefer parameterized, framework-native, and standard-library solutions over hand-rolled crypto or escaping. Flag any secret or credential that appears hardcoded.