| priority | message | ref | name_value |
|---|
| 3 | Apex classes should use random IV/key | | |
| 3 | Validate CRUD permission before SOQL/DML operation or enforce user mode | | |
| | category/apex/errorprone.xml/ApexCSRF | |
| 3 | Calling potentially dangerous method | | |
| 3 | Apex callouts should use encrypted communication channels | | |
| 3 | Apex classes should safely redirect to a known location | | |
| 3 | Apex classes should declare a sharing model if DML or SOQL/SOSL is used | | |
| 3 | Avoid untrusted/unescaped variables in DML query | | |
| 3 | Suggest named credentials for authentication | | |
| 3 | Apex classes should escape Strings in error messages | | |
| 3 | Apex classes should escape/sanitize Strings obtained from URL parameters | | |