Source → sink traces
A source → sink trace is the evidence behind a finding — the exact path a value takes from where it enters your code to the dangerous operation it eventually reaches.
From entry point to sink
Every finding shows that path hop by hop, across files and functions, down to the file and line at each step — from the untrusted source (a request parameter, an upload, anything outside your code's control) to the dangerous sink it reaches (a query, a shell call, a redirect). Each finding is also classified against CWE and the OWASP Top 10.
Why a trace, not just a score
A bare severity score asks you to take a finding on faith. A trace lets you review the actual reasoning — you can follow the same path unpwnd did and judge for yourself whether it's exploitable, instead of starting from a black-box number.