To be fair, I write quite a bit of sloppy code when I program as a hobby, or if I'm trying to quickly hobble together something that just does what I need to do (and that includes random projects I throw up on Github).
Agree, this isn't conclusive. OP might have a lot to learn about security. Or maybe OP just didn't care in this case.
To offer some constructive criticism, "Hassle" being misspelled as "hassel" in the readme, to me, would raise the question of the quality of English written communication created by the author.
But OP wasn't bragging about their 9gager project. Also, isn't it possible to be a good programmer but write bad code sometimes? Perhaps OP's best work just isn't on display.
Trying to give the benefit of the doubt, but I generally don't think one toy Github project is conclusive evidence of anything, really.
The danger is whenever anyone feels like asking others to check out there pretty good work, someone will inevitably find problems. It's just life and our limits as humans. What I have noted is the people that carry themselves as huge geniuses are the ones who make huge oversights. The best is someone quietly humble, doing awesome work, has depth when you ask them.
I am sure if you were in the dev field for years without a degree then you'd get tired of being second guessed for not having that piece of paper from a college.
To offer some constructive criticism, "Hassle" being misspelled as "hassel" in the readme, to me, would raise the question of the quality of English written communication created by the author.