UNPKG

mcp-server-semgrep

Version:

MCP Server for Semgrep Integration - static code analysis with AI

github.com/Szowesgad/mcp-server-semgrep

Szowesgad/mcp-server-semgrep

33 lines (32 loc) 844 B
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
rules: - id: missing-user patterns: - pattern: | CMD $...VARS - pattern-not-inside: | USER $USER ... fix: | USER non-root CMD $...VARS message: By not specifying a USER, a program in the container may run as 'root'. This is a security hazard. If an attacker can control a process running as root, they may have control over the container. Ensure that the last USER in a Dockerfile is a USER other than 'root'. severity: ERROR languages: - dockerfile metadata: cwe: - 'CWE-269: Improper Privilege Management' category: security technology: - dockerfile confidence: MEDIUM owasp: - A04:2021 - Insecure Design references: - https://owasp.org/Top10/A04_2021-Insecure_Design subcategory: - audit likelihood: LOW impact: MEDIUM