UNPKG

mcp-server-semgrep

Version:

MCP Server for Semgrep Integration - static code analysis with AI

github.com/Szowesgad/mcp-server-semgrep

Szowesgad/mcp-server-semgrep

28 lines (27 loc) 686 B
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
rules: - id: plaintext-http-link metadata: category: security technology: - html cwe: - 'CWE-319: Cleartext Transmission of Sensitive Information' owasp: - A03:2017 - Sensitive Data Exposure - A02:2021 - Cryptographic Failures confidence: HIGH subcategory: - vuln references: - https://cwe.mitre.org/data/definitions/319.html likelihood: LOW impact: LOW patterns: - pattern: <a href="$URL">...</a> - metavariable-regex: metavariable: $URL regex: '^(?i)http://' message: >- This link points to a plaintext HTTP URL. Prefer an encrypted HTTPS URL if possible. severity: WARNING languages: [html]