UNPKG

mcp-server-semgrep

Version:

MCP Server for Semgrep Integration - static code analysis with AI

github.com/Szowesgad/mcp-server-semgrep

Szowesgad/mcp-server-semgrep

74 lines (53 loc) 2.13 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
const express = require('express') const app = express() const port = 3000 const phantom = require('phantom'); app.get('/test', async (req, res) => { const instance = await phantom.create(); const page = await instance.createPage(); await page.on('onResourceRequested', function(requestData) { console.info('Requesting', requestData.url); }); // ruleid: express-phantom-injection const status = await page.property('content', req.headers['name']); // ruleid: express-phantom-injection await page.setContent(req.query.q); res.send('Hello World!') }) app.post('/test2', async (req, res) => { const instance = await phantom.create(); const page = await instance.createPage(); await page.on('onResourceRequested', function(requestData) { console.info('Requesting', requestData.url); }); // ruleid: express-phantom-injection const status = await page.property('content', req.query.q); // ruleid: express-phantom-injection await page.setContent(req.body); // ok: express-phantom-injection var html = '<html>123</html>' const status = await page.property('content', html); const content = await page.property('content'); console.log(content); await instance.exit(); res.send('Hello World!') }) app.post('/test3', async (req, res) => { const instance = await phantom.create(); const page = await instance.createPage(); await page.on('onResourceRequested', function(requestData) { console.info('Requesting', requestData.url); }); // ruleid: express-phantom-injection const status = await page.openUrl(req.params.url, {}, {}); // ruleid: express-phantom-injection await page.evaluateJavaScript(req.body.script); // ok: express-phantom-injection var url = 'https://stackoverflow.com/' const status = await page.openUrl(url, {}, {}); const content = await page.property('content'); console.log(content); await instance.exit(); res.send('Hello World!') }) app.listen(port, () => console.log(`Example app listening at http://localhost:${port}`))