mcp-server-semgrep
Version:
MCP Server for Semgrep Integration - static code analysis with AI
67 lines (49 loc) • 1.77 kB
JavaScript
const phantom = require('phantom');
(async function() {
const instance = await phantom.create();
const page = await instance.createPage();
await page.on('onResourceRequested', function(requestData) {
console.info('Requesting', requestData.url);
});
// ruleid: phantom-injection
const status = await page.open(input());
// ok: phantom-injection
const status = await page.open('https://stackoverflow.com/');
const content = await page.property('content');
console.log(content);
await instance.exit();
})();
(async function(userInput) {
const instance = await phantom.create();
const page = await instance.createPage();
await page.on('onResourceRequested', function(requestData) {
console.info('Requesting', requestData.url);
});
// ruleid: phantom-injection
const status = await page.property('content', input());
// ruleid: phantom-injection
await page.setContent(userInput);
// ok: phantom-injection
var html = '<html>123</html>'
const status = await page.property('content', html);
const content = await page.property('content');
console.log(content);
await instance.exit();
})();
(async function(userInput) {
const instance = await phantom.create();
const page = await instance.createPage();
await page.on('onResourceRequested', function(requestData) {
console.info('Requesting', requestData.url);
});
// ruleid: phantom-injection
const status = await page.openUrl(input(), {}, {});
// ruleid: phantom-injection
await page.evaluateJavaScript(userInput);
// ok: phantom-injection
var url = 'https://stackoverflow.com/'
const status = await page.openUrl(url, {}, {});
const content = await page.property('content');
console.log(content);
await instance.exit();
})();