UNPKG

mcp-server-semgrep

Version:

MCP Server for Semgrep Integration - static code analysis with AI

github.com/Szowesgad/mcp-server-semgrep

Szowesgad/mcp-server-semgrep

29 lines (28 loc) 804 B
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
rules: - id: debug-enabled patterns: - pattern-inside: | import flask ... - pattern: $APP.run(..., debug=True, ...) message: >- Detected Flask app with debug=True. Do not deploy to production with this flag enabled as it will leak sensitive information. Instead, consider using Flask configuration variables or setting 'debug' using system environment variables. metadata: cwe: - 'CWE-489: Active Debug Code' owasp: 'A06:2017 - Security Misconfiguration' references: - https://labs.detectify.com/2015/10/02/how-patreon-got-hacked-publicly-exposed-werkzeug-debugger/ category: security technology: - flask subcategory: - vuln likelihood: HIGH impact: MEDIUM confidence: HIGH severity: WARNING languages: - python