UNPKG

mcp-server-semgrep

Version:

MCP Server for Semgrep Integration - static code analysis with AI

github.com/Szowesgad/mcp-server-semgrep

Szowesgad/mcp-server-semgrep

44 lines (43 loc) 1.26 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
rules: - id: crypto-mode-without-authentication message: >- An encryption mode of operation is being used without proper message authentication. This can potentially result in the encrypted content to be decrypted by an attacker. Consider instead use an AEAD mode of operation like GCM. languages: - python severity: ERROR metadata: category: security technology: - cryptography cwe: - 'CWE-327: Use of a Broken or Risky Cryptographic Algorithm' owasp: - A03:2017 - Sensitive Data Exposure - A02:2021 - Cryptographic Failures references: - https://owasp.org/Top10/A02_2021-Cryptographic_Failures subcategory: - vuln likelihood: LOW impact: MEDIUM confidence: MEDIUM patterns: - pattern-either: - patterns: - pattern-either: - pattern: | AES.new(..., $PYCRYPTODOME_MODE) - pattern-not-inside: | AES.new(..., $PYCRYPTODOME_MODE) ... HMAC.new - metavariable-pattern: metavariable: $PYCRYPTODOME_MODE patterns: - pattern-either: - pattern: AES.MODE_CBC - pattern: AES.MODE_CTR - pattern: AES.MODE_CFB - pattern: AES.MODE_OFB