UNPKG

mcp-server-semgrep

Version:

MCP Server for Semgrep Integration - static code analysis with AI

github.com/Szowesgad/mcp-server-semgrep

Szowesgad/mcp-server-semgrep

133 lines (132 loc) 3.84 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
rules: - id: angular-bypasssecuritytrust message: >- Detected the use of `$TRUST`. This can introduce a Cross-Site-Scripting (XSS) vulnerability if this comes from user-provided input. If you have to use `$TRUST`, ensure it does not come from user-input or use the appropriate prevention mechanism e.g. input validation or sanitization depending on the context. metadata: cwe: - "CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')" references: - https://angular.io/api/platform-browser/DomSanitizer - https://cheatsheetseries.owasp.org/cheatsheets/Cross_Site_Scripting_Prevention_Cheat_Sheet.html owasp: - A07:2017 - Cross-Site Scripting (XSS) - A03:2021 - Injection confidence: MEDIUM category: security technology: - angular - browser cwe2022-top25: true cwe2021-top25: true subcategory: - vuln likelihood: LOW impact: MEDIUM languages: - typescript severity: WARNING mode: taint pattern-sources: - patterns: - pattern-either: - pattern-inside: | function ...({..., $X: string, ...}) { ... } - pattern-inside: | function ...(..., $X: string, ...) { ... } - focus-metavariable: $X pattern-sinks: - patterns: - pattern-either: - pattern: $X.$TRUST($Y) - focus-metavariable: $Y - pattern-not: | $X.$TRUST(`...`) - pattern-not: | $X.$TRUST("...") - metavariable-regex: metavariable: $TRUST regex: (bypassSecurityTrustHtml|bypassSecurityTrustStyle|bypassSecurityTrustScript|bypassSecurityTrustUrl|bypassSecurityTrustResourceUrl) pattern-sanitizers: - patterns: - pattern-either: - pattern-inside: | import $S from "underscore.string" ... - pattern-inside: | import * as $S from "underscore.string" ... - pattern-inside: | import $S from "underscore.string" ... - pattern-inside: | $S = require("underscore.string") ... - pattern-either: - pattern: $S.escapeHTML(...) - patterns: - pattern-either: - pattern-inside: | import $S from "dompurify" ... - pattern-inside: | import { ..., $S,... } from "dompurify" ... - pattern-inside: | import * as $S from "dompurify" ... - pattern-inside: | $S = require("dompurify") ... - pattern-inside: | import $S from "isomorphic-dompurify" ... - pattern-inside: | import * as $S from "isomorphic-dompurify" ... - pattern-inside: | $S = require("isomorphic-dompurify") ... - pattern-either: - patterns: - pattern-inside: | $VALUE = $S(...) ... - pattern: $VALUE.sanitize(...) - patterns: - pattern-inside: | $VALUE = $S.sanitize ... - pattern: $S(...) - pattern: $S.sanitize(...) - pattern: $S(...) - patterns: - pattern-either: - pattern-inside: | import $S from 'xss'; ... - pattern-inside: | import * as $S from 'xss'; ... - pattern-inside: | $S = require("xss") ... - pattern: $S(...) - patterns: - pattern-either: - pattern-inside: | import $S from 'sanitize-html'; ... - pattern-inside: | import * as $S from "sanitize-html"; ... - pattern-inside: | $S = require("sanitize-html") ... - pattern: $S(...) - patterns: - pattern: sanitizer.sanitize(...) - pattern-not: sanitizer.sanitize(SecurityContext.NONE, ...);