mcp-siber-security-audit/src/config/semgrep-rules.yaml

MCP server for security code audit with auto-fix capabilities

rules:
  - id: express-xss
    mode: taint
    pattern-sources:
      - pattern: req.query.$PARAM
    pattern-sinks:
      - pattern: res.send(...)
    message: Potential XSS vulnerability detected. User input is directly included in the response.
    languages: [javascript]
    severity: ERROR
  - id: express-sql-injection
    mode: taint
    pattern-sources:
      - pattern: req.query.$PARAM
    pattern-sinks:
      - pattern: db.query(...)
    message: Potential SQL injection vulnerability detected. User input is directly included in the query.
    languages: [javascript]
    severity: ERROR