Files
mercado.clube67.com/tools/security-auditor/security-audit.sarif
T

148 lines
3.7 KiB
JSON

{
"version": "2.1.0",
"$schema": "http://json.schemastore.org/sarif-2.1.0-rtm.5",
"runs": [
{
"tool": {
"driver": {
"name": "Security Auditor Antigravity",
"version": "1.0.0",
"rules": [
{
"id": "Unsafe HTML rendering pattern"
},
{
"id": "Server boundary without obvious input validation"
},
{
"id": "LLM endpoint with prompt injection exposure"
},
{
"id": "Potential SSRF pattern"
},
{
"id": "Hardcoded credential material"
}
]
}
},
"results": [
{
"ruleId": "Unsafe HTML rendering pattern",
"level": "error",
"message": {
"text": "dangerouslySetInnerHTML found"
},
"locations": [
{
"physicalLocation": {
"artifactLocation": {
"uri": "scripts/security-audit.js"
},
"region": {
"startLine": 123
}
}
}
]
},
{
"ruleId": "Unsafe HTML rendering pattern",
"level": "error",
"message": {
"text": "dangerouslySetInnerHTML found"
},
"locations": [
{
"physicalLocation": {
"artifactLocation": {
"uri": "scripts/security-audit.js"
},
"region": {
"startLine": 125
}
}
}
]
},
{
"ruleId": "Server boundary without obvious input validation",
"level": "error",
"message": {
"text": "Request input usage"
},
"locations": [
{
"physicalLocation": {
"artifactLocation": {
"uri": "scripts/security-audit.js"
},
"region": {
"startLine": 143
}
}
}
]
},
{
"ruleId": "LLM endpoint with prompt injection exposure",
"level": "error",
"message": {
"text": "LLM SDK call"
},
"locations": [
{
"physicalLocation": {
"artifactLocation": {
"uri": "scripts/security-audit.js"
},
"region": {
"startLine": 148
}
}
}
]
},
{
"ruleId": "Potential SSRF pattern",
"level": "error",
"message": {
"text": "Server-side outbound request"
},
"locations": [
{
"physicalLocation": {
"artifactLocation": {
"uri": "scripts/security-audit.js"
},
"region": {
"startLine": 153
}
}
}
]
},
{
"ruleId": "Hardcoded credential material",
"level": "error",
"message": {
"text": "Secret-like token or private key marker detected"
},
"locations": [
{
"physicalLocation": {
"artifactLocation": {
"uri": "scripts/security-audit.js"
},
"region": {
"startLine": 158
}
}
}
]
}
]
}
]
}