@clear-capabilities/agentic-security-scanner 0.77.0 → 0.79.0

package/dist/agentic-security.mjs.sha256

@@ -1 +1 @@
-eb8ec4e943af9857994437dfc4af9886d2b254591dd61da56f061d007403f112  agentic-security.mjs
+3ec7e435269654d09e2168e1cd8a6586f88b9c2edce86f48c18a2dc5f321e358  agentic-security.mjs

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@clear-capabilities/agentic-security-scanner",
-  "version": "0.77.0",
+  "version": "0.79.0",
   "description": "Scanner engine for the agentic-security Claude Code plugin \u2014 SAST, SCA (function-level reachability + CISA KEV), secrets, IaC, prompt-injection, MCP/agent-tool audit, auth/authZ deep analysis, attack chains, PoC generation, business logic, toxic-combinations scoring, SBOM, SARIF ingest, pipeline integrity, compliance attestation, and more.",
   "type": "module",
   "main": "src/index.js",
@@ -54,9 +54,9 @@
     "prepublishOnly": "npm run build && node -e \"const fs=require('fs');const cur=fs.existsSync('CHANGELOG.md')?fs.readFileSync('CHANGELOG.md','utf8'):'';const src=fs.readFileSync('../CHANGELOG.md','utf8');if(cur && cur!==src){console.error('scanner/CHANGELOG.md has local edits that differ from ../CHANGELOG.md.');console.error('Refusing to overwrite. Either commit the edit upstream first or rm scanner/CHANGELOG.md to accept the upstream copy.');process.exit(1);}fs.writeFileSync('CHANGELOG.md',src);\"",
     "test": "npm run test:smoke && npm run test:sast && npm run test:posture && npm run test:dataflow && npm run test:mcp && npm run test:report && npm run test:bench-modules && npm run test:lifecycle && AGENTIC_SECURITY_CPP_DATAFLOW=1 node --test test/cpp-dataflow.test.js",
     "test:smoke": "node --test test/smoke.test.js",
-    "test:sast": "node --test test/llm.test.js test/llm-owasp.test.js test/logic.test.js test/authz.test.js test/model-load.test.js test/prompt-template.test.js test/business-logic.test.js test/python-sinks.test.js test/phase1-detectors.test.js test/phase2-detectors.test.js test/phase3-v3.test.js test/phase7-extensions.test.js test/phase8-extensions.test.js test/new-cwe-detectors.test.js test/llmsecops-detectors.test.js test/db-taint.test.js",
-    "test:posture": "node --test test/material-change.test.js test/drift.test.js test/scorecard.test.js test/mttr.test.js test/license-policy.test.js test/aibom.test.js test/sbom.test.js test/api-inventory.test.js test/iam-policy.test.js test/container.test.js test/container-runtime.test.js test/kev.test.js test/dep-confusion.test.js test/sca-deprecated.test.js test/packs.test.js test/flow-narration.test.js test/regression-test-gen.test.js test/rule-synthesis.test.js test/policy-gate.test.js test/agents-memory.test.js test/cve-lookup.test.js test/cve-alert-daemon.test.js test/fix-verify-loop.test.js test/exploitability-probability.test.js test/history-scan.test.js test/viral-features.test.js test/viral-v074.test.js",
-    "test:dataflow": "node --test test/fn-reach.test.js test/deep-taint.test.js test/calibration.test.js test/holdout-eval.test.js test/cross-lang-meta.test.js test/cross-lang-queues.test.js test/phase5-xlang.test.js test/phase5-coverage.test.js test/phase6-taint.test.js test/llm-validator-consistency.test.js test/llm-validator-default-on.test.js test/parser-py-cst.test.js test/parser-cs-kt.test.js test/interproc-k2.test.js test/proven-clean.test.js test/backward-default.test.js test/incremental-cache.test.js test/string-regex-lattice.test.js test/closure-capture.test.js test/points-to.test.js test/type-stubs.test.js test/soft-taint.test.js test/ifds.test.js test/symbolic-exec-proof.test.js test/ifds-summary-edges.test.js test/stub-aware-filter.test.js test/cross-repo.test.js",
+    "test:sast": "node --test test/llm.test.js test/llm-owasp.test.js test/logic.test.js test/authz.test.js test/model-load.test.js test/prompt-template.test.js test/business-logic.test.js test/python-sinks.test.js test/phase1-detectors.test.js test/phase2-detectors.test.js test/phase3-v3.test.js test/phase7-extensions.test.js test/phase8-extensions.test.js test/new-cwe-detectors.test.js test/llmsecops-detectors.test.js test/db-taint.test.js test/dart-swift.test.js test/redos-nfa.test.js test/weak-randomness.test.js",
+    "test:posture": "node --test test/material-change.test.js test/drift.test.js test/scorecard.test.js test/mttr.test.js test/license-policy.test.js test/aibom.test.js test/sbom.test.js test/api-inventory.test.js test/iam-policy.test.js test/container.test.js test/container-runtime.test.js test/kev.test.js test/dep-confusion.test.js test/sca-deprecated.test.js test/packs.test.js test/flow-narration.test.js test/regression-test-gen.test.js test/rule-synthesis.test.js test/policy-gate.test.js test/agents-memory.test.js test/cve-lookup.test.js test/cve-alert-daemon.test.js test/fix-verify-loop.test.js test/exploitability-probability.test.js test/history-scan.test.js test/viral-features.test.js test/viral-v074.test.js test/state-dir.test.js",
+    "test:dataflow": "node --test test/fn-reach.test.js test/deep-taint.test.js test/calibration.test.js test/holdout-eval.test.js test/cross-lang-meta.test.js test/cross-lang-queues.test.js test/phase5-xlang.test.js test/phase5-coverage.test.js test/phase6-taint.test.js test/llm-validator-consistency.test.js test/llm-validator-default-on.test.js test/parser-py-cst.test.js test/parser-cs-kt.test.js test/parser-go.test.js test/parser-php-rb.test.js test/interproc-k2.test.js test/proven-clean.test.js test/backward-default.test.js test/incremental-cache.test.js test/string-regex-lattice.test.js test/closure-capture.test.js test/points-to.test.js test/type-stubs.test.js test/soft-taint.test.js test/ifds.test.js test/symbolic-exec-proof.test.js test/ifds-summary-edges.test.js test/stub-aware-filter.test.js test/cross-repo.test.js",
     "test:mcp": "node --test test/mcp.test.js test/mcp-audit.test.js test/audit-cli.test.js test/mcp-scratchpad.test.js test/mcp-offload.test.js",
     "test:report": "node --test test/sarif-ingest.test.js test/junit.test.js test/ci.test.js test/poc-generator.test.js test/verifier.test.js test/verifier-target.test.js test/annotator-errors.test.js test/grader-calibration.test.js",
     "test:bench-modules": "node --test test/phase4-harness.test.js test/pipeline.test.js",

package/src/dataflow/async-sequencing.js

@@ -55,22 +55,24 @@ const ASYNC_ITER_BODY_SOURCES = new Set([
  * AST shape expected (parser-js.js neutral):
  *   { kind: 'call', callee: { kind: 'member', object: <expr>, prop: <string> }, args: [...] }
  */
-export function describeChain(callExpr) {
+export function describeChain(callExpr, opts = {}) {
   if (!callExpr || callExpr.kind !== 'call') return null;
   const ops = [];
   let cur = callExpr;
-  // Walk leftward through .then/.catch/.finally chain.
   while (cur && cur.kind === 'call' && cur.callee && cur.callee.kind === 'member' && PROMISE_CHAIN_METHODS.has(cur.callee.prop)) {
     const arg = (cur.args || [])[0];
     ops.unshift({
-      kind: cur.callee.prop,           // 'then' | 'catch' | 'finally'
+      kind: cur.callee.prop,
       callback: arg && (arg.kind === 'ident' || arg.kind === 'arrow' || arg.kind === 'function') ? arg : null,
       argIndex: 0,
     });
     cur = cur.callee.object;
   }
-  // `cur` should be the root call (e.g., `fetch(url)` or `Promise.all([...])`).
-  const isPromise = isPromiseRoot(cur);
+  let isPromise = isPromiseRoot(cur);
+  if (!isPromise && opts.summaryCache && opts.callGraph && cur && cur.kind === 'call') {
+    const name = typeof cur.callee === 'string' ? cur.callee : (cur.callee?.name || null);
+    if (name) isPromise = isAsyncSourceFromSummary(name, opts.summaryCache, opts.callGraph);
+  }
   return { ops, rootCallee: cur, isPromise };
 }
 
@@ -84,13 +86,20 @@ function isPromiseRoot(expr) {
   }
   if (c.kind === 'member') {
     if (c.object && c.object.kind === 'ident' && c.object.name === 'Promise' && PROMISE_STATIC_METHODS.has(c.prop)) return true;
-    // any .xxxAsync() pattern, or .then-chainable: too noisy to assume; require
-    // an explicit await elsewhere or a known callee.
     return /Async$/.test(c.prop) || /^(fetch|json|text|blob|formData)$/.test(c.prop);
   }
   return false;
 }
 
+export function isAsyncSourceFromSummary(calleeName, summaryCache, callGraph) {
+  if (!calleeName || !summaryCache || !callGraph) return false;
+  const resolved = callGraph.resolve ? callGraph.resolve(calleeName) : null;
+  const qid = resolved && (resolved.qid || resolved);
+  if (typeof qid !== 'string') return false;
+  const sum = summaryCache.get(qid, new Set());
+  return !!(sum && sum.returnTainted);
+}
+
 /**
  * Given a chain descriptor + a `sourceTainted` boolean indicating whether
  * the root callee's resolved value is tainted, return whether each callback

package/src/dataflow/builtin-summaries.js

@@ -0,0 +1,131 @@
+// Pre-computed taint summaries for popular npm/pip packages.
+//
+// When the taint engine encounters a call to an external function that
+// the call graph can't resolve (e.g., lodash.merge from node_modules),
+// it checks this registry as a fallback. Each entry describes whether
+// the function's return value carries taint and whether any parameters
+// are mutated (tainted by reference).
+//
+// Format: same as SummaryCache entries.
+//   { returnTainted: bool, mutatedParams: Set<paramIndex-as-string> }
+//
+// Convention: param indices are STRING keys ('0', '1', ...) because
+// SummaryCache uses param names, and for external functions we don't
+// know names — we use positional indices instead.
+
+const S = (returnTainted, mutatedIndices = []) => ({
+  returnTainted,
+  mutatedParams: new Set(mutatedIndices.map(String)),
+  taintedGlobals: new Set(),
+  findings: [],
+  _builtin: true,
+});
+
+export const BUILTIN_SUMMARIES = new Map([
+  // ── Lodash ──────────────────────────────────────────────────────────────
+  ['_.merge',           S(true, [0])],
+  ['_.defaultsDeep',    S(true, [0])],
+  ['_.defaults',        S(true, [0])],
+  ['_.extend',          S(true, [0])],
+  ['_.assign',          S(true, [0])],
+  ['_.assignIn',        S(true, [0])],
+  ['_.set',             S(false, [0])],
+  ['_.get',             S(true)],
+  ['_.pick',            S(true)],
+  ['_.omit',            S(true)],
+  ['_.cloneDeep',       S(true)],
+  ['_.clone',           S(true)],
+  ['_.map',             S(true)],
+  ['_.filter',          S(true)],
+  ['_.find',            S(true)],
+  ['_.reduce',          S(true)],
+  ['_.flatten',         S(true)],
+  ['_.compact',         S(true)],
+  ['_.uniq',            S(true)],
+  ['_.groupBy',         S(true)],
+  ['_.keyBy',           S(true)],
+  ['_.values',          S(true)],
+  ['_.keys',            S(false)],
+  ['_.identity',        S(true)],
+
+  // ── Node.js core ────────────────────────────────────────────────────────
+  ['JSON.parse',        S(true)],
+  ['JSON.stringify',    S(true)],
+  ['Buffer.from',       S(true)],
+  ['Buffer.concat',     S(true)],
+  ['querystring.parse', S(true)],
+  ['url.parse',         S(true)],
+  ['path.join',         S(true)],
+  ['path.resolve',      S(true)],
+  ['util.format',       S(true)],
+
+  // ── Express / HTTP ──────────────────────────────────────────────────────
+  ['express.json',      S(false)],
+  ['express.urlencoded',S(false)],
+  ['bodyParser.json',   S(false)],
+  ['cors',              S(false)],
+
+  // ── Database clients ────────────────────────────────────────────────────
+  ['pool.query',        S(true)],
+  ['client.query',      S(true)],
+  ['db.query',          S(true)],
+  ['db.all',            S(true)],
+  ['db.get',            S(true)],
+  ['db.run',            S(false)],
+  ['knex.raw',          S(true)],
+  ['knex.select',       S(true)],
+
+  // ── HTTP clients ────────────────────────────────────────────────────────
+  ['axios.get',         S(true)],
+  ['axios.post',        S(true)],
+  ['axios.put',         S(true)],
+  ['axios.patch',       S(true)],
+  ['axios.delete',      S(true)],
+  ['axios.request',     S(true)],
+  ['fetch',             S(true)],
+  ['got',               S(true)],
+  ['got.get',           S(true)],
+  ['got.post',          S(true)],
+  ['superagent.get',    S(true)],
+  ['superagent.post',   S(true)],
+
+  // ── Crypto / hashing (return is derived, not tainted) ───────────────────
+  ['crypto.createHash', S(false)],
+  ['crypto.randomBytes',S(false)],
+  ['bcrypt.hash',       S(false)],
+  ['bcrypt.compare',    S(false)],
+
+  // ── Sanitizers (return is clean) ────────────────────────────────────────
+  ['parseInt',          S(false)],
+  ['parseFloat',        S(false)],
+  ['Number',            S(false)],
+  ['Boolean',           S(false)],
+  ['encodeURIComponent',S(false)],
+  ['encodeURI',         S(false)],
+  ['DOMPurify.sanitize',S(false)],
+  ['validator.escape',  S(false)],
+  ['he.encode',         S(false)],
+
+  // ── Python stdlib (matched by callee name) ──────────────────────────────
+  ['json.loads',        S(true)],
+  ['json.dumps',        S(true)],
+  ['int',               S(false)],
+  ['float',             S(false)],
+  ['str',               S(true)],
+  ['shlex.quote',       S(false)],
+  ['html.escape',       S(false)],
+  ['bleach.clean',      S(false)],
+]);
+
+export function lookupBuiltinSummary(calleeName) {
+  if (!calleeName || typeof calleeName !== 'string') return null;
+  const direct = BUILTIN_SUMMARIES.get(calleeName);
+  if (direct) return direct;
+  const lastDot = calleeName.lastIndexOf('.');
+  if (lastDot > 0) {
+    const short = calleeName.slice(lastDot + 1);
+    const fallback = BUILTIN_SUMMARIES.get(short);
+    if (fallback) return null;
+  }
+  return null;
+}

package/src/dataflow/catalog.js

@@ -139,12 +139,32 @@ export const CATALOG = [
   { kind: 'source', id: 'go-gin-query',  language: 'go', framework: 'gin',      match: { type: 'call',   callee: 'Query' },               label: 'c.Query (gin)' },
   { kind: 'source', id: 'go-gin-bindjson',language:'go', framework: 'gin',      match: { type: 'call',   callee: 'BindJSON' },            label: 'c.BindJSON (gin)' },
   { kind: 'source', id: 'go-echo-param', language: 'go', framework: 'echo',     match: { type: 'call',   callee: 'Param' },               label: 'c.Param (echo)' },
+  { kind: 'source', id: 'go-gin-postform',  language: 'go', framework: 'gin',  match: { type: 'call', callee: 'PostForm' },     label: 'c.PostForm (gin)' },
+  { kind: 'source', id: 'go-gin-shouldbind',language: 'go', framework: 'gin',  match: { type: 'call', callee: 'ShouldBind' },   label: 'c.ShouldBind (gin)' },
+  { kind: 'source', id: 'go-gin-shouldbindjson',language:'go',framework:'gin', match: { type: 'call', callee: 'ShouldBindJSON' },label: 'c.ShouldBindJSON (gin)' },
+  { kind: 'source', id: 'go-echo-formvalue',language: 'go', framework: 'echo', match: { type: 'call', callee: 'FormValue' },    label: 'c.FormValue (echo)' },
+  { kind: 'source', id: 'go-echo-queryparam',language:'go', framework: 'echo', match: { type: 'call', callee: 'QueryParam' },   label: 'c.QueryParam (echo)' },
+  { kind: 'source', id: 'go-echo-bind',     language: 'go', framework: 'echo', match: { type: 'call', callee: 'Bind' },         label: 'c.Bind (echo)' },
+  { kind: 'source', id: 'go-chi-urlparam',  language: 'go', framework: 'chi',  match: { type: 'call', callee: 'URLParam' },     label: 'chi.URLParam' },
+  { kind: 'source', id: 'go-r-postformvalue',language:'go', framework:'net/http',match:{type:'call',callee:'PostFormValue'},     label: 'r.PostFormValue' },
+  { kind: 'source', id: 'go-fiber-body',    language: 'go', framework: 'fiber', match: { type: 'call', callee: 'Body' },         label: 'c.Body (fiber)' },
+  { kind: 'source', id: 'go-fiber-query',   language: 'go', framework: 'fiber', match: { type: 'call', callee: 'Query' },        label: 'c.Query (fiber)' },
+  { kind: 'source', id: 'go-fiber-params',  language: 'go', framework: 'fiber', match: { type: 'call', callee: 'Params' },       label: 'c.Params (fiber)' },
+  { kind: 'source', id: 'go-fiber-formvalue',language:'go', framework: 'fiber', match: { type: 'call', callee: 'FormValue' },    label: 'c.FormValue (fiber)' },
+  { kind: 'source', id: 'go-fiber-cookies', language: 'go', framework: 'fiber', match: { type: 'call', callee: 'Cookies' },      label: 'c.Cookies (fiber)' },
+  { kind: 'source', id: 'go-fiber-bodyparser',language:'go',framework:'fiber', match: { type: 'call', callee: 'BodyParser' },    label: 'c.BodyParser (fiber)' },
+  { kind: 'source', id: 'go-buffalo-param', language: 'go', framework: 'buffalo',match: { type: 'call', callee: 'Param' },       label: 'c.Param (buffalo)' },
+  { kind: 'source', id: 'go-buffalo-request',language:'go', framework:'buffalo',match: { type: 'member', object: 'c', prop: 'Request' }, label: 'c.Request (buffalo)' },
+  { kind: 'source', id: 'go-gorilla-vars',  language: 'go', framework: 'gorilla',match: { type: 'call', callee: 'Vars' },        label: 'mux.Vars (gorilla)' },
 
   // ─── SOURCES (Ruby — Rails / Sinatra) ─────────────────────────────────────
   { kind: 'source', id: 'rb-rails-params',  language: 'rb', framework: 'rails', match: { type: 'global', name: 'params' }, label: 'params (Rails)' },
   { kind: 'source', id: 'rb-rails-cookies', language: 'rb', framework: 'rails', match: { type: 'global', name: 'cookies' }, label: 'cookies (Rails)' },
   { kind: 'source', id: 'rb-rails-session', language: 'rb', framework: 'rails', match: { type: 'global', name: 'session' }, label: 'session (Rails)' },
   { kind: 'source', id: 'rb-env',           language: 'rb', framework: 'stdlib',match: { type: 'global', name: 'ENV' },     label: 'ENV (Ruby)' },
+  { kind: 'source', id: 'rb-sinatra-request-body',language:'rb',framework:'sinatra',match:{type:'member',object:'request',prop:'body'},    label: 'request.body (Sinatra)' },
+  { kind: 'source', id: 'rb-sinatra-request-env', language:'rb',framework:'sinatra',match:{type:'member',object:'request',prop:'env'},     label: 'request.env (Sinatra)' },
+  { kind: 'source', id: 'rb-sinatra-request-params',language:'rb',framework:'sinatra',match:{type:'member',object:'request',prop:'params'},label: 'request.params (Sinatra)' },
 
   // ─── SOURCES (PHP) ────────────────────────────────────────────────────────
   { kind: 'source', id: 'php-request',  language: 'php', framework: 'core', match: { type: 'global', name: '_REQUEST' }, label: '$_REQUEST' },
@@ -152,6 +172,13 @@ export const CATALOG = [
   { kind: 'source', id: 'php-post',     language: 'php', framework: 'core', match: { type: 'global', name: '_POST' },    label: '$_POST' },
   { kind: 'source', id: 'php-cookie',   language: 'php', framework: 'core', match: { type: 'global', name: '_COOKIE' },  label: '$_COOKIE' },
   { kind: 'source', id: 'php-server',   language: 'php', framework: 'core', match: { type: 'global', name: '_SERVER' },  label: '$_SERVER' },
+  { kind: 'source', id: 'php-symfony-query',   language: 'php', framework: 'symfony', match: { type: 'member', object: '$request', prop: 'query' },   label: '$request->query (Symfony)' },
+  { kind: 'source', id: 'php-symfony-request', language: 'php', framework: 'symfony', match: { type: 'member', object: '$request', prop: 'request' }, label: '$request->request (Symfony)' },
+  { kind: 'source', id: 'php-symfony-cookies', language: 'php', framework: 'symfony', match: { type: 'member', object: '$request', prop: 'cookies' }, label: '$request->cookies (Symfony)' },
+  { kind: 'source', id: 'php-symfony-headers', language: 'php', framework: 'symfony', match: { type: 'member', object: '$request', prop: 'headers' }, label: '$request->headers (Symfony)' },
+  { kind: 'source', id: 'php-symfony-files',   language: 'php', framework: 'symfony', match: { type: 'member', object: '$request', prop: 'files' },   label: '$request->files (Symfony)' },
+  { kind: 'source', id: 'php-symfony-content', language: 'php', framework: 'symfony', match: { type: 'call', callee: 'getContent' },                  label: '$request->getContent() (Symfony)' },
+  { kind: 'source', id: 'php-symfony-get',     language: 'php', framework: 'symfony', match: { type: 'call', callee: 'get' },                         label: '$request->get() (Symfony)' },
 
   // ─── SINKS (SQL — Python) ─────────────────────────────────────────────────
   { kind: 'sink', id: 'py-cursor-execute',     language: 'py', framework: 'dbapi',      match: { type: 'call', callee: 'execute' }, argIndex: 0,
@@ -189,6 +216,74 @@ export const CATALOG = [
     vuln: { name: 'Native SQL Injection (EntityManager.createNativeQuery)', severity: 'critical', cwe: 'CWE-89',
             remediation: 'Use setParameter on the resulting Query.' } },
 
+  // ─── SINKS (SQL — Go) ──────────────────────────────────────────────────────
+  { kind: 'sink', id: 'go-db-query',    language: 'go', framework: 'database/sql', match: { type: 'call', callee: 'Query' },    argIndex: 0,
+    vuln: { name: 'SQL Injection (db.Query)', severity: 'critical', cwe: 'CWE-89',
+            remediation: 'Use parameterized queries: db.Query("SELECT * FROM t WHERE id = $1", id).' } },
+  { kind: 'sink', id: 'go-db-queryrow', language: 'go', framework: 'database/sql', match: { type: 'call', callee: 'QueryRow' }, argIndex: 0,
+    vuln: { name: 'SQL Injection (db.QueryRow)', severity: 'critical', cwe: 'CWE-89',
+            remediation: 'Use parameterized queries: db.QueryRow("... WHERE id = $1", id).' } },
+  { kind: 'sink', id: 'go-db-exec',     language: 'go', framework: 'database/sql', match: { type: 'call', callee: 'Exec' },     argIndex: 0,
+    vuln: { name: 'SQL Injection (db.Exec)', severity: 'critical', cwe: 'CWE-89',
+            remediation: 'Use parameterized queries with placeholder args.' } },
+  { kind: 'sink', id: 'go-gorm-raw',    language: 'go', framework: 'gorm',         match: { type: 'call', callee: 'Raw' },      argIndex: 0,
+    vuln: { name: 'SQL Injection (gorm.Raw)', severity: 'critical', cwe: 'CWE-89',
+            remediation: 'Use gorm.Where with parameterized placeholders: db.Where("name = ?", name).' } },
+  { kind: 'sink', id: 'go-gorm-exec',   language: 'go', framework: 'gorm',         match: { type: 'call', callee: 'Exec' },     argIndex: 0,
+    vuln: { name: 'SQL Injection (gorm.Exec)', severity: 'critical', cwe: 'CWE-89',
+            remediation: 'Use parameterized queries: db.Exec("UPDATE t SET x = ?", val).' } },
+  { kind: 'sink', id: 'go-fmt-fprintf',  language: 'go', framework: 'fmt',          match: { type: 'call', callee: 'Fprintf' },  argIndex: 1,
+    vuln: { name: 'XSS (fmt.Fprintf to ResponseWriter)', severity: 'high', cwe: 'CWE-79',
+            remediation: 'Use html/template for HTML output, not fmt.Fprintf with user input.' } },
+
+  // ─── SINKS (SQL — PHP) ─────────────────────────────────────────────────────
+  { kind: 'sink', id: 'php-mysqli-query',   language: 'php', framework: 'mysqli',  match: { type: 'call', callee: 'mysqli_query' },  argIndex: 1,
+    vuln: { name: 'SQL Injection (mysqli_query)', severity: 'critical', cwe: 'CWE-89',
+            remediation: 'Use prepared statements: $stmt = $conn->prepare("SELECT * WHERE id = ?"); $stmt->bind_param("i", $id);' } },
+  { kind: 'sink', id: 'php-pdo-query',     language: 'php', framework: 'pdo',     match: { type: 'call', callee: 'query' },         argIndex: 0,
+    vuln: { name: 'SQL Injection (PDO::query)', severity: 'critical', cwe: 'CWE-89',
+            remediation: 'Use PDO::prepare with bound parameters.' } },
+  { kind: 'sink', id: 'php-pdo-exec',      language: 'php', framework: 'pdo',     match: { type: 'call', callee: 'exec' },          argIndex: 0,
+    vuln: { name: 'SQL Injection (PDO::exec)', severity: 'critical', cwe: 'CWE-89',
+            remediation: 'Use PDO::prepare with bound parameters.' } },
+  { kind: 'sink', id: 'php-laravel-db-raw', language: 'php', framework: 'laravel', match: { type: 'call', callee: 'raw' },          argIndex: 0,
+    vuln: { name: 'SQL Injection (DB::raw)', severity: 'critical', cwe: 'CWE-89',
+            remediation: 'Use parameterized bindings: DB::select("SELECT * WHERE id = ?", [$id]).' } },
+  { kind: 'sink', id: 'php-exec',          language: 'php', framework: 'core',    match: { type: 'call', callee: 'exec' },          argIndex: 0,
+    vuln: { name: 'Command Injection (exec)', severity: 'critical', cwe: 'CWE-78',
+            remediation: 'Use escapeshellarg() on each argument and avoid shell metacharacters.' } },
+  { kind: 'sink', id: 'php-system',        language: 'php', framework: 'core',    match: { type: 'call', callee: 'system' },        argIndex: 0,
+    vuln: { name: 'Command Injection (system)', severity: 'critical', cwe: 'CWE-78',
+            remediation: 'Avoid system(); use proc_open with an argv array instead.' } },
+  { kind: 'sink', id: 'php-shell-exec',    language: 'php', framework: 'core',    match: { type: 'call', callee: 'shell_exec' },    argIndex: 0,
+    vuln: { name: 'Command Injection (shell_exec)', severity: 'critical', cwe: 'CWE-78',
+            remediation: 'Avoid shell_exec(); sanitize with escapeshellarg() if unavoidable.' } },
+
+  // ─── SINKS (SQL/CMD — Ruby) ───────────────────────────────────────────────
+  { kind: 'sink', id: 'rb-ar-where-string', language: 'rb', framework: 'rails',   match: { type: 'call', callee: 'where' },         argIndex: 0,
+    vuln: { name: 'SQL Injection (ActiveRecord where string)', severity: 'critical', cwe: 'CWE-89',
+            remediation: 'Use hash conditions: User.where(name: params[:name]).' } },
+  { kind: 'sink', id: 'rb-ar-find-by-sql', language: 'rb', framework: 'rails',    match: { type: 'call', callee: 'find_by_sql' },   argIndex: 0,
+    vuln: { name: 'SQL Injection (find_by_sql)', severity: 'critical', cwe: 'CWE-89',
+            remediation: 'Use parameterized SQL: find_by_sql(["SELECT * WHERE id = ?", id]).' } },
+  { kind: 'sink', id: 'rb-system',         language: 'rb', framework: 'stdlib',   match: { type: 'call', callee: 'system' },        argIndex: 0,
+    vuln: { name: 'Command Injection (Kernel.system)', severity: 'critical', cwe: 'CWE-78',
+            remediation: 'Use the array form: system("cmd", arg1, arg2).' } },
+  { kind: 'sink', id: 'rb-exec',           language: 'rb', framework: 'stdlib',   match: { type: 'call', callee: 'exec' },          argIndex: 0,
+    vuln: { name: 'Command Injection (Kernel.exec)', severity: 'critical', cwe: 'CWE-78',
+            remediation: 'Use the array form: exec("cmd", arg1, arg2).' } },
+  { kind: 'sink', id: 'rb-sinatra-erb',    language: 'rb', framework: 'sinatra',  match: { type: 'call', callee: 'erb' },           argIndex: 0,
+    vuln: { name: 'Server-Side Template Injection (Sinatra ERB)', severity: 'high', cwe: 'CWE-1336',
+            remediation: 'Use ERB auto-escaping. Never pass user input as the template name.' } },
+
+  // ─── SINKS (SQL — PHP / Symfony / Doctrine) ───────────────────────────────
+  { kind: 'sink', id: 'php-symfony-createquery',language:'php',framework:'symfony',match:{type:'call',callee:'createQuery'},   argIndex: 0,
+    vuln: { name: 'DQL Injection (Doctrine createQuery)', severity: 'critical', cwe: 'CWE-89',
+            remediation: 'Use DQL parameters: $em->createQuery("... WHERE e.id = :id")->setParameter("id", $id).' } },
+  { kind: 'sink', id: 'php-doctrine-nativequery',language:'php',framework:'doctrine',match:{type:'call',callee:'createNativeQuery'},argIndex:0,
+    vuln: { name: 'SQL Injection (Doctrine createNativeQuery)', severity: 'critical', cwe: 'CWE-89',
+            remediation: 'Use bound parameters with createNativeQuery.' } },
+
   // ─── SINKS (XSS / template — JS/TS / browser) ─────────────────────────────
   { kind: 'sink', id: 'js-innerHTML-assign', language: 'js', framework: 'dom', match: { type: 'member', object: '_any_', prop: 'innerHTML' }, argIndex: 'rhs',
     vuln: { name: 'DOM XSS (innerHTML)', severity: 'high', cwe: 'CWE-79',
@@ -366,6 +461,18 @@ export const CATALOG = [
   { kind: 'source', id: 'py-tornado-get-arg',   language: 'py', framework: 'tornado', match: { type: 'call', callee: 'get_argument'      }, argIndex: 0, label: 'tornado.get_argument', provenance: 'http-body' },
   { kind: 'source', id: 'py-tornado-get-args',  language: 'py', framework: 'tornado', match: { type: 'call', callee: 'get_arguments'     }, argIndex: 0, label: 'tornado.get_arguments', provenance: 'http-body' },
   { kind: 'source', id: 'py-tornado-get-body',  language: 'py', framework: 'tornado', match: { type: 'call', callee: 'get_body_argument' }, argIndex: 0, label: 'tornado.get_body_argument', provenance: 'http-body' },
+  // Starlette / Litestar — async ASGI sources.
+  { kind: 'source', id: 'py-starlette-json',   language: 'py', framework: 'starlette', match: { type: 'call', callee: 'json' },         label: 'request.json() (Starlette)', provenance: 'http-body' },
+  { kind: 'source', id: 'py-starlette-form',   language: 'py', framework: 'starlette', match: { type: 'call', callee: 'form' },         label: 'request.form() (Starlette)', provenance: 'http-body' },
+  { kind: 'source', id: 'py-starlette-body',   language: 'py', framework: 'starlette', match: { type: 'call', callee: 'body' },         label: 'request.body() (Starlette)', provenance: 'http-body' },
+  { kind: 'source', id: 'py-starlette-qparams',language: 'py', framework: 'starlette', match: { type: 'member', object: 'request', prop: 'query_params' }, label: 'request.query_params (Starlette)', provenance: 'url-param' },
+  { kind: 'source', id: 'py-starlette-path',   language: 'py', framework: 'starlette', match: { type: 'member', object: 'request', prop: 'path_params' },  label: 'request.path_params (Starlette)', provenance: 'path-param' },
+  { kind: 'source', id: 'py-litestar-data',    language: 'py', framework: 'litestar',  match: { type: 'call', callee: 'data' },         label: 'request.data() (Litestar)', provenance: 'http-body' },
+  // Sanic — async Python web.
+  { kind: 'source', id: 'py-sanic-args',       language: 'py', framework: 'sanic',     match: { type: 'member', object: 'request', prop: 'args' },  label: 'request.args (Sanic)', provenance: 'url-param' },
+  { kind: 'source', id: 'py-sanic-form',       language: 'py', framework: 'sanic',     match: { type: 'member', object: 'request', prop: 'form' },  label: 'request.form (Sanic)', provenance: 'http-body' },
+  { kind: 'source', id: 'py-sanic-json',       language: 'py', framework: 'sanic',     match: { type: 'member', object: 'request', prop: 'json' },  label: 'request.json (Sanic)', provenance: 'http-body' },
+  { kind: 'source', id: 'py-sanic-body',       language: 'py', framework: 'sanic',     match: { type: 'member', object: 'request', prop: 'body' },  label: 'request.body (Sanic)', provenance: 'http-body' },
   // sys.argv — CLI input source. (os.environ already declared above.)
   { kind: 'source', id: 'py-sys-argv',      language: 'py', framework: 'std', match: { type: 'member', object: 'sys', prop: 'argv'   }, label: 'sys.argv', provenance: 'cli' },
   // File reads.

package/src/dataflow/cross-repo.js

@@ -216,4 +216,78 @@ export function federatedFindings(graph) {
   return findings;
 }
 
-export const _internal = { _parseSpec, _endpointsFor, _leafPathsOf, _responseFields, _requestFields };
+// ── Intra-project cross-service taint ───────────────────────────────────────
+//
+// Detects HTTP client calls in one file whose target matches a route handler
+// in another file within the same project. When tainted data flows into the
+// client call's body, and the matching handler reads from req.body, emit a
+// cross-service finding.
+
+const _CLIENT_PATTERNS = [
+  { re: /\bfetch\s*\(\s*['"`]([^'"`]+)['"`]/g, method: null, bodyArg: true },
+  { re: /\baxios\.(\w+)\s*\(\s*['"`]([^'"`]+)['"`]/g, method: 1, pathGroup: 2, bodyArg: true },
+  { re: /\brequests\.(\w+)\s*\(\s*['"`]([^'"`]+)['"`]/g, method: 1, pathGroup: 2, bodyArg: true },
+  { re: /\bhttp\.NewRequest\s*\(\s*['"`](\w+)['"`]\s*,\s*['"`]([^'"`]+)['"`]/g, method: 1, pathGroup: 2 },
+];
+
+const _HANDLER_PATTERNS = [
+  { re: /\bapp\.(get|post|put|patch|delete)\s*\(\s*['"`]([^'"`]+)['"`]/g },
+  { re: /\brouter\.(get|post|put|patch|delete|HandleFunc)\s*\(\s*['"`]([^'"`]+)['"`]/g },
+  { re: /\b@app\.(route|get|post|put|patch|delete)\s*\(\s*['"`]([^'"`]+)['"`]/g },
+];
+
+function _normalizePath(p) {
+  return p.replace(/:[^/]+/g, '*').replace(/\{[^}]+\}/g, '*').replace(/<[^>]+>/g, '*').replace(/\/+$/, '');
+}
+
+export function detectIntraProjectServiceEdges(fileContents) {
+  if (!fileContents || typeof fileContents !== 'object') return [];
+  const consumers = [];
+  const producers = [];
+  for (const [fp, raw] of Object.entries(fileContents)) {
+    if (!raw || typeof raw !== 'string') continue;
+    const lineOf = (idx) => raw.slice(0, idx).split('\n').length;
+    for (const pat of _CLIENT_PATTERNS) {
+      pat.re.lastIndex = 0;
+      for (const m of raw.matchAll(pat.re)) {
+        const method = pat.method ? (m[pat.method] || 'get').toLowerCase() : 'get';
+        const path = m[pat.pathGroup || 1];
+        consumers.push({ file: fp, line: lineOf(m.index), method, path: _normalizePath(path) });
+      }
+    }
+    for (const pat of _HANDLER_PATTERNS) {
+      pat.re.lastIndex = 0;
+      for (const m of raw.matchAll(pat.re)) {
+        const method = m[1].toLowerCase();
+        const path = m[2];
+        producers.push({ file: fp, line: lineOf(m.index), method: method === 'route' ? 'any' : method, path: _normalizePath(path) });
+      }
+    }
+  }
+  const findings = [];
+  for (const c of consumers) {
+    for (const p of producers) {
+      if (c.file === p.file) continue;
+      if (p.method !== 'any' && c.method !== p.method) continue;
+      if (c.path !== p.path && !c.path.endsWith(p.path)) continue;
+      findings.push({
+        id: `cross-service:${c.file}:${c.line}->${p.file}:${p.line}`,
+        file: p.file,
+        line: p.line,
+        vuln: 'Cross-Service Taint — HTTP client in one file targets handler in another',
+        severity: 'medium',
+        family: 'cross-service-taint',
+        cwe: 'CWE-346',
+        parser: 'CROSS-SERVICE',
+        confidence: 0.60,
+        description: `HTTP client call in ${c.file}:${c.line} targets the route handler at ${p.file}:${p.line}. If tainted data flows through the client body into the handler's sink, this is a cross-service injection path.`,
+        remediation: 'Validate and sanitize all data crossing service boundaries, even internal ones. Treat internal API inputs the same as external user input.',
+        source: { file: c.file, line: c.line, label: `${c.method.toUpperCase()} ${c.path}` },
+        sink: { file: p.file, line: p.line, label: `handler ${p.path}` },
+      });
+    }
+  }
+  return findings;
+}
+
+export const _internal = { _parseSpec, _endpointsFor, _leafPathsOf, _responseFields, _requestFields, _normalizePath };