@nahisaho/musubix-security 2.0.1 → 2.1.1

package/dist/rules/cwe/cwe-89-sql-injection.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"cwe-89-sql-injection.d.ts","sourceRoot":"","sources":["../../../src/rules/cwe/cwe-89-sql-injection.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;GAaG;AAEH,OAAO,KAAK,EAAE,YAAY,EAA4B,MAAM,aAAa,CAAC;AAE1E;;GAEG;AACH,eAAO,MAAM,iBAAiB,EAAE,YAiC/B,CAAC;AAocF,eAAe,iBAAiB,CAAC"}

package/dist/rules/cwe/cwe-89-sql-injection.js

@@ -0,0 +1,456 @@
+/**
+ * @fileoverview CWE-89: Improper Neutralization of Special Elements used in an SQL Command (SQL Injection)
+ * @module @nahisaho/musubix-security/rules/cwe/cwe-89-sql-injection
+ * @trace TSK-RULE-005
+ *
+ * Detects:
+ * - String concatenation in SQL queries
+ * - Template literals with user input in SQL
+ * - Raw/unsafe query methods
+ * - ORM bypass patterns
+ * - Stored procedure injection
+ *
+ * CWE-89 is #3 in CWE Top 25 2023.
+ */
+/**
+ * CWE-89 - SQL Injection
+ */
+export const cwe89SQLInjection = {
+    id: 'cwe-89-sql-injection',
+    name: 'CWE-89: SQL Injection',
+    description: 'Detects SQL injection vulnerabilities from unsafe query construction',
+    defaultSeverity: 'critical',
+    category: 'injection',
+    tags: ['cwe', 'sql', 'injection', 'database', 'security'],
+    owasp: ['A03:2021'],
+    cwe: ['89'],
+    references: [
+        {
+            title: 'CWE-89: SQL Injection',
+            url: 'https://cwe.mitre.org/data/definitions/89.html',
+        },
+        {
+            title: 'OWASP SQL Injection Prevention',
+            url: 'https://cheatsheetseries.owasp.org/cheatsheets/SQL_Injection_Prevention_Cheat_Sheet.html',
+        },
+    ],
+    async analyze(context) {
+        const findings = [];
+        const sourceCode = context.sourceCode;
+        checkStringConcatenation(context, sourceCode, findings);
+        checkTemplateLiterals(context, sourceCode, findings);
+        checkRawQueryMethods(context, sourceCode, findings);
+        checkORMBypass(context, sourceCode, findings);
+        checkDynamicTableColumn(context, sourceCode, findings);
+        return findings;
+    },
+};
+/**
+ * Check for string concatenation in SQL queries
+ */
+function checkStringConcatenation(context, sourceCode, findings) {
+    const lines = sourceCode.split('\n');
+    const concatPatterns = [
+        {
+            pattern: /['"`]SELECT\s+.*\+\s*\w+/gi,
+            type: 'SELECT with concatenation',
+            message: 'SQL SELECT query built with string concatenation',
+        },
+        {
+            pattern: /['"`]INSERT\s+INTO\s+.*\+\s*\w+/gi,
+            type: 'INSERT with concatenation',
+            message: 'SQL INSERT query built with string concatenation',
+        },
+        {
+            pattern: /['"`]UPDATE\s+.*SET\s+.*\+\s*\w+/gi,
+            type: 'UPDATE with concatenation',
+            message: 'SQL UPDATE query built with string concatenation',
+        },
+        {
+            pattern: /['"`]DELETE\s+FROM\s+.*\+\s*\w+/gi,
+            type: 'DELETE with concatenation',
+            message: 'SQL DELETE query built with string concatenation',
+        },
+        {
+            pattern: /['"`]WHERE\s+.*\+\s*(?:req\.|params\.|query\.|body\.|user)/gi,
+            type: 'WHERE clause with user input',
+            message: 'SQL WHERE clause concatenated with user-controlled input',
+        },
+        {
+            pattern: /['"`].*(?:AND|OR)\s+.*\+\s*(?:req\.|params\.|query\.|body\.)/gi,
+            type: 'Condition with user input',
+            message: 'SQL condition concatenated with user-controlled input',
+        },
+        {
+            pattern: /['"`]ORDER\s+BY\s+.*\+\s*\w+/gi,
+            type: 'ORDER BY with concatenation',
+            message: 'SQL ORDER BY clause built with string concatenation',
+        },
+        {
+            pattern: /['"`]GROUP\s+BY\s+.*\+\s*\w+/gi,
+            type: 'GROUP BY with concatenation',
+            message: 'SQL GROUP BY clause built with string concatenation',
+        },
+        {
+            pattern: /['"`]LIMIT\s+.*\+\s*\w+|['"`]OFFSET\s+.*\+\s*\w+/gi,
+            type: 'LIMIT/OFFSET with concatenation',
+            message: 'SQL LIMIT/OFFSET built with string concatenation',
+        },
+    ];
+    for (let lineNum = 0; lineNum < lines.length; lineNum++) {
+        const line = lines[lineNum];
+        for (const { pattern, type, message } of concatPatterns) {
+            pattern.lastIndex = 0;
+            if (pattern.test(line)) {
+                findings.push({
+                    id: `cwe-89-concat-${findings.length + 1}`,
+                    ruleId: 'cwe-89-sql-injection',
+                    severity: 'critical',
+                    message: `SQL Injection - ${type}: ${message}`,
+                    location: {
+                        file: context.filePath,
+                        startLine: lineNum + 1,
+                        endLine: lineNum + 1,
+                        startColumn: 0,
+                        endColumn: line.length,
+                    },
+                    cwe: ['89'],
+                    owasp: ['A03:2021'],
+                    suggestion: {
+                        description: 'Use parameterized queries',
+                        example: `// PostgreSQL with node-pg:
+const result = await client.query(
+  'SELECT * FROM users WHERE id = $1',
+  [userId]
+);
+
+// MySQL with mysql2:
+const [rows] = await connection.execute(
+  'SELECT * FROM users WHERE id = ?',
+  [userId]
+);`,
+                    },
+                });
+            }
+        }
+    }
+}
+/**
+ * Check for template literals in SQL queries
+ */
+function checkTemplateLiterals(context, sourceCode, findings) {
+    const lines = sourceCode.split('\n');
+    const templatePatterns = [
+        {
+            pattern: /`SELECT\s+[^`]*\$\{[^}]+\}/gi,
+            type: 'SELECT with template literal',
+            message: 'SQL SELECT query uses template literal interpolation',
+        },
+        {
+            pattern: /`INSERT\s+INTO\s+[^`]*\$\{[^}]+\}/gi,
+            type: 'INSERT with template literal',
+            message: 'SQL INSERT query uses template literal interpolation',
+        },
+        {
+            pattern: /`UPDATE\s+[^`]*SET[^`]*\$\{[^}]+\}/gi,
+            type: 'UPDATE with template literal',
+            message: 'SQL UPDATE query uses template literal interpolation',
+        },
+        {
+            pattern: /`DELETE\s+FROM\s+[^`]*\$\{[^}]+\}/gi,
+            type: 'DELETE with template literal',
+            message: 'SQL DELETE query uses template literal interpolation',
+        },
+        {
+            pattern: /`[^`]*WHERE[^`]*\$\{(?:req\.|params\.|query\.|body\.)[^}]+\}/gi,
+            type: 'WHERE with user input interpolation',
+            message: 'SQL WHERE clause interpolates user-controlled input',
+        },
+    ];
+    for (let lineNum = 0; lineNum < lines.length; lineNum++) {
+        const line = lines[lineNum];
+        for (const { pattern, type, message } of templatePatterns) {
+            pattern.lastIndex = 0;
+            if (pattern.test(line)) {
+                findings.push({
+                    id: `cwe-89-template-${findings.length + 1}`,
+                    ruleId: 'cwe-89-sql-injection',
+                    severity: 'critical',
+                    message: `SQL Injection - ${type}: ${message}`,
+                    location: {
+                        file: context.filePath,
+                        startLine: lineNum + 1,
+                        endLine: lineNum + 1,
+                        startColumn: 0,
+                        endColumn: line.length,
+                    },
+                    cwe: ['89'],
+                    owasp: ['A03:2021'],
+                    suggestion: {
+                        description: 'Use tagged template literals or parameterized queries',
+                        example: `// Use sql-template-strings or similar:
+import sql from 'sql-template-strings';
+const query = sql\`SELECT * FROM users WHERE id = \${userId}\`;
+// This creates a parameterized query automatically
+
+// Or use ORM:
+const user = await User.findOne({ where: { id: userId } });`,
+                    },
+                });
+            }
+        }
+    }
+}
+/**
+ * Check for raw query methods that bypass parameterization
+ */
+function checkRawQueryMethods(context, sourceCode, findings) {
+    const lines = sourceCode.split('\n');
+    const rawPatterns = [
+        {
+            pattern: /\.raw\s*\(\s*['"`].*\+/gi,
+            type: 'Raw query with concatenation',
+            message: 'ORM raw query method with string concatenation',
+            severity: 'critical',
+        },
+        {
+            pattern: /\.raw\s*\(\s*`[^`]*\$\{/gi,
+            type: 'Raw query with interpolation',
+            message: 'ORM raw query method with template literal interpolation',
+            severity: 'critical',
+        },
+        {
+            pattern: /sequelize\.query\s*\(\s*['"`].*\+/gi,
+            type: 'Sequelize query with concatenation',
+            message: 'Sequelize raw query with string concatenation',
+            severity: 'critical',
+        },
+        {
+            pattern: /knex\.raw\s*\(\s*['"`].*\+/gi,
+            type: 'Knex raw with concatenation',
+            message: 'Knex raw query with string concatenation',
+            severity: 'critical',
+        },
+        {
+            pattern: /prisma\.\$executeRaw\s*`[^`]*\$\{/gi,
+            type: 'Prisma executeRaw with interpolation',
+            message: 'Prisma $executeRaw with interpolation - use $executeRaw with Prisma.sql',
+            severity: 'high',
+        },
+        {
+            pattern: /prisma\.\$queryRaw\s*`[^`]*\$\{/gi,
+            type: 'Prisma queryRaw with interpolation',
+            message: 'Prisma $queryRaw with interpolation - ensure using tagged template',
+            severity: 'medium',
+        },
+        {
+            pattern: /typeorm.*query\s*\(\s*['"`].*\+/gi,
+            type: 'TypeORM query with concatenation',
+            message: 'TypeORM query with string concatenation',
+            severity: 'critical',
+        },
+        {
+            pattern: /\.exec\s*\(\s*['"`](?:SELECT|INSERT|UPDATE|DELETE).*\+/gi,
+            type: 'Database exec with concatenation',
+            message: 'Database exec method with string concatenation',
+            severity: 'critical',
+        },
+    ];
+    for (let lineNum = 0; lineNum < lines.length; lineNum++) {
+        const line = lines[lineNum];
+        for (const { pattern, type, message, severity } of rawPatterns) {
+            pattern.lastIndex = 0;
+            if (pattern.test(line)) {
+                findings.push({
+                    id: `cwe-89-raw-${findings.length + 1}`,
+                    ruleId: 'cwe-89-sql-injection',
+                    severity,
+                    message: `SQL Injection - ${type}: ${message}`,
+                    location: {
+                        file: context.filePath,
+                        startLine: lineNum + 1,
+                        endLine: lineNum + 1,
+                        startColumn: 0,
+                        endColumn: line.length,
+                    },
+                    cwe: ['89'],
+                    owasp: ['A03:2021'],
+                    suggestion: {
+                        description: 'Use parameterized raw queries',
+                        example: `// Sequelize with replacements:
+await sequelize.query(
+  'SELECT * FROM users WHERE id = :userId',
+  { replacements: { userId }, type: QueryTypes.SELECT }
+);
+
+// Knex with bindings:
+await knex.raw('SELECT * FROM users WHERE id = ?', [userId]);
+
+// Prisma with Prisma.sql:
+await prisma.$queryRaw(Prisma.sql\`SELECT * FROM users WHERE id = \${userId}\`);`,
+                    },
+                });
+            }
+        }
+    }
+}
+/**
+ * Check for ORM query builder bypass patterns
+ */
+function checkORMBypass(context, sourceCode, findings) {
+    const lines = sourceCode.split('\n');
+    const bypassPatterns = [
+        {
+            pattern: /\.where\s*\(\s*`[^`]*\$\{/gi,
+            type: 'ORM where with interpolation',
+            message: 'ORM where clause with template literal interpolation',
+            severity: 'high',
+        },
+        {
+            pattern: /\.where\s*\(\s*['"`].*\+/gi,
+            type: 'ORM where with concatenation',
+            message: 'ORM where clause with string concatenation',
+            severity: 'high',
+        },
+        {
+            pattern: /\.orderBy\s*\(\s*(?:req\.|params\.|query\.|body\.)/gi,
+            type: 'ORM orderBy with user input',
+            message: 'ORM orderBy with user-controlled input may allow injection',
+            severity: 'medium',
+        },
+        {
+            pattern: /\.having\s*\(\s*['"`].*\+/gi,
+            type: 'ORM having with concatenation',
+            message: 'ORM having clause with string concatenation',
+            severity: 'high',
+        },
+        {
+            pattern: /\.whereRaw\s*\(\s*['"`].*\+/gi,
+            type: 'whereRaw with concatenation',
+            message: 'whereRaw with string concatenation bypasses parameterization',
+            severity: 'critical',
+        },
+        {
+            pattern: /Sequelize\.literal\s*\(\s*['"`].*\+/gi,
+            type: 'Sequelize.literal with concatenation',
+            message: 'Sequelize.literal with concatenation allows raw SQL',
+            severity: 'critical',
+        },
+    ];
+    for (let lineNum = 0; lineNum < lines.length; lineNum++) {
+        const line = lines[lineNum];
+        for (const { pattern, type, message, severity } of bypassPatterns) {
+            pattern.lastIndex = 0;
+            if (pattern.test(line)) {
+                findings.push({
+                    id: `cwe-89-orm-${findings.length + 1}`,
+                    ruleId: 'cwe-89-sql-injection',
+                    severity,
+                    message: `SQL Injection - ${type}: ${message}`,
+                    location: {
+                        file: context.filePath,
+                        startLine: lineNum + 1,
+                        endLine: lineNum + 1,
+                        startColumn: 0,
+                        endColumn: line.length,
+                    },
+                    cwe: ['89'],
+                    owasp: ['A03:2021'],
+                    suggestion: {
+                        description: 'Use ORM query builder methods safely',
+                        example: `// Knex where with object:
+await knex('users').where({ id: userId });
+
+// Sequelize findOne:
+await User.findOne({ where: { id: userId } });
+
+// For dynamic columns, whitelist allowed values:
+const allowedColumns = ['name', 'date', 'id'];
+const column = allowedColumns.includes(sortBy) ? sortBy : 'id';
+await knex('users').orderBy(column);`,
+                    },
+                });
+            }
+        }
+    }
+}
+/**
+ * Check for dynamic table/column name injection
+ */
+function checkDynamicTableColumn(context, sourceCode, findings) {
+    const lines = sourceCode.split('\n');
+    const dynamicPatterns = [
+        {
+            pattern: /['"`]SELECT\s+\*\s+FROM\s+['"`]\s*\+\s*\w+/gi,
+            type: 'Dynamic table name',
+            message: 'Table name built from variable may allow injection',
+            severity: 'high',
+        },
+        {
+            pattern: /`SELECT\s+\*\s+FROM\s+\$\{/gi,
+            type: 'Interpolated table name',
+            message: 'Table name from template interpolation may allow injection',
+            severity: 'high',
+        },
+        {
+            pattern: /['"`]SELECT\s+['"`]\s*\+\s*\w+\s*\+\s*['"`]\s+FROM/gi,
+            type: 'Dynamic column selection',
+            message: 'Column name built from variable may allow injection',
+            severity: 'medium',
+        },
+        {
+            pattern: /\.from\s*\(\s*(?:req\.|params\.|query\.|body\.)/gi,
+            type: 'ORM from with user input',
+            message: 'Table name from user input in ORM query',
+            severity: 'critical',
+        },
+        {
+            pattern: /\.into\s*\(\s*(?:req\.|params\.|query\.|body\.)/gi,
+            type: 'ORM into with user input',
+            message: 'Table name from user input in ORM insert',
+            severity: 'critical',
+        },
+    ];
+    for (let lineNum = 0; lineNum < lines.length; lineNum++) {
+        const line = lines[lineNum];
+        for (const { pattern, type, message, severity } of dynamicPatterns) {
+            pattern.lastIndex = 0;
+            if (pattern.test(line)) {
+                findings.push({
+                    id: `cwe-89-dynamic-${findings.length + 1}`,
+                    ruleId: 'cwe-89-sql-injection',
+                    severity,
+                    message: `SQL Injection - ${type}: ${message}`,
+                    location: {
+                        file: context.filePath,
+                        startLine: lineNum + 1,
+                        endLine: lineNum + 1,
+                        startColumn: 0,
+                        endColumn: line.length,
+                    },
+                    cwe: ['89'],
+                    owasp: ['A03:2021'],
+                    suggestion: {
+                        description: 'Whitelist allowed table and column names',
+                        example: `// Whitelist allowed tables:
+const allowedTables = ['users', 'products', 'orders'];
+if (!allowedTables.includes(tableName)) {
+  throw new Error('Invalid table name');
+}
+
+// Use identifier escaping:
+const escapedTable = connection.escapeId(tableName);
+
+// Or use ORM model mapping:
+const models = { users: User, products: Product };
+const Model = models[tableName];
+if (!Model) throw new Error('Invalid model');
+await Model.findAll();`,
+                    },
+                });
+            }
+        }
+    }
+}
+export default cwe89SQLInjection;
+//# sourceMappingURL=cwe-89-sql-injection.js.map

package/dist/rules/cwe/cwe-89-sql-injection.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"cwe-89-sql-injection.js","sourceRoot":"","sources":["../../../src/rules/cwe/cwe-89-sql-injection.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;GAaG;AAIH;;GAEG;AACH,MAAM,CAAC,MAAM,iBAAiB,GAAiB;IAC7C,EAAE,EAAE,sBAAsB;IAC1B,IAAI,EAAE,uBAAuB;IAC7B,WAAW,EACT,sEAAsE;IACxE,eAAe,EAAE,UAAU;IAC3B,QAAQ,EAAE,WAAW;IACrB,IAAI,EAAE,CAAC,KAAK,EAAE,KAAK,EAAE,WAAW,EAAE,UAAU,EAAE,UAAU,CAAC;IACzD,KAAK,EAAE,CAAC,UAAU,CAAC;IACnB,GAAG,EAAE,CAAC,IAAI,CAAC;IACX,UAAU,EAAE;QACV;YACE,KAAK,EAAE,uBAAuB;YAC9B,GAAG,EAAE,gDAAgD;SACtD;QACD;YACE,KAAK,EAAE,gCAAgC;YACvC,GAAG,EAAE,0FAA0F;SAChG;KACF;IAED,KAAK,CAAC,OAAO,CAAC,OAAoB;QAChC,MAAM,QAAQ,GAAkB,EAAE,CAAC;QACnC,MAAM,UAAU,GAAG,OAAO,CAAC,UAAU,CAAC;QAEtC,wBAAwB,CAAC,OAAO,EAAE,UAAU,EAAE,QAAQ,CAAC,CAAC;QACxD,qBAAqB,CAAC,OAAO,EAAE,UAAU,EAAE,QAAQ,CAAC,CAAC;QACrD,oBAAoB,CAAC,OAAO,EAAE,UAAU,EAAE,QAAQ,CAAC,CAAC;QACpD,cAAc,CAAC,OAAO,EAAE,UAAU,EAAE,QAAQ,CAAC,CAAC;QAC9C,uBAAuB,CAAC,OAAO,EAAE,UAAU,EAAE,QAAQ,CAAC,CAAC;QAEvD,OAAO,QAAQ,CAAC;IAClB,CAAC;CACF,CAAC;AAEF;;GAEG;AACH,SAAS,wBAAwB,CAC/B,OAAoB,EACpB,UAAkB,EAClB,QAAuB;IAEvB,MAAM,KAAK,GAAG,UAAU,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;IAErC,MAAM,cAAc,GAAG;QACrB;YACE,OAAO,EAAE,4BAA4B;YACrC,IAAI,EAAE,2BAA2B;YACjC,OAAO,EAAE,kDAAkD;SAC5D;QACD;YACE,OAAO,EAAE,mCAAmC;YAC5C,IAAI,EAAE,2BAA2B;YACjC,OAAO,EAAE,kDAAkD;SAC5D;QACD;YACE,OAAO,EAAE,oCAAoC;YAC7C,IAAI,EAAE,2BAA2B;YACjC,OAAO,EAAE,kDAAkD;SAC5D;QACD;YACE,OAAO,EAAE,mCAAmC;YAC5C,IAAI,EAAE,2BAA2B;YACjC,OAAO,EAAE,kDAAkD;SAC5D;QACD;YACE,OAAO,EAAE,8DAA8D;YACvE,IAAI,EAAE,8BAA8B;YACpC,OAAO,EAAE,0DAA0D;SACpE;QACD;YACE,OAAO,EAAE,gEAAgE;YACzE,IAAI,EAAE,2BAA2B;YACjC,OAAO,EAAE,uDAAuD;SACjE;QACD;YACE,OAAO,EAAE,gCAAgC;YACzC,IAAI,EAAE,6BAA6B;YACnC,OAAO,EAAE,qDAAqD;SAC/D;QACD;YACE,OAAO,EAAE,gCAAgC;YACzC,IAAI,EAAE,6BAA6B;YACnC,OAAO,EAAE,qDAAqD;SAC/D;QACD;YACE,OAAO,EAAE,oDAAoD;YAC7D,IAAI,EAAE,iCAAiC;YACvC,OAAO,EAAE,kDAAkD;SAC5D;KACF,CAAC;IAEF,KAAK,IAAI,OAAO,GAAG,CAAC,EAAE,OAAO,GAAG,KAAK,CAAC,MAAM,EAAE,OAAO,EAAE,EAAE,CAAC;QACxD,MAAM,IAAI,GAAG,KAAK,CAAC,OAAO,CAAC,CAAC;QAE5B,KAAK,MAAM,EAAE,OAAO,EAAE,IAAI,EAAE,OAAO,EAAE,IAAI,cAAc,EAAE,CAAC;YACxD,OAAO,CAAC,SAAS,GAAG,CAAC,CAAC;YACtB,IAAI,OAAO,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC;gBACvB,QAAQ,CAAC,IAAI,CAAC;oBACZ,EAAE,EAAE,iBAAiB,QAAQ,CAAC,MAAM,GAAG,CAAC,EAAE;oBAC1C,MAAM,EAAE,sBAAsB;oBAC9B,QAAQ,EAAE,UAAU;oBACpB,OAAO,EAAE,mBAAmB,IAAI,KAAK,OAAO,EAAE;oBAC9C,QAAQ,EAAE;wBACR,IAAI,EAAE,OAAO,CAAC,QAAQ;wBACtB,SAAS,EAAE,OAAO,GAAG,CAAC;wBACtB,OAAO,EAAE,OAAO,GAAG,CAAC;wBACpB,WAAW,EAAE,CAAC;wBACd,SAAS,EAAE,IAAI,CAAC,MAAM;qBACvB;oBACD,GAAG,EAAE,CAAC,IAAI,CAAC;oBACX,KAAK,EAAE,CAAC,UAAU,CAAC;oBACnB,UAAU,EAAE;wBACV,WAAW,EAAE,2BAA2B;wBACxC,OAAO,EAAE;;;;;;;;;;GAUlB;qBACQ;iBACF,CAAC,CAAC;YACL,CAAC;QACH,CAAC;IACH,CAAC;AACH,CAAC;AAED;;GAEG;AACH,SAAS,qBAAqB,CAC5B,OAAoB,EACpB,UAAkB,EAClB,QAAuB;IAEvB,MAAM,KAAK,GAAG,UAAU,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;IAErC,MAAM,gBAAgB,GAAG;QACvB;YACE,OAAO,EAAE,8BAA8B;YACvC,IAAI,EAAE,8BAA8B;YACpC,OAAO,EAAE,sDAAsD;SAChE;QACD;YACE,OAAO,EAAE,qCAAqC;YAC9C,IAAI,EAAE,8BAA8B;YACpC,OAAO,EAAE,sDAAsD;SAChE;QACD;YACE,OAAO,EAAE,sCAAsC;YAC/C,IAAI,EAAE,8BAA8B;YACpC,OAAO,EAAE,sDAAsD;SAChE;QACD;YACE,OAAO,EAAE,qCAAqC;YAC9C,IAAI,EAAE,8BAA8B;YACpC,OAAO,EAAE,sDAAsD;SAChE;QACD;YACE,OAAO,EAAE,gEAAgE;YACzE,IAAI,EAAE,qCAAqC;YAC3C,OAAO,EAAE,qDAAqD;SAC/D;KACF,CAAC;IAEF,KAAK,IAAI,OAAO,GAAG,CAAC,EAAE,OAAO,GAAG,KAAK,CAAC,MAAM,EAAE,OAAO,EAAE,EAAE,CAAC;QACxD,MAAM,IAAI,GAAG,KAAK,CAAC,OAAO,CAAC,CAAC;QAE5B,KAAK,MAAM,EAAE,OAAO,EAAE,IAAI,EAAE,OAAO,EAAE,IAAI,gBAAgB,EAAE,CAAC;YAC1D,OAAO,CAAC,SAAS,GAAG,CAAC,CAAC;YACtB,IAAI,OAAO,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC;gBACvB,QAAQ,CAAC,IAAI,CAAC;oBACZ,EAAE,EAAE,mBAAmB,QAAQ,CAAC,MAAM,GAAG,CAAC,EAAE;oBAC5C,MAAM,EAAE,sBAAsB;oBAC9B,QAAQ,EAAE,UAAU;oBACpB,OAAO,EAAE,mBAAmB,IAAI,KAAK,OAAO,EAAE;oBAC9C,QAAQ,EAAE;wBACR,IAAI,EAAE,OAAO,CAAC,QAAQ;wBACtB,SAAS,EAAE,OAAO,GAAG,CAAC;wBACtB,OAAO,EAAE,OAAO,GAAG,CAAC;wBACpB,WAAW,EAAE,CAAC;wBACd,SAAS,EAAE,IAAI,CAAC,MAAM;qBACvB;oBACD,GAAG,EAAE,CAAC,IAAI,CAAC;oBACX,KAAK,EAAE,CAAC,UAAU,CAAC;oBACnB,UAAU,EAAE;wBACV,WAAW,EAAE,uDAAuD;wBACpE,OAAO,EAAE;;;;;;4DAMuC;qBACjD;iBACF,CAAC,CAAC;YACL,CAAC;QACH,CAAC;IACH,CAAC;AACH,CAAC;AAED;;GAEG;AACH,SAAS,oBAAoB,CAC3B,OAAoB,EACpB,UAAkB,EAClB,QAAuB;IAEvB,MAAM,KAAK,GAAG,UAAU,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;IAErC,MAAM,WAAW,GAAG;QAClB;YACE,OAAO,EAAE,0BAA0B;YACnC,IAAI,EAAE,8BAA8B;YACpC,OAAO,EAAE,gDAAgD;YACzD,QAAQ,EAAE,UAAmB;SAC9B;QACD;YACE,OAAO,EAAE,2BAA2B;YACpC,IAAI,EAAE,8BAA8B;YACpC,OAAO,EAAE,0DAA0D;YACnE,QAAQ,EAAE,UAAmB;SAC9B;QACD;YACE,OAAO,EAAE,qCAAqC;YAC9C,IAAI,EAAE,oCAAoC;YAC1C,OAAO,EAAE,+CAA+C;YACxD,QAAQ,EAAE,UAAmB;SAC9B;QACD;YACE,OAAO,EAAE,8BAA8B;YACvC,IAAI,EAAE,6BAA6B;YACnC,OAAO,EAAE,0CAA0C;YACnD,QAAQ,EAAE,UAAmB;SAC9B;QACD;YACE,OAAO,EAAE,qCAAqC;YAC9C,IAAI,EAAE,sCAAsC;YAC5C,OAAO,EACL,yEAAyE;YAC3E,QAAQ,EAAE,MAAe;SAC1B;QACD;YACE,OAAO,EAAE,mCAAmC;YAC5C,IAAI,EAAE,oCAAoC;YAC1C,OAAO,EACL,oEAAoE;YACtE,QAAQ,EAAE,QAAiB;SAC5B;QACD;YACE,OAAO,EAAE,mCAAmC;YAC5C,IAAI,EAAE,kCAAkC;YACxC,OAAO,EAAE,yCAAyC;YAClD,QAAQ,EAAE,UAAmB;SAC9B;QACD;YACE,OAAO,EAAE,0DAA0D;YACnE,IAAI,EAAE,kCAAkC;YACxC,OAAO,EAAE,gDAAgD;YACzD,QAAQ,EAAE,UAAmB;SAC9B;KACF,CAAC;IAEF,KAAK,IAAI,OAAO,GAAG,CAAC,EAAE,OAAO,GAAG,KAAK,CAAC,MAAM,EAAE,OAAO,EAAE,EAAE,CAAC;QACxD,MAAM,IAAI,GAAG,KAAK,CAAC,OAAO,CAAC,CAAC;QAE5B,KAAK,MAAM,EAAE,OAAO,EAAE,IAAI,EAAE,OAAO,EAAE,QAAQ,EAAE,IAAI,WAAW,EAAE,CAAC;YAC/D,OAAO,CAAC,SAAS,GAAG,CAAC,CAAC;YACtB,IAAI,OAAO,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC;gBACvB,QAAQ,CAAC,IAAI,CAAC;oBACZ,EAAE,EAAE,cAAc,QAAQ,CAAC,MAAM,GAAG,CAAC,EAAE;oBACvC,MAAM,EAAE,sBAAsB;oBAC9B,QAAQ;oBACR,OAAO,EAAE,mBAAmB,IAAI,KAAK,OAAO,EAAE;oBAC9C,QAAQ,EAAE;wBACR,IAAI,EAAE,OAAO,CAAC,QAAQ;wBACtB,SAAS,EAAE,OAAO,GAAG,CAAC;wBACtB,OAAO,EAAE,OAAO,GAAG,CAAC;wBACpB,WAAW,EAAE,CAAC;wBACd,SAAS,EAAE,IAAI,CAAC,MAAM;qBACvB;oBACD,GAAG,EAAE,CAAC,IAAI,CAAC;oBACX,KAAK,EAAE,CAAC,UAAU,CAAC;oBACnB,UAAU,EAAE;wBACV,WAAW,EAAE,+BAA+B;wBAC5C,OAAO,EAAE;;;;;;;;;;iFAU4D;qBACtE;iBACF,CAAC,CAAC;YACL,CAAC;QACH,CAAC;IACH,CAAC;AACH,CAAC;AAED;;GAEG;AACH,SAAS,cAAc,CACrB,OAAoB,EACpB,UAAkB,EAClB,QAAuB;IAEvB,MAAM,KAAK,GAAG,UAAU,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;IAErC,MAAM,cAAc,GAAG;QACrB;YACE,OAAO,EAAE,6BAA6B;YACtC,IAAI,EAAE,8BAA8B;YACpC,OAAO,EAAE,sDAAsD;YAC/D,QAAQ,EAAE,MAAe;SAC1B;QACD;YACE,OAAO,EAAE,4BAA4B;YACrC,IAAI,EAAE,8BAA8B;YACpC,OAAO,EAAE,4CAA4C;YACrD,QAAQ,EAAE,MAAe;SAC1B;QACD;YACE,OAAO,EAAE,sDAAsD;YAC/D,IAAI,EAAE,6BAA6B;YACnC,OAAO,EACL,4DAA4D;YAC9D,QAAQ,EAAE,QAAiB;SAC5B;QACD;YACE,OAAO,EAAE,6BAA6B;YACtC,IAAI,EAAE,+BAA+B;YACrC,OAAO,EAAE,6CAA6C;YACtD,QAAQ,EAAE,MAAe;SAC1B;QACD;YACE,OAAO,EAAE,+BAA+B;YACxC,IAAI,EAAE,6BAA6B;YACnC,OAAO,EAAE,8DAA8D;YACvE,QAAQ,EAAE,UAAmB;SAC9B;QACD;YACE,OAAO,EAAE,uCAAuC;YAChD,IAAI,EAAE,sCAAsC;YAC5C,OAAO,EAAE,qDAAqD;YAC9D,QAAQ,EAAE,UAAmB;SAC9B;KACF,CAAC;IAEF,KAAK,IAAI,OAAO,GAAG,CAAC,EAAE,OAAO,GAAG,KAAK,CAAC,MAAM,EAAE,OAAO,EAAE,EAAE,CAAC;QACxD,MAAM,IAAI,GAAG,KAAK,CAAC,OAAO,CAAC,CAAC;QAE5B,KAAK,MAAM,EAAE,OAAO,EAAE,IAAI,EAAE,OAAO,EAAE,QAAQ,EAAE,IAAI,cAAc,EAAE,CAAC;YAClE,OAAO,CAAC,SAAS,GAAG,CAAC,CAAC;YACtB,IAAI,OAAO,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC;gBACvB,QAAQ,CAAC,IAAI,CAAC;oBACZ,EAAE,EAAE,cAAc,QAAQ,CAAC,MAAM,GAAG,CAAC,EAAE;oBACvC,MAAM,EAAE,sBAAsB;oBAC9B,QAAQ;oBACR,OAAO,EAAE,mBAAmB,IAAI,KAAK,OAAO,EAAE;oBAC9C,QAAQ,EAAE;wBACR,IAAI,EAAE,OAAO,CAAC,QAAQ;wBACtB,SAAS,EAAE,OAAO,GAAG,CAAC;wBACtB,OAAO,EAAE,OAAO,GAAG,CAAC;wBACpB,WAAW,EAAE,CAAC;wBACd,SAAS,EAAE,IAAI,CAAC,MAAM;qBACvB;oBACD,GAAG,EAAE,CAAC,IAAI,CAAC;oBACX,KAAK,EAAE,CAAC,UAAU,CAAC;oBACnB,UAAU,EAAE;wBACV,WAAW,EAAE,sCAAsC;wBACnD,OAAO,EAAE;;;;;;;;;qCASgB;qBAC1B;iBACF,CAAC,CAAC;YACL,CAAC;QACH,CAAC;IACH,CAAC;AACH,CAAC;AAED;;GAEG;AACH,SAAS,uBAAuB,CAC9B,OAAoB,EACpB,UAAkB,EAClB,QAAuB;IAEvB,MAAM,KAAK,GAAG,UAAU,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;IAErC,MAAM,eAAe,GAAG;QACtB;YACE,OAAO,EAAE,8CAA8C;YACvD,IAAI,EAAE,oBAAoB;YAC1B,OAAO,EAAE,oDAAoD;YAC7D,QAAQ,EAAE,MAAe;SAC1B;QACD;YACE,OAAO,EAAE,8BAA8B;YACvC,IAAI,EAAE,yBAAyB;YAC/B,OAAO,EAAE,4DAA4D;YACrE,QAAQ,EAAE,MAAe;SAC1B;QACD;YACE,OAAO,EAAE,sDAAsD;YAC/D,IAAI,EAAE,0BAA0B;YAChC,OAAO,EAAE,qDAAqD;YAC9D,QAAQ,EAAE,QAAiB;SAC5B;QACD;YACE,OAAO,EAAE,mDAAmD;YAC5D,IAAI,EAAE,0BAA0B;YAChC,OAAO,EAAE,yCAAyC;YAClD,QAAQ,EAAE,UAAmB;SAC9B;QACD;YACE,OAAO,EAAE,mDAAmD;YAC5D,IAAI,EAAE,0BAA0B;YAChC,OAAO,EAAE,0CAA0C;YACnD,QAAQ,EAAE,UAAmB;SAC9B;KACF,CAAC;IAEF,KAAK,IAAI,OAAO,GAAG,CAAC,EAAE,OAAO,GAAG,KAAK,CAAC,MAAM,EAAE,OAAO,EAAE,EAAE,CAAC;QACxD,MAAM,IAAI,GAAG,KAAK,CAAC,OAAO,CAAC,CAAC;QAE5B,KAAK,MAAM,EAAE,OAAO,EAAE,IAAI,EAAE,OAAO,EAAE,QAAQ,EAAE,IAAI,eAAe,EAAE,CAAC;YACnE,OAAO,CAAC,SAAS,GAAG,CAAC,CAAC;YACtB,IAAI,OAAO,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC;gBACvB,QAAQ,CAAC,IAAI,CAAC;oBACZ,EAAE,EAAE,kBAAkB,QAAQ,CAAC,MAAM,GAAG,CAAC,EAAE;oBAC3C,MAAM,EAAE,sBAAsB;oBAC9B,QAAQ;oBACR,OAAO,EAAE,mBAAmB,IAAI,KAAK,OAAO,EAAE;oBAC9C,QAAQ,EAAE;wBACR,IAAI,EAAE,OAAO,CAAC,QAAQ;wBACtB,SAAS,EAAE,OAAO,GAAG,CAAC;wBACtB,OAAO,EAAE,OAAO,GAAG,CAAC;wBACpB,WAAW,EAAE,CAAC;wBACd,SAAS,EAAE,IAAI,CAAC,MAAM;qBACvB;oBACD,GAAG,EAAE,CAAC,IAAI,CAAC;oBACX,KAAK,EAAE,CAAC,UAAU,CAAC;oBACnB,UAAU,EAAE;wBACV,WAAW,EAAE,0CAA0C;wBACvD,OAAO,EAAE;;;;;;;;;;;;;uBAaE;qBACZ;iBACF,CAAC,CAAC;YACL,CAAC;QACH,CAAC;IACH,CAAC;AACH,CAAC;AAED,eAAe,iBAAiB,CAAC"}

package/dist/rules/cwe/cwe-918-ssrf.d.ts

@@ -0,0 +1,9 @@
+/**
+ * @fileoverview CWE-918: Server-Side Request Forgery (SSRF)
+ * @module @nahisaho/musubix-security/rules/cwe/cwe-918-ssrf
+ * @trace TSK-RULE-006
+ */
+import type { SecurityRule } from '../types.js';
+export declare const cwe918SSRF: SecurityRule;
+export default cwe918SSRF;
+//# sourceMappingURL=cwe-918-ssrf.d.ts.map

package/dist/rules/cwe/cwe-918-ssrf.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"cwe-918-ssrf.d.ts","sourceRoot":"","sources":["../../../src/rules/cwe/cwe-918-ssrf.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AAEH,OAAO,KAAK,EAAE,YAAY,EAA4B,MAAM,aAAa,CAAC;AAE1E,eAAO,MAAM,UAAU,EAAE,YAsDxB,CAAC;AAEF,eAAe,UAAU,CAAC"}

package/dist/rules/cwe/cwe-918-ssrf.js

@@ -0,0 +1,59 @@
+/**
+ * @fileoverview CWE-918: Server-Side Request Forgery (SSRF)
+ * @module @nahisaho/musubix-security/rules/cwe/cwe-918-ssrf
+ * @trace TSK-RULE-006
+ */
+export const cwe918SSRF = {
+    id: 'cwe-918-ssrf',
+    name: 'CWE-918: Server-Side Request Forgery',
+    description: 'Detects SSRF vulnerabilities where user input controls URLs',
+    defaultSeverity: 'high',
+    category: 'injection',
+    tags: ['cwe', 'ssrf', 'network', 'security'],
+    cwe: ['918'],
+    owasp: ['A10:2021'],
+    references: [
+        { title: 'CWE-918', url: 'https://cwe.mitre.org/data/definitions/918.html' },
+    ],
+    async analyze(context) {
+        const findings = [];
+        const lines = context.sourceCode.split('\n');
+        const patterns = [
+            { pattern: /fetch\s*\(\s*req\./gi, type: 'fetch with request URL', severity: 'high' },
+            { pattern: /axios\s*\.\s*get\s*\(\s*\w+\)/gi, type: 'axios with variable URL', severity: 'high' },
+            { pattern: /http\.request\s*\(\s*\{[^}]*url\s*:\s*\w+/gi, type: 'http.request with variable', severity: 'high' },
+            { pattern: /new\s+URL\s*\(\s*req\./gi, type: 'URL from request', severity: 'high' },
+            { pattern: /redirect\s*\(\s*req\./gi, type: 'Redirect from request', severity: 'medium' },
+            { pattern: /got\s*\(\s*\w+\)/gi, type: 'got with variable URL', severity: 'high' },
+            { pattern: /request\s*\(\s*\{[^}]*uri\s*:\s*\w+/gi, type: 'request with variable URI', severity: 'high' },
+        ];
+        for (let i = 0; i < lines.length; i++) {
+            for (const { pattern, type, severity } of patterns) {
+                pattern.lastIndex = 0;
+                if (pattern.test(lines[i])) {
+                    findings.push({
+                        id: `cwe-918-${findings.length + 1}`,
+                        ruleId: 'cwe-918-ssrf',
+                        severity,
+                        message: `SSRF - ${type}: Validate and allowlist URLs`,
+                        location: { file: context.filePath, startLine: i + 1, endLine: i + 1 },
+                        cwe: ['918'],
+                        owasp: ['A10:2021'],
+                        suggestion: {
+                            description: 'Validate URLs against an allowlist',
+                            example: `// Use URL allowlist
+const allowedHosts = ['api.example.com'];
+const url = new URL(userUrl);
+if (!allowedHosts.includes(url.hostname)) {
+  throw new Error('URL not allowed');
+}`,
+                        },
+                    });
+                }
+            }
+        }
+        return findings;
+    },
+};
+export default cwe918SSRF;
+//# sourceMappingURL=cwe-918-ssrf.js.map

package/dist/rules/cwe/cwe-918-ssrf.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"cwe-918-ssrf.js","sourceRoot":"","sources":["../../../src/rules/cwe/cwe-918-ssrf.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AAIH,MAAM,CAAC,MAAM,UAAU,GAAiB;IACtC,EAAE,EAAE,cAAc;IAClB,IAAI,EAAE,sCAAsC;IAC5C,WAAW,EAAE,6DAA6D;IAC1E,eAAe,EAAE,MAAM;IACvB,QAAQ,EAAE,WAAW;IACrB,IAAI,EAAE,CAAC,KAAK,EAAE,MAAM,EAAE,SAAS,EAAE,UAAU,CAAC;IAC5C,GAAG,EAAE,CAAC,KAAK,CAAC;IACZ,KAAK,EAAE,CAAC,UAAU,CAAC;IACnB,UAAU,EAAE;QACV,EAAE,KAAK,EAAE,SAAS,EAAE,GAAG,EAAE,iDAAiD,EAAE;KAC7E;IAED,KAAK,CAAC,OAAO,CAAC,OAAoB;QAChC,MAAM,QAAQ,GAAkB,EAAE,CAAC;QACnC,MAAM,KAAK,GAAG,OAAO,CAAC,UAAU,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;QAE7C,MAAM,QAAQ,GAAG;YACf,EAAE,OAAO,EAAE,sBAAsB,EAAE,IAAI,EAAE,wBAAwB,EAAE,QAAQ,EAAE,MAAe,EAAE;YAC9F,EAAE,OAAO,EAAE,iCAAiC,EAAE,IAAI,EAAE,yBAAyB,EAAE,QAAQ,EAAE,MAAe,EAAE;YAC1G,EAAE,OAAO,EAAE,6CAA6C,EAAE,IAAI,EAAE,4BAA4B,EAAE,QAAQ,EAAE,MAAe,EAAE;YACzH,EAAE,OAAO,EAAE,0BAA0B,EAAE,IAAI,EAAE,kBAAkB,EAAE,QAAQ,EAAE,MAAe,EAAE;YAC5F,EAAE,OAAO,EAAE,yBAAyB,EAAE,IAAI,EAAE,uBAAuB,EAAE,QAAQ,EAAE,QAAiB,EAAE;YAClG,EAAE,OAAO,EAAE,oBAAoB,EAAE,IAAI,EAAE,uBAAuB,EAAE,QAAQ,EAAE,MAAe,EAAE;YAC3F,EAAE,OAAO,EAAE,uCAAuC,EAAE,IAAI,EAAE,2BAA2B,EAAE,QAAQ,EAAE,MAAe,EAAE;SACnH,CAAC;QAEF,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,KAAK,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;YACtC,KAAK,MAAM,EAAE,OAAO,EAAE,IAAI,EAAE,QAAQ,EAAE,IAAI,QAAQ,EAAE,CAAC;gBACnD,OAAO,CAAC,SAAS,GAAG,CAAC,CAAC;gBACtB,IAAI,OAAO,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC;oBAC3B,QAAQ,CAAC,IAAI,CAAC;wBACZ,EAAE,EAAE,WAAW,QAAQ,CAAC,MAAM,GAAG,CAAC,EAAE;wBACpC,MAAM,EAAE,cAAc;wBACtB,QAAQ;wBACR,OAAO,EAAE,UAAU,IAAI,+BAA+B;wBACtD,QAAQ,EAAE,EAAE,IAAI,EAAE,OAAO,CAAC,QAAQ,EAAE,SAAS,EAAE,CAAC,GAAG,CAAC,EAAE,OAAO,EAAE,CAAC,GAAG,CAAC,EAAE;wBACtE,GAAG,EAAE,CAAC,KAAK,CAAC;wBACZ,KAAK,EAAE,CAAC,UAAU,CAAC;wBACnB,UAAU,EAAE;4BACV,WAAW,EAAE,oCAAoC;4BACjD,OAAO,EAAE;;;;;EAKrB;yBACW;qBACF,CAAC,CAAC;gBACL,CAAC;YACH,CAAC;QACH,CAAC;QACD,OAAO,QAAQ,CAAC;IAClB,CAAC;CACF,CAAC;AAEF,eAAe,UAAU,CAAC"}

package/dist/rules/cwe/cwe-94-code-injection.d.ts

@@ -0,0 +1,9 @@
+/**
+ * @fileoverview CWE-94: Improper Control of Generation of Code (Code Injection)
+ * @module @nahisaho/musubix-security/rules/cwe/cwe-94-code-injection
+ * @trace TSK-RULE-006
+ */
+import type { SecurityRule } from '../types.js';
+export declare const cwe94CodeInjection: SecurityRule;
+export default cwe94CodeInjection;
+//# sourceMappingURL=cwe-94-code-injection.d.ts.map

package/dist/rules/cwe/cwe-94-code-injection.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"cwe-94-code-injection.d.ts","sourceRoot":"","sources":["../../../src/rules/cwe/cwe-94-code-injection.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AAEH,OAAO,KAAK,EAAE,YAAY,EAA4B,MAAM,aAAa,CAAC;AAE1E,eAAO,MAAM,kBAAkB,EAAE,YAsDhC,CAAC;AAEF,eAAe,kBAAkB,CAAC"}

package/dist/rules/cwe/cwe-94-code-injection.js

@@ -0,0 +1,59 @@
+/**
+ * @fileoverview CWE-94: Improper Control of Generation of Code (Code Injection)
+ * @module @nahisaho/musubix-security/rules/cwe/cwe-94-code-injection
+ * @trace TSK-RULE-006
+ */
+export const cwe94CodeInjection = {
+    id: 'cwe-94-code-injection',
+    name: 'CWE-94: Code Injection',
+    description: 'Detects code injection through dynamic code generation',
+    defaultSeverity: 'critical',
+    category: 'injection',
+    tags: ['cwe', 'code-injection', 'rce', 'security'],
+    cwe: ['94'],
+    owasp: ['A03:2021'],
+    references: [
+        { title: 'CWE-94', url: 'https://cwe.mitre.org/data/definitions/94.html' },
+    ],
+    async analyze(context) {
+        const findings = [];
+        const lines = context.sourceCode.split('\n');
+        const patterns = [
+            { pattern: /eval\s*\(/gi, type: 'eval() usage', severity: 'critical' },
+            { pattern: /new\s+Function\s*\(/gi, type: 'new Function() usage', severity: 'critical' },
+            { pattern: /setTimeout\s*\(\s*['"`]/gi, type: 'setTimeout with string', severity: 'high' },
+            { pattern: /setInterval\s*\(\s*['"`]/gi, type: 'setInterval with string', severity: 'high' },
+            { pattern: /vm\.runInContext\s*\(/gi, type: 'vm.runInContext', severity: 'high' },
+            { pattern: /vm\.runInNewContext\s*\(/gi, type: 'vm.runInNewContext', severity: 'high' },
+            { pattern: /require\s*\(\s*\w+\s*\)/gi, type: 'Dynamic require', severity: 'high' },
+            { pattern: /import\s*\(\s*\w+\s*\)/gi, type: 'Dynamic import', severity: 'medium' },
+        ];
+        for (let i = 0; i < lines.length; i++) {
+            for (const { pattern, type, severity } of patterns) {
+                pattern.lastIndex = 0;
+                if (pattern.test(lines[i])) {
+                    findings.push({
+                        id: `cwe-94-${findings.length + 1}`,
+                        ruleId: 'cwe-94-code-injection',
+                        severity,
+                        message: `Code Injection - ${type}: Avoid dynamic code execution`,
+                        location: { file: context.filePath, startLine: i + 1, endLine: i + 1 },
+                        cwe: ['94'],
+                        owasp: ['A03:2021'],
+                        suggestion: {
+                            description: 'Use safe alternatives to dynamic code execution',
+                            example: `// Instead of eval, use safe alternatives
+// Bad: eval(userCode)
+// Good: Use a sandboxed environment or predefined functions
+const allowedOps = { add: (a, b) => a + b };
+const result = allowedOps[operation]?.(a, b);`,
+                        },
+                    });
+                }
+            }
+        }
+        return findings;
+    },
+};
+export default cwe94CodeInjection;
+//# sourceMappingURL=cwe-94-code-injection.js.map

package/dist/rules/cwe/cwe-94-code-injection.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"cwe-94-code-injection.js","sourceRoot":"","sources":["../../../src/rules/cwe/cwe-94-code-injection.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AAIH,MAAM,CAAC,MAAM,kBAAkB,GAAiB;IAC9C,EAAE,EAAE,uBAAuB;IAC3B,IAAI,EAAE,wBAAwB;IAC9B,WAAW,EAAE,wDAAwD;IACrE,eAAe,EAAE,UAAU;IAC3B,QAAQ,EAAE,WAAW;IACrB,IAAI,EAAE,CAAC,KAAK,EAAE,gBAAgB,EAAE,KAAK,EAAE,UAAU,CAAC;IAClD,GAAG,EAAE,CAAC,IAAI,CAAC;IACX,KAAK,EAAE,CAAC,UAAU,CAAC;IACnB,UAAU,EAAE;QACV,EAAE,KAAK,EAAE,QAAQ,EAAE,GAAG,EAAE,gDAAgD,EAAE;KAC3E;IAED,KAAK,CAAC,OAAO,CAAC,OAAoB;QAChC,MAAM,QAAQ,GAAkB,EAAE,CAAC;QACnC,MAAM,KAAK,GAAG,OAAO,CAAC,UAAU,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;QAE7C,MAAM,QAAQ,GAAG;YACf,EAAE,OAAO,EAAE,aAAa,EAAE,IAAI,EAAE,cAAc,EAAE,QAAQ,EAAE,UAAmB,EAAE;YAC/E,EAAE,OAAO,EAAE,uBAAuB,EAAE,IAAI,EAAE,sBAAsB,EAAE,QAAQ,EAAE,UAAmB,EAAE;YACjG,EAAE,OAAO,EAAE,2BAA2B,EAAE,IAAI,EAAE,wBAAwB,EAAE,QAAQ,EAAE,MAAe,EAAE;YACnG,EAAE,OAAO,EAAE,4BAA4B,EAAE,IAAI,EAAE,yBAAyB,EAAE,QAAQ,EAAE,MAAe,EAAE;YACrG,EAAE,OAAO,EAAE,yBAAyB,EAAE,IAAI,EAAE,iBAAiB,EAAE,QAAQ,EAAE,MAAe,EAAE;YAC1F,EAAE,OAAO,EAAE,4BAA4B,EAAE,IAAI,EAAE,oBAAoB,EAAE,QAAQ,EAAE,MAAe,EAAE;YAChG,EAAE,OAAO,EAAE,2BAA2B,EAAE,IAAI,EAAE,iBAAiB,EAAE,QAAQ,EAAE,MAAe,EAAE;YAC5F,EAAE,OAAO,EAAE,0BAA0B,EAAE,IAAI,EAAE,gBAAgB,EAAE,QAAQ,EAAE,QAAiB,EAAE;SAC7F,CAAC;QAEF,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,KAAK,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;YACtC,KAAK,MAAM,EAAE,OAAO,EAAE,IAAI,EAAE,QAAQ,EAAE,IAAI,QAAQ,EAAE,CAAC;gBACnD,OAAO,CAAC,SAAS,GAAG,CAAC,CAAC;gBACtB,IAAI,OAAO,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC;oBAC3B,QAAQ,CAAC,IAAI,CAAC;wBACZ,EAAE,EAAE,UAAU,QAAQ,CAAC,MAAM,GAAG,CAAC,EAAE;wBACnC,MAAM,EAAE,uBAAuB;wBAC/B,QAAQ;wBACR,OAAO,EAAE,oBAAoB,IAAI,gCAAgC;wBACjE,QAAQ,EAAE,EAAE,IAAI,EAAE,OAAO,CAAC,QAAQ,EAAE,SAAS,EAAE,CAAC,GAAG,CAAC,EAAE,OAAO,EAAE,CAAC,GAAG,CAAC,EAAE;wBACtE,GAAG,EAAE,CAAC,IAAI,CAAC;wBACX,KAAK,EAAE,CAAC,UAAU,CAAC;wBACnB,UAAU,EAAE;4BACV,WAAW,EAAE,iDAAiD;4BAC9D,OAAO,EAAE;;;;8CAIuB;yBACjC;qBACF,CAAC,CAAC;gBACL,CAAC;YACH,CAAC;QACH,CAAC;QACD,OAAO,QAAQ,CAAC;IAClB,CAAC;CACF,CAAC;AAEF,eAAe,kBAAkB,CAAC"}