@oculum/scanner 1.0.11 → 1.0.13

package/dist/layer2/dangerous-functions/index.js

@@ -31,13 +31,13 @@ Object.defineProperty(exports, "DANGEROUS_FUNCTIONS", { enumerable: true, get: f
 /**
  * Main detection function for dangerous function calls
  */
-function detectDangerousFunctions(content, filePath) {
+function detectDangerousFunctions(content, filePath, options) {
     const vulnerabilities = [];
     // Skip scanner/fixture files to avoid self-detection
     if ((0, context_helpers_1.isScannerOrFixtureFile)(filePath)) {
         return vulnerabilities;
     }
-    const lines = content.split('\n');
+    const lines = options?.parsed?.lines ?? content.split('\n');
     const isTestFile = (0, context_helpers_1.isTestOrMockFile)(filePath);
     lines.forEach((line, index) => {
         // Skip comment lines
@@ -52,7 +52,7 @@ function detectDangerousFunctions(content, filePath) {
                 // Special handling for innerHTML patterns
                 if (funcPattern.name === 'innerHTML assignment' ||
                     funcPattern.name === 'dangerouslySetInnerHTML') {
-                    handleInnerHTMLPattern(funcPattern, line, content, index, filePath, isTestFile, vulnerabilities);
+                    handleInnerHTMLPattern(funcPattern, line, content, index, filePath, isTestFile, vulnerabilities, lines);
                     break;
                 }
                 // Note: JSON.parse is now handled by standalone detectJSONParseSafe() function
@@ -67,7 +67,7 @@ function detectDangerousFunctions(content, filePath) {
                 }
                 // Special handling for child_process exec - verify it's not RegExp.exec
                 if (funcPattern.name === 'child_process exec') {
-                    if (handleChildProcessPattern(funcPattern, line, content, index, filePath, isTestFile, vulnerabilities)) {
+                    if (handleChildProcessPattern(funcPattern, line, content, index, filePath, isTestFile, vulnerabilities, lines)) {
                         break;
                     }
                     continue;
@@ -75,13 +75,13 @@ function detectDangerousFunctions(content, filePath) {
                 // Special handling for SQL patterns - check for whitelist validation
                 if (funcPattern.name === 'Raw SQL query construction' ||
                     funcPattern.name === 'SQL template literal') {
-                    handleSQLPattern(funcPattern, line, content, index, filePath, isTestFile, vulnerabilities);
+                    handleSQLPattern(funcPattern, line, content, index, filePath, isTestFile, vulnerabilities, lines);
                     break;
                 }
                 // Special handling for dynamic file paths - check for path traversal protection
                 if (funcPattern.name === 'Dynamic file path' ||
                     funcPattern.name === 'Path traversal risk') {
-                    handleFilePathPattern(funcPattern, line, content, index, filePath, isTestFile, vulnerabilities);
+                    handleFilePathPattern(funcPattern, line, content, index, filePath, isTestFile, vulnerabilities, lines);
                     break;
                 }
                 // Special handling for Math.random
@@ -89,6 +89,21 @@ function detectDangerousFunctions(content, filePath) {
                     handleMathRandomPattern(funcPattern, line, content, index, filePath, isTestFile, vulnerabilities);
                     break;
                 }
+                // Special handling for Python subprocess/os.system
+                if (funcPattern.name === 'os.system/subprocess (Python)') {
+                    handlePythonSubprocessPattern(funcPattern, line, content, index, filePath, isTestFile, vulnerabilities, lines);
+                    break;
+                }
+                // Special handling for regex patterns - check for escaped input
+                if (funcPattern.name === 'Potentially unsafe regex') {
+                    handleRegexPattern(funcPattern, line, content, index, filePath, isTestFile, vulnerabilities, lines);
+                    break;
+                }
+                // Special handling for spread operator with user input
+                if (funcPattern.name === 'Spread operator with user input') {
+                    handleSpreadPattern(funcPattern, line, content, index, filePath, isTestFile, vulnerabilities, lines);
+                    break;
+                }
                 // Standard handling for all other patterns
                 handleStandardPattern(funcPattern, line, index, filePath, isTestFile, vulnerabilities);
                 break; // Only report once per line
@@ -105,25 +120,30 @@ function detectDangerousFunctions(content, filePath) {
 /**
  * Handle innerHTML/dangerouslySetInnerHTML patterns
  */
-function handleInnerHTMLPattern(funcPattern, line, content, index, filePath, isTestFile, vulnerabilities) {
+function handleInnerHTMLPattern(funcPattern, line, content, index, filePath, isTestFile, vulnerabilities, lines) {
     // Check if this is a style element (CSS injection is not XSS)
-    if ((0, dom_xss_1.isStyleElementInnerHTML)(line, content, index)) {
+    if ((0, dom_xss_1.isStyleElementInnerHTML)(line, content, index, lines)) {
         // Style elements with CSS are safe - don't report anything
         // CSS cannot execute JavaScript, so there's no XSS risk
         return;
     }
     // Check if this uses static content only - skip entirely (safe)
-    if ((0, dom_xss_1.isStaticHTMLContent)(line, content, index)) {
+    if ((0, dom_xss_1.isStaticHTMLContent)(line, content, index, lines)) {
         return; // Static HTML is safe - no finding needed
     }
     // Check if DOMPurify or similar sanitization is used - skip entirely (safe)
-    if ((0, dom_xss_1.hasDOMPurifySanitization)(line, content, index)) {
+    if ((0, dom_xss_1.hasDOMPurifySanitization)(line, content, index, lines)) {
         return; // Sanitized HTML is safe - no finding needed
     }
     // Check if this is a static bootstrap script (e.g., theme/font loader) - skip entirely (safe)
-    if ((0, dom_xss_1.isStaticBootstrapScript)(line, content, index)) {
+    if ((0, dom_xss_1.isStaticBootstrapScript)(line, content, index, lines)) {
         return; // Static bootstrap scripts are safe - no finding needed
     }
+    // Check if this uses output from trusted HTML rendering libraries (Shiki, highlight.js, marked, etc.)
+    // These libraries produce sanitized HTML output
+    if ((0, dom_xss_1.isTrustedLibraryHTMLOutput)(line, content, index, lines)) {
+        return; // Trusted library output is safe - no finding needed
+    }
     // Check if this is in LLM prompt context (not XSS - it's prompt injection)
     if ((0, dom_xss_1.isLLMPromptContext)(line, content, filePath)) {
         vulnerabilities.push({
@@ -209,7 +229,7 @@ function handleEvalPattern(funcPattern, line, content, index, filePath, isTestFi
  * Handle child_process exec patterns
  * Returns true if a finding was added, false otherwise
  */
-function handleChildProcessPattern(funcPattern, line, content, index, filePath, isTestFile, vulnerabilities) {
+function handleChildProcessPattern(funcPattern, line, content, index, filePath, isTestFile, vulnerabilities, lines) {
     // First check if this is actually from child_process (not RegExp.exec)
     const isExecMatch = /\bexec\s*\(/.test(line);
     const isOtherMatch = /\b(execSync|spawn|spawnSync|execFile)\s*\(/.test(line);
@@ -228,10 +248,10 @@ function handleChildProcessPattern(funcPattern, line, content, index, filePath,
         }
     }
     // Check if arguments are validated via allowlist
-    const lines = content.split('\n');
+    const _lines = lines ?? content.split('\n');
     const contextStart = Math.max(0, index - 15);
-    const contextEnd = Math.min(lines.length, index + 5);
-    const context = lines.slice(contextStart, contextEnd).join('\n');
+    const contextEnd = Math.min(_lines.length, index + 5);
+    const context = _lines.slice(contextStart, contextEnd).join('\n');
     // Detect allowlist validation patterns before exec/spawn
     const hasArgAllowlist = /allowedArgs\.includes\s*\(/i.test(context) ||
         /if\s*\(\s*!?allowedArgs\.includes/i.test(context) ||
@@ -254,6 +274,52 @@ function handleChildProcessPattern(funcPattern, line, content, index, filePath,
     if ((0, helpers_1.hasOnlyStaticInputs)(line, content, index)) {
         return true; // Static command is safe - no finding needed
     }
+    // Check for build/script context with hardcoded command + args array
+    const isBuildScript = /(build|generate|format|lint|setup|deploy|migrate|compile)/i.test(filePath) ||
+        /\/(scripts?|tools?|bin)\//i.test(filePath);
+    if (isBuildScript) {
+        // spawnSync("cmd", ["arg1", "arg2"]) with string literal command is safe in build scripts
+        const hasHardcodedCommand = /spawn(?:Sync)?\s*\(\s*['"][^'"]+['"]/.test(line);
+        if (hasHardcodedCommand) {
+            vulnerabilities.push({
+                id: `dangerous-func-${filePath}-${index + 1}-${funcPattern.name}`,
+                filePath,
+                lineNumber: index + 1,
+                lineContent: line.trim(),
+                severity: 'info',
+                category: 'dangerous_function',
+                title: funcPattern.name + ' (build script)',
+                description: 'Shell command execution in build/tooling script with hardcoded command. Build scripts are developer-controlled.',
+                suggestedFix: 'Ensure this script is not exposed to untrusted input.',
+                confidence: 'low',
+                layer: 2,
+            });
+            return true;
+        }
+    }
+    // Check for desktop app or MCP server context
+    // These contexts legitimately spawn processes
+    const isDesktopApp = (0, context_helpers_1.isDesktopAppContext)(filePath);
+    const isMcpServer = (0, context_helpers_1.isMcpServerContext)(filePath);
+    if (isDesktopApp || isMcpServer) {
+        // Desktop apps and MCP servers legitimately spawn processes
+        // Still report but with reduced severity and context
+        const contextType = isDesktopApp ? 'desktop app' : 'MCP server';
+        vulnerabilities.push({
+            id: `dangerous-func-${filePath}-${index + 1}-${funcPattern.name}`,
+            filePath,
+            lineNumber: index + 1,
+            lineContent: line.trim(),
+            severity: 'medium', // Reduced from high
+            category: 'dangerous_function',
+            title: `${funcPattern.name} (${contextType})`,
+            description: `${funcPattern.description} (Expected in ${contextType} context - verify input validation)`,
+            suggestedFix: 'Ensure command arguments from IPC are validated against an allowlist.',
+            confidence: 'medium',
+            layer: 2,
+        });
+        return true;
+    }
     // Dynamic command - report with standard severity
     let severity = funcPattern.severity;
     let confidence = 'high';
@@ -287,7 +353,7 @@ function handleChildProcessPattern(funcPattern, line, content, index, filePath,
 /**
  * Handle SQL injection patterns
  */
-function handleSQLPattern(funcPattern, line, content, index, filePath, isTestFile, vulnerabilities) {
+function handleSQLPattern(funcPattern, line, content, index, filePath, isTestFile, vulnerabilities, lines) {
     // Check for whitelist validation - skip entirely (safe)
     if ((0, schema_validation_1.hasSQLWhitelistValidation)(content, index)) {
         return; // Whitelist validated - safe, no finding needed
@@ -306,6 +372,58 @@ function handleSQLPattern(funcPattern, line, content, index, filePath, isTestFil
     if (parameterizedQueryPattern.test(line)) {
         return; // Parameterized query - safe, no finding needed
     }
+    // Knex .raw() with ? placeholders and array binding - this IS parameterized
+    // e.g., db.raw(`"table"."col" + ?`, [value]) or db.raw('SELECT ... WHERE id = ?', [id])
+    const knexRawParameterized = /\.raw\s*\(\s*[`'"]/i.test(line) &&
+        /\?\s*[`'"]\s*,\s*\[/.test(line);
+    if (knexRawParameterized) {
+        return; // Knex .raw() with ? placeholders is parameterized - safe
+    }
+    // Knex .raw() with only const enum/table name interpolation (not user input)
+    // e.g., db.raw(`"${TableName.Users}"."col"`) where TableName is a const enum
+    const knexRawConstInterpolation = /\.raw\s*\(\s*`/.test(line) &&
+        /\$\{[A-Z][A-Za-z]*\.[A-Z]/.test(line);
+    if (knexRawConstInterpolation) {
+        const interpolations = line.match(/\$\{([^}]+)\}/g) || [];
+        const allConst = interpolations.every(i => /^\$\{[A-Z_][A-Z_a-z]*\./.test(i));
+        if (allConst) {
+            return; // Only const enum interpolation - safe
+        }
+    }
+    // Knex .raw() for SET statement_timeout (infrastructure, not user input)
+    // e.g., trx.raw(`SET statement_timeout = ${QUERY_TIMEOUT_MS}`)
+    const isSetStatement = /\.raw\s*\(\s*[`'"]SET\s+/i.test(line);
+    if (isSetStatement) {
+        return; // SET statements are infrastructure config, not queries with user data
+    }
+    // DROP TRIGGER / DDL statements from migration/schema files
+    const isDDLStatement = /\.raw\s*\(\s*[`'"](DROP|CREATE|ALTER)\s+/i.test(line) &&
+        /(migration|schema|seed)/i.test(filePath);
+    if (isDDLStatement) {
+        return; // DDL in migration/schema files - not user-facing
+    }
+    // Check for Prisma tagged template literal - these ARE parameterized (safe)
+    // Prisma's $queryRaw`...${var}...` treats ${} as parameterized values, not string interpolation
+    // e.g., prisma.$queryRaw`SELECT * FROM users WHERE id = ${userId}`
+    const prismaTaggedTemplatePattern = /\$queryRaw\s*`[^`]*\$\{/i;
+    if (prismaTaggedTemplatePattern.test(line)) {
+        return; // Prisma tagged template - parameterized and safe, no finding needed
+    }
+    // Check for schema-validated input (zod .enum() for table/column names)
+    // e.g., z.enum(['users', 'posts']).parse(input) followed by SQL
+    const _lines = lines ?? content.split('\n');
+    const contextStart = Math.max(0, index - 20);
+    const contextEnd = index;
+    const previousContext = _lines.slice(contextStart, contextEnd).join('\n');
+    // Detect zod enum validation for SQL identifiers
+    const hasSchemaValidation = /z\s*\.\s*enum\s*\(\s*\[['"][^'"]+['"]/i.test(previousContext) ||
+        /\.parse\s*\(\s*JSON\.parse/.test(previousContext) ||
+        // Allow validated table/column names from parsed schema
+        /schema\.parse/.test(previousContext) ||
+        /const\s+parsed\s*=\s*schema/.test(previousContext);
+    if (hasSchemaValidation) {
+        return; // Schema-validated SQL identifiers - safe, no finding needed
+    }
     // No whitelist - report with standard severity
     let severity = funcPattern.severity;
     let confidence = 'high';
@@ -338,7 +456,31 @@ function handleSQLPattern(funcPattern, line, content, index, filePath, isTestFil
 /**
  * Handle dynamic file path patterns
  */
-function handleFilePathPattern(funcPattern, line, content, index, filePath, isTestFile, vulnerabilities) {
+function handleFilePathPattern(funcPattern, line, content, index, filePath, isTestFile, vulnerabilities, lines) {
+    // Check for desktop app context (Electron, Tauri, etc.)
+    // Desktop apps legitimately access filesystem
+    const isDesktopApp = (0, context_helpers_1.isDesktopAppContext)(filePath);
+    // Check for file loader context
+    // File loaders legitimately access filesystem to process files
+    const isFileLoader = (0, context_helpers_1.isFileLoaderContext)(filePath);
+    // Desktop apps and file loaders are expected to access filesystem
+    if (isDesktopApp || isFileLoader) {
+        const contextType = isDesktopApp ? 'desktop app' : 'file loader';
+        vulnerabilities.push({
+            id: `dangerous-func-${filePath}-${index + 1}-${funcPattern.name}`,
+            filePath,
+            lineNumber: index + 1,
+            lineContent: line.trim(),
+            severity: 'info',
+            category: 'dangerous_function',
+            title: `${funcPattern.name} (${contextType})`,
+            description: `Dynamic file path in ${contextType} context. File system access is expected functionality. Verify path inputs are validated.`,
+            suggestedFix: 'Ensure file paths are validated and constrained to expected directories.',
+            confidence: 'low',
+            layer: 2,
+        });
+        return;
+    }
     // Check file context for CLI/tooling (lower risk)
     const isCLITool = /\/(cli|scripts?|tools?|bin)\//i.test(filePath) ||
         /cli\.(ts|js)$/i.test(filePath);
@@ -348,16 +490,24 @@ function handleFilePathPattern(funcPattern, line, content, index, filePath, isTe
     // Check for utility/helper file context (called by trusted code)
     const isUtilityFile = /\/(utils?|helpers?|lib|common|shared)\//i.test(filePath) ||
         /(util(s)?|helper(s)?|checksum|hash)\.(ts|js)$/i.test(filePath);
+    // Check for server infrastructure/config files (transport, signing, credentials)
+    // These files read/write config-controlled paths, not user input
+    const isServerInfrastructureFile = /\/(transports?|signing|credentials?|certificates?|certs?)\//i.test(filePath) ||
+        /\/(config|infrastructure|provisioning)\//i.test(filePath) ||
+        /(transport|signer|credential|certificate)\.(ts|js)$/i.test(filePath);
     // Get surrounding context for protection check
-    const lines = content.split('\n');
+    const _lines = lines ?? content.split('\n');
     const contextStart = Math.max(0, index - 10);
-    const contextEnd = Math.min(lines.length, index + 10);
-    const context = lines.slice(contextStart, contextEnd).join('\n');
+    const contextEnd = Math.min(_lines.length, index + 10);
+    const context = _lines.slice(contextStart, contextEnd).join('\n');
     // Check if path comes from directory iteration (fs.readdir, fs.readdirSync)
     // These paths are filesystem-controlled, not user input
     const hasDirectoryIteration = /\b(readdir|readdirSync|opendir|opendirSync)\s*\(/.test(content) &&
         (/for\s*\(\s*(const|let|var)\s+\w+\s+of/.test(context) ||
             /\.forEach\s*\(/.test(context) ||
+            /\.map\s*\(/.test(context) || // array.map() iteration
+            /pMap\s*\(/.test(context) || // p-map library (parallel map)
+            /Promise\.all\s*\(/.test(context) || // Promise.all mapping
             /entry\.(name|isFile|isDirectory)/.test(context) ||
             /dirent\.(name|isFile|isDirectory)/.test(context));
     if ((0, helpers_1.hasPathTraversalProtection)(context, line)) {
@@ -381,6 +531,27 @@ function handleFilePathPattern(funcPattern, line, content, index, filePath, isTe
         // Skip entirely - paths from fs.readdir are not user-controlled
         return;
     }
+    // Check for Object.entries/keys/values over hardcoded objects
+    // Pattern: for (const [key, val] of Object.entries(STATIC_OBJ))
+    const hasHardcodedObjectIteration = (() => {
+        // Look for Object.entries/keys/values in context
+        const hasObjectIteration = /Object\.(entries|keys|values)\s*\(/.test(context);
+        if (!hasObjectIteration)
+            return false;
+        // Check if the object being iterated is defined as a const literal nearby
+        // Pattern: const objName = { ... }; ... Object.entries(objName)
+        const objectMatch = context.match(/Object\.(entries|keys|values)\s*\(\s*(\w+)\s*\)/);
+        if (!objectMatch)
+            return false;
+        const objName = objectMatch[2];
+        // Check if objName is defined as a const object literal in the file
+        const isConstObject = new RegExp(`const\\s+${objName}\\s*=\\s*\\{`).test(content);
+        return isConstObject;
+    })();
+    if (hasHardcodedObjectIteration) {
+        // Skip entirely - iterating over hardcoded object, not user input
+        return;
+    }
     // GitHub Action paths are workflow-controlled (not arbitrary user input)
     if (isGitHubAction) {
         vulnerabilities.push({
@@ -422,6 +593,26 @@ function handleFilePathPattern(funcPattern, line, content, index, filePath, isTe
         // Skip entirely - utility functions receive paths from trusted callers
         return;
     }
+    // Server infrastructure files (signing, transport, credentials) use config-controlled paths
+    // These paths come from environment variables or internal configuration, not user input
+    if (isServerInfrastructureFile && !hasRequestData) {
+        // Check if path comes from environment variables or function parameters
+        const hasEnvVarPath = /process\.env\.|import\.meta\.env\.|env\s*\(/i.test(context);
+        const hasConfigPath = /config\.|settings\.|credentials?\./i.test(context);
+        const hasCertPath = /certPath|keyPath|credentialsPath|googleApplicationCredentials/i.test(context);
+        if (hasEnvVarPath || hasConfigPath || hasCertPath) {
+            // Skip entirely - paths from env vars/config are not user-controlled
+            return;
+        }
+    }
+    // Check if file path variable comes from environment variable wrapper function
+    // Common pattern: env('VAR_NAME') || 'default', process.env.VAR, etc.
+    const hasEnvVarSource = /env\s*\(\s*['"][^'"]+['"]\s*\)|process\.env\.\w+|import\.meta\.env\.\w+/i.test(context);
+    const hasOnlyConfigSource = hasEnvVarSource && !hasRequestData;
+    if (hasOnlyConfigSource) {
+        // Path comes from environment variable, not user input - skip
+        return;
+    }
     // Standard handling for unprotected paths
     let severity = funcPattern.severity;
     let confidence = 'high';
@@ -552,6 +743,14 @@ function handleMathRandomPattern(funcPattern, line, content, index, filePath, is
         suggestedFix =
             'Use crypto.randomBytes() for security tokens. Use crypto.randomUUID() for unique IDs.';
     }
+    // UI/cosmetic context - info (skeleton widths, animations, visual effects)
+    else if (context.inUIContext) {
+        severity = 'info';
+        confidence = 'low';
+        description =
+            'Math.random() in UI/cosmetic context. Acceptable for visual effects, skeleton loading, animations.';
+        suggestedFix = 'No change needed for UI/cosmetic randomness.';
+    }
     // Business logic context - low
     else if (context.inBusinessLogicContext) {
         severity = 'low';
@@ -586,6 +785,338 @@ function handleMathRandomPattern(funcPattern, line, content, index, filePath, is
         layer: 2,
     });
 }
+/**
+ * Extract the full Python function call block starting from the trigger line.
+ * Uses paren-balancing to collect up to `maxLines` forward, capturing multi-line calls.
+ * Returns the joined block string.
+ */
+function extractPythonCallBlock(lines, startIndex, maxLines = 10) {
+    let depth = 0;
+    let started = false;
+    const blockLines = [];
+    for (let i = startIndex; i < Math.min(lines.length, startIndex + maxLines); i++) {
+        const ln = lines[i];
+        blockLines.push(ln);
+        for (const ch of ln) {
+            if (ch === '(') {
+                depth++;
+                started = true;
+            }
+            else if (ch === ')') {
+                depth--;
+            }
+        }
+        // Once we've opened at least one paren and balanced back to 0, we're done
+        if (started && depth <= 0)
+            break;
+    }
+    return blockLines.join('\n');
+}
+/**
+ * Check if a Python list (as a string) contains only static string literals.
+ * Returns true if every element is a plain string literal (no f-strings, no variables).
+ */
+function isPythonListAllStatic(listContent) {
+    // Remove the outer brackets
+    const inner = listContent.replace(/^\[/, '').replace(/\]$/, '').trim();
+    if (!inner)
+        return true; // empty list
+    // Split on commas (rough — good enough for typical subprocess args)
+    const elements = inner.split(',').map(e => e.trim()).filter(e => e.length > 0);
+    for (const el of elements) {
+        // Must be a plain string literal: 'foo', "bar", or """...""" / '''...'''
+        // Reject f-strings, variables, function calls
+        if (/^f['"`]/.test(el))
+            return false; // f-string
+        if (/^['"]/.test(el) && /['"]$/.test(el))
+            continue; // simple string literal
+        if (/^"""/.test(el) || /^'''/.test(el))
+            continue; // triple-quoted
+        return false; // variable, function call, or other expression
+    }
+    return true;
+}
+/**
+ * Handle Python subprocess/os.system patterns with multi-line awareness.
+ *
+ * Decision tree:
+ * 1. os.system(...)                              → HIGH (always dangerous)
+ * 2. shell=True in call block?                   → HIGH
+ * 3. First arg is inline list [...]?
+ *    a. All string literals, no f-strings        → SKIP (safe)
+ *    b. Has f-strings or variables               → LOW (list args prevent shell injection)
+ * 4. First arg is a variable name?
+ *    a. Resolved to list nearby, all static      → SKIP
+ *    b. Resolved to list nearby, has dynamics    → LOW
+ *    c. Can't resolve                            → LOW (unresolved, flag for review)
+ * 5. f-string as direct arg (not in list)?       → HIGH (command injection)
+ * 6. Everything else                             → HIGH (fallback)
+ */
+function handlePythonSubprocessPattern(funcPattern, line, content, index, filePath, isTestFile, vulnerabilities, lines) {
+    // 1. os.system is always dangerous - no safe usage
+    if (/os\.system\s*\(/i.test(line)) {
+        handleStandardPattern(funcPattern, line, index, filePath, isTestFile, vulnerabilities);
+        return;
+    }
+    const _lines = lines ?? content.split('\n');
+    // Extract the full multi-line call block (up to 10 lines forward)
+    const callBlock = extractPythonCallBlock(_lines, index);
+    // 2. Check for shell=True across the entire call block
+    const hasShellTrue = /shell\s*=\s*True/i.test(callBlock);
+    if (hasShellTrue) {
+        handleStandardPattern(funcPattern, line, index, filePath, isTestFile, vulnerabilities);
+        return;
+    }
+    // 3. Check for inline list args in the call block (not just same line)
+    const inlineListMatch = callBlock.match(/subprocess\.(run|call|check_output|Popen)\s*\(\s*\[([\s\S]*?)\]/i);
+    if (inlineListMatch) {
+        const listContent = '[' + inlineListMatch[2] + ']';
+        if (isPythonListAllStatic(listContent)) {
+            // 3a. All static string literals → SKIP (safe)
+            return;
+        }
+        // 3b. Has f-strings or variables → LOW (list args prevent shell injection)
+        vulnerabilities.push({
+            id: `dangerous-func-${filePath}-${index + 1}-${funcPattern.name}`,
+            filePath,
+            lineNumber: index + 1,
+            lineContent: line.trim(),
+            severity: isTestFile ? 'info' : 'low',
+            category: 'dangerous_function',
+            title: funcPattern.name + ' (list args)',
+            description: 'subprocess with list arguments (safer than shell=True). Some arguments contain variables or f-strings — verify they are validated.',
+            suggestedFix: 'Ensure dynamic arguments are validated and sanitized.',
+            confidence: 'low',
+            layer: 2,
+        });
+        return;
+    }
+    // 4. Check for variable reference as first arg
+    // Pattern: subprocess.run(args, ...) or subprocess.check_output(cmd, ...)
+    const varArgMatch = callBlock.match(/subprocess\.(run|call|check_output|Popen)\s*\(\s*([a-zA-Z_]\w*)\s*[,)]/i);
+    if (varArgMatch) {
+        const varName = varArgMatch[2];
+        // Look backwards up to 15 lines for assignment: varName = [...]
+        const searchStart = Math.max(0, index - 15);
+        const previousLines = _lines.slice(searchStart, index + 1).join('\n');
+        // Match varName = [...] assignment (possibly multi-line)
+        const assignmentPattern = new RegExp(varName + '\\s*=\\s*\\[([\\s\\S]*?)\\]', 'i');
+        const assignmentMatch = previousLines.match(assignmentPattern);
+        if (assignmentMatch) {
+            const listContent = '[' + assignmentMatch[1] + ']';
+            if (isPythonListAllStatic(listContent)) {
+                // 4a. Variable resolves to all-static list → SKIP
+                return;
+            }
+            // 4b. Variable resolves to list with dynamic elements → LOW
+            vulnerabilities.push({
+                id: `dangerous-func-${filePath}-${index + 1}-${funcPattern.name}`,
+                filePath,
+                lineNumber: index + 1,
+                lineContent: line.trim(),
+                severity: isTestFile ? 'info' : 'low',
+                category: 'dangerous_function',
+                title: funcPattern.name + ' (list args via variable)',
+                description: `subprocess called with variable '${varName}' which resolves to a list. List arguments prevent shell injection, but some elements are dynamic.`,
+                suggestedFix: 'Ensure dynamic list elements are validated and sanitized.',
+                confidence: 'low',
+                layer: 2,
+            });
+            return;
+        }
+        // 4c. Can't resolve the variable — flag for review at LOW
+        vulnerabilities.push({
+            id: `dangerous-func-${filePath}-${index + 1}-${funcPattern.name}`,
+            filePath,
+            lineNumber: index + 1,
+            lineContent: line.trim(),
+            severity: isTestFile ? 'info' : 'low',
+            category: 'dangerous_function',
+            title: funcPattern.name + ' (unresolved variable)',
+            description: `subprocess called with variable '${varName}' — could not resolve its value nearby. If it is a list, shell injection risk is low.`,
+            suggestedFix: 'Verify the variable is a list (not a string) and arguments are validated.',
+            confidence: 'low',
+            layer: 2,
+        });
+        return;
+    }
+    // 5. f-string as direct arg (not inside a list) → HIGH (command injection)
+    const hasFStringDirectArg = /subprocess\.(run|call|check_output|Popen)\s*\(\s*f['"`]/i.test(callBlock);
+    if (hasFStringDirectArg) {
+        handleStandardPattern(funcPattern, line, index, filePath, isTestFile, vulnerabilities);
+        return;
+    }
+    // 6. Everything else → HIGH (fallback)
+    handleStandardPattern(funcPattern, line, index, filePath, isTestFile, vulnerabilities);
+}
+/**
+ * Handle regex patterns - check for escaped input
+ * Pattern: new RegExp(escapedInput) or new RegExp(input.replaceAll(...escaped...))
+ */
+function handleRegexPattern(funcPattern, line, content, index, filePath, isTestFile, vulnerabilities, lines) {
+    const _lines = lines ?? content.split('\n');
+    const contextStart = Math.max(0, index - 15);
+    const contextEnd = Math.min(_lines.length, index + 3);
+    const context = _lines.slice(contextStart, contextEnd).join('\n');
+    // Check for RegExp object property access (.source, .flags)
+    // This indicates input is already a validated RegExp, not user string
+    // e.g., new RegExp(existingRegex.source, existingRegex.flags)
+    const isRegExpFromRegExp = /\.source\s*[,)\s]/.test(line);
+    if (isRegExpFromRegExp) {
+        return; // Safe - .source only exists on RegExp objects (already validated)
+    }
+    // Check for escaping ON THE SAME LINE as new RegExp() - this is a strong signal
+    const sameLineEscapingPatterns = [
+        /\.replaceAll\s*\([^)]*\)\s*[,)]/i, // .replaceAll(...)) - escaping before RegExp
+        /escape\w*\s*\([^)]*\)\s*[,)]/i, // escapeRegExp(input)) - function result used
+        /\.replace\s*\([^,]+,[^)]+\)\s*[,)]/i, // .replace(..., ...) followed by closing
+    ];
+    if (sameLineEscapingPatterns.some(p => p.test(line))) {
+        return; // Safe - escaping applied on same line before RegExp construction
+    }
+    // Check previous 5 lines for escaping assignment (extended from 3 to catch multi-line patterns)
+    const prevLinesStart = Math.max(0, index - 5);
+    const prevLines = _lines.slice(prevLinesStart, index + 1).join('\n');
+    // Check for escaping patterns before new RegExp
+    const escapingPatterns = [
+        // Direct escaping function calls
+        /escapeRegExp\s*\(/i, // escapeRegExp(input)
+        /escapeString\s*\(/i, // escapeString(input)
+        /escape\s*\(\s*pattern/i, // escape(pattern)
+        /escapeForRegex\s*\(/i, // escapeForRegex(input)
+        /regexEscape\s*\(/i, // regexEscape(input)
+        // replaceAll with regex escape pattern - original strict patterns
+        /\.replaceAll\s*\(\s*\/\[.*\\\\\]\s*\/[gi]*\s*,\s*['"`]\\\\?\$&['"`]\s*\)/, // .replaceAll(/[special]/g, '\\$&')
+        /\.replace\s*\(\s*\/\[.*\\\\\]\s*\/[gi]*\s*,\s*['"`]\\\\?\$&['"`]\s*\)/, // .replace(/[special]/g, '\\$&')
+        // More permissive $& replacement detection (the escape marker)
+        // $& is the regex replacement marker that inserts the matched string - used for escaping
+        /\.replace(?:All)?[\s\S]*?['"`]\\*\$&['"`]/, // .replace/.replaceAll with $& anywhere in call
+        /\.replaceAll?[^;]*\$&/, // .replace/.replaceAll until semicolon with $&
+        // Lodash/underscore escapeRegExp
+        /_\.escapeRegExp\s*\(/, // _.escapeRegExp(input)
+        /lodash.*escapeRegExp/i, // lodash.escapeRegExp
+        // Variable assignment with escaping (check previous lines)
+        /escaped\w*\s*=.*\.replace/i, // escapedInput = input.replace(...)
+        /safe\w*\s*=.*escape/i, // safePattern = escapeRegExp(...)
+    ];
+    // Check both previous lines and full context
+    const hasEscaping = escapingPatterns.some(p => p.test(line) || p.test(prevLines) || p.test(context));
+    // Check for try-catch wrapping (ReDoS contained)
+    const hasTryCatch = /try\s*\{[^}]*new\s+RegExp/i.test(context) ||
+        (context.includes('try {') && _lines.slice(Math.max(0, index - 5), index + 1).some(l => /try\s*\{/.test(l)));
+    // Check for configuration-based patterns (trusted input)
+    const isConfigBased = /config\./i.test(line) ||
+        /settings\./i.test(line) ||
+        /rules\./i.test(line) ||
+        /options\.\w+Pattern/i.test(line) ||
+        /urlPattern/i.test(line) ||
+        /routePattern/i.test(line);
+    // Escaped input is safe - skip entirely
+    if (hasEscaping) {
+        return;
+    }
+    // Config-based patterns are trusted - skip
+    if (isConfigBased) {
+        return;
+    }
+    // Check if regex source is an object property (app-controlled data, not user input)
+    // Patterns: obj.pattern, item.regex, l.urlRegExp, entry.matchPattern
+    const objectPropertySource = /new\s+RegExp\s*\(\s*\w+\.\w*(regex|pattern|regexp|match|rule|expression|filter)\w*/i.test(line);
+    if (objectPropertySource) {
+        vulnerabilities.push({
+            id: `dangerous-func-${filePath}-${index + 1}-${funcPattern.name}`,
+            filePath,
+            lineNumber: index + 1,
+            lineContent: line.trim(),
+            severity: 'info',
+            category: 'dangerous_function',
+            title: funcPattern.name + ' (app-controlled)',
+            description: 'Dynamic regex from object property. If the regex source is app-defined (not user input), ReDoS risk is minimal.',
+            suggestedFix: 'Ensure regex patterns come from trusted, validated sources.',
+            confidence: 'low',
+            layer: 2,
+        });
+        return;
+    }
+    // Check if regex source is from array iteration over app data
+    // Pattern: for (const item of items) { new RegExp(item.xxx) }
+    const isArrayIterationContext = /for\s*\(\s*(const|let|var)\s+\w+\s+(of|in)\s+/.test(context) &&
+        /new\s+RegExp\s*\(\s*\w+\./.test(line);
+    if (isArrayIterationContext) {
+        vulnerabilities.push({
+            id: `dangerous-func-${filePath}-${index + 1}-${funcPattern.name}`,
+            filePath,
+            lineNumber: index + 1,
+            lineContent: line.trim(),
+            severity: 'info',
+            category: 'dangerous_function',
+            title: funcPattern.name + ' (iteration)',
+            description: 'Dynamic regex in array iteration. If iterating over app-defined data, ReDoS risk is minimal.',
+            suggestedFix: 'Ensure regex patterns come from trusted sources, not user input.',
+            confidence: 'low',
+            layer: 2,
+        });
+        return;
+    }
+    // Try-catch wrapped - lower severity (ReDoS contained)
+    if (hasTryCatch) {
+        vulnerabilities.push({
+            id: `dangerous-func-${filePath}-${index + 1}-${funcPattern.name}`,
+            filePath,
+            lineNumber: index + 1,
+            lineContent: line.trim(),
+            severity: 'info',
+            category: 'dangerous_function',
+            title: funcPattern.name + ' (try-catch wrapped)',
+            description: 'Dynamic regex with try-catch error handling. ReDoS attacks are contained but may still cause performance issues.',
+            suggestedFix: 'Consider using safe-regex library or adding timeout for regex operations.',
+            confidence: 'low',
+            layer: 2,
+        });
+        return;
+    }
+    // Standard handling for unprotected regex
+    handleStandardPattern(funcPattern, line, index, filePath, isTestFile, vulnerabilities);
+}
+/**
+ * Handle spread operator with user input patterns
+ * Checks for schema validation (Fastify, Zod, tRPC) that strips unknown properties
+ */
+function handleSpreadPattern(funcPattern, line, content, index, filePath, isTestFile, vulnerabilities, lines) {
+    const _lines = lines ?? content.split('\n');
+    const contextStart = Math.max(0, index - 30);
+    const contextEnd = index;
+    const context = _lines.slice(contextStart, contextEnd).join('\n');
+    // Fastify/Hapi schema validation on route - body is pre-validated
+    // Pattern: schema: { body: someSchema } before handler
+    const hasRouteSchemaValidation = /schema\s*:\s*\{[^}]*body\s*:\s*\w+/i.test(context) ||
+        /body\s*:\s*\w+Schema/i.test(context);
+    // Express + Zod/Joi/Yup middleware validation
+    const hasMiddlewareValidation = /validate\s*\(\s*\w+Schema\s*\)/i.test(context) ||
+        /\.parse\s*\(\s*req\.body\s*\)/i.test(context) ||
+        /celebrate\s*\(/i.test(context);
+    // tRPC input validation
+    const hasTRPCValidation = /\.input\s*\(\s*z\./i.test(context) ||
+        /\.input\s*\(\s*\w+Schema\s*\)/i.test(context);
+    if (hasRouteSchemaValidation || hasMiddlewareValidation || hasTRPCValidation) {
+        vulnerabilities.push({
+            id: `dangerous-func-${filePath}-${index + 1}-${funcPattern.name}`,
+            filePath,
+            lineNumber: index + 1,
+            lineContent: line.trim(),
+            severity: 'info',
+            category: 'dangerous_function',
+            title: funcPattern.name + ' (schema-validated)',
+            description: 'Request body is spread but has schema validation. Schema validation strips unknown properties, reducing mass assignment risk.',
+            suggestedFix: 'Ensure schema validation is strict (no .passthrough() in Zod, no additionalProperties in JSON Schema).',
+            confidence: 'low',
+            layer: 2,
+        });
+        return;
+    }
+    // No schema validation - standard handling
+    handleStandardPattern(funcPattern, line, index, filePath, isTestFile, vulnerabilities);
+}
 /**
  * Handle standard patterns without special logic
  */