guardvibe 1.7.0 → 1.7.1

package/README.md

@@ -1,6 +1,6 @@
 # GuardVibe
 
-**The security MCP built for vibe coding.** 267 security rules covering the entire AI-generated code journey — from first line to production deployment.
+**The security MCP built for vibe coding.** 277 security rules covering the entire AI-generated code journey — from first line to production deployment.
 
 Works with **Claude Code, Cursor, Gemini CLI, Codex, Windsurf**, and any MCP-compatible coding agent.
 
@@ -8,7 +8,7 @@ Works with **Claude Code, Cursor, Gemini CLI, Codex, Windsurf**, and any MCP-com
 
 Most security tools are built for enterprise security teams. GuardVibe is built for **you** — the developer using AI to build and ship web apps fast.
 
-- **267 security rules** purpose-built for the stacks AI agents generate
+- **277 security rules** purpose-built for the stacks AI agents generate
 - **Zero setup friction** — `npx guardvibe` and you're scanning
 - **No account required** — runs 100% locally, no API keys, no cloud
 - **Understands your stack** — not generic SAST, but rules that know Next.js, Supabase, Stripe, Clerk, and the tools you actually use
@@ -34,7 +34,7 @@ GuardVibe is purpose-built for the AI coding workflow. Traditional tools are exc
 | CVE version detection | 21 packages | Extensive | Extensive |
 | Compliance mapping (SOC2, PCI-DSS, HIPAA) | Built-in | Paid tier | None |
 | SARIF CI/CD export | Yes | Yes | Limited |
-| Rule count | 267 (focused) | 5000+ (broad) | N/A |
+| Rule count | 277 (focused) | 5000+ (broad) | N/A |
 
 **When to use GuardVibe:** You're building with AI agents and want security scanning integrated into your coding workflow — no dashboard, no account, no CI setup.
 
@@ -146,7 +146,7 @@ Malicious postinstall scripts, unpinned GitHub Actions, typosquat detection
 
 All scanning tools support `format: "json"` for machine-readable output.
 
-## Security Rules (267 rules across 23 modules)
+## Security Rules (277 rules across 23 modules)
 
 | Category | Rules | Coverage |
 |----------|-------|----------|

package/build/data/rules/core.js

@@ -346,4 +346,40 @@ export const coreRules = [
         fixCode: '// BAD: user controls the regex\nconst re = new RegExp(req.query.search);\n\n// GOOD: escape regex special chars\nfunction escapeRegex(s: string) {\n  return s.replace(/[.*+?^${}()|[\\]\\\\]/g, "\\\\$&");\n}\nconst re = new RegExp(escapeRegex(req.query.search));\n\n// BETTER: use string methods\nconst results = items.filter(i => i.name.includes(query));',
         compliance: ["SOC2:CC7.1"],
     },
+    {
+        id: "VG108",
+        name: "Vue v-html Directive with User Data",
+        severity: "high",
+        owasp: "A07:2025 Cross-Site Scripting",
+        description: "Vue's v-html directive renders raw HTML without sanitization, equivalent to innerHTML. If user-controlled data is bound via v-html, attackers can inject arbitrary scripts for stored or reflected XSS.",
+        pattern: /v-html\s*=\s*["'](?!['"])\w/gi,
+        languages: ["html", "javascript", "typescript"],
+        fix: "Avoid v-html with user data. Use text interpolation {{ }} or sanitize with DOMPurify before rendering.",
+        fixCode: '<!-- BAD: raw HTML rendering -->\n<!-- <div v-html="userComment"></div> -->\n\n<!-- GOOD: text interpolation (auto-escaped) -->\n<div>{{ userComment }}</div>\n\n<!-- If HTML needed: sanitize first -->\n<div v-html="DOMPurify.sanitize(userComment)"></div>',
+        compliance: ["SOC2:CC7.1"],
+    },
+    {
+        id: "VG109",
+        name: "Angular innerHTML Binding with User Data",
+        severity: "high",
+        owasp: "A07:2025 Cross-Site Scripting",
+        description: "Angular's [innerHTML] property binding renders HTML content. While Angular's built-in sanitizer strips scripts, it can be bypassed with bypassSecurityTrustHtml() or via CSS/SVG-based XSS vectors.",
+        pattern: /(?:\[innerHTML\]\s*=\s*["']\w|bypassSecurityTrustHtml\s*\()/gi,
+        languages: ["html", "typescript"],
+        fix: "Avoid [innerHTML] with user data. If unavoidable, never use bypassSecurityTrustHtml() on user input.",
+        fixCode: '<!-- BAD: bypass Angular sanitizer -->\n<!-- <div [innerHTML]="trustedHtml"></div> -->\n<!-- this.trustedHtml = this.sanitizer.bypassSecurityTrustHtml(userInput); -->\n\n<!-- GOOD: let Angular sanitize automatically -->\n<div [innerText]="userInput"></div>\n<!-- Or use Angular pipe with DOMPurify -->',
+        compliance: ["SOC2:CC7.1"],
+    },
+    {
+        id: "VG116",
+        name: "HTML Event Handler Injection via User Input",
+        severity: "high",
+        owasp: "A07:2025 Cross-Site Scripting",
+        description: "User input is interpolated into HTML attributes that accept JavaScript (onclick, onerror, onload, onmouseover, onfocus). Even without script tags, event handlers execute arbitrary JavaScript when the element is interacted with or loads.",
+        pattern: /(?:on(?:click|error|load|mouseover|focus|blur|submit|change|input|keyup|keydown))\s*=\s*(?:`[^`]*\$\{|["'][^"']*["']\s*\+\s*(?:user|input|query|param|req\.|data\.))/gi,
+        languages: ["javascript", "typescript", "html"],
+        fix: "Never interpolate user input into HTML event handler attributes. Use addEventListener with sanitized data instead.",
+        fixCode: '// BAD: user input in event handler\n// `<img onerror="${userInput}">`\n\n// GOOD: use addEventListener\nconst img = document.createElement("img");\nimg.addEventListener("error", () => handleError(sanitizedInput));',
+        compliance: ["SOC2:CC7.1"],
+    },
 ];

package/build/data/rules/deployment.js

@@ -230,4 +230,16 @@ export const deploymentRules = [
         fixCode: '# BAD: breaks container isolation\n# hostNetwork: true\n# hostPID: true\n\n# GOOD: use pod networking\nspec:\n  hostNetwork: false\n  hostPID: false\n  hostIPC: false\n  containers:\n    - name: app\n      securityContext:\n        runAsNonRoot: true',
         compliance: ["SOC2:CC6.1", "PCI-DSS:Req6.5.10"],
     },
+    {
+        id: "VG524",
+        name: "Data URL or Blob URL in User-Controlled src/href",
+        severity: "high",
+        owasp: "A07:2025 Cross-Site Scripting",
+        description: "User-controlled input is used in src or href attributes without blocking data: and blob: URL schemes. data:text/html URLs can embed full HTML pages with scripts, and javascript: URLs execute code — bypassing same-origin restrictions.",
+        pattern: /(?:src|href|action|poster|srcDoc)\s*=\s*\{[\s\S]{0,100}?(?:user|input|param|query|data|url|link|content)[\s\S]{0,100}?(?:(?!(?:startsWith|protocol|scheme|allowlist|whitelist|URL\()[\s\S]{0,50}?))\}/gi,
+        languages: ["javascript", "typescript"],
+        fix: "Validate URL scheme against an allowlist (https: only). Block data:, blob:, and javascript: URLs from user input.",
+        fixCode: '// Validate URL scheme\nfunction isSafeUrl(url: string): boolean {\n  try {\n    const parsed = new URL(url);\n    return ["https:", "http:"].includes(parsed.protocol);\n  } catch {\n    return false;\n  }\n}\n\n// Usage\n<img src={isSafeUrl(userUrl) ? userUrl : "/placeholder.png"} />',
+        compliance: ["SOC2:CC7.1"],
+    },
 ];

package/build/data/rules/modern-stack.js

@@ -434,4 +434,52 @@ export const modernStackRules = [
         fixCode: '// Express: trust only your reverse proxy\napp.set("trust proxy", 1); // trust first proxy\n\n// Rate limiter: use req.ip (respects trust proxy)\nimport rateLimit from "express-rate-limit";\nconst limiter = rateLimit({\n  keyGenerator: (req) => req.ip, // uses trusted proxy chain\n  max: 100,\n  windowMs: 15 * 60 * 1000,\n});',
         compliance: ["SOC2:CC7.1"],
     },
+    {
+        id: "VG990",
+        name: "SVG File Upload Without Content Sanitization",
+        severity: "critical",
+        owasp: "A07:2025 Cross-Site Scripting",
+        description: "File upload accepts SVG files but does not scan or sanitize SVG content. SVG files can contain embedded <script> tags, event handlers (onload, onclick), and external resource references that execute JavaScript when the SVG is rendered in a browser.",
+        pattern: /(?:(?:allowedMimeTypes|accept|mimeTypes|fileTypes|allowedTypes|contentType)\s*[:=]\s*(?:\[[\s\S]*?|['"`])[\s\S]{0,100}?(?:svg|image\/svg|\.svg))/gi,
+        languages: ["javascript", "typescript"],
+        fix: "Either reject SVG uploads entirely or sanitize SVG content by stripping script tags, event handlers, and external references. Use a library like DOMPurify with SVG profile.",
+        fixCode: '// Option 1: Reject SVGs\nconst ALLOWED_TYPES = ["image/png", "image/jpeg", "image/webp"]; // no SVG\n\n// Option 2: Sanitize SVG content\nimport DOMPurify from "dompurify";\nconst cleanSvg = DOMPurify.sanitize(svgContent, {\n  USE_PROFILES: { svg: true, svgFilters: true },\n  FORBID_TAGS: ["script", "foreignObject"],\n  FORBID_ATTR: ["onclick", "onerror", "onload"],\n});',
+        compliance: ["SOC2:CC7.1"],
+    },
+    {
+        id: "VG991",
+        name: "Markdown Rendered as HTML Without Sanitization",
+        severity: "high",
+        owasp: "A07:2025 Cross-Site Scripting",
+        description: "Markdown library output (marked, showdown, markdown-it, remark) is rendered as HTML without sanitization. Most markdown parsers allow raw HTML by default — user-submitted markdown like `<img onerror=alert(1)>` passes through as executable HTML.",
+        pattern: /(?:marked|showdown|markdownIt|markdown-it|unified|remark|rehype)[\s\S]{0,300}?(?:innerHTML|dangerouslySetInnerHTML|v-html|\[innerHTML\]|\.html\s*\(|res\.send)/gi,
+        languages: ["javascript", "typescript"],
+        fix: "Sanitize markdown HTML output with DOMPurify before rendering, or configure the parser to disable raw HTML.",
+        fixCode: '// BAD: unsanitized markdown\n// element.innerHTML = marked.parse(userMarkdown);\n\n// GOOD: sanitize after parsing\nimport DOMPurify from "dompurify";\nimport { marked } from "marked";\nconst html = DOMPurify.sanitize(marked.parse(userMarkdown));\n\n// Or disable HTML in parser\nmarked.setOptions({ sanitize: true });\n// markdown-it: const md = markdownIt({ html: false });',
+        compliance: ["SOC2:CC7.1"],
+    },
+    {
+        id: "VG992",
+        name: "Rich Text Editor Output Without Sanitization",
+        severity: "high",
+        owasp: "A07:2025 Cross-Site Scripting",
+        description: "WYSIWYG/rich text editor content (TipTap, Draft.js, Slate, Quill, CKEditor, TinyMCE) is rendered via innerHTML or dangerouslySetInnerHTML without sanitization. Editor output is user-controlled HTML that can contain XSS payloads — especially if the editor allows source code editing or paste from external sources.",
+        pattern: /(?:editor\.getHTML|getContent|convertToHTML|stateToHTML|serialize|draftToHtml|renderToString)[\s\S]{0,300}?(?:innerHTML|dangerouslySetInnerHTML|v-html|\[innerHTML\])/gi,
+        languages: ["javascript", "typescript"],
+        fix: "Always sanitize rich text editor output with DOMPurify before rendering, even if the editor has its own sanitization.",
+        fixCode: '// BAD: direct editor output rendering\n// <div dangerouslySetInnerHTML={{ __html: editor.getHTML() }} />\n\n// GOOD: sanitize editor output\nimport DOMPurify from "dompurify";\nconst cleanHtml = DOMPurify.sanitize(editor.getHTML(), {\n  ALLOWED_TAGS: ["p", "b", "i", "em", "strong", "a", "ul", "ol", "li", "br", "h1", "h2", "h3"],\n  ALLOWED_ATTR: ["href", "target", "rel"],\n});\n<div dangerouslySetInnerHTML={{ __html: cleanHtml }} />',
+        compliance: ["SOC2:CC7.1"],
+    },
+    {
+        id: "VG993",
+        name: "Upload Filename Used Without Sanitization",
+        severity: "high",
+        owasp: "A01:2025 Broken Access Control",
+        description: "User-uploaded file's original filename is used directly for storage without sanitization. Attackers can use directory traversal (../../etc/passwd), null bytes (file.php%00.jpg), double extensions (file.jpg.exe), or Unicode tricks to overwrite files, bypass type checks, or achieve remote code execution.",
+        pattern: /(?:file\.name|originalname|filename|req\.file\.originalname|formData\.get\s*\(\s*['"]file['"])\s*[\s\S]{0,100}?(?:writeFile|createWriteStream|save|upload|putObject|mv\s*\(|rename|storage)/gi,
+        languages: ["javascript", "typescript"],
+        fix: "Generate a random filename (UUID/nanoid) and validate the extension against an allowlist. Never use the original filename for storage.",
+        fixCode: 'import { randomUUID } from "crypto";\nimport path from "path";\n\n// Generate safe filename\nconst ext = path.extname(file.name).toLowerCase();\nconst ALLOWED_EXT = [".jpg", ".jpeg", ".png", ".webp", ".pdf"];\nif (!ALLOWED_EXT.includes(ext)) throw new Error("Invalid file type");\nconst safeName = `${randomUUID()}${ext}`;\nawait fs.writeFile(`/uploads/${safeName}`, buffer);',
+        compliance: ["SOC2:CC7.1"],
+    },
 ];

package/build/data/rules/nextjs.js

@@ -168,4 +168,16 @@ export const nextjsRules = [
         fixCode: '// next.config.ts\nexport default {\n  serverActions: {\n    allowedOrigins: ["myapp.com", "*.myapp.com"],\n  },\n};',
         compliance: ["SOC2:CC6.6"],
     },
+    {
+        id: "VG414",
+        name: "Server-Side Template Injection (SSTI)",
+        severity: "critical",
+        owasp: "A02:2025 Injection",
+        description: "User input is rendered using an unescaped template directive (EJS <%- %>, Handlebars {{{ }}}, Pug != operator, Nunjucks | safe filter). These directives bypass HTML escaping, allowing attackers to inject arbitrary HTML and JavaScript that executes server-side or client-side.",
+        pattern: /(?:<%-\s*\w|(?:\{\{\{)\s*\w|!=\s*\w[\s\S]{0,50}?(?:user|input|query|body|param|req\.|data\.)|\|\s*safe\s*(?:\}\}|\%\}))/gi,
+        languages: ["javascript", "typescript", "html"],
+        fix: "Always use escaped template directives: EJS <%= %>, Handlebars {{ }}, Pug =. Only use unescaped rendering for trusted, developer-controlled content.",
+        fixCode: '<!-- EJS: use escaped output -->\n<p><%= userInput %></p>   <!-- SAFE: HTML-escaped -->\n<!-- NOT: <%- userInput %>  DANGEROUS: raw HTML -->\n\n<!-- Handlebars: use double braces -->\n<p>{{userInput}}</p>      <!-- SAFE: escaped -->\n<!-- NOT: {{{userInput}}}   DANGEROUS: raw HTML -->\n\n<!-- Pug: use = not != -->\np= userInput              //- SAFE: escaped\n//- NOT: p!= userInput    DANGEROUS: raw HTML',
+        compliance: ["SOC2:CC7.1", "PCI-DSS:Req6.5.1"],
+    },
 ];

package/build/data/rules/web-security.js

@@ -173,4 +173,16 @@ export const webSecurityRules = [
         fixCode: "// Reads from OPENAI_API_KEY env automatically\nconst openai = new OpenAI();",
         compliance: ["SOC2:CC6.1"],
     },
+    {
+        id: "VG678",
+        name: "Missing X-Content-Type-Options Header",
+        severity: "high",
+        owasp: "A05:2021 Security Misconfiguration",
+        description: "Response serving user-uploaded files does not set X-Content-Type-Options: nosniff. Browsers may MIME-sniff the content and execute uploaded files as HTML/JavaScript, enabling stored XSS via file uploads.",
+        pattern: /(?:createReadStream|sendFile|send\s*\(|pipe\s*\(|res\.download|res\.sendFile|getSignedUrl|getPublicUrl)[\s\S]{0,500}?(?:(?!X-Content-Type-Options|nosniff)[\s\S]){10,}?(?:res\.end|\.pipe|return|response)/gi,
+        languages: ["javascript", "typescript"],
+        fix: "Set X-Content-Type-Options: nosniff on all responses serving user-uploaded content.",
+        fixCode: '// Set nosniff header for uploaded file responses\nres.setHeader("X-Content-Type-Options", "nosniff");\nres.setHeader("Content-Disposition", "attachment"); // force download for unknown types\nres.sendFile(filePath);',
+        compliance: ["SOC2:CC6.1"],
+    },
 ];

package/package.json

@@ -1,7 +1,7 @@
 {
   "name": "guardvibe",
-  "version": "1.7.0",
-  "description": "Security MCP for vibe coding. 267 rules, 14 tools for Next.js, Supabase, Clerk, Stripe, Prisma, tRPC, Hono, GraphQL, Convex, Turso, Uploadthing, AI SDK, and the full AI-generated stack.",
+  "version": "1.7.1",
+  "description": "Security MCP for vibe coding. 277 rules, 14 tools for Next.js, Supabase, Clerk, Stripe, Prisma, tRPC, Hono, GraphQL, Convex, Turso, Uploadthing, AI SDK, and the full AI-generated stack.",
   "type": "module",
   "bin": {
     "guardvibe": "build/index.js",