Security Scan
security_scanScan code for OWASP vulnerabilities like injection, XSS, and path traversal, as well as supply chain risks. Returns findings with severity, category, and line numbers.
Instructions
Scan code for OWASP vulnerabilities (injection, XSS, path traversal, SSRF, prototype pollution) and supply chain risks (typosquatting, install script abuse, wildcard versions). Returns findings with severity, category, and line numbers.
Input Schema
| Name | Required | Description | Default |
|---|---|---|---|
| content | Yes | Code content to scan | |
| diffMode | No | When true, treats content as git diff output | |
| filePath | No | File path for language-aware scanning |