sast_path_traversal
Scans code for path traversal vulnerabilities: detects unsafe use of fs functions (readFile, writeFile, readdir, unlink) with user input missing path.resolve validation.
Instructions
AST-scan for path traversal: fs.readFile(), writeFile(), readdir(), unlink() — where path argument includes user input without path.resolve() validation.
Input Schema
| Name | Required | Description | Default |
|---|---|---|---|
| path | Yes | Directory path containing source files to analyze |