detect_security_issues
Identify security vulnerabilities and risks in code to improve software safety and prevent potential exploits.
Instructions
检测代码中的安全漏洞和风险
Input Schema
TableJSON Schema
| Name | Required | Description | Default |
|---|---|---|---|
| code | Yes | 要检测的代码 | |
| language | Yes | 编程语言 |
Implementation Reference
- src/tools/securityScanner.ts:6-43 (handler)Core handler function that performs security scanning by detecting common and language-specific issues using regex patterns, aggregates results, and computes risk score.
export async function detectSecurityIssues( code: string, language: string ): Promise<SecurityScanResult> { const issues: SecurityIssue[] = []; // 通用安全检测 await detectCommonSecurityIssues(code, language, issues); // 语言特定安全检测 switch (language.toLowerCase()) { case 'javascript': case 'typescript': await detectJavaScriptSecurityIssues(code, issues); break; case 'python': await detectPythonSecurityIssues(code, issues); break; case 'java': await detectJavaSecurityIssues(code, issues); break; case 'sql': await detectSQLSecurityIssues(code, issues); break; } return { language, totalIssues: issues.length, criticalIssues: issues.filter(i => i.severity === 'critical').length, highIssues: issues.filter(i => i.severity === 'high').length, mediumIssues: issues.filter(i => i.severity === 'medium').length, lowIssues: issues.filter(i => i.severity === 'low').length, issues, recommendations: generateSecurityRecommendations(issues), riskScore: calculateRiskScore(issues) }; } - src/index.ts:225-242 (handler)MCP server handler for the tool: validates input parameters using Zod, calls the core detectSecurityIssues function, and formats the response as MCP content.
private async handleDetectSecurityIssues(args: any) { const schema = z.object({ code: z.string(), language: z.string() }); const { code, language } = schema.parse(args); const result = await detectSecurityIssues(code, language); return { content: [ { type: 'text', text: JSON.stringify(result, null, 2) } ] }; } - src/index.ts:89-106 (registration)Tool registration in the ListTools response, defining name, description, and input schema.
{ name: 'detect_security_issues', description: '检测代码中的安全漏洞和风险', inputSchema: { type: 'object', properties: { code: { type: 'string', description: '要检测的代码' }, language: { type: 'string', description: '编程语言' } }, required: ['code', 'language'] } }, - src/types/index.ts:34-58 (schema)TypeScript interfaces defining the output structure: SecurityScanResult for the scan result and SecurityIssue for individual issues.
export interface SecurityScanResult { language: string; totalIssues: number; criticalIssues: number; highIssues: number; mediumIssues: number; lowIssues: number; issues: SecurityIssue[]; recommendations: string[]; riskScore: number; } export interface SecurityIssue { type: 'hardcoded-credentials' | 'code-injection' | 'sql-injection' | 'xss' | 'unsafe-deserialization' | 'weak-randomness' | 'information-disclosure' | 'regex-dos' | 'prototype-pollution' | 'xxe' | 'insecure-temp-file' | 'dangerous-operation'; severity: 'critical' | 'high' | 'medium' | 'low'; message: string; description: string; line: number; column: number; cwe: string; recommendation: string; } - src/tools/securityScanner.ts:48-151 (helper)Helper function for detecting common security issues like hardcoded credentials, code injection, weak randomness, and debug leaks using regex patterns.
async function detectCommonSecurityIssues( code: string, language: string, issues: SecurityIssue[] ): Promise<void> { const lines = code.split('\n'); lines.forEach((line, index) => { const lineNumber = index + 1; const trimmedLine = line.trim().toLowerCase(); // 检测硬编码密码 const passwordPatterns = [ /password\s*[=:]\s*["'][^"']+["']/i, /pwd\s*[=:]\s*["'][^"']+["']/i, /secret\s*[=:]\s*["'][^"']+["']/i, /api[_-]?key\s*[=:]\s*["'][^"']+["']/i, /token\s*[=:]\s*["'][^"']+["']/i ]; passwordPatterns.forEach(pattern => { if (pattern.test(line)) { issues.push({ type: 'hardcoded-credentials', severity: 'critical', message: '检测到硬编码的敏感信息(密码、密钥等)', description: '硬编码的敏感信息可能被恶意用户获取,应使用环境变量或配置文件', line: lineNumber, column: line.search(pattern) + 1, cwe: 'CWE-798', recommendation: '使用环境变量或安全的配置管理系统存储敏感信息' }); } }); // 检测潜在的代码注入 const injectionPatterns = [ /eval\s*\(/i, /exec\s*\(/i, /system\s*\(/i, /shell_exec\s*\(/i, /passthru\s*\(/i ]; injectionPatterns.forEach(pattern => { if (pattern.test(line)) { issues.push({ type: 'code-injection', severity: 'critical', message: '检测到潜在的代码注入风险', description: '使用动态代码执行函数可能导致代码注入攻击', line: lineNumber, column: line.search(pattern) + 1, cwe: 'CWE-94', recommendation: '避免使用动态代码执行,使用更安全的替代方案' }); } }); // 检测不安全的随机数生成 const weakRandomPatterns = [ /math\.random\s*\(/i, /random\.random\s*\(/i, /rand\s*\(/i ]; weakRandomPatterns.forEach(pattern => { if (pattern.test(line)) { issues.push({ type: 'weak-randomness', severity: 'medium', message: '使用了不安全的随机数生成器', description: '弱随机数生成器可能被预测,不适用于安全相关场景', line: lineNumber, column: line.search(pattern) + 1, cwe: 'CWE-338', recommendation: '使用密码学安全的随机数生成器' }); } }); // 检测调试信息泄露 const debugPatterns = [ /console\.log\s*\(.*(password|token|key|secret)/i, /print\s*\(.*(password|token|key|secret)/i, /system\.out\.println\s*\(.*(password|token|key|secret)/i ]; debugPatterns.forEach(pattern => { if (pattern.test(line)) { issues.push({ type: 'information-disclosure', severity: 'high', message: '检测到敏感信息可能通过调试输出泄露', description: '在日志或控制台输出中包含敏感信息可能导致信息泄露', line: lineNumber, column: line.search(pattern) + 1, cwe: 'CWE-532', recommendation: '移除或过滤敏感信息的调试输出' }); } }); }); }