JS: Add taint source/sink summary queries

javascript/ql/src/Summary/TaintSinks.ql

@@ -0,0 +1,15 @@
+/**
+ * @name Taint sinks
+ * @description Expressions that are vulnerable if containing untrusted data.
+ * @kind problem
+ * @problem.severity informational
+ * @id js/summary/taint-sinks
+ * @tags summary
+ * @precision medium
+ */
+
+import javascript
+import meta.internal.TaintMetrics
+
+from string kind
+select relevantTaintSink(kind), kind + " sink"

javascript/ql/src/Summary/TaintSources.ql

@@ -0,0 +1,16 @@
+/**
+ * @name Taint sources
+ * @description Sources of untrusted input.
+ * @kind problem
+ * @problem.severity informational
+ * @id js/summary/taint-sources
+ * @tags summary
+ * @precision medium
+ */
+
+import javascript
+import meta.internal.TaintMetrics
+
+from RemoteFlowSource node
+where node = relevantTaintSource()
+select node, node.getSourceType()