diff --git a/javascript/ql/integration-tests/query-suite/javascript-code-scanning.qls.expected b/javascript/ql/integration-tests/query-suite/javascript-code-scanning.qls.expected index 0c417e661c7..db3a4ded7a2 100644 --- a/javascript/ql/integration-tests/query-suite/javascript-code-scanning.qls.expected +++ b/javascript/ql/integration-tests/query-suite/javascript-code-scanning.qls.expected @@ -41,6 +41,7 @@ ql/javascript/ql/src/Security/CWE-116/IncompleteMultiCharacterSanitization.ql ql/javascript/ql/src/Security/CWE-116/IncompleteSanitization.ql ql/javascript/ql/src/Security/CWE-116/UnsafeHtmlExpansion.ql ql/javascript/ql/src/Security/CWE-134/TaintedFormatString.ql +ql/javascript/ql/src/Security/CWE-1427/SystemPromptInjection.ql ql/javascript/ql/src/Security/CWE-178/CaseSensitiveMiddlewarePath.ql ql/javascript/ql/src/Security/CWE-200/PrivateFileExposure.ql ql/javascript/ql/src/Security/CWE-201/PostMessageStar.ql diff --git a/javascript/ql/integration-tests/query-suite/javascript-security-and-quality.qls.expected b/javascript/ql/integration-tests/query-suite/javascript-security-and-quality.qls.expected index f87cd2bf505..150d97e2b25 100644 --- a/javascript/ql/integration-tests/query-suite/javascript-security-and-quality.qls.expected +++ b/javascript/ql/integration-tests/query-suite/javascript-security-and-quality.qls.expected @@ -132,6 +132,7 @@ ql/javascript/ql/src/Security/CWE-116/UnsafeHtmlExpansion.ql ql/javascript/ql/src/Security/CWE-117/LogInjection.ql ql/javascript/ql/src/Security/CWE-1275/SameSiteNoneCookie.ql ql/javascript/ql/src/Security/CWE-134/TaintedFormatString.ql +ql/javascript/ql/src/Security/CWE-1427/SystemPromptInjection.ql ql/javascript/ql/src/Security/CWE-178/CaseSensitiveMiddlewarePath.ql ql/javascript/ql/src/Security/CWE-200/FileAccessToHttp.ql ql/javascript/ql/src/Security/CWE-200/PrivateFileExposure.ql diff --git a/javascript/ql/integration-tests/query-suite/javascript-security-extended.qls.expected b/javascript/ql/integration-tests/query-suite/javascript-security-extended.qls.expected index ac5e0e2c498..ca8cfccc663 100644 --- a/javascript/ql/integration-tests/query-suite/javascript-security-extended.qls.expected +++ b/javascript/ql/integration-tests/query-suite/javascript-security-extended.qls.expected @@ -47,6 +47,7 @@ ql/javascript/ql/src/Security/CWE-116/UnsafeHtmlExpansion.ql ql/javascript/ql/src/Security/CWE-117/LogInjection.ql ql/javascript/ql/src/Security/CWE-1275/SameSiteNoneCookie.ql ql/javascript/ql/src/Security/CWE-134/TaintedFormatString.ql +ql/javascript/ql/src/Security/CWE-1427/SystemPromptInjection.ql ql/javascript/ql/src/Security/CWE-178/CaseSensitiveMiddlewarePath.ql ql/javascript/ql/src/Security/CWE-200/FileAccessToHttp.ql ql/javascript/ql/src/Security/CWE-200/PrivateFileExposure.ql diff --git a/javascript/ql/integration-tests/query-suite/not_included_in_qls.expected b/javascript/ql/integration-tests/query-suite/not_included_in_qls.expected index 46317e8800f..14200e6c63d 100644 --- a/javascript/ql/integration-tests/query-suite/not_included_in_qls.expected +++ b/javascript/ql/integration-tests/query-suite/not_included_in_qls.expected @@ -57,6 +57,7 @@ ql/javascript/ql/src/definitions.ql ql/javascript/ql/src/experimental/Security/CWE-094-dataURL/CodeInjection.ql ql/javascript/ql/src/experimental/Security/CWE-099/EnvValueAndKeyInjection.ql ql/javascript/ql/src/experimental/Security/CWE-099/EnvValueInjection.ql +ql/javascript/ql/src/experimental/Security/CWE-1427/UserPromptInjection.ql ql/javascript/ql/src/experimental/Security/CWE-340/TokenBuiltFromUUID.ql ql/javascript/ql/src/experimental/Security/CWE-347/decodeJwtWithoutVerification.ql ql/javascript/ql/src/experimental/Security/CWE-347/decodeJwtWithoutVerificationLocalSource.ql diff --git a/javascript/ql/lib/semmle/javascript/frameworks/Anthropic.qll b/javascript/ql/lib/semmle/javascript/frameworks/Anthropic.qll index 51bc6a74dc7..e727d07e288 100644 --- a/javascript/ql/lib/semmle/javascript/frameworks/Anthropic.qll +++ b/javascript/ql/lib/semmle/javascript/frameworks/Anthropic.qll @@ -11,6 +11,7 @@ private import javascript +/** Provides classes modeling prompt-injection sources of the `@anthropic-ai/sdk` package. */ module Anthropic { /** Gets a reference to the `Anthropic` client instance. */ private API::Node classRef() { result = API::moduleImport("@anthropic-ai/sdk").getInstance() } diff --git a/javascript/ql/lib/semmle/javascript/frameworks/GoogleGenAI.qll b/javascript/ql/lib/semmle/javascript/frameworks/GoogleGenAI.qll index aed244d6a86..d6ba220b31d 100644 --- a/javascript/ql/lib/semmle/javascript/frameworks/GoogleGenAI.qll +++ b/javascript/ql/lib/semmle/javascript/frameworks/GoogleGenAI.qll @@ -11,6 +11,7 @@ private import javascript +/** Provides classes modeling prompt-injection sources of the `@google/genai` package. */ module GoogleGenAI { /** Gets a reference to the `GoogleGenAI` client instance. */ private API::Node clientRef() { diff --git a/javascript/ql/lib/semmle/javascript/frameworks/OpenAI.qll b/javascript/ql/lib/semmle/javascript/frameworks/OpenAI.qll index 999fae24b79..a0a5ab69b08 100644 --- a/javascript/ql/lib/semmle/javascript/frameworks/OpenAI.qll +++ b/javascript/ql/lib/semmle/javascript/frameworks/OpenAI.qll @@ -16,6 +16,7 @@ private predicate isSystemOrDevMessage(API::Node msg) { msg.getMember("role").asSink().mayHaveStringValue(["system", "developer", "assistant"]) } +/** Provides classes modeling prompt-injection sources of the `openai` and `openai-guardrails` packages. */ module OpenAI { /** Gets a reference to all OpenAI client instances. */ private API::Node allClients() { @@ -207,6 +208,7 @@ module OpenAI { * unsafe agent detection that MaD cannot express. */ module AgentSDK { + /** Gets a reference to the OpenAI Agents SDK module. */ API::Node moduleRef() { result = API::moduleImport("@openai/agents") or