From e370af644472bf4266fd0ecc085db6014d3424c3 Mon Sep 17 00:00:00 2001
From: BazookaMusic <bazookamusic@github.com>
Date: Mon, 8 Jun 2026 12:38:28 +0200
Subject: [PATCH] QLDoc + include the queries in the correct expected files per
 query suite

---
 .../query-suite/javascript-code-scanning.qls.expected           | 1 +
 .../query-suite/javascript-security-and-quality.qls.expected    | 1 +
 .../query-suite/javascript-security-extended.qls.expected       | 1 +
 .../integration-tests/query-suite/not_included_in_qls.expected  | 1 +
 javascript/ql/lib/semmle/javascript/frameworks/Anthropic.qll    | 1 +
 javascript/ql/lib/semmle/javascript/frameworks/GoogleGenAI.qll  | 1 +
 javascript/ql/lib/semmle/javascript/frameworks/OpenAI.qll       | 2 ++
 7 files changed, 8 insertions(+)

diff --git a/javascript/ql/integration-tests/query-suite/javascript-code-scanning.qls.expected b/javascript/ql/integration-tests/query-suite/javascript-code-scanning.qls.expected
index 0c417e661c7..db3a4ded7a2 100644
--- a/javascript/ql/integration-tests/query-suite/javascript-code-scanning.qls.expected
+++ b/javascript/ql/integration-tests/query-suite/javascript-code-scanning.qls.expected
@@ -41,6 +41,7 @@ ql/javascript/ql/src/Security/CWE-116/IncompleteMultiCharacterSanitization.ql
 ql/javascript/ql/src/Security/CWE-116/IncompleteSanitization.ql
 ql/javascript/ql/src/Security/CWE-116/UnsafeHtmlExpansion.ql
 ql/javascript/ql/src/Security/CWE-134/TaintedFormatString.ql
+ql/javascript/ql/src/Security/CWE-1427/SystemPromptInjection.ql
 ql/javascript/ql/src/Security/CWE-178/CaseSensitiveMiddlewarePath.ql
 ql/javascript/ql/src/Security/CWE-200/PrivateFileExposure.ql
 ql/javascript/ql/src/Security/CWE-201/PostMessageStar.ql
diff --git a/javascript/ql/integration-tests/query-suite/javascript-security-and-quality.qls.expected b/javascript/ql/integration-tests/query-suite/javascript-security-and-quality.qls.expected
index f87cd2bf505..150d97e2b25 100644
--- a/javascript/ql/integration-tests/query-suite/javascript-security-and-quality.qls.expected
+++ b/javascript/ql/integration-tests/query-suite/javascript-security-and-quality.qls.expected
@@ -132,6 +132,7 @@ ql/javascript/ql/src/Security/CWE-116/UnsafeHtmlExpansion.ql
 ql/javascript/ql/src/Security/CWE-117/LogInjection.ql
 ql/javascript/ql/src/Security/CWE-1275/SameSiteNoneCookie.ql
 ql/javascript/ql/src/Security/CWE-134/TaintedFormatString.ql
+ql/javascript/ql/src/Security/CWE-1427/SystemPromptInjection.ql
 ql/javascript/ql/src/Security/CWE-178/CaseSensitiveMiddlewarePath.ql
 ql/javascript/ql/src/Security/CWE-200/FileAccessToHttp.ql
 ql/javascript/ql/src/Security/CWE-200/PrivateFileExposure.ql
diff --git a/javascript/ql/integration-tests/query-suite/javascript-security-extended.qls.expected b/javascript/ql/integration-tests/query-suite/javascript-security-extended.qls.expected
index ac5e0e2c498..ca8cfccc663 100644
--- a/javascript/ql/integration-tests/query-suite/javascript-security-extended.qls.expected
+++ b/javascript/ql/integration-tests/query-suite/javascript-security-extended.qls.expected
@@ -47,6 +47,7 @@ ql/javascript/ql/src/Security/CWE-116/UnsafeHtmlExpansion.ql
 ql/javascript/ql/src/Security/CWE-117/LogInjection.ql
 ql/javascript/ql/src/Security/CWE-1275/SameSiteNoneCookie.ql
 ql/javascript/ql/src/Security/CWE-134/TaintedFormatString.ql
+ql/javascript/ql/src/Security/CWE-1427/SystemPromptInjection.ql
 ql/javascript/ql/src/Security/CWE-178/CaseSensitiveMiddlewarePath.ql
 ql/javascript/ql/src/Security/CWE-200/FileAccessToHttp.ql
 ql/javascript/ql/src/Security/CWE-200/PrivateFileExposure.ql
diff --git a/javascript/ql/integration-tests/query-suite/not_included_in_qls.expected b/javascript/ql/integration-tests/query-suite/not_included_in_qls.expected
index 46317e8800f..14200e6c63d 100644
--- a/javascript/ql/integration-tests/query-suite/not_included_in_qls.expected
+++ b/javascript/ql/integration-tests/query-suite/not_included_in_qls.expected
@@ -57,6 +57,7 @@ ql/javascript/ql/src/definitions.ql
 ql/javascript/ql/src/experimental/Security/CWE-094-dataURL/CodeInjection.ql
 ql/javascript/ql/src/experimental/Security/CWE-099/EnvValueAndKeyInjection.ql
 ql/javascript/ql/src/experimental/Security/CWE-099/EnvValueInjection.ql
+ql/javascript/ql/src/experimental/Security/CWE-1427/UserPromptInjection.ql
 ql/javascript/ql/src/experimental/Security/CWE-340/TokenBuiltFromUUID.ql
 ql/javascript/ql/src/experimental/Security/CWE-347/decodeJwtWithoutVerification.ql
 ql/javascript/ql/src/experimental/Security/CWE-347/decodeJwtWithoutVerificationLocalSource.ql
diff --git a/javascript/ql/lib/semmle/javascript/frameworks/Anthropic.qll b/javascript/ql/lib/semmle/javascript/frameworks/Anthropic.qll
index 51bc6a74dc7..e727d07e288 100644
--- a/javascript/ql/lib/semmle/javascript/frameworks/Anthropic.qll
+++ b/javascript/ql/lib/semmle/javascript/frameworks/Anthropic.qll
@@ -11,6 +11,7 @@
 
 private import javascript
 
+/** Provides classes modeling prompt-injection sources of the `@anthropic-ai/sdk` package. */
 module Anthropic {
   /** Gets a reference to the `Anthropic` client instance. */
   private API::Node classRef() { result = API::moduleImport("@anthropic-ai/sdk").getInstance() }
diff --git a/javascript/ql/lib/semmle/javascript/frameworks/GoogleGenAI.qll b/javascript/ql/lib/semmle/javascript/frameworks/GoogleGenAI.qll
index aed244d6a86..d6ba220b31d 100644
--- a/javascript/ql/lib/semmle/javascript/frameworks/GoogleGenAI.qll
+++ b/javascript/ql/lib/semmle/javascript/frameworks/GoogleGenAI.qll
@@ -11,6 +11,7 @@
 
 private import javascript
 
+/** Provides classes modeling prompt-injection sources of the `@google/genai` package. */
 module GoogleGenAI {
   /** Gets a reference to the `GoogleGenAI` client instance. */
   private API::Node clientRef() {
diff --git a/javascript/ql/lib/semmle/javascript/frameworks/OpenAI.qll b/javascript/ql/lib/semmle/javascript/frameworks/OpenAI.qll
index 999fae24b79..a0a5ab69b08 100644
--- a/javascript/ql/lib/semmle/javascript/frameworks/OpenAI.qll
+++ b/javascript/ql/lib/semmle/javascript/frameworks/OpenAI.qll
@@ -16,6 +16,7 @@ private predicate isSystemOrDevMessage(API::Node msg) {
   msg.getMember("role").asSink().mayHaveStringValue(["system", "developer", "assistant"])
 }
 
+/** Provides classes modeling prompt-injection sources of the `openai` and `openai-guardrails` packages. */
 module OpenAI {
   /** Gets a reference to all OpenAI client instances. */
   private API::Node allClients() {
@@ -207,6 +208,7 @@ module OpenAI {
  * unsafe agent detection that MaD cannot express.
  */
 module AgentSDK {
+  /** Gets a reference to the OpenAI Agents SDK module. */
   API::Node moduleRef() {
     result = API::moduleImport("@openai/agents")
     or