yoff e7a0fc7140 python: Add query for prompt injection ...

This pull request introduces a new CodeQL query for detecting prompt injection vulnerabilities in Python code targeting AI prompting APIs such as agents and openai. The changes includes a new experimental query, new taint flow and type models, a customizable dataflow configuration, documentation, and comprehensive test coverage.

2026-01-29 23:47:52 +01:00

..

analysis

Python: Get rid of points-to from Definitions.qll

2025-11-26 12:30:31 +00:00

change-notes

python: Add query for prompt injection

2026-01-29 23:47:52 +01:00

experimental/cryptography

Python: Fix some Ql4Ql violations.

2025-09-01 15:16:25 +02:00

ext

Python: Remove 'response' from default threat-models

2024-08-19 10:54:48 +02:00

modeling

Python: Exclude probable test files in model editor

2024-07-05 11:06:22 +02:00

semmle

python: Add query for prompt injection

2026-01-29 23:47:52 +01:00

upgrades

python: Add up/downgrade scripts

2026-01-20 11:56:16 +00:00

utils/test

Also move the postprocessing queries to the library pack.

2024-12-12 15:03:03 +01:00

BUILD.bazel

Upgrade rules_pkg to 0.10.1.

2024-04-16 16:29:56 +02:00

CHANGELOG.md

Release preparation for version 2.24.0

2026-01-19 14:49:14 +00:00

codeql-pack.release.yml

Release preparation for version 2.24.0

2026-01-19 14:49:14 +00:00

Customizations.qll

…

default.qll

…

design.md

spelling: which

2022-10-13 11:21:10 -04:00

LegacyPointsTo.qll

Python: Appease the QLDoc checker

2025-11-26 22:13:21 +00:00

printAst.ql

Python: Only include relevant YAML in printAst.ql

2025-08-25 13:54:19 +02:00

python.qll

Python: Move metrics-related API to LegacyPointsTo module

2025-11-26 17:06:55 +00:00

qlpack.lock.yml

…

qlpack.yml

Post-release preparation for codeql-cli-2.24.0

2026-01-19 15:49:08 +00:00

semmlecode.python.dbscheme

python: Regenerate dbscheme

2026-01-20 11:56:15 +00:00

semmlecode.python.dbscheme.stats

Python: Add stats

2025-12-16 23:57:58 +01:00

site.qll

…