Synapse.Domains.CodeReview.Actions.CheckXSS (Synapse v0.1.1)

View Source

Detects potential XSS (Cross-Site Scripting) vulnerabilities in code diffs.

Analyzes diffs for patterns indicating XSS risks:

  • Use of raw/1 function in templates
  • Unescaped user input rendering
  • Dangerous HTML attributes
  • innerHTML assignments

Returns findings with severity ratings and remediation recommendations.

Summary

Functions

category()
description()
name()
on_after_run(result)

Callback implementation for Jido.Action.on_after_run/1.

on_after_validate_output(output)

Callback implementation for Jido.Action.on_after_validate_output/1.

on_after_validate_params(params)

Callback implementation for Jido.Action.on_after_validate_params/1.

on_before_validate_output(output)

Callback implementation for Jido.Action.on_before_validate_output/1.

on_before_validate_params(params)

Callback implementation for Jido.Action.on_before_validate_params/1.

on_error(failed_params, error, context, opts)

Callback implementation for Jido.Action.on_error/4.

output_schema()
run(params, context)

Executes the Action with the given parameters and context.

schema()
tags()
to_json()
to_tool()
validate_output(output)

Validates the output result for the Action.

validate_params(params)

Validates the input parameters for the Action.

vsn()

Functions

category()

description()

name()

on_after_run(result)

Callback implementation for Jido.Action.on_after_run/1.

on_after_validate_output(output)

Callback implementation for Jido.Action.on_after_validate_output/1.

on_after_validate_params(params)

Callback implementation for Jido.Action.on_after_validate_params/1.

on_before_validate_output(output)

Callback implementation for Jido.Action.on_before_validate_output/1.

on_before_validate_params(params)

Callback implementation for Jido.Action.on_before_validate_params/1.

on_error(failed_params, error, context, opts)

Callback implementation for Jido.Action.on_error/4.

output_schema()

run(params, context)

@spec run(map(), map()) :: {:ok, map()} | {:error, any()}

Executes the Action with the given parameters and context.

The run/2 function must be implemented in the module using Jido.Action.

schema()

tags()

to_json()

to_tool()

validate_output(output)

@spec validate_output(map()) :: {:ok, map()} | {:error, String.t()}

Validates the output result for the Action.

Examples

iex> defmodule ExampleAction do
...>   use Jido.Action,
...>     name: "example_action",
...>     output_schema: [
...>       result: [type: :string, required: true]
...>     ]
...> end
...> ExampleAction.validate_output(%{result: "test", extra: "ignored"})
{:ok, %{result: "test", extra: "ignored"}}

iex> ExampleAction.validate_output(%{extra: "ignored"})
{:error, "Invalid output for Action: Required key :result not found"}

validate_params(params)

@spec validate_params(map()) :: {:ok, map()} | {:error, String.t()}

Validates the input parameters for the Action.

Examples

iex> defmodule ExampleAction do
...>   use Jido.Action,
...>     name: "example_action",
...>     schema: [
...>       input: [type: :string, required: true]
...>     ]
...> end
...> ExampleAction.validate_params(%{input: "test"})
{:ok, %{input: "test"}}

iex> ExampleAction.validate_params(%{})
{:error, "Invalid parameters for Action: Required key :input not found"}

vsn()