Skip to content

Detect tainted component props reaching dangerouslySetInnerHTML #1

Description

@Synvoya

Problem

ci-ai-llm-output-dangerous-html detects intrafile model or user-controlled values passed directly to dangerouslySetInnerHTML, but it intentionally does not trace a tainted value through React component props.

This creates a documented false negative such as:

function Preview({ html }: { html: string }) {
  return <div dangerouslySetInnerHTML={{ __html: html }} />;
}

const answer = await generateText(...);
return <Preview html={answer.text} />;

Scope

Add a narrow, intrafile component-prop flow for this rule. Do not attempt general cross-file or whole-program taint analysis.

Acceptance criteria

  • Add frozen true-positive and near-miss fixtures before changing the analyzer.
  • Detect a model-output prop and a user-controlled prop reaching __html in the same file.
  • Stay silent when the prop is sanitized before the sink.
  • Stay silent for ordinary text rendering and trusted literal props.
  • Preserve the existing one-finding-per-sink behavior and rule ID.
  • Document the exact supported boundary and remaining false negatives.
  • npm run build && npm test && npm run eval pass.

Metadata

Metadata

Assignees

No one assigned

    Labels

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions