Problem
ci-ai-llm-output-dangerous-html detects intrafile model or user-controlled values passed directly to dangerouslySetInnerHTML, but it intentionally does not trace a tainted value through React component props.
This creates a documented false negative such as:
function Preview({ html }: { html: string }) {
return <div dangerouslySetInnerHTML={{ __html: html }} />;
}
const answer = await generateText(...);
return <Preview html={answer.text} />;
Scope
Add a narrow, intrafile component-prop flow for this rule. Do not attempt general cross-file or whole-program taint analysis.
Acceptance criteria
- Add frozen true-positive and near-miss fixtures before changing the analyzer.
- Detect a model-output prop and a user-controlled prop reaching
__html in the same file.
- Stay silent when the prop is sanitized before the sink.
- Stay silent for ordinary text rendering and trusted literal props.
- Preserve the existing one-finding-per-sink behavior and rule ID.
- Document the exact supported boundary and remaining false negatives.
npm run build && npm test && npm run eval pass.
Problem
ci-ai-llm-output-dangerous-htmldetects intrafile model or user-controlled values passed directly todangerouslySetInnerHTML, but it intentionally does not trace a tainted value through React component props.This creates a documented false negative such as:
Scope
Add a narrow, intrafile component-prop flow for this rule. Do not attempt general cross-file or whole-program taint analysis.
Acceptance criteria
__htmlin the same file.npm run build && npm test && npm run evalpass.