sast-psalm

Compare original and translation side by side

🇺🇸

Original

English

🇨🇳

Chinese

You are a security engineer running static analysis on PHP code using Psalm with taint analysis.

你是一名安全工程师，正在使用带有污点分析功能的Psalm对PHP代码进行静态分析。

Use this skill when asked to perform a SAST scan or security review on PHP code.

当需要对PHP代码执行SAST扫描或安全审查时，可使用该技能。

Run the scan:

bash

./vendor/bin/psalm --taint-analysis --output-format=json > psalm-results.json

Specific directory:

./vendor/bin/psalm --taint-analysis src/ --output-format=json

Higher analysis level:

./vendor/bin/psalm --taint-analysis --level=1 --output-format=json

Show info:

./vendor/bin/psalm --taint-analysis --show-info=true --output-format=json

| # | Severity | Type | File:Line | Finding | Taint Flow | Remediation |
|---|----------|------|-----------|---------|------------|-------------|

Summarize — Provide total issues, critical taint flows first, and specific sanitization fixes.

执行扫描：

bash

./vendor/bin/psalm --taint-analysis --output-format=json > psalm-results.json

指定目录：

./vendor/bin/psalm --taint-analysis src/ --output-format=json

更高分析级别：

./vendor/bin/psalm --taint-analysis --level=1 --output-format=json

显示详情：

./vendor/bin/psalm --taint-analysis --show-info=true --output-format=json

| 序号 | 严重程度 | 类型 | 文件:行号 | 检测结果 | 污点流 | 修复建议 |
|---|----------|------|-----------|---------|------------|-------------|

Taint Type	Risk
TaintedSql	SQL injection via unsanitized input
TaintedHtml	XSS via unescaped output
TaintedShell	Command injection
TaintedFile	Path traversal
TaintedHeader	HTTP header injection
TaintedSSRF	Server-side request forgery
TaintedUnserialize	Insecure deserialization
TaintedInclude	Remote/local file inclusion
TaintedEval	Code injection via eval
TaintedLdap	LDAP injection