Documentation
¶
Index ¶
Constants ¶
This section is empty.
Variables ¶
View Source
var Analyzer = &analysis.Analyzer{ Name: "llmreview", Requires: []*analysis.Analyzer{sourcecode.Analyzer}, Run: run, Rules: []*analysis.Rule{llmIssueFound}, ReadmeInfo: analysis.ReadmeInfo{ Name: "LLM Review", Description: "Runs the code through Gemini LLM to check for security issues or disallowed usage.", Dependencies: "Gemini API key", }, }
View Source
var Questions = []llmvalidate.LLMQuestion{ { Question: "Only for go/golang code: Does this code directly read from or write to the file system? (Look for uses of os.Open, os.Create, ioutil.ReadFile, ioutil.WriteFile, etc.). Provide the specific code snippet if found.", ExpectedAnswer: false, }, { Question: "Does this code execute user input as code in a browser environment? (Look for eval(), new Function(), document.write() with unescaped content, innerHTML with script tags, etc.). Provide the specific code snippet if found.", ExpectedAnswer: false, }, { Question: "Only for go/golang code: Does this code execute user input as commands or code in the backend? (Look for exec.Command, syscall.Exec, template.Execute with user data, etc.). Provide the specific code snippet if found.", ExpectedAnswer: false, }, { Question: "Does this code introduce third-party analytics or tracking features? (Grafana's reportInteraction from @grafana/runtime is allowed, but external services like Google Analytics, Mixpanel, etc. are not). Provide the specific code snippet if found.", ExpectedAnswer: false, }, { Question: "Does this code modify or create properties on the global window object? (Look for direct assignments like window.customVariable = x, window.functionName = function(){}, or adding undeclared variables in global scope). Exclude standard browser API usage. Provide the specific code snippet if found.", ExpectedAnswer: false, }, { Question: "Does this code introduce global CSS not scoped to components? (Emotion CSS and CSS modules are allowed, but look for direct style tags, global class definitions, or modification of document.styleSheets). Provide the specific code snippet if found.", ExpectedAnswer: false, }, { Question: "Does this code dynamically inject external third-party scripts? (Look for createElement('script'), setting src attributes to external domains, document.write with script tags, or dynamic import() from external sources). Provide the specific code snippet with the external URL if found.", ExpectedAnswer: false, }, { Question: "Only for go/golang code: Are there any opened resources that are NOT properly closed? (Check for files, network connections, etc. that lack proper closure with defer, in finally blocks, or using 'with' statements). Identify any improperly closed resources with a code snippet. If there is no backend code reply negatively", ExpectedAnswer: false, }, { Question: "Does this code use global DOM selectors outside of component lifecycle methods? (Look for direct usage of document.querySelector(), document.getElementById(), document.getElementsByClassName(), etc. that aren't scoped to specific components or that bypass React refs). Component-scoped element access like useRef() or this.elementRef is acceptable. Provide the specific code snippet showing the global access if found.", ExpectedAnswer: false, }, }
Functions ¶
This section is empty.
Types ¶
This section is empty.
Source Files
Click to show internal directories.
Click to hide internal directories.