Skip to content

Configuration: Unsafe Function Use¶

Identifier: unsafe_function_use

Scanner(s) Support¶

GraphQL Scanner	REST Scanner	WebApp Scanner	ASM Scanner

Description¶

Unsafe function use occurs when developers incorporate functions that don't properly manage user input or system resources, potentially enabling SQL injection, cross-site scripting, or remote code execution attacks.

How we test: We analyze frontend code and API implementations to detect if unsafe functions are being used that don't properly validate or sanitize user input. We check for known vulnerable function patterns and verify if safer alternatives are being used.

Configuration¶

Example¶

Example configuration:

---
security_tests:
  unsafe_function_use:
    skip: false

Reference¶

`skip`¶

Type : boolean

Skip the test if true.