mix metastatic.taint_check (Metastatic v0.21.2)

View Source

Performs taint analysis to track data flow from untrusted sources to sensitive operations.

Usage

mix metastatic.taint_check FILE [options]

Options

  • --format - Output format: text (default) or json
  • --language - Source language: python, elixir, erlang, ruby, or haskell (auto-detected if not specified)

Examples

# Check for taint vulnerabilities
mix metastatic.taint_check my_file.py

# JSON output
mix metastatic.taint_check my_file.ex --format json

Detected Vulnerabilities

  • Code injection (eval, exec with untrusted input)
  • Command injection (system, shell commands with user data)
  • SQL injection patterns
  • Path traversal vulnerabilities

Exit Codes

  • 0 - No taint flows detected
  • 1 - Taint vulnerabilities found
  • 2 - Error during analysis