Skip to content

devopsabcs-engineering/apm-demo-app-004

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

1 Commit
.github
.github
 
 
infra
infra
 
 
src
src
 
 
target/classes/com/example/apmdemo
target/classes/com/example/apmdemo
 
 
Dockerfile
Dockerfile
 
 
README.md
README.md
 
 
apm.yml
apm.yml
 
 
mcp.json
mcp.json
 
 
pom.xml
pom.xml
 
 

Repository files navigation

APM Demo App 004 — Java Spring Boot + Copilot Skills

Semantic pattern demo targeting Engine 3: Semantic Pattern Scanner — shell injection and prompt overrides.

This app contains 17 intentional violations focused on shell command injection patterns and system prompt override phrases in SKILL.md and agent configs.

Violations

# Type File Rule ID
1-5 Shell command injection src/agents/build-helper.agent.md APM-SEC-003
6-8 System prompt overrides src/agents/build-helper.agent.md APM-SEC-004
9-11 Shell injection .github/copilot-instructions.md APM-SEC-003
12-14 Base64 payloads src/agents/build-helper.agent.md APM-SEC-001
15-16 Secrets .github/copilot-instructions.md APM-SEC-006
17 Missing CODEOWNERS APM-SEC-008

Run Locally

docker build -t apm-demo-app-004 .
docker run -p 8080:8080 apm-demo-app-004

Open http://localhost:8080 in your browser.

About

APM Security Demo App 004 — Spring Boot with shell injection violations

Topics

supply-chain demo-app sarif agent-security owasp-llm agentic-accelerator apm-security

Resources

Readme
Activity
Custom properties

Stars

0 stars

Watchers

0 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

 
 
 

Contributors

Languages