feat: add detection patterns from original CVE-2025-55182 PoC

[alokemajumder]

Summary

• Add 4 new detection patterns based on Lachlan Davidson's original PoC
• Update README acknowledgments with link to original PoC repository

New Detection Patterns

Pattern	Description
chunk_reference	Detects $@ Chunk object reference notation
formdata_gadget	Detects _formData gadget chain access
constructor_chain	Detects constructor:constructor traversal
setprototypeof_access	Detects setPrototypeOf manipulation

Test plan

• All 122 tests pass
• New patterns verified manually
• Build succeeds

Summary by CodeRabbit

• Documentation

  • Updated README acknowledgments section with streamlined and refined contributor information and references.

• New Features

  • Enhanced threat detection with four additional exploit pattern types for improved recognition of security threats.
  • Expanded system detection capabilities to identify new attack vectors and strengthen protection measures.

_{✏️ Tip: You can customize this high-level summary in your review settings.}

[coderabbitai]

Caution

Review failed

The pull request is closed.

Walkthrough

Documentation text in the README.md Acknowledgments section is shortened. Four new exploit detection patterns (chunk_reference, formdata_gadget, constructor_chain, setprototypeof_access) are added to the EXPLOIT_PATTERNS array in src/middleware/detector.ts, expanding security detection capability without altering existing control flow.

Changes

Cohort / File(s)	Summary
Documentation Updates README.md	Acknowledgments section text shortened; Lachlan Davidson bullet description condensed with added reference link to original PoC.
Security Pattern Enhancements src/middleware/detector.ts	Four new high-severity exploit patterns added to EXPLOIT_PATTERNS: chunk_reference (RSC Chunk object reference access), formdata_gadget (FormData gadget chain access), constructor_chain (Constructor chain traversal), and setprototypeof_access (setPrototypeOf manipulation). Existing detection logic preserved.

Estimated code review effort

🎯 2 (Simple) | ⏱️ ~12 minutes

• Verify new exploit patterns are correctly defined and appropriate for high-severity classification
• Confirm regex/pattern matching logic aligns with intended exploit detection
• Check consistency of severity levels and descriptions across new entries

Possibly related PRs

• feat: add enhanced exploit detection patterns for CVE-2025-55182 #1 — Also modifies the EXPLOIT_PATTERNS array in detector.ts to add new exploit-detection entries for enhanced security coverage.

Poem

🐰 Four new guards now stand so tall,
Protecting against exploit's call,
Chunk and gadget, prototype's dance,
Security patterns take their stance!
hoppy hops ✨

✨ Finishing touches

• 📝 Generate docstrings

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Post copyable unit tests in a comment
• Commit unit tests in branch feat/original-poc-detection-patterns

---

📜 Recent review details

Configuration used: CodeRabbit UI

Review profile: CHILL

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 9f33967 and 8a1c79e.

📒 Files selected for processing (2)

• README.md (1 hunks)
• src/middleware/detector.ts (1 hunks)

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}