# Multi-File / Cross-File Vulnerability Tracing

**Taint analysis** is a way to find security risks in code by following how data moves through a program. It starts with “tainted” input that comes from outside the system, like a web request or user form. The analysis then traces where that data goes to see if it reaches sensitive parts of the code, such as database queries or system commands, without being checked or cleaned first. If the data could be misused along the way, Aikido flags it as a possible vulnerability. Taint analysis helps developers see how untrusted input can travel through their software and cause real-world security issues if not properly handled.

Aikido tracks the flow of untrusted code and flags it when it reaches a dangerous sink (for example, SQL or command execution). We support taint analysis both within a file and across files, as input accepted in one place can be linked to a risky operation in another.

On top of data flow, Aikido also checks [reachability](https://help.aikido.dev/getting-started/reachability-analysis/reachability-engine-to-remove-false-positives) so you don’t get pinged for issues that can’t actually execute in your app (for example, a vulnerable function you don’t call, or code that only runs in tests). This is part of how we keep noise down.

### Taint tracing in Aikido

When a vulnerability is discovered, Aikido will trace it through the relevant function calls. When you open a security issue, select **View code analysis** to get a detailed look at the source of the vulnerability as well as a call graph illustrating the execution flow.

<figure><img src="https://3149773201-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FyKbzcQGrx7UtrG0nPZZ7%2Fuploads%2F1evMw2Ooel7jRGz2MKXi%2Ftaint_analysis.gif?alt=media&#x26;token=fb1363b2-c82d-4c23-933a-b661cc932c6b" alt=""><figcaption></figcaption></figure>

### Where multi-file taint analysis is available

Aikido currently supports cross-file taint tracking for the following languages:

* JavaScript
* TypeScript
* PHP
* .NET/C#
* Java
* Rust
* Go
* Ruby
* Python

Other languages currently support intra-file taint analysis:

* C/C++
* Swift
* Android
* Scala
* Kotlin
* Dart
* Elixir


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://help.aikido.dev/code-scanning/scanning-practices/multifile-vulnerability-tracing.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.