Add docs for CWE team

[pulorsok]

Quark CWE team

The Quark CWE team is responsible for developing Quark Scripts to detect Common Weakness Enumeration (CWE) vulnerabilities in APKs. We also maintain the Quark Script documentation, API, and repository. Our goal is to make the Quark Script development process as straightforward as possible while maintaining accuracy and reliability. We focus on creating clear and concise documentation and well-designed APIs that are easy to use. In addition, we ensure that all of our work is easy to read and follows proper grammar and usage.

Responsibilities

Our responsibilities include:

• Developing Quark Scripts through a five-step process:
  1. Choosing a CWE number and clearly explaining the vulnerability definition.
  2. Finding an APK sample and explaining the vulnerable code.
  3. Designing the detection process step by step.
  4. Defining a new Quark Script API (including description, input, and output) if necessary.
  5. Developing the Quark Script in a clear and easy-to-use manner.
• Managing the Quark Script repository by:
  • Updating the repository with new Quark Scripts.
  • Updating the documentation for Quark Scripts.
• Maintaining the Quark Script API by:
  • Developing test units for each Quark Script API.
  • Reviewing and modifying the description, input, and output for each API.

Review Process

Here is the CWE Quark Script review process:

Change Files

Here are the change files while developing CWE Quark Script.

- quark-engine/quark/script/*
- quark-engine/docs/source/quark_script.rst
- quark-engine/tests/script/*
- quark-engine/README.md
- quark-scripts/README.md
- quark-scripts/*

[codecov-commenter]

Codecov Report

Patch and project coverage have no change.

Comparison is base (1079420) 79.19% compared to head (96c7003) 79.19%.

❗ Your organization is not using the GitHub App Integration. As a result you may experience degraded service beginning May 15th. Please install the Github App Integration for your organization. Read more.

Additional details and impacted files

@@           Coverage Diff           @@
##           master     #442   +/-   ##
=======================================
  Coverage   79.19%   79.19%           
=======================================
  Files          63       63           
  Lines        4960     4960           
=======================================
  Hits         3928     3928           
  Misses       1032     1032           

Flag	Coverage Δ
unittests	79.19% <ø> (ø)

Flags with carried forward coverage won't be shown. Click here to find out more.

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

[zinwang]

@18z Please review the document for CWE Team. Thank You!