Node.jsScan: A semantic aware static code analysis tool for Node.js applications

A quick summary of what exactly this scans for at the top of the README would be nice.<p>From the screenshots at the bottom, it looks like mainly SQL injection and outdated dependencies?

<a href="https:&#x2F;&#x2F;github.com&#x2F;ajinabraham&#x2F;njsscan&#x2F;blob&#x2F;master&#x2F;njsscan&#x2F;rules&#x2F;semantic_grep&#x2F;crypto_node.yaml#L5" rel="nofollow">https:&#x2F;&#x2F;github.com&#x2F;ajinabraham&#x2F;njsscan&#x2F;blob&#x2F;master&#x2F;njsscan&#x2F;r...</a><p>Does this mean that if I use single quotes or add whitespace inside the parentheses the vulnerability will not be detected?

Static analysis software is quite valuable if you can successfully sell it.<p><a href="https:&#x2F;&#x2F;github.blog&#x2F;2019-09-18-github-welcomes-semmle&#x2F;" rel="nofollow">https:&#x2F;&#x2F;github.blog&#x2F;2019-09-18-github-welcomes-semmle&#x2F;</a>