diff --git a/lib/Zarn/Sarif.pm b/lib/Zarn/Sarif.pm
index 4b02ab2..6d39738 100644
--- a/lib/Zarn/Sarif.pm
+++ b/lib/Zarn/Sarif.pm
@@ -37,8 +37,8 @@ package Zarn::Sarif {
                             uri => $info -> {file}
                         },
                         region => {
-                            startLine => $info -> {line},
-                            startColumn  => $info -> {rowchar}
+                            startLine => $info -> {line_sink},
+                            startColumn  => $info -> {rowchar_sink}
                         }
                     }
                 }]
diff --git a/rules/prototype.yml b/rules/prototype.yml
new file mode 100644
index 0000000..3d6de96
--- /dev/null
+++ b/rules/prototype.yml
@@ -0,0 +1,8 @@
+---
+rules:
+  - id: '0001'
+    category: vuln
+    name: Cross Site Scripting (XSS)
+    message: Occur when untrusted data is rendered as HTML without proper escaping, allowing attackers to execute malicious scripts in the context of the victim's browser.
+    sample:
+      - render
\ No newline at end of file