diff --git a/missing-csrf.rb b/missing-csrf.rb
new file mode 100644
index 0000000..c3fd0a4
--- /dev/null
+++ b/missing-csrf.rb
@@ -0,0 +1,24 @@
+# ruleid:missing-csrf-protection
+class DangerousController < ActionController::Base
+
+  puts "do more stuff"
+
+end
+
+# ok:missing-csrf-protection
+class OkController < ActionController::Base
+
+  protect_from_forgery :with => :exception
+
+  puts "do more stuff"
+
+end
+
+# ok:missing-csrf-protection
+class OkController < ActionController::Base
+
+  protect_from_forgery prepend: true, with: :exception
+
+  puts "do more stuff"
+
+end