@agentsid/scanner 0.1.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +205 -0
- package/action/action.yml +42 -0
- package/action/index.mjs +179 -0
- package/docs/state-of-agent-security-2026.md +377 -0
- package/examples/security-scan.yml +57 -0
- package/package.json +37 -0
- package/reports/aashari-mcp-server-atlassian-confluence.json +110 -0
- package/reports/aashari-mcp-server-atlassian-jira.json +138 -0
- package/reports/aashari-mcp-server-aws-sso.json +122 -0
- package/reports/agentdeskai-browser-tools-mcp.json +361 -0
- package/reports/ahmetkca-mcp-server-postgres.json +43 -0
- package/reports/aiondadotcom-mcp-ssh.json +166 -0
- package/reports/apify-actors-mcp-server.json +43 -0
- package/reports/azure-mcp.json +43 -0
- package/reports/boilerplate-mcp-tool.json +43 -0
- package/reports/browserstack-mcp-server.json +43 -0
- package/reports/canvas-mcp-server.json +43 -0
- package/reports/canvas-mcp-tool.json +43 -0
- package/reports/chrome-devtools-mcp.json +300 -0
- package/reports/chrome-local-mcp.json +222 -0
- package/reports/claude-flow-mcp.json +43 -0
- package/reports/cloudflare-mcp-server.json +43 -0
- package/reports/code-canvas-server.json +43 -0
- package/reports/cognitionai-metabase-mcp-server.json +43 -0
- package/reports/composio-mcp.json +43 -0
- package/reports/contentful-mcp-server.json +43 -0
- package/reports/dbhub.json +43 -0
- package/reports/desktop-commander.json +43 -0
- package/reports/dynatrace-oss-dynatrace-mcp-server.json +43 -0
- package/reports/e2b-mcp-server.json +67 -0
- package/reports/eslint-mcp.json +51 -0
- package/reports/european-parliament-mcp-server.json +1467 -0
- package/reports/exa-mcp-server.json +74 -0
- package/reports/executeautomation-playwright-mcp-server.json +418 -0
- package/reports/fast-kit-spec-kit.json +43 -0
- package/reports/felores-airtable-mcp-server.json +43 -0
- package/reports/figma-mcp.json +103 -0
- package/reports/forestadmin-mcp-server.json +43 -0
- package/reports/fullrun-mcp.json +43 -0
- package/reports/gemini-mcp-tool.json +43 -0
- package/reports/gitlab-mcp-agent-server.json +186 -0
- package/reports/grackle-ai-mcp.json +43 -0
- package/reports/heroku-mcp-server.json +333 -0
- package/reports/hisma-server-puppeteer.json +93 -0
- package/reports/hubspot-mcp-server.json +43 -0
- package/reports/hyper-mcp-shell.json +59 -0
- package/reports/iflow-mcp-server-github.json +327 -0
- package/reports/jpisnice-shadcn-ui-mcp-server.json +149 -0
- package/reports/jsonresume-mcp.json +43 -0
- package/reports/mapbox-mcp-server.json +43 -0
- package/reports/mcp-framework.json +43 -0
- package/reports/mcp-from-openapi.json +43 -0
- package/reports/mcp-handler.json +43 -0
- package/reports/mcp-proxy.json +43 -0
- package/reports/mcp-server-docker.json +59 -0
- package/reports/mcp-server-github-gist.json +108 -0
- package/reports/mcp-server-google-calendar.json +43 -0
- package/reports/mcp-server-jira-cloud.json +43 -0
- package/reports/mcp-server-kubernetes.json +43 -0
- package/reports/mcp-server-slack.json +411 -0
- package/reports/mcp-server-sqlite-npx.json +43 -0
- package/reports/mcp-server.json +43 -0
- package/reports/mcp-starter.json +59 -0
- package/reports/mcp-tool-lint.json +43 -0
- package/reports/mcporter.json +43 -0
- package/reports/mcptoolshop-mcp-tool-registry.json +43 -0
- package/reports/microsoft-devbox-mcp.json +43 -0
- package/reports/mobilenext-mobile-mcp.json +214 -0
- package/reports/modelcontextprotocol-server-brave-search.json +43 -0
- package/reports/modelcontextprotocol-server-everything.json +165 -0
- package/reports/modelcontextprotocol-server-fetch.json +43 -0
- package/reports/modelcontextprotocol-server-filesystem.json +259 -0
- package/reports/modelcontextprotocol-server-github.json +391 -0
- package/reports/modelcontextprotocol-server-memory.json +117 -0
- package/reports/modelcontextprotocol-server-postgres.json +43 -0
- package/reports/modelcontextprotocol-server-puppeteer.json +101 -0
- package/reports/modelcontextprotocol-server-sequential-thinking.json +67 -0
- package/reports/mongodb-mcp-server.json +43 -0
- package/reports/mseep-linear-mcp-server.json +43 -0
- package/reports/mseep-mcp-server-sqlite-npx.json +43 -0
- package/reports/n8n-mcp.json +123 -0
- package/reports/notepost-mcp.json +43 -0
- package/reports/notionhq-notion-mcp-server.json +220 -0
- package/reports/nx-mcp.json +59 -0
- package/reports/obsidian-mcp-server.json +43 -0
- package/reports/opengraph-io-mcp.json +130 -0
- package/reports/payloadcms-plugin-mcp.json +43 -0
- package/reports/peac-mappings-mcp.json +43 -0
- package/reports/playwright-mcp.json +236 -0
- package/reports/puppeteer-mcp-server.json +43 -0
- package/reports/railway-mcp-server.json +194 -0
- package/reports/razorpay-blade-mcp.json +182 -0
- package/reports/rekog-mcp-nest.json +43 -0
- package/reports/remotion-mcp.json +51 -0
- package/reports/rollbar-mcp-server.json +43 -0
- package/reports/sap-ux-fiori-mcp-server.json +80 -0
- package/reports/sentry-mcp-server.json +43 -0
- package/reports/server-filesystem.json +43 -0
- package/reports/server-memory.json +43 -0
- package/reports/shortcut-mcp.json +43 -0
- package/reports/supabase-mcp-server-supabase.json +43 -0
- package/reports/tavily-mcp.json +79 -0
- package/reports/thelord-mcp-server-docker-npx.json +43 -0
- package/reports/tyk-technologies-api-to-mcp.json +43 -0
- package/reports/tyk-technologies-tyk-dashboard-mcp.json +43 -0
- package/reports/ui5-mcp-server.json +157 -0
- package/reports/upstash-context7-mcp.json +82 -0
- package/reports/vantasdk-vanta-mcp-server.json +43 -0
- package/reports/winor30-mcp-server-datadog.json +43 -0
- package/reports/wonderwhy-er-desktop-commander.json +43 -0
- package/reports/xzxzzx-bilibili-mcp.json +58 -0
- package/src/grader.mjs +66 -0
- package/src/index.mjs +108 -0
- package/src/reporter.mjs +158 -0
- package/src/rules.mjs +363 -0
- package/src/scanner.mjs +208 -0
|
@@ -0,0 +1,157 @@
|
|
|
1
|
+
{
|
|
2
|
+
"scanner": {
|
|
3
|
+
"name": "agentsid-scanner",
|
|
4
|
+
"version": "0.1.0"
|
|
5
|
+
},
|
|
6
|
+
"scannedAt": "2026-03-29T18:03:31.448Z",
|
|
7
|
+
"server": {
|
|
8
|
+
"name": "UI5",
|
|
9
|
+
"version": "0.2.9"
|
|
10
|
+
},
|
|
11
|
+
"toolCount": 10,
|
|
12
|
+
"grade": {
|
|
13
|
+
"overall": "F",
|
|
14
|
+
"score": 0,
|
|
15
|
+
"categories": {
|
|
16
|
+
"permissions": "F",
|
|
17
|
+
"validation": "F",
|
|
18
|
+
"auth": "B"
|
|
19
|
+
}
|
|
20
|
+
},
|
|
21
|
+
"summary": {
|
|
22
|
+
"CRITICAL": 2,
|
|
23
|
+
"HIGH": 1,
|
|
24
|
+
"MEDIUM": 11,
|
|
25
|
+
"LOW": 3,
|
|
26
|
+
"INFO": 0
|
|
27
|
+
},
|
|
28
|
+
"riskProfile": {
|
|
29
|
+
"read_only": 6,
|
|
30
|
+
"mutation": 2,
|
|
31
|
+
"destructive": 0,
|
|
32
|
+
"execution": 2,
|
|
33
|
+
"privilege": 0,
|
|
34
|
+
"financial": 0
|
|
35
|
+
},
|
|
36
|
+
"findings": [
|
|
37
|
+
{
|
|
38
|
+
"category": "permissions",
|
|
39
|
+
"severity": "CRITICAL",
|
|
40
|
+
"tool": "run_ui5_linter",
|
|
41
|
+
"rule": "dangerous_tool_execution",
|
|
42
|
+
"detail": "Tool \"run_ui5_linter\" classified as execution — requires permission controls"
|
|
43
|
+
},
|
|
44
|
+
{
|
|
45
|
+
"category": "permissions",
|
|
46
|
+
"severity": "MEDIUM",
|
|
47
|
+
"tool": "create_ui5_app",
|
|
48
|
+
"rule": "dangerous_tool_mutation",
|
|
49
|
+
"detail": "Tool \"create_ui5_app\" classified as mutation — requires permission controls"
|
|
50
|
+
},
|
|
51
|
+
{
|
|
52
|
+
"category": "permissions",
|
|
53
|
+
"severity": "MEDIUM",
|
|
54
|
+
"tool": "create_integration_card",
|
|
55
|
+
"rule": "dangerous_tool_mutation",
|
|
56
|
+
"detail": "Tool \"create_integration_card\" classified as mutation — requires permission controls"
|
|
57
|
+
},
|
|
58
|
+
{
|
|
59
|
+
"category": "permissions",
|
|
60
|
+
"severity": "CRITICAL",
|
|
61
|
+
"tool": "run_manifest_validation",
|
|
62
|
+
"rule": "dangerous_tool_execution",
|
|
63
|
+
"detail": "Tool \"run_manifest_validation\" classified as execution — requires permission controls"
|
|
64
|
+
},
|
|
65
|
+
{
|
|
66
|
+
"category": "validation",
|
|
67
|
+
"severity": "MEDIUM",
|
|
68
|
+
"tool": "get_guidelines",
|
|
69
|
+
"rule": "empty_schema",
|
|
70
|
+
"detail": "Schema defined but no properties specified in tool \"get_guidelines\""
|
|
71
|
+
},
|
|
72
|
+
{
|
|
73
|
+
"category": "validation",
|
|
74
|
+
"severity": "LOW",
|
|
75
|
+
"tool": "get_guidelines",
|
|
76
|
+
"rule": "no_required_fields",
|
|
77
|
+
"detail": "No required fields — all input is optional in tool \"get_guidelines\""
|
|
78
|
+
},
|
|
79
|
+
{
|
|
80
|
+
"category": "validation",
|
|
81
|
+
"severity": "MEDIUM",
|
|
82
|
+
"tool": "run_ui5_linter",
|
|
83
|
+
"rule": "unbounded_strings",
|
|
84
|
+
"detail": "String parameters without length limits or pattern validation in tool \"run_ui5_linter\""
|
|
85
|
+
},
|
|
86
|
+
{
|
|
87
|
+
"category": "validation",
|
|
88
|
+
"severity": "MEDIUM",
|
|
89
|
+
"tool": "get_api_reference",
|
|
90
|
+
"rule": "unbounded_strings",
|
|
91
|
+
"detail": "String parameters without length limits or pattern validation in tool \"get_api_reference\""
|
|
92
|
+
},
|
|
93
|
+
{
|
|
94
|
+
"category": "validation",
|
|
95
|
+
"severity": "MEDIUM",
|
|
96
|
+
"tool": "get_project_info",
|
|
97
|
+
"rule": "unbounded_strings",
|
|
98
|
+
"detail": "String parameters without length limits or pattern validation in tool \"get_project_info\""
|
|
99
|
+
},
|
|
100
|
+
{
|
|
101
|
+
"category": "validation",
|
|
102
|
+
"severity": "MEDIUM",
|
|
103
|
+
"tool": "create_ui5_app",
|
|
104
|
+
"rule": "unbounded_strings",
|
|
105
|
+
"detail": "String parameters without length limits or pattern validation in tool \"create_ui5_app\""
|
|
106
|
+
},
|
|
107
|
+
{
|
|
108
|
+
"category": "validation",
|
|
109
|
+
"severity": "MEDIUM",
|
|
110
|
+
"tool": "get_integration_cards_guidelines",
|
|
111
|
+
"rule": "empty_schema",
|
|
112
|
+
"detail": "Schema defined but no properties specified in tool \"get_integration_cards_guidelines\""
|
|
113
|
+
},
|
|
114
|
+
{
|
|
115
|
+
"category": "validation",
|
|
116
|
+
"severity": "LOW",
|
|
117
|
+
"tool": "get_integration_cards_guidelines",
|
|
118
|
+
"rule": "no_required_fields",
|
|
119
|
+
"detail": "No required fields — all input is optional in tool \"get_integration_cards_guidelines\""
|
|
120
|
+
},
|
|
121
|
+
{
|
|
122
|
+
"category": "validation",
|
|
123
|
+
"severity": "MEDIUM",
|
|
124
|
+
"tool": "create_integration_card",
|
|
125
|
+
"rule": "unbounded_strings",
|
|
126
|
+
"detail": "String parameters without length limits or pattern validation in tool \"create_integration_card\""
|
|
127
|
+
},
|
|
128
|
+
{
|
|
129
|
+
"category": "validation",
|
|
130
|
+
"severity": "MEDIUM",
|
|
131
|
+
"tool": "run_manifest_validation",
|
|
132
|
+
"rule": "unbounded_strings",
|
|
133
|
+
"detail": "String parameters without length limits or pattern validation in tool \"run_manifest_validation\""
|
|
134
|
+
},
|
|
135
|
+
{
|
|
136
|
+
"category": "validation",
|
|
137
|
+
"severity": "MEDIUM",
|
|
138
|
+
"tool": "get_typescript_conversion_guidelines",
|
|
139
|
+
"rule": "empty_schema",
|
|
140
|
+
"detail": "Schema defined but no properties specified in tool \"get_typescript_conversion_guidelines\""
|
|
141
|
+
},
|
|
142
|
+
{
|
|
143
|
+
"category": "validation",
|
|
144
|
+
"severity": "LOW",
|
|
145
|
+
"tool": "get_typescript_conversion_guidelines",
|
|
146
|
+
"rule": "no_required_fields",
|
|
147
|
+
"detail": "No required fields — all input is optional in tool \"get_typescript_conversion_guidelines\""
|
|
148
|
+
},
|
|
149
|
+
{
|
|
150
|
+
"category": "auth",
|
|
151
|
+
"severity": "HIGH",
|
|
152
|
+
"tool": "*",
|
|
153
|
+
"rule": "no_auth_tools",
|
|
154
|
+
"detail": "Server exposes no authentication-related tools — may accept unauthenticated connections"
|
|
155
|
+
}
|
|
156
|
+
]
|
|
157
|
+
}
|
|
@@ -0,0 +1,82 @@
|
|
|
1
|
+
{
|
|
2
|
+
"scanner": {
|
|
3
|
+
"name": "agentsid-scanner",
|
|
4
|
+
"version": "0.1.0"
|
|
5
|
+
},
|
|
6
|
+
"scannedAt": "2026-03-29T19:53:41.331Z",
|
|
7
|
+
"server": {
|
|
8
|
+
"name": "Context7",
|
|
9
|
+
"version": "2.1.6",
|
|
10
|
+
"websiteUrl": "https://context7.com",
|
|
11
|
+
"description": "Context7 provides up-to-date documentation and code examples for libraries and frameworks.",
|
|
12
|
+
"icons": [
|
|
13
|
+
{
|
|
14
|
+
"src": "https://context7.com/context7-icon-green.png",
|
|
15
|
+
"mimeType": "image/png"
|
|
16
|
+
}
|
|
17
|
+
]
|
|
18
|
+
},
|
|
19
|
+
"toolCount": 2,
|
|
20
|
+
"grade": {
|
|
21
|
+
"overall": "D",
|
|
22
|
+
"score": 53,
|
|
23
|
+
"categories": {
|
|
24
|
+
"injection": "A",
|
|
25
|
+
"validation": "B",
|
|
26
|
+
"auth": "B",
|
|
27
|
+
"hallucination": "A"
|
|
28
|
+
}
|
|
29
|
+
},
|
|
30
|
+
"summary": {
|
|
31
|
+
"CRITICAL": 0,
|
|
32
|
+
"HIGH": 1,
|
|
33
|
+
"MEDIUM": 4,
|
|
34
|
+
"LOW": 0,
|
|
35
|
+
"INFO": 0
|
|
36
|
+
},
|
|
37
|
+
"riskProfile": {
|
|
38
|
+
"read_only": 1,
|
|
39
|
+
"mutation": 0,
|
|
40
|
+
"destructive": 0,
|
|
41
|
+
"execution": 0,
|
|
42
|
+
"privilege": 0,
|
|
43
|
+
"financial": 0
|
|
44
|
+
},
|
|
45
|
+
"findings": [
|
|
46
|
+
{
|
|
47
|
+
"category": "injection",
|
|
48
|
+
"severity": "MEDIUM",
|
|
49
|
+
"tool": "resolve-library-id",
|
|
50
|
+
"rule": "excessive_description_length",
|
|
51
|
+
"detail": "Tool description is 2006 chars — unusually long, may contain hidden instructions"
|
|
52
|
+
},
|
|
53
|
+
{
|
|
54
|
+
"category": "validation",
|
|
55
|
+
"severity": "MEDIUM",
|
|
56
|
+
"tool": "resolve-library-id",
|
|
57
|
+
"rule": "unbounded_strings",
|
|
58
|
+
"detail": "String parameters without length limits or pattern validation in tool \"resolve-library-id\""
|
|
59
|
+
},
|
|
60
|
+
{
|
|
61
|
+
"category": "validation",
|
|
62
|
+
"severity": "MEDIUM",
|
|
63
|
+
"tool": "query-docs",
|
|
64
|
+
"rule": "unbounded_strings",
|
|
65
|
+
"detail": "String parameters without length limits or pattern validation in tool \"query-docs\""
|
|
66
|
+
},
|
|
67
|
+
{
|
|
68
|
+
"category": "auth",
|
|
69
|
+
"severity": "HIGH",
|
|
70
|
+
"tool": "*",
|
|
71
|
+
"rule": "no_auth_tools",
|
|
72
|
+
"detail": "Server exposes no authentication-related tools — may accept unauthenticated connections"
|
|
73
|
+
},
|
|
74
|
+
{
|
|
75
|
+
"category": "hallucination",
|
|
76
|
+
"severity": "MEDIUM",
|
|
77
|
+
"tool": "resolve-library-id + query-docs",
|
|
78
|
+
"rule": "conflicting_tool_descriptions",
|
|
79
|
+
"detail": "Tools \"resolve-library-id\" and \"query-docs\" have 63% description overlap. LLM may choose between them unpredictably."
|
|
80
|
+
}
|
|
81
|
+
]
|
|
82
|
+
}
|
|
@@ -0,0 +1,43 @@
|
|
|
1
|
+
{
|
|
2
|
+
"scanner": {
|
|
3
|
+
"name": "agentsid-scanner",
|
|
4
|
+
"version": "0.1.0"
|
|
5
|
+
},
|
|
6
|
+
"scannedAt": "2026-03-29T19:51:19.297Z",
|
|
7
|
+
"server": {
|
|
8
|
+
"name": "unknown",
|
|
9
|
+
"version": "?"
|
|
10
|
+
},
|
|
11
|
+
"toolCount": 0,
|
|
12
|
+
"grade": {
|
|
13
|
+
"overall": "B",
|
|
14
|
+
"score": 85,
|
|
15
|
+
"categories": {
|
|
16
|
+
"auth": "B"
|
|
17
|
+
}
|
|
18
|
+
},
|
|
19
|
+
"summary": {
|
|
20
|
+
"CRITICAL": 0,
|
|
21
|
+
"HIGH": 1,
|
|
22
|
+
"MEDIUM": 0,
|
|
23
|
+
"LOW": 0,
|
|
24
|
+
"INFO": 0
|
|
25
|
+
},
|
|
26
|
+
"riskProfile": {
|
|
27
|
+
"read_only": 0,
|
|
28
|
+
"mutation": 0,
|
|
29
|
+
"destructive": 0,
|
|
30
|
+
"execution": 0,
|
|
31
|
+
"privilege": 0,
|
|
32
|
+
"financial": 0
|
|
33
|
+
},
|
|
34
|
+
"findings": [
|
|
35
|
+
{
|
|
36
|
+
"category": "auth",
|
|
37
|
+
"severity": "HIGH",
|
|
38
|
+
"tool": "*",
|
|
39
|
+
"rule": "no_auth_tools",
|
|
40
|
+
"detail": "Server exposes no authentication-related tools — may accept unauthenticated connections"
|
|
41
|
+
}
|
|
42
|
+
]
|
|
43
|
+
}
|
|
@@ -0,0 +1,43 @@
|
|
|
1
|
+
{
|
|
2
|
+
"scanner": {
|
|
3
|
+
"name": "agentsid-scanner",
|
|
4
|
+
"version": "0.1.0"
|
|
5
|
+
},
|
|
6
|
+
"scannedAt": "2026-03-29T18:18:13.613Z",
|
|
7
|
+
"server": {
|
|
8
|
+
"name": "unknown",
|
|
9
|
+
"version": "?"
|
|
10
|
+
},
|
|
11
|
+
"toolCount": 0,
|
|
12
|
+
"grade": {
|
|
13
|
+
"overall": "B",
|
|
14
|
+
"score": 85,
|
|
15
|
+
"categories": {
|
|
16
|
+
"auth": "B"
|
|
17
|
+
}
|
|
18
|
+
},
|
|
19
|
+
"summary": {
|
|
20
|
+
"CRITICAL": 0,
|
|
21
|
+
"HIGH": 1,
|
|
22
|
+
"MEDIUM": 0,
|
|
23
|
+
"LOW": 0,
|
|
24
|
+
"INFO": 0
|
|
25
|
+
},
|
|
26
|
+
"riskProfile": {
|
|
27
|
+
"read_only": 0,
|
|
28
|
+
"mutation": 0,
|
|
29
|
+
"destructive": 0,
|
|
30
|
+
"execution": 0,
|
|
31
|
+
"privilege": 0,
|
|
32
|
+
"financial": 0
|
|
33
|
+
},
|
|
34
|
+
"findings": [
|
|
35
|
+
{
|
|
36
|
+
"category": "auth",
|
|
37
|
+
"severity": "HIGH",
|
|
38
|
+
"tool": "*",
|
|
39
|
+
"rule": "no_auth_tools",
|
|
40
|
+
"detail": "Server exposes no authentication-related tools — may accept unauthenticated connections"
|
|
41
|
+
}
|
|
42
|
+
]
|
|
43
|
+
}
|
|
@@ -0,0 +1,43 @@
|
|
|
1
|
+
{
|
|
2
|
+
"scanner": {
|
|
3
|
+
"name": "agentsid-scanner",
|
|
4
|
+
"version": "0.1.0"
|
|
5
|
+
},
|
|
6
|
+
"scannedAt": "2026-03-29T17:56:33.149Z",
|
|
7
|
+
"server": {
|
|
8
|
+
"name": "unknown",
|
|
9
|
+
"version": "?"
|
|
10
|
+
},
|
|
11
|
+
"toolCount": 0,
|
|
12
|
+
"grade": {
|
|
13
|
+
"overall": "B",
|
|
14
|
+
"score": 85,
|
|
15
|
+
"categories": {
|
|
16
|
+
"auth": "B"
|
|
17
|
+
}
|
|
18
|
+
},
|
|
19
|
+
"summary": {
|
|
20
|
+
"CRITICAL": 0,
|
|
21
|
+
"HIGH": 1,
|
|
22
|
+
"MEDIUM": 0,
|
|
23
|
+
"LOW": 0,
|
|
24
|
+
"INFO": 0
|
|
25
|
+
},
|
|
26
|
+
"riskProfile": {
|
|
27
|
+
"read_only": 0,
|
|
28
|
+
"mutation": 0,
|
|
29
|
+
"destructive": 0,
|
|
30
|
+
"execution": 0,
|
|
31
|
+
"privilege": 0,
|
|
32
|
+
"financial": 0
|
|
33
|
+
},
|
|
34
|
+
"findings": [
|
|
35
|
+
{
|
|
36
|
+
"category": "auth",
|
|
37
|
+
"severity": "HIGH",
|
|
38
|
+
"tool": "*",
|
|
39
|
+
"rule": "no_auth_tools",
|
|
40
|
+
"detail": "Server exposes no authentication-related tools — may accept unauthenticated connections"
|
|
41
|
+
}
|
|
42
|
+
]
|
|
43
|
+
}
|
|
@@ -0,0 +1,58 @@
|
|
|
1
|
+
{
|
|
2
|
+
"scanner": {
|
|
3
|
+
"name": "agentsid-scanner",
|
|
4
|
+
"version": "0.1.0"
|
|
5
|
+
},
|
|
6
|
+
"scannedAt": "2026-03-29T19:44:45.716Z",
|
|
7
|
+
"server": {
|
|
8
|
+
"name": "bilibili-mcp-server",
|
|
9
|
+
"version": "1.0.0"
|
|
10
|
+
},
|
|
11
|
+
"toolCount": 2,
|
|
12
|
+
"grade": {
|
|
13
|
+
"overall": "C",
|
|
14
|
+
"score": 69,
|
|
15
|
+
"categories": {
|
|
16
|
+
"validation": "B",
|
|
17
|
+
"auth": "B"
|
|
18
|
+
}
|
|
19
|
+
},
|
|
20
|
+
"summary": {
|
|
21
|
+
"CRITICAL": 0,
|
|
22
|
+
"HIGH": 1,
|
|
23
|
+
"MEDIUM": 2,
|
|
24
|
+
"LOW": 0,
|
|
25
|
+
"INFO": 0
|
|
26
|
+
},
|
|
27
|
+
"riskProfile": {
|
|
28
|
+
"read_only": 2,
|
|
29
|
+
"mutation": 0,
|
|
30
|
+
"destructive": 0,
|
|
31
|
+
"execution": 0,
|
|
32
|
+
"privilege": 0,
|
|
33
|
+
"financial": 0
|
|
34
|
+
},
|
|
35
|
+
"findings": [
|
|
36
|
+
{
|
|
37
|
+
"category": "validation",
|
|
38
|
+
"severity": "MEDIUM",
|
|
39
|
+
"tool": "get_video_info",
|
|
40
|
+
"rule": "unbounded_strings",
|
|
41
|
+
"detail": "String parameters without length limits or pattern validation in tool \"get_video_info\""
|
|
42
|
+
},
|
|
43
|
+
{
|
|
44
|
+
"category": "validation",
|
|
45
|
+
"severity": "MEDIUM",
|
|
46
|
+
"tool": "get_video_comments",
|
|
47
|
+
"rule": "unbounded_strings",
|
|
48
|
+
"detail": "String parameters without length limits or pattern validation in tool \"get_video_comments\""
|
|
49
|
+
},
|
|
50
|
+
{
|
|
51
|
+
"category": "auth",
|
|
52
|
+
"severity": "HIGH",
|
|
53
|
+
"tool": "*",
|
|
54
|
+
"rule": "no_auth_tools",
|
|
55
|
+
"detail": "Server exposes no authentication-related tools — may accept unauthenticated connections"
|
|
56
|
+
}
|
|
57
|
+
]
|
|
58
|
+
}
|
package/src/grader.mjs
ADDED
|
@@ -0,0 +1,66 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* Security grader — converts scan findings into letter grades.
|
|
3
|
+
*
|
|
4
|
+
* Grading methodology:
|
|
5
|
+
* - Start at 100 points
|
|
6
|
+
* - CRITICAL findings: -25 points each
|
|
7
|
+
* - HIGH findings: -15 points each
|
|
8
|
+
* - MEDIUM findings: -8 points each
|
|
9
|
+
* - LOW findings: -3 points each
|
|
10
|
+
* - INFO findings: 0 points (informational only)
|
|
11
|
+
* - Floor at 0
|
|
12
|
+
*
|
|
13
|
+
* Letter grades:
|
|
14
|
+
* A: 90-100 (excellent security posture)
|
|
15
|
+
* B: 75-89 (good, minor issues)
|
|
16
|
+
* C: 60-74 (acceptable, needs improvement)
|
|
17
|
+
* D: 40-59 (poor, significant risks)
|
|
18
|
+
* F: 0-39 (failing, critical vulnerabilities)
|
|
19
|
+
*/
|
|
20
|
+
|
|
21
|
+
const SEVERITY_DEDUCTIONS = {
|
|
22
|
+
CRITICAL: 25,
|
|
23
|
+
HIGH: 15,
|
|
24
|
+
MEDIUM: 8,
|
|
25
|
+
LOW: 3,
|
|
26
|
+
INFO: 0,
|
|
27
|
+
};
|
|
28
|
+
|
|
29
|
+
export function grade(findings) {
|
|
30
|
+
let score = 100;
|
|
31
|
+
|
|
32
|
+
const counts = { CRITICAL: 0, HIGH: 0, MEDIUM: 0, LOW: 0, INFO: 0 };
|
|
33
|
+
const categoryScores = {};
|
|
34
|
+
|
|
35
|
+
for (const finding of findings) {
|
|
36
|
+
const sev = finding.severity || "INFO";
|
|
37
|
+
counts[sev] = (counts[sev] || 0) + 1;
|
|
38
|
+
score -= SEVERITY_DEDUCTIONS[sev] || 0;
|
|
39
|
+
|
|
40
|
+
const cat = finding.category || "other";
|
|
41
|
+
if (!categoryScores[cat]) categoryScores[cat] = 100;
|
|
42
|
+
categoryScores[cat] -= SEVERITY_DEDUCTIONS[sev] || 0;
|
|
43
|
+
}
|
|
44
|
+
|
|
45
|
+
score = Math.max(0, score);
|
|
46
|
+
for (const cat of Object.keys(categoryScores)) {
|
|
47
|
+
categoryScores[cat] = Math.max(0, categoryScores[cat]);
|
|
48
|
+
}
|
|
49
|
+
|
|
50
|
+
const letter = score >= 90 ? "A" : score >= 75 ? "B" : score >= 60 ? "C" : score >= 40 ? "D" : "F";
|
|
51
|
+
|
|
52
|
+
const categoryGrades = {};
|
|
53
|
+
for (const [cat, s] of Object.entries(categoryScores)) {
|
|
54
|
+
categoryGrades[cat] = s >= 90 ? "A" : s >= 75 ? "B" : s >= 60 ? "C" : s >= 40 ? "D" : "F";
|
|
55
|
+
}
|
|
56
|
+
|
|
57
|
+
return {
|
|
58
|
+
score,
|
|
59
|
+
letter,
|
|
60
|
+
counts,
|
|
61
|
+
categoryGrades,
|
|
62
|
+
totalFindings: findings.length,
|
|
63
|
+
critical: counts.CRITICAL,
|
|
64
|
+
high: counts.HIGH,
|
|
65
|
+
};
|
|
66
|
+
}
|
package/src/index.mjs
ADDED
|
@@ -0,0 +1,108 @@
|
|
|
1
|
+
#!/usr/bin/env node
|
|
2
|
+
|
|
3
|
+
/**
|
|
4
|
+
* AgentsID Security Scanner
|
|
5
|
+
*
|
|
6
|
+
* The Lighthouse of agent security. Scan any MCP server and get a
|
|
7
|
+
* security report card with letter grades across auth, permissions,
|
|
8
|
+
* input validation, injection risks, and output safety.
|
|
9
|
+
*
|
|
10
|
+
* Usage:
|
|
11
|
+
* npx @agentsid/scanner -- npx @some/mcp-server
|
|
12
|
+
* npx @agentsid/scanner --url https://mcp.example.com
|
|
13
|
+
* npx @agentsid/scanner --json -- node my-server.mjs
|
|
14
|
+
*
|
|
15
|
+
* Examples:
|
|
16
|
+
* agentsid-scan -- npx @modelcontextprotocol/server-filesystem ./
|
|
17
|
+
* agentsid-scan -- npx @playwright/mcp-server
|
|
18
|
+
* agentsid-scan --json -- python -m my_mcp_server > report.json
|
|
19
|
+
*/
|
|
20
|
+
|
|
21
|
+
import { scanStdio, scanHttp } from "./scanner.mjs";
|
|
22
|
+
|
|
23
|
+
// ─── Parse Args ───
|
|
24
|
+
|
|
25
|
+
const args = process.argv.slice(2);
|
|
26
|
+
let url = null;
|
|
27
|
+
let json = false;
|
|
28
|
+
let command = null;
|
|
29
|
+
let env = {};
|
|
30
|
+
|
|
31
|
+
for (let i = 0; i < args.length; i++) {
|
|
32
|
+
if (args[i] === "--url" && args[i + 1]) {
|
|
33
|
+
url = args[++i];
|
|
34
|
+
} else if (args[i] === "--json") {
|
|
35
|
+
json = true;
|
|
36
|
+
} else if (args[i] === "--env" && args[i + 1]) {
|
|
37
|
+
const [k, v] = args[++i].split("=");
|
|
38
|
+
env[k] = v;
|
|
39
|
+
} else if (args[i] === "--help" || args[i] === "-h") {
|
|
40
|
+
printHelp();
|
|
41
|
+
process.exit(0);
|
|
42
|
+
} else if (args[i] === "--") {
|
|
43
|
+
command = args.slice(i + 1).join(" ");
|
|
44
|
+
break;
|
|
45
|
+
} else if (!args[i].startsWith("-")) {
|
|
46
|
+
command = args.slice(i).join(" ");
|
|
47
|
+
break;
|
|
48
|
+
}
|
|
49
|
+
}
|
|
50
|
+
|
|
51
|
+
// ─── Help ───
|
|
52
|
+
|
|
53
|
+
function printHelp() {
|
|
54
|
+
console.log(`
|
|
55
|
+
AgentsID Security Scanner v0.1.0
|
|
56
|
+
The Lighthouse of agent security.
|
|
57
|
+
|
|
58
|
+
Usage:
|
|
59
|
+
agentsid-scan -- <command> Scan a local MCP server (stdio)
|
|
60
|
+
agentsid-scan --url <url> Scan a remote MCP server (HTTP)
|
|
61
|
+
agentsid-scan --json -- <command> Output JSON report
|
|
62
|
+
|
|
63
|
+
Options:
|
|
64
|
+
--url <url> Remote MCP server URL
|
|
65
|
+
--json Output JSON instead of terminal report
|
|
66
|
+
--env KEY=VALUE Set environment variable for the server
|
|
67
|
+
--help, -h Show this help
|
|
68
|
+
|
|
69
|
+
Examples:
|
|
70
|
+
agentsid-scan -- npx @modelcontextprotocol/server-filesystem ./
|
|
71
|
+
agentsid-scan -- npx @playwright/mcp-server
|
|
72
|
+
agentsid-scan --url https://mcp.example.com/mcp
|
|
73
|
+
agentsid-scan --json -- node my-server.mjs > report.json
|
|
74
|
+
|
|
75
|
+
Learn more: https://agentsid.dev/scanner
|
|
76
|
+
`);
|
|
77
|
+
}
|
|
78
|
+
|
|
79
|
+
// ─── Run ───
|
|
80
|
+
|
|
81
|
+
async function main() {
|
|
82
|
+
if (!url && !command) {
|
|
83
|
+
console.error("Error: Provide a command (-- <command>) or URL (--url <url>) to scan.");
|
|
84
|
+
console.error("Run with --help for usage.\n");
|
|
85
|
+
process.exit(1);
|
|
86
|
+
}
|
|
87
|
+
|
|
88
|
+
if (!json) {
|
|
89
|
+
console.error("\n🔍 AgentsID Security Scanner v0.1.0");
|
|
90
|
+
console.error(" Scanning MCP server...\n");
|
|
91
|
+
}
|
|
92
|
+
|
|
93
|
+
try {
|
|
94
|
+
let report;
|
|
95
|
+
if (url) {
|
|
96
|
+
report = await scanHttp(url, { json, timeout: 30000 });
|
|
97
|
+
} else {
|
|
98
|
+
report = await scanStdio(command, { env, json, timeout: 15000 });
|
|
99
|
+
}
|
|
100
|
+
|
|
101
|
+
console.log(report);
|
|
102
|
+
} catch (err) {
|
|
103
|
+
console.error(`Scan failed: ${err.message}`);
|
|
104
|
+
process.exit(1);
|
|
105
|
+
}
|
|
106
|
+
}
|
|
107
|
+
|
|
108
|
+
main();
|