@bryan-thompson/inspector-assessment-cli 1.43.4 ā 1.43.5
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/build/assess-full.js +21 -117
- package/package.json +1 -1
package/build/assess-full.js
CHANGED
|
@@ -20,6 +20,8 @@ import { StreamableHTTPClientTransport } from "@modelcontextprotocol/sdk/client/
|
|
|
20
20
|
import { AssessmentOrchestrator, } from "../../client/lib/services/assessment/AssessmentOrchestrator.js";
|
|
21
21
|
import { DEFAULT_ASSESSMENT_CONFIG, } from "../../client/lib/lib/assessmentTypes.js";
|
|
22
22
|
import { FULL_CLAUDE_CODE_CONFIG } from "../../client/lib/services/assessment/lib/claudeCodeBridge.js";
|
|
23
|
+
// Use modular CLI parser with full flag support (30+ flags)
|
|
24
|
+
import { parseArgs, } from "./lib/cli-parser.js";
|
|
23
25
|
/**
|
|
24
26
|
* Load server configuration from Claude Code's MCP settings
|
|
25
27
|
*/
|
|
@@ -257,7 +259,17 @@ async function runFullAssessment(options) {
|
|
|
257
259
|
if (!options.jsonOnly) {
|
|
258
260
|
console.log(`\nš Starting full assessment for: ${options.serverName}`);
|
|
259
261
|
}
|
|
260
|
-
|
|
262
|
+
// Build server config from --http/--sse flags or config file
|
|
263
|
+
let serverConfig;
|
|
264
|
+
if (options.httpUrl) {
|
|
265
|
+
serverConfig = { transport: "http", url: options.httpUrl };
|
|
266
|
+
}
|
|
267
|
+
else if (options.sseUrl) {
|
|
268
|
+
serverConfig = { transport: "sse", url: options.sseUrl };
|
|
269
|
+
}
|
|
270
|
+
else {
|
|
271
|
+
serverConfig = loadServerConfig(options.serverName, options.serverConfigPath);
|
|
272
|
+
}
|
|
261
273
|
if (!options.jsonOnly) {
|
|
262
274
|
console.log("ā
Server config loaded");
|
|
263
275
|
}
|
|
@@ -423,126 +435,13 @@ function displaySummary(results) {
|
|
|
423
435
|
}
|
|
424
436
|
console.log("\n" + "=".repeat(70));
|
|
425
437
|
}
|
|
426
|
-
/**
|
|
427
|
-
* Parse command-line arguments
|
|
428
|
-
*/
|
|
429
|
-
function parseArgs() {
|
|
430
|
-
const args = process.argv.slice(2);
|
|
431
|
-
const options = {};
|
|
432
|
-
for (let i = 0; i < args.length; i++) {
|
|
433
|
-
const arg = args[i];
|
|
434
|
-
if (!arg)
|
|
435
|
-
continue;
|
|
436
|
-
switch (arg) {
|
|
437
|
-
case "--server":
|
|
438
|
-
case "-s":
|
|
439
|
-
options.serverName = args[++i];
|
|
440
|
-
break;
|
|
441
|
-
case "--config":
|
|
442
|
-
case "-c":
|
|
443
|
-
options.serverConfigPath = args[++i];
|
|
444
|
-
break;
|
|
445
|
-
case "--output":
|
|
446
|
-
case "-o":
|
|
447
|
-
options.outputPath = args[++i];
|
|
448
|
-
break;
|
|
449
|
-
case "--source":
|
|
450
|
-
options.sourceCodePath = args[++i];
|
|
451
|
-
break;
|
|
452
|
-
case "--claude-enabled":
|
|
453
|
-
options.claudeEnabled = true;
|
|
454
|
-
break;
|
|
455
|
-
case "--full":
|
|
456
|
-
options.fullAssessment = true;
|
|
457
|
-
break;
|
|
458
|
-
case "--audit-mode":
|
|
459
|
-
options.auditMode = true;
|
|
460
|
-
break;
|
|
461
|
-
case "--verbose":
|
|
462
|
-
case "-v":
|
|
463
|
-
options.verbose = true;
|
|
464
|
-
break;
|
|
465
|
-
case "--json":
|
|
466
|
-
options.jsonOnly = true;
|
|
467
|
-
break;
|
|
468
|
-
case "--help":
|
|
469
|
-
case "-h":
|
|
470
|
-
printHelp();
|
|
471
|
-
options.helpRequested = true;
|
|
472
|
-
return options;
|
|
473
|
-
default:
|
|
474
|
-
if (!arg.startsWith("-")) {
|
|
475
|
-
if (!options.serverName) {
|
|
476
|
-
options.serverName = arg;
|
|
477
|
-
}
|
|
478
|
-
}
|
|
479
|
-
else {
|
|
480
|
-
console.error(`Unknown argument: ${arg}`);
|
|
481
|
-
printHelp();
|
|
482
|
-
setTimeout(() => process.exit(1), 10);
|
|
483
|
-
options.helpRequested = true;
|
|
484
|
-
return options;
|
|
485
|
-
}
|
|
486
|
-
}
|
|
487
|
-
}
|
|
488
|
-
if (!options.serverName) {
|
|
489
|
-
console.error("Error: --server is required");
|
|
490
|
-
printHelp();
|
|
491
|
-
setTimeout(() => process.exit(1), 10);
|
|
492
|
-
options.helpRequested = true;
|
|
493
|
-
return options;
|
|
494
|
-
}
|
|
495
|
-
return options;
|
|
496
|
-
}
|
|
497
|
-
/**
|
|
498
|
-
* Print help message
|
|
499
|
-
*/
|
|
500
|
-
function printHelp() {
|
|
501
|
-
console.log(`
|
|
502
|
-
Usage: mcp-assess-full [options] [server-name]
|
|
503
|
-
|
|
504
|
-
Run comprehensive MCP server assessment with all 11 assessor modules.
|
|
505
|
-
|
|
506
|
-
Options:
|
|
507
|
-
--server, -s <name> Server name (required, or pass as first positional arg)
|
|
508
|
-
--config, -c <path> Path to server config JSON
|
|
509
|
-
--output, -o <path> Output JSON path (default: /tmp/inspector-full-assessment-<server>.json)
|
|
510
|
-
--source <path> Source code path for deep analysis (AUP, portability, etc.)
|
|
511
|
-
--claude-enabled Enable Claude Code integration for intelligent analysis
|
|
512
|
-
--full Enable all assessment modules (default)
|
|
513
|
-
--audit-mode Run only high-value modules for automated MCP auditing
|
|
514
|
-
(Functionality, Security, ErrorHandling, MCPSpecCompliance, ToolAnnotations)
|
|
515
|
-
Reduces false positives and includes audit summary in output
|
|
516
|
-
--json Output only JSON (no console summary)
|
|
517
|
-
--verbose, -v Enable verbose logging
|
|
518
|
-
--help, -h Show this help message
|
|
519
|
-
|
|
520
|
-
Assessment Modules (11 total):
|
|
521
|
-
ā¢ Functionality - Tests all tools work correctly
|
|
522
|
-
ā¢ Security - Prompt injection & vulnerability testing
|
|
523
|
-
ā¢ Documentation - README completeness checks
|
|
524
|
-
ā¢ Error Handling - Validates error responses
|
|
525
|
-
ā¢ Usability - Input validation & UX
|
|
526
|
-
ā¢ MCP Spec - Protocol compliance
|
|
527
|
-
ā¢ AUP Compliance - Acceptable Use Policy checks
|
|
528
|
-
ā¢ Tool Annotations - readOnlyHint/destructiveHint validation
|
|
529
|
-
ā¢ Prohibited Libs - Dependency security checks
|
|
530
|
-
ā¢ Manifest - MCPB manifest.json validation
|
|
531
|
-
ā¢ Portability - Cross-platform compatibility
|
|
532
|
-
|
|
533
|
-
Examples:
|
|
534
|
-
mcp-assess-full my-server
|
|
535
|
-
mcp-assess-full --server broken-mcp --claude-enabled
|
|
536
|
-
mcp-assess-full --server my-server --source ./my-server --output ./results.json
|
|
537
|
-
`);
|
|
538
|
-
}
|
|
539
438
|
/**
|
|
540
439
|
* Main execution
|
|
541
440
|
*/
|
|
542
441
|
async function main() {
|
|
543
442
|
try {
|
|
544
443
|
const options = parseArgs();
|
|
545
|
-
if (options.helpRequested) {
|
|
444
|
+
if (options.helpRequested || options.versionRequested || options.listModules) {
|
|
546
445
|
return;
|
|
547
446
|
}
|
|
548
447
|
const results = await runFullAssessment(options);
|
|
@@ -550,8 +449,13 @@ async function main() {
|
|
|
550
449
|
displaySummary(results);
|
|
551
450
|
}
|
|
552
451
|
// Determine transport type for audit summary
|
|
553
|
-
const
|
|
554
|
-
|
|
452
|
+
const transportType = options.httpUrl
|
|
453
|
+
? "http"
|
|
454
|
+
: options.sseUrl
|
|
455
|
+
? "sse"
|
|
456
|
+
: loadServerConfig(options.serverName, options.serverConfigPath)
|
|
457
|
+
.transport || "stdio";
|
|
458
|
+
const outputPath = saveResults(options.serverName, results, options.outputPath, transportType);
|
|
555
459
|
if (options.jsonOnly) {
|
|
556
460
|
console.log(outputPath);
|
|
557
461
|
}
|
package/package.json
CHANGED