@bryan-thompson/inspector-assessment-client 1.12.0 → 1.13.1

package/lib/services/assessment/modules/ExternalAPIScannerAssessor.js

@@ -0,0 +1,248 @@
+/**
+ * External API Scanner Assessor
+ *
+ * Scans source code for external API dependencies and checks for affiliation.
+ * Helps identify:
+ * - External services used (GitHub, Slack, AWS, etc.)
+ * - Hardcoded URLs that may need privacy policy disclosure
+ * - Server names that suggest affiliation without verification
+ *
+ * Part of Priority 2 gap-closing features.
+ */
+import { BaseAssessor } from "./BaseAssessor.js";
+/**
+ * Known external services and their URL patterns
+ */
+const KNOWN_SERVICES = {
+    github: [/api\.github\.com/i, /github\.com\/[^/]+\/[^/]+/i],
+    gitlab: [/gitlab\.com/i, /api\.gitlab\.com/i],
+    slack: [/slack\.com\/api/i, /api\.slack\.com/i, /hooks\.slack\.com/i],
+    discord: [/discord\.com\/api/i, /discordapp\.com/i],
+    aws: [/\.amazonaws\.com/i, /\.aws\.amazon\.com/i],
+    azure: [/\.azure\.com/i, /\.microsoft\.com/i],
+    gcp: [/\.googleapis\.com/i, /\.google\.com\/.*api/i],
+    openai: [/api\.openai\.com/i],
+    anthropic: [/api\.anthropic\.com/i],
+    huggingface: [/huggingface\.co/i, /api\.huggingface\.co/i],
+    stripe: [/api\.stripe\.com/i],
+    twilio: [/api\.twilio\.com/i],
+    sendgrid: [/api\.sendgrid\.com/i],
+    firebase: [/firebaseio\.com/i, /firebase\.google\.com/i],
+    supabase: [/supabase\.co/i],
+    notion: [/api\.notion\.com/i],
+    airtable: [/api\.airtable\.com/i],
+    dropbox: [/api\.dropbox\.com/i, /dropboxapi\.com/i],
+    jira: [/atlassian\.net/i, /jira\.com/i],
+    linear: [/api\.linear\.app/i],
+    asana: [/api\.asana\.com/i],
+};
+/**
+ * URL patterns to skip (not external APIs)
+ */
+const SKIP_URL_PATTERNS = [
+    /localhost/i,
+    /127\.0\.0\.1/i,
+    /0\.0\.0\.0/i,
+    /example\.com/i,
+    /test\.com/i,
+    /\.local\//i,
+    /schema\.org/i,
+    /w3\.org/i,
+    /json-schema\.org/i,
+    /npmjs\.com/i,
+    /unpkg\.com/i,
+    /cdn\./i,
+    /fonts\.googleapis\.com/i,
+];
+/**
+ * File patterns to skip during scanning
+ */
+const SKIP_FILE_PATTERNS = [
+    /node_modules/i,
+    /\.test\.(ts|js|tsx|jsx)$/i,
+    /\.spec\.(ts|js|tsx|jsx)$/i,
+    /\.d\.ts$/i,
+    /package-lock\.json$/i,
+    /yarn\.lock$/i,
+    /\.map$/i,
+    /README\.md$/i,
+    /CHANGELOG\.md$/i,
+    /LICENSE/i,
+    /\.git\//i,
+    /dist\//i,
+    /build\//i,
+];
+export class ExternalAPIScannerAssessor extends BaseAssessor {
+    async assess(context) {
+        this.log("Starting external API scanner assessment");
+        this.resetTestCount();
+        const detectedAPIs = [];
+        let scannedFiles = 0;
+        // Check if source code analysis is enabled
+        if (!context.sourceCodeFiles || !context.config.enableSourceCodeAnalysis) {
+            this.log("Source code analysis not enabled, skipping external API scan");
+            return this.createNoSourceResult();
+        }
+        // Scan each source file
+        for (const [filePath, content] of context.sourceCodeFiles) {
+            if (this.shouldSkipFile(filePath))
+                continue;
+            this.testCount++;
+            scannedFiles++;
+            const fileAPIs = this.scanFileForAPIs(filePath, content);
+            detectedAPIs.push(...fileAPIs);
+        }
+        // Extract unique services
+        const uniqueServices = [...new Set(detectedAPIs.map((api) => api.service))];
+        // Check for affiliation concerns
+        const affiliationWarning = this.checkAffiliation(context.serverName, uniqueServices);
+        // Determine status
+        const status = this.computeStatus(detectedAPIs, affiliationWarning);
+        const explanation = this.generateExplanation(detectedAPIs, uniqueServices, affiliationWarning, scannedFiles);
+        const recommendations = this.generateRecommendations(uniqueServices, affiliationWarning);
+        this.log(`External API scan complete: ${detectedAPIs.length} APIs found in ${scannedFiles} files`);
+        return {
+            detectedAPIs,
+            uniqueServices,
+            affiliationWarning,
+            scannedFiles,
+            status,
+            explanation,
+            recommendations,
+        };
+    }
+    /**
+     * Check if file should be skipped
+     */
+    shouldSkipFile(filePath) {
+        return SKIP_FILE_PATTERNS.some((pattern) => pattern.test(filePath));
+    }
+    /**
+     * Scan a file for external API URLs
+     */
+    scanFileForAPIs(filePath, content) {
+        const apis = [];
+        const urlPattern = /https?:\/\/[^\s'"`)}\]><]+/g;
+        const matches = content.match(urlPattern) || [];
+        for (const url of matches) {
+            // Skip non-API URLs
+            if (this.shouldSkipUrl(url))
+                continue;
+            // Identify the service
+            const service = this.identifyService(url);
+            // Avoid duplicates in the same file
+            if (!apis.some((api) => api.url === url && api.filePath === filePath)) {
+                apis.push({
+                    url: this.cleanUrl(url),
+                    service,
+                    filePath,
+                });
+            }
+        }
+        return apis;
+    }
+    /**
+     * Check if URL should be skipped
+     */
+    shouldSkipUrl(url) {
+        return SKIP_URL_PATTERNS.some((pattern) => pattern.test(url));
+    }
+    /**
+     * Clean URL by removing trailing punctuation
+     */
+    cleanUrl(url) {
+        return url.replace(/[.,;:!?'")\]}>]+$/, "");
+    }
+    /**
+     * Identify which service a URL belongs to
+     */
+    identifyService(url) {
+        for (const [service, patterns] of Object.entries(KNOWN_SERVICES)) {
+            if (patterns.some((pattern) => pattern.test(url))) {
+                return service;
+            }
+        }
+        return "unknown";
+    }
+    /**
+     * Check if server name suggests affiliation that needs verification
+     */
+    checkAffiliation(serverName, detectedServices) {
+        const nameLower = serverName.toLowerCase();
+        const nameParts = nameLower.split(/[-_\s]/);
+        // Check if server name contains a known service name
+        for (const service of Object.keys(KNOWN_SERVICES)) {
+            if (nameParts.includes(service) || nameLower.includes(service)) {
+                // Server claims this service - check if actually uses it
+                if (detectedServices.includes(service)) {
+                    return `Server name "${serverName}" suggests affiliation with ${service}. Verify the author is officially affiliated before approving.`;
+                }
+                else {
+                    return `Server name "${serverName}" suggests affiliation with ${service}, but no ${service} API calls detected. This may be misleading.`;
+                }
+            }
+        }
+        return undefined;
+    }
+    /**
+     * Compute assessment status based on scan results
+     */
+    computeStatus(apis, affiliationWarning) {
+        if (affiliationWarning) {
+            return "NEED_MORE_INFO";
+        }
+        if (apis.length === 0) {
+            return "PASS";
+        }
+        // Having external APIs isn't a failure, just informational
+        return "PASS";
+    }
+    /**
+     * Generate explanation text
+     */
+    generateExplanation(apis, services, affiliationWarning, scannedFiles) {
+        const parts = [];
+        parts.push(`Scanned ${scannedFiles} source files.`);
+        if (apis.length === 0) {
+            parts.push("No external API dependencies detected.");
+        }
+        else {
+            parts.push(`Found ${apis.length} external API URL(s) across ${services.length} service(s): ${services.join(", ")}.`);
+        }
+        if (affiliationWarning) {
+            parts.push(`ATTENTION: ${affiliationWarning}`);
+        }
+        return parts.join(" ");
+    }
+    /**
+     * Generate recommendations
+     */
+    generateRecommendations(services, affiliationWarning) {
+        const recommendations = [];
+        if (affiliationWarning) {
+            recommendations.push("Verify author affiliation with claimed service before directory approval");
+        }
+        if (services.length > 0 && !services.every((s) => s === "unknown")) {
+            recommendations.push(`Ensure privacy policies are declared for external services: ${services.filter((s) => s !== "unknown").join(", ")}`);
+        }
+        if (services.includes("unknown")) {
+            recommendations.push("Review unrecognized external URLs for security and privacy implications");
+        }
+        return recommendations;
+    }
+    /**
+     * Create result when source code analysis is not available
+     */
+    createNoSourceResult() {
+        return {
+            detectedAPIs: [],
+            uniqueServices: [],
+            scannedFiles: 0,
+            status: "NEED_MORE_INFO",
+            explanation: "External API scanning requires source code analysis. Enable with --source flag.",
+            recommendations: [
+                "Re-run assessment with --source <path> to enable external API scanning",
+            ],
+        };
+    }
+}

package/lib/services/assessment/modules/ToolAnnotationAssessor.d.ts

@@ -82,6 +82,12 @@ export declare class ToolAnnotationAssessor extends BaseAssessor {
     /**
      * Extract annotations from a tool
      * MCP SDK may have annotations in different locations
+     *
+     * Priority order:
+     * 1. tool.annotations (MCP 2024-11 spec) - "mcp" source
+     * 2. Direct properties on tool - "mcp" source
+     * 3. tool.metadata - "mcp" source
+     * 4. No annotations found - "none" source
      */
     private extractAnnotations;
     /**

package/lib/services/assessment/modules/ToolAnnotationAssessor.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"ToolAnnotationAssessor.d.ts","sourceRoot":"","sources":["../../../../src/services/assessment/modules/ToolAnnotationAssessor.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;GAWG;AAEH,OAAO,EAAE,YAAY,EAAE,MAAM,gBAAgB,CAAC;AAC9C,OAAO,EAAE,iBAAiB,EAAE,MAAM,2BAA2B,CAAC;AAC9D,OAAO,KAAK,EACV,wBAAwB,EACxB,oBAAoB,EAKpB,uBAAuB,EACxB,MAAM,uBAAuB,CAAC;AAE/B,OAAO,KAAK,EAAE,gBAAgB,EAAE,MAAM,yBAAyB,CAAC;AAChE,OAAO,EACL,KAAK,gBAAgB,EAGtB,MAAM,8BAA8B,CAAC;AAEtC;;GAEG;AACH,MAAM,WAAW,4BAA6B,SAAQ,oBAAoB;IACxE,eAAe,CAAC,EAAE;QAChB,gBAAgB,EAAE,OAAO,CAAC;QAC1B,mBAAmB,EAAE,OAAO,CAAC;QAC7B,UAAU,EAAE,MAAM,CAAC;QACnB,SAAS,EAAE,MAAM,CAAC;QAClB,oBAAoB,EAAE;YACpB,YAAY,CAAC,EAAE,OAAO,CAAC;YACvB,eAAe,CAAC,EAAE,OAAO,CAAC;YAC1B,cAAc,CAAC,EAAE,OAAO,CAAC;SAC1B,CAAC;QACF,oBAAoB,EAAE,OAAO,CAAC;QAC9B,mBAAmB,CAAC,EAAE,MAAM,CAAC;QAC7B,MAAM,EAAE,iBAAiB,GAAG,eAAe,CAAC;KAC7C,CAAC;CACH;AAED;;GAEG;AACH,MAAM,WAAW,gCAAiC,SAAQ,wBAAwB;IAChF,WAAW,EAAE,4BAA4B,EAAE,CAAC;IAC5C,cAAc,EAAE,OAAO,CAAC;IACxB,2BAA2B,EAAE,4BAA4B,EAAE,CAAC;CAC7D;AAKD,qBAAa,sBAAuB,SAAQ,YAAY;IACtD,OAAO,CAAC,YAAY,CAAC,CAAmB;IACxC,OAAO,CAAC,gBAAgB,CAAmB;gBAE/B,MAAM,EAAE,uBAAuB;IAM3C;;OAEG;IACH,WAAW,CAAC,QAAQ,EAAE,gBAAgB,GAAG,IAAI;IAK7C;;OAEG;IACH,eAAe,CAAC,MAAM,EAAE,gBAAgB,GAAG,IAAI;IAK/C;;OAEG;IACH,eAAe,IAAI,OAAO;IAO1B;;OAEG;IACG,MAAM,CACV,OAAO,EAAE,iBAAiB,GACzB,OAAO,CAAC,wBAAwB,GAAG,gCAAgC,CAAC;IAqPvE;;OAEG;YACW,0BAA0B;IA+IxC;;OAEG;IACH,OAAO,CAAC,2BAA2B;IAiCnC;;OAEG;IACH,OAAO,CAAC,+BAA+B;IAoFvC;;;OAGG;IACH,OAAO,CAAC,UAAU;IA8GlB;;;OAGG;IACH,OAAO,CAAC,kBAAkB;IAyC1B;;OAEG;IACH,OAAO,CAAC,iBAAiB;IAuBzB;;;OAGG;IACH,OAAO,CAAC,aAAa;IAgGrB;;;OAGG;IACH,OAAO,CAAC,yBAAyB;IAkDjC;;OAEG;IACH,OAAO,CAAC,gBAAgB;IAiDxB;;OAEG;IACH,OAAO,CAAC,mBAAmB;IAmC3B;;OAEG;IACH,OAAO,CAAC,uBAAuB;CA2ChC"}
+{"version":3,"file":"ToolAnnotationAssessor.d.ts","sourceRoot":"","sources":["../../../../src/services/assessment/modules/ToolAnnotationAssessor.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;GAWG;AAEH,OAAO,EAAE,YAAY,EAAE,MAAM,gBAAgB,CAAC;AAC9C,OAAO,EAAE,iBAAiB,EAAE,MAAM,2BAA2B,CAAC;AAC9D,OAAO,KAAK,EACV,wBAAwB,EACxB,oBAAoB,EAKpB,uBAAuB,EAExB,MAAM,uBAAuB,CAAC;AAE/B,OAAO,KAAK,EAAE,gBAAgB,EAAE,MAAM,yBAAyB,CAAC;AAChE,OAAO,EACL,KAAK,gBAAgB,EAGtB,MAAM,8BAA8B,CAAC;AAEtC;;GAEG;AACH,MAAM,WAAW,4BAA6B,SAAQ,oBAAoB;IACxE,eAAe,CAAC,EAAE;QAChB,gBAAgB,EAAE,OAAO,CAAC;QAC1B,mBAAmB,EAAE,OAAO,CAAC;QAC7B,UAAU,EAAE,MAAM,CAAC;QACnB,SAAS,EAAE,MAAM,CAAC;QAClB,oBAAoB,EAAE;YACpB,YAAY,CAAC,EAAE,OAAO,CAAC;YACvB,eAAe,CAAC,EAAE,OAAO,CAAC;YAC1B,cAAc,CAAC,EAAE,OAAO,CAAC;SAC1B,CAAC;QACF,oBAAoB,EAAE,OAAO,CAAC;QAC9B,mBAAmB,CAAC,EAAE,MAAM,CAAC;QAC7B,MAAM,EAAE,iBAAiB,GAAG,eAAe,CAAC;KAC7C,CAAC;CACH;AAED;;GAEG;AACH,MAAM,WAAW,gCAAiC,SAAQ,wBAAwB;IAChF,WAAW,EAAE,4BAA4B,EAAE,CAAC;IAC5C,cAAc,EAAE,OAAO,CAAC;IACxB,2BAA2B,EAAE,4BAA4B,EAAE,CAAC;CAC7D;AAKD,qBAAa,sBAAuB,SAAQ,YAAY;IACtD,OAAO,CAAC,YAAY,CAAC,CAAmB;IACxC,OAAO,CAAC,gBAAgB,CAAmB;gBAE/B,MAAM,EAAE,uBAAuB;IAM3C;;OAEG;IACH,WAAW,CAAC,QAAQ,EAAE,gBAAgB,GAAG,IAAI;IAK7C;;OAEG;IACH,eAAe,CAAC,MAAM,EAAE,gBAAgB,GAAG,IAAI;IAK/C;;OAEG;IACH,eAAe,IAAI,OAAO;IAO1B;;OAEG;IACG,MAAM,CACV,OAAO,EAAE,iBAAiB,GACzB,OAAO,CAAC,wBAAwB,GAAG,gCAAgC,CAAC;IA8QvE;;OAEG;YACW,0BAA0B;IA+IxC;;OAEG;IACH,OAAO,CAAC,2BAA2B;IAiCnC;;OAEG;IACH,OAAO,CAAC,+BAA+B;IAoFvC;;;OAGG;IACH,OAAO,CAAC,UAAU;IA+GlB;;;;;;;;;OASG;IACH,OAAO,CAAC,kBAAkB;IAyE1B;;OAEG;IACH,OAAO,CAAC,iBAAiB;IAuBzB;;;OAGG;IACH,OAAO,CAAC,aAAa;IAgGrB;;;OAGG;IACH,OAAO,CAAC,yBAAyB;IAkDjC;;OAEG;IACH,OAAO,CAAC,gBAAgB;IAiDxB;;OAEG;IACH,OAAO,CAAC,mBAAmB;IAmC3B;;OAEG;IACH,OAAO,CAAC,uBAAuB;CA2ChC"}

package/lib/services/assessment/modules/ToolAnnotationAssessor.js

@@ -53,6 +53,13 @@ export class ToolAnnotationAssessor extends BaseAssessor {
         let annotatedCount = 0;
         let missingAnnotationsCount = 0;
         let misalignedAnnotationsCount = 0;
+        // Track annotation sources
+        const annotationSourceCounts = {
+            mcp: 0,
+            sourceCode: 0,
+            inferred: 0,
+            none: 0,
+        };
         const useClaudeInference = this.isClaudeEnabled();
         if (useClaudeInference) {
             this.log("Claude Code integration enabled - using semantic behavior inference");
@@ -106,7 +113,23 @@ export class ToolAnnotationAssessor extends BaseAssessor {
             }
             else {
                 missingAnnotationsCount++;
-                // Emit annotation_missing event with tool details
+            }
+            // Track annotation source
+            const source = latestResult.annotationSource;
+            if (source === "mcp") {
+                annotationSourceCounts.mcp++;
+            }
+            else if (source === "source-code") {
+                annotationSourceCounts.sourceCode++;
+            }
+            else if (source === "inferred") {
+                annotationSourceCounts.inferred++;
+            }
+            else {
+                annotationSourceCounts.none++;
+            }
+            // Emit annotation_missing event with tool details
+            if (!latestResult.hasAnnotations) {
                 if (context.onProgress && latestResult.inferredBehavior) {
                     const annotations = this.extractAnnotations(tool);
                     context.onProgress({
@@ -225,6 +248,7 @@ export class ToolAnnotationAssessor extends BaseAssessor {
                 recommendations: this.generateEnhancedRecommendations(toolResults),
                 metrics,
                 alignmentBreakdown,
+                annotationSources: annotationSourceCounts,
                 claudeEnhanced: true,
                 highConfidenceMisalignments,
             };
@@ -239,6 +263,7 @@ export class ToolAnnotationAssessor extends BaseAssessor {
             recommendations,
             metrics,
             alignmentBreakdown,
+            annotationSources: annotationSourceCounts,
         };
     }
     /**
@@ -495,6 +520,7 @@ export class ToolAnnotationAssessor extends BaseAssessor {
             toolName: tool.name,
             hasAnnotations,
             annotations: hasAnnotations ? annotations : undefined,
+            annotationSource: annotations.source,
             inferredBehavior,
             alignmentStatus,
             issues,
@@ -504,34 +530,65 @@ export class ToolAnnotationAssessor extends BaseAssessor {
     /**
      * Extract annotations from a tool
      * MCP SDK may have annotations in different locations
+     *
+     * Priority order:
+     * 1. tool.annotations (MCP 2024-11 spec) - "mcp" source
+     * 2. Direct properties on tool - "mcp" source
+     * 3. tool.metadata - "mcp" source
+     * 4. No annotations found - "none" source
      */
     extractAnnotations(tool) {
-        // Try to find annotations in various locations
         const toolAny = tool;
-        // Check direct properties
-        let readOnlyHint = toolAny.readOnlyHint;
-        let destructiveHint = toolAny.destructiveHint;
-        let idempotentHint = toolAny.idempotentHint;
-        let openWorldHint = toolAny.openWorldHint;
-        // Check annotations object (MCP 2024-11 spec)
+        // Priority 1: Check annotations object (MCP 2024-11 spec) - primary source
         if (toolAny.annotations) {
-            readOnlyHint = readOnlyHint ?? toolAny.annotations.readOnlyHint;
-            destructiveHint = destructiveHint ?? toolAny.annotations.destructiveHint;
-            idempotentHint = idempotentHint ?? toolAny.annotations.idempotentHint;
-            openWorldHint = openWorldHint ?? toolAny.annotations.openWorldHint;
+            const hasAnnotations = toolAny.annotations.readOnlyHint !== undefined ||
+                toolAny.annotations.destructiveHint !== undefined;
+            if (hasAnnotations) {
+                return {
+                    readOnlyHint: toolAny.annotations.readOnlyHint,
+                    destructiveHint: toolAny.annotations.destructiveHint,
+                    title: toolAny.annotations.title || toolAny.title,
+                    description: tool.description,
+                    idempotentHint: toolAny.annotations.idempotentHint,
+                    openWorldHint: toolAny.annotations.openWorldHint,
+                    source: "mcp",
+                };
+            }
+        }
+        // Priority 2: Check direct properties on tool object
+        if (toolAny.readOnlyHint !== undefined ||
+            toolAny.destructiveHint !== undefined) {
+            return {
+                readOnlyHint: toolAny.readOnlyHint,
+                destructiveHint: toolAny.destructiveHint,
+                title: toolAny.title,
+                description: tool.description,
+                idempotentHint: toolAny.idempotentHint,
+                openWorldHint: toolAny.openWorldHint,
+                source: "mcp",
+            };
         }
-        // Check metadata (some servers use this)
+        // Priority 3: Check metadata (some servers use this)
         if (toolAny.metadata) {
-            readOnlyHint = readOnlyHint ?? toolAny.metadata.readOnlyHint;
-            destructiveHint = destructiveHint ?? toolAny.metadata.destructiveHint;
+            const hasMetadataAnnotations = toolAny.metadata.readOnlyHint !== undefined ||
+                toolAny.metadata.destructiveHint !== undefined;
+            if (hasMetadataAnnotations) {
+                return {
+                    readOnlyHint: toolAny.metadata.readOnlyHint,
+                    destructiveHint: toolAny.metadata.destructiveHint,
+                    title: toolAny.metadata.title || toolAny.title,
+                    description: tool.description,
+                    idempotentHint: toolAny.metadata.idempotentHint,
+                    openWorldHint: toolAny.metadata.openWorldHint,
+                    source: "mcp",
+                };
+            }
         }
+        // No annotations found from MCP protocol
         return {
-            readOnlyHint,
-            destructiveHint,
-            title: toolAny.title || toolAny.annotations?.title,
+            title: toolAny.title,
             description: tool.description,
-            idempotentHint,
-            openWorldHint,
+            source: "none",
         };
     }
     /**

package/lib/services/assessment/modules/index.d.ts

@@ -30,4 +30,5 @@ export { ToolAnnotationAssessor } from "./ToolAnnotationAssessor.js";
 export { ProhibitedLibrariesAssessor } from "./ProhibitedLibrariesAssessor.js";
 export { ManifestValidationAssessor } from "./ManifestValidationAssessor.js";
 export { PortabilityAssessor } from "./PortabilityAssessor.js";
+export { ExternalAPIScannerAssessor } from "./ExternalAPIScannerAssessor.js";
 //# sourceMappingURL=index.d.ts.map

package/lib/services/assessment/modules/index.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../../../src/services/assessment/modules/index.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;GAmBG;AAGH,OAAO,EAAE,YAAY,EAAE,MAAM,gBAAgB,CAAC;AAG9C,OAAO,EAAE,qBAAqB,EAAE,MAAM,yBAAyB,CAAC;AAChE,OAAO,EAAE,qBAAqB,EAAE,MAAM,yBAAyB,CAAC;AAChE,OAAO,EAAE,gBAAgB,EAAE,MAAM,oBAAoB,CAAC;AACtD,OAAO,EAAE,qBAAqB,EAAE,MAAM,yBAAyB,CAAC;AAChE,OAAO,EAAE,iBAAiB,EAAE,MAAM,qBAAqB,CAAC;AACxD,OAAO,EAAE,yBAAyB,EAAE,MAAM,6BAA6B,CAAC;AAGxE,OAAO,EAAE,qBAAqB,EAAE,MAAM,yBAAyB,CAAC;AAChE,OAAO,EAAE,sBAAsB,EAAE,MAAM,0BAA0B,CAAC;AAClE,OAAO,EAAE,2BAA2B,EAAE,MAAM,+BAA+B,CAAC;AAC5E,OAAO,EAAE,0BAA0B,EAAE,MAAM,8BAA8B,CAAC;AAC1E,OAAO,EAAE,mBAAmB,EAAE,MAAM,uBAAuB,CAAC"}
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../../../src/services/assessment/modules/index.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;GAmBG;AAGH,OAAO,EAAE,YAAY,EAAE,MAAM,gBAAgB,CAAC;AAG9C,OAAO,EAAE,qBAAqB,EAAE,MAAM,yBAAyB,CAAC;AAChE,OAAO,EAAE,qBAAqB,EAAE,MAAM,yBAAyB,CAAC;AAChE,OAAO,EAAE,gBAAgB,EAAE,MAAM,oBAAoB,CAAC;AACtD,OAAO,EAAE,qBAAqB,EAAE,MAAM,yBAAyB,CAAC;AAChE,OAAO,EAAE,iBAAiB,EAAE,MAAM,qBAAqB,CAAC;AACxD,OAAO,EAAE,yBAAyB,EAAE,MAAM,6BAA6B,CAAC;AAGxE,OAAO,EAAE,qBAAqB,EAAE,MAAM,yBAAyB,CAAC;AAChE,OAAO,EAAE,sBAAsB,EAAE,MAAM,0BAA0B,CAAC;AAClE,OAAO,EAAE,2BAA2B,EAAE,MAAM,+BAA+B,CAAC;AAC5E,OAAO,EAAE,0BAA0B,EAAE,MAAM,8BAA8B,CAAC;AAC1E,OAAO,EAAE,mBAAmB,EAAE,MAAM,uBAAuB,CAAC;AAC5D,OAAO,EAAE,0BAA0B,EAAE,MAAM,8BAA8B,CAAC"}

package/lib/services/assessment/modules/index.js

@@ -33,3 +33,4 @@ export { ToolAnnotationAssessor } from "./ToolAnnotationAssessor.js";
 export { ProhibitedLibrariesAssessor } from "./ProhibitedLibrariesAssessor.js";
 export { ManifestValidationAssessor } from "./ManifestValidationAssessor.js";
 export { PortabilityAssessor } from "./PortabilityAssessor.js";
+export { ExternalAPIScannerAssessor } from "./ExternalAPIScannerAssessor.js";

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@bryan-thompson/inspector-assessment-client",
-  "version": "1.12.0",
+  "version": "1.13.1",
   "description": "Client-side application for the Enhanced MCP Inspector with assessment capabilities",
   "license": "MIT",
   "author": "Bryan Thompson <bryan@triepod.ai>",