@bryan-thompson/inspector-assessment-client 1.21.5 → 1.22.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (8) hide show
  1. package/dist/assets/{OAuthCallback-6Ra9gys1.js → OAuthCallback-jmgqk_c8.js} +1 -1
  2. package/dist/assets/{OAuthDebugCallback-B3RgloRQ.js → OAuthDebugCallback-CE7fBC0F.js} +1 -1
  3. package/dist/assets/{index-Bf4oNKiz.js → index-Dln9FIlO.js} +97 -5
  4. package/dist/index.html +1 -1
  5. package/lib/services/assessment/modules/SecurityAssessor.d.ts +11 -0
  6. package/lib/services/assessment/modules/SecurityAssessor.d.ts.map +1 -1
  7. package/lib/services/assessment/modules/SecurityAssessor.js +98 -0
  8. package/package.json +1 -1
package/dist/assets/{OAuthCallback-6Ra9gys1.js → OAuthCallback-jmgqk_c8.js} RENAMED
@@ -1,4 +1,4 @@
1
- import { u as useToast, r as reactExports, j as jsxRuntimeExports, p as parseOAuthCallbackParams, g as generateOAuthErrorDescription, S as SESSION_KEYS, I as InspectorOAuthClientProvider, a as auth } from "./index-Bf4oNKiz.js";
1
+ import { u as useToast, r as reactExports, j as jsxRuntimeExports, p as parseOAuthCallbackParams, g as generateOAuthErrorDescription, S as SESSION_KEYS, I as InspectorOAuthClientProvider, a as auth } from "./index-Dln9FIlO.js";
2
2
  const OAuthCallback = ({ onConnect }) => {
3
3
  const { toast } = useToast();
4
4
  const hasProcessedRef = reactExports.useRef(false);
package/dist/assets/{OAuthDebugCallback-B3RgloRQ.js → OAuthDebugCallback-CE7fBC0F.js} RENAMED
@@ -1,4 +1,4 @@
1
- import { r as reactExports, S as SESSION_KEYS, p as parseOAuthCallbackParams, j as jsxRuntimeExports, g as generateOAuthErrorDescription } from "./index-Bf4oNKiz.js";
1
+ import { r as reactExports, S as SESSION_KEYS, p as parseOAuthCallbackParams, j as jsxRuntimeExports, g as generateOAuthErrorDescription } from "./index-Dln9FIlO.js";
2
2
  const OAuthDebugCallback = ({ onConnect }) => {
3
3
  reactExports.useEffect(() => {
4
4
  let isProcessed = false;
package/dist/assets/{index-Bf4oNKiz.js → index-Dln9FIlO.js} RENAMED
@@ -16320,7 +16320,7 @@ object({
16320
16320
  token_type_hint: string().optional()
16321
16321
  }).strip();
16322
16322
  const name = "@bryan-thompson/inspector-assessment-client";
16323
- const version$1 = "1.21.4";
16323
+ const version$1 = "1.22.0";
16324
16324
  const packageJson = {
16325
16325
  name,
16326
16326
  version: version$1
@@ -45352,7 +45352,7 @@ const useTheme = () => {
45352
45352
  [theme, setThemeWithSideEffect]
45353
45353
  );
45354
45354
  };
45355
- const version = "1.21.4";
45355
+ const version = "1.22.0";
45356
45356
  var [createTooltipContext] = createContextScope("Tooltip", [
45357
45357
  createPopperScope
45358
45358
  ]);
@@ -53359,6 +53359,12 @@ class SecurityAssessor extends BaseAssessor {
53359
53359
  evidence: "Tool safely reflected input without execution"
53360
53360
  };
53361
53361
  }
53362
+ if (this.isComputedMathResult(payload.payload, responseText)) {
53363
+ return {
53364
+ isVulnerable: true,
53365
+ evidence: `Tool computed math expression result instead of storing/echoing it (payload: ${payload.payload})`
53366
+ };
53367
+ }
53362
53368
  if (this.isValidationRejection(response)) {
53363
53369
  return {
53364
53370
  isVulnerable: false,
@@ -53537,6 +53543,72 @@ class SecurityAssessor extends BaseAssessor {
53537
53543
  ];
53538
53544
  return executionIndicators.some((pattern2) => pattern2.test(responseText));
53539
53545
  }
53546
+ /**
53547
+ * Check if a math expression payload was computed (execution evidence)
53548
+ * Returns true if the response contains the computed result but NOT the original expression.
53549
+ *
53550
+ * This is key evidence of execution:
53551
+ * - VULNERABLE: payload "15*37+100" → response contains "655" (computed result)
53552
+ * - SAFE: payload "15*37+100" → response contains "15*37+100" (echoed, not computed)
53553
+ *
53554
+ * Added for Issue #14: False positives on safe input reflection
53555
+ */
53556
+ isComputedMathResult(payload, responseText) {
53557
+ const simpleMathPattern = /^\s*(\d+)\s*([+\-*\/])\s*(\d+)(?:\s*([+\-*\/])\s*(\d+))?\s*$/;
53558
+ const match = payload.match(simpleMathPattern);
53559
+ if (!match) {
53560
+ return false;
53561
+ }
53562
+ try {
53563
+ const num1 = parseInt(match[1], 10);
53564
+ const op1 = match[2];
53565
+ const num2 = parseInt(match[3], 10);
53566
+ const op2 = match[4];
53567
+ const num3 = match[5] ? parseInt(match[5], 10) : void 0;
53568
+ let result;
53569
+ switch (op1) {
53570
+ case "+":
53571
+ result = num1 + num2;
53572
+ break;
53573
+ case "-":
53574
+ result = num1 - num2;
53575
+ break;
53576
+ case "*":
53577
+ result = num1 * num2;
53578
+ break;
53579
+ case "/":
53580
+ result = Math.floor(num1 / num2);
53581
+ break;
53582
+ default:
53583
+ return false;
53584
+ }
53585
+ if (op2 && num3 !== void 0) {
53586
+ switch (op2) {
53587
+ case "+":
53588
+ result = result + num3;
53589
+ break;
53590
+ case "-":
53591
+ result = result - num3;
53592
+ break;
53593
+ case "*":
53594
+ result = result * num3;
53595
+ break;
53596
+ case "/":
53597
+ result = Math.floor(result / num3);
53598
+ break;
53599
+ default:
53600
+ return false;
53601
+ }
53602
+ }
53603
+ const resultStr = result.toString();
53604
+ const hasComputedResult = responseText.includes(resultStr);
53605
+ const normalizedPayload = payload.replace(/\s+/g, "");
53606
+ const hasOriginalExpression = responseText.includes(payload) || responseText.includes(normalizedPayload);
53607
+ return hasComputedResult && !hasOriginalExpression;
53608
+ } catch {
53609
+ return false;
53610
+ }
53611
+ }
53540
53612
  /**
53541
53613
  * Perform additional security checks
53542
53614
  */
@@ -53841,7 +53913,27 @@ class SecurityAssessor extends BaseAssessor {
53841
53913
  /data.?stored.?safely/i,
53842
53914
  /without.?deserialization/i,
53843
53915
  /no.?pickle/i,
53844
- /stored.?without.?deserializ/i
53916
+ /stored.?without.?deserializ/i,
53917
+ // NEW: Hash-based sanitization patterns (Issue #14 fix)
53918
+ // These indicate the tool replaced dangerous input with safe hash identifiers
53919
+ /\[ref-[a-f0-9]+\]/i,
53920
+ // Hash-based sanitization: [ref-a1b2c3d4]
53921
+ /stored.*\[ref-/i,
53922
+ // "Expression stored: [ref-...]"
53923
+ /\[sanitized\]/i,
53924
+ // [sanitized] placeholder
53925
+ /\[redacted\]/i,
53926
+ // [redacted] placeholder
53927
+ /\[filtered\]/i,
53928
+ // [filtered] placeholder
53929
+ /\[blocked\]/i,
53930
+ // [blocked] placeholder
53931
+ /expression.*stored:/i,
53932
+ // "Expression stored:" prefix
53933
+ /input.*sanitized/i,
53934
+ // "Input sanitized"
53935
+ /content.*replaced/i
53936
+ // "Content replaced with hash"
53845
53937
  ];
53846
53938
  const hasReflection = reflectionPatterns.some(
53847
53939
  (pattern2) => pattern2.test(responseText)
@@ -59174,13 +59266,13 @@ const App = () => {
59174
59266
  ) });
59175
59267
  if (window.location.pathname === "/oauth/callback") {
59176
59268
  const OAuthCallback = React.lazy(
59177
- () => __vitePreload(() => import("./OAuthCallback-6Ra9gys1.js"), true ? [] : void 0)
59269
+ () => __vitePreload(() => import("./OAuthCallback-jmgqk_c8.js"), true ? [] : void 0)
59178
59270
  );
59179
59271
  return /* @__PURE__ */ jsxRuntimeExports.jsx(reactExports.Suspense, { fallback: /* @__PURE__ */ jsxRuntimeExports.jsx("div", { children: "Loading..." }), children: /* @__PURE__ */ jsxRuntimeExports.jsx(OAuthCallback, { onConnect: onOAuthConnect }) });
59180
59272
  }
59181
59273
  if (window.location.pathname === "/oauth/callback/debug") {
59182
59274
  const OAuthDebugCallback = React.lazy(
59183
- () => __vitePreload(() => import("./OAuthDebugCallback-B3RgloRQ.js"), true ? [] : void 0)
59275
+ () => __vitePreload(() => import("./OAuthDebugCallback-CE7fBC0F.js"), true ? [] : void 0)
59184
59276
  );
59185
59277
  return /* @__PURE__ */ jsxRuntimeExports.jsx(reactExports.Suspense, { fallback: /* @__PURE__ */ jsxRuntimeExports.jsx("div", { children: "Loading..." }), children: /* @__PURE__ */ jsxRuntimeExports.jsx(OAuthDebugCallback, { onConnect: onOAuthDebugConnect }) });
59186
59278
  }
package/dist/index.html CHANGED
@@ -5,7 +5,7 @@
5
5
  <link rel="icon" type="image/svg+xml" href="/mcp.svg" />
6
6
  <meta name="viewport" content="width=device-width, initial-scale=1.0" />
7
7
  <title>MCP Inspector</title>
8
- <script type="module" crossorigin src="/assets/index-Bf4oNKiz.js"></script>
8
+ <script type="module" crossorigin src="/assets/index-Dln9FIlO.js"></script>
9
9
  <link rel="stylesheet" crossorigin href="/assets/index-DiyPO_Zj.css">
10
10
  </head>
11
11
  <body>
package/lib/services/assessment/modules/SecurityAssessor.d.ts CHANGED
@@ -102,6 +102,17 @@ export declare class SecurityAssessor extends BaseAssessor {
102
102
  * - VULNERABLE: "SQL executed: syntax error" (error DURING execution)
103
103
  */
104
104
  private hasExecutionEvidence;
105
+ /**
106
+ * Check if a math expression payload was computed (execution evidence)
107
+ * Returns true if the response contains the computed result but NOT the original expression.
108
+ *
109
+ * This is key evidence of execution:
110
+ * - VULNERABLE: payload "15*37+100" → response contains "655" (computed result)
111
+ * - SAFE: payload "15*37+100" → response contains "15*37+100" (echoed, not computed)
112
+ *
113
+ * Added for Issue #14: False positives on safe input reflection
114
+ */
115
+ private isComputedMathResult;
105
116
  /**
106
117
  * Perform additional security checks
107
118
  */
package/lib/services/assessment/modules/SecurityAssessor.d.ts.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"SecurityAssessor.d.ts","sourceRoot":"","sources":["../../../../src/services/assessment/modules/SecurityAssessor.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;GAgBG;AAEH,OAAO,EACL,kBAAkB,EAInB,MAAM,uBAAuB,CAAC;AAC/B,OAAO,EAAE,YAAY,EAAE,MAAM,gBAAgB,CAAC;AAC9C,OAAO,EAAE,iBAAiB,EAAE,MAAM,2BAA2B,CAAC;AAc9D,qBAAa,gBAAiB,SAAQ,YAAY;IAChD,OAAO,CAAC,iBAAiB,CAAuC;IAC1D,MAAM,CAAC,OAAO,EAAE,iBAAiB,GAAG,OAAO,CAAC,kBAAkB,CAAC;IAuFrE;;OAEG;IACH,OAAO,CAAC,qBAAqB;IAkC7B;;;;OAIG;YACW,yBAAyB;IAuKvC;;;;OAIG;YACW,qBAAqB;IA4JnC;;OAEG;YACW,WAAW;IA2HzB;;;;;OAKG;IACH,OAAO,CAAC,iBAAiB;IAgDzB;;;OAGG;IACH,OAAO,CAAC,8BAA8B;IAiDtC;;OAEG;IACH,OAAO,CAAC,aAAa;IA+BrB;;OAEG;IACH,OAAO,CAAC,0BAA0B;IAgClC;;;OAGG;IACH,OAAO,CAAC,eAAe;IA6HvB;;;;;;;OAOG;IACH,OAAO,CAAC,qBAAqB;IAiE7B;;;;;;;;;OASG;IACH,OAAO,CAAC,oBAAoB;IAqC5B;;;;;OAKG;IACH,OAAO,CAAC,mBAAmB;IAsB3B;;;;;;;OAOG;IACH,OAAO,CAAC,oBAAoB;IAkC5B;;OAEG;YACW,+BAA+B;IAiC7C;;OAEG;IACH,OAAO,CAAC,yBAAyB;IAYjC;;OAEG;IACH,OAAO,CAAC,uBAAuB;IA0B/B;;OAEG;IACH,OAAO,CAAC,2BAA2B;IAkEnC;;;OAGG;IACH,OAAO,CAAC,mBAAmB;IAuI3B;;;OAGG;IACH,OAAO,CAAC,oBAAoB;IAsB5B;;;;;;;;;;;;OAYG;IACH,OAAO,CAAC,oBAAoB;IAwM5B;;;;;;;;;OASG;IACH,OAAO,CAAC,wBAAwB;IAwDhC;;;OAGG;IACH,OAAO,CAAC,8BAA8B;IAuBtC;;;OAGG;IACH,OAAO,CAAC,wBAAwB;IA8BhC;;OAEG;IACH,OAAO,CAAC,sBAAsB;IAW9B;;OAEG;IACH,OAAO,CAAC,kBAAkB;IAO1B,OAAO,CAAC,oBAAoB;IAoH5B;;OAEG;IACH,OAAO,CAAC,YAAY;IASpB;;;OAGG;IACH,OAAO,CAAC,eAAe;IASvB;;;OAGG;IACH,OAAO,CAAC,sBAAsB;IAiB9B;;;OAGG;IACH,OAAO,CAAC,kBAAkB;CAmB3B"}
1
+ {"version":3,"file":"SecurityAssessor.d.ts","sourceRoot":"","sources":["../../../../src/services/assessment/modules/SecurityAssessor.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;GAgBG;AAEH,OAAO,EACL,kBAAkB,EAInB,MAAM,uBAAuB,CAAC;AAC/B,OAAO,EAAE,YAAY,EAAE,MAAM,gBAAgB,CAAC;AAC9C,OAAO,EAAE,iBAAiB,EAAE,MAAM,2BAA2B,CAAC;AAc9D,qBAAa,gBAAiB,SAAQ,YAAY;IAChD,OAAO,CAAC,iBAAiB,CAAuC;IAC1D,MAAM,CAAC,OAAO,EAAE,iBAAiB,GAAG,OAAO,CAAC,kBAAkB,CAAC;IAuFrE;;OAEG;IACH,OAAO,CAAC,qBAAqB;IAkC7B;;;;OAIG;YACW,yBAAyB;IAuKvC;;;;OAIG;YACW,qBAAqB;IA4JnC;;OAEG;YACW,WAAW;IA2HzB;;;;;OAKG;IACH,OAAO,CAAC,iBAAiB;IAgDzB;;;OAGG;IACH,OAAO,CAAC,8BAA8B;IAiDtC;;OAEG;IACH,OAAO,CAAC,aAAa;IA+BrB;;OAEG;IACH,OAAO,CAAC,0BAA0B;IAgClC;;;OAGG;IACH,OAAO,CAAC,eAAe;IAuIvB;;;;;;;OAOG;IACH,OAAO,CAAC,qBAAqB;IAiE7B;;;;;;;;;OASG;IACH,OAAO,CAAC,oBAAoB;IAqC5B;;;;;OAKG;IACH,OAAO,CAAC,mBAAmB;IAsB3B;;;;;;;OAOG;IACH,OAAO,CAAC,oBAAoB;IAkC5B;;;;;;;;;OASG;IACH,OAAO,CAAC,oBAAoB;IA6E5B;;OAEG;YACW,+BAA+B;IAiC7C;;OAEG;IACH,OAAO,CAAC,yBAAyB;IAYjC;;OAEG;IACH,OAAO,CAAC,uBAAuB;IA0B/B;;OAEG;IACH,OAAO,CAAC,2BAA2B;IAkEnC;;;OAGG;IACH,OAAO,CAAC,mBAAmB;IAuI3B;;;OAGG;IACH,OAAO,CAAC,oBAAoB;IAsB5B;;;;;;;;;;;;OAYG;IACH,OAAO,CAAC,oBAAoB;IAoN5B;;;;;;;;;OASG;IACH,OAAO,CAAC,wBAAwB;IAwDhC;;;OAGG;IACH,OAAO,CAAC,8BAA8B;IAuBtC;;;OAGG;IACH,OAAO,CAAC,wBAAwB;IA8BhC;;OAEG;IACH,OAAO,CAAC,sBAAsB;IAW9B;;OAEG;IACH,OAAO,CAAC,kBAAkB;IAO1B,OAAO,CAAC,oBAAoB;IAoH5B;;OAEG;IACH,OAAO,CAAC,YAAY;IASpB;;;OAGG;IACH,OAAO,CAAC,eAAe;IASvB;;;OAGG;IACH,OAAO,CAAC,sBAAsB;IAiB9B;;;OAGG;IACH,OAAO,CAAC,kBAAkB;CAmB3B"}
package/lib/services/assessment/modules/SecurityAssessor.js CHANGED
@@ -646,6 +646,15 @@ export class SecurityAssessor extends BaseAssessor {
646
646
  }
647
647
  // Response doesn't match reflection patterns - continue checking
648
648
  // Falls through - might be execution (with or without echo of input)
649
+ // ✅ STEP 1.7: Check for computed math results (Issue #14 fix)
650
+ // If payload is a math expression and response contains the computed result
651
+ // (but NOT the original expression), that's evidence of execution
652
+ if (this.isComputedMathResult(payload.payload, responseText)) {
653
+ return {
654
+ isVulnerable: true,
655
+ evidence: `Tool computed math expression result instead of storing/echoing it (payload: ${payload.payload})`,
656
+ };
657
+ }
649
658
  // ✅ STEP 2: Check if tool explicitly rejected the input (SAFE)
650
659
  // CRITICAL: Check this BEFORE evidence matching to prevent false positives
651
660
  // Tools that reject invalid input are secure, regardless of error message content
@@ -849,6 +858,84 @@ export class SecurityAssessor extends BaseAssessor {
849
858
  ];
850
859
  return executionIndicators.some((pattern) => pattern.test(responseText));
851
860
  }
861
+ /**
862
+ * Check if a math expression payload was computed (execution evidence)
863
+ * Returns true if the response contains the computed result but NOT the original expression.
864
+ *
865
+ * This is key evidence of execution:
866
+ * - VULNERABLE: payload "15*37+100" → response contains "655" (computed result)
867
+ * - SAFE: payload "15*37+100" → response contains "15*37+100" (echoed, not computed)
868
+ *
869
+ * Added for Issue #14: False positives on safe input reflection
870
+ */
871
+ isComputedMathResult(payload, responseText) {
872
+ // Check if payload looks like a simple math expression
873
+ // Matches: "2+2", "15*37+100", "10/2", "5-3", etc.
874
+ const simpleMathPattern = /^\s*(\d+)\s*([+\-*\/])\s*(\d+)(?:\s*([+\-*\/])\s*(\d+))?\s*$/;
875
+ const match = payload.match(simpleMathPattern);
876
+ if (!match) {
877
+ return false; // Not a simple math expression
878
+ }
879
+ // Try to safely evaluate the expression
880
+ try {
881
+ // Parse numbers and operators manually (avoid eval)
882
+ const num1 = parseInt(match[1], 10);
883
+ const op1 = match[2];
884
+ const num2 = parseInt(match[3], 10);
885
+ const op2 = match[4];
886
+ const num3 = match[5] ? parseInt(match[5], 10) : undefined;
887
+ let result;
888
+ // Calculate first operation
889
+ switch (op1) {
890
+ case "+":
891
+ result = num1 + num2;
892
+ break;
893
+ case "-":
894
+ result = num1 - num2;
895
+ break;
896
+ case "*":
897
+ result = num1 * num2;
898
+ break;
899
+ case "/":
900
+ result = Math.floor(num1 / num2);
901
+ break;
902
+ default:
903
+ return false;
904
+ }
905
+ // Calculate second operation if present (left-to-right, no precedence)
906
+ if (op2 && num3 !== undefined) {
907
+ switch (op2) {
908
+ case "+":
909
+ result = result + num3;
910
+ break;
911
+ case "-":
912
+ result = result - num3;
913
+ break;
914
+ case "*":
915
+ result = result * num3;
916
+ break;
917
+ case "/":
918
+ result = Math.floor(result / num3);
919
+ break;
920
+ default:
921
+ return false;
922
+ }
923
+ }
924
+ // Check if response contains the computed result
925
+ const resultStr = result.toString();
926
+ const hasComputedResult = responseText.includes(resultStr);
927
+ // Check if response also contains the original expression (reflection)
928
+ const normalizedPayload = payload.replace(/\s+/g, "");
929
+ const hasOriginalExpression = responseText.includes(payload) ||
930
+ responseText.includes(normalizedPayload);
931
+ // Vulnerable if: has computed result AND does NOT have original expression
932
+ // This means the tool executed the expression instead of just echoing it
933
+ return hasComputedResult && !hasOriginalExpression;
934
+ }
935
+ catch {
936
+ return false;
937
+ }
938
+ }
852
939
  /**
853
940
  * Perform additional security checks
854
941
  */
@@ -1195,6 +1282,17 @@ export class SecurityAssessor extends BaseAssessor {
1195
1282
  /without.?deserialization/i,
1196
1283
  /no.?pickle/i,
1197
1284
  /stored.?without.?deserializ/i,
1285
+ // NEW: Hash-based sanitization patterns (Issue #14 fix)
1286
+ // These indicate the tool replaced dangerous input with safe hash identifiers
1287
+ /\[ref-[a-f0-9]+\]/i, // Hash-based sanitization: [ref-a1b2c3d4]
1288
+ /stored.*\[ref-/i, // "Expression stored: [ref-...]"
1289
+ /\[sanitized\]/i, // [sanitized] placeholder
1290
+ /\[redacted\]/i, // [redacted] placeholder
1291
+ /\[filtered\]/i, // [filtered] placeholder
1292
+ /\[blocked\]/i, // [blocked] placeholder
1293
+ /expression.*stored:/i, // "Expression stored:" prefix
1294
+ /input.*sanitized/i, // "Input sanitized"
1295
+ /content.*replaced/i, // "Content replaced with hash"
1198
1296
  ];
1199
1297
  // LAYER 1: Check for reflection/status patterns
1200
1298
  const hasReflection = reflectionPatterns.some((pattern) => pattern.test(responseText));
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "@bryan-thompson/inspector-assessment-client",
3
- "version": "1.21.5",
3
+ "version": "1.22.1",
4
4
  "description": "Client-side application for the Enhanced MCP Inspector with assessment capabilities",
5
5
  "license": "MIT",
6
6
  "author": "Bryan Thompson <bryan@triepod.ai>",