@bryan-thompson/inspector-assessment-client 1.26.6 → 1.27.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/assets/{OAuthCallback-CCWVtjr7.js → OAuthCallback-CJWH8Ytw.js} +1 -1
- package/dist/assets/{OAuthDebugCallback-DqbXfUi4.js → OAuthDebugCallback-DL5adXJw.js} +1 -1
- package/dist/assets/{index-CsDJSSWq.js → index-Cu9XzUwB.js} +4 -4
- package/dist/index.html +1 -1
- package/lib/lib/assessment/configTypes.d.ts +2 -0
- package/lib/lib/assessment/configTypes.d.ts.map +1 -1
- package/lib/lib/securityPatterns.d.ts +4 -2
- package/lib/lib/securityPatterns.d.ts.map +1 -1
- package/lib/lib/securityPatterns.js +146 -2
- package/lib/services/assessment/modules/AUPComplianceAssessor.js +9 -9
- package/lib/services/assessment/modules/AuthenticationAssessor.js +4 -4
- package/lib/services/assessment/modules/BaseAssessor.d.ts +0 -14
- package/lib/services/assessment/modules/BaseAssessor.d.ts.map +1 -1
- package/lib/services/assessment/modules/BaseAssessor.js +1 -33
- package/lib/services/assessment/modules/CrossCapabilitySecurityAssessor.js +1 -1
- package/lib/services/assessment/modules/DeveloperExperienceAssessor.js +1 -1
- package/lib/services/assessment/modules/DocumentationAssessor.js +2 -2
- package/lib/services/assessment/modules/ErrorHandlingAssessor.d.ts +25 -0
- package/lib/services/assessment/modules/ErrorHandlingAssessor.d.ts.map +1 -1
- package/lib/services/assessment/modules/ErrorHandlingAssessor.js +127 -13
- package/lib/services/assessment/modules/ExternalAPIScannerAssessor.d.ts.map +1 -1
- package/lib/services/assessment/modules/ExternalAPIScannerAssessor.js +3 -3
- package/lib/services/assessment/modules/FunctionalityAssessor.js +9 -9
- package/lib/services/assessment/modules/MCPSpecComplianceAssessor.d.ts.map +1 -1
- package/lib/services/assessment/modules/MCPSpecComplianceAssessor.js +12 -12
- package/lib/services/assessment/modules/ManifestValidationAssessor.d.ts.map +1 -1
- package/lib/services/assessment/modules/ManifestValidationAssessor.js +9 -5
- package/lib/services/assessment/modules/PortabilityAssessor.d.ts.map +1 -1
- package/lib/services/assessment/modules/PortabilityAssessor.js +3 -3
- package/lib/services/assessment/modules/ProhibitedLibrariesAssessor.js +4 -4
- package/lib/services/assessment/modules/PromptAssessor.js +2 -2
- package/lib/services/assessment/modules/ProtocolComplianceAssessor.d.ts.map +1 -1
- package/lib/services/assessment/modules/ProtocolComplianceAssessor.js +7 -7
- package/lib/services/assessment/modules/ProtocolConformanceAssessor.js +1 -1
- package/lib/services/assessment/modules/ResourceAssessor.js +1 -1
- package/lib/services/assessment/modules/SecurityAssessor.d.ts +25 -2
- package/lib/services/assessment/modules/SecurityAssessor.d.ts.map +1 -1
- package/lib/services/assessment/modules/SecurityAssessor.js +149 -17
- package/lib/services/assessment/modules/TemporalAssessor.d.ts.map +1 -1
- package/lib/services/assessment/modules/TemporalAssessor.js +10 -10
- package/lib/services/assessment/modules/ToolAnnotationAssessor.js +9 -9
- package/lib/services/assessment/modules/UsabilityAssessor.js +1 -1
- package/lib/services/assessment/modules/annotations/DescriptionPoisoningDetector.d.ts.map +1 -1
- package/lib/services/assessment/modules/annotations/DescriptionPoisoningDetector.js +37 -0
- package/lib/services/assessment/modules/index.d.ts +3 -0
- package/lib/services/assessment/modules/index.d.ts.map +1 -1
- package/lib/services/assessment/modules/securityTests/ChainExecutionTester.d.ts +104 -0
- package/lib/services/assessment/modules/securityTests/ChainExecutionTester.d.ts.map +1 -0
- package/lib/services/assessment/modules/securityTests/ChainExecutionTester.js +257 -0
- package/lib/services/assessment/modules/securityTests/CrossToolStateTester.d.ts +91 -0
- package/lib/services/assessment/modules/securityTests/CrossToolStateTester.d.ts.map +1 -0
- package/lib/services/assessment/modules/securityTests/CrossToolStateTester.js +225 -0
- package/lib/services/assessment/modules/securityTests/SecurityPatternLibrary.d.ts +120 -0
- package/lib/services/assessment/modules/securityTests/SecurityPatternLibrary.d.ts.map +1 -1
- package/lib/services/assessment/modules/securityTests/SecurityPatternLibrary.js +338 -0
- package/lib/services/assessment/modules/securityTests/SecurityResponseAnalyzer.d.ts +59 -0
- package/lib/services/assessment/modules/securityTests/SecurityResponseAnalyzer.d.ts.map +1 -1
- package/lib/services/assessment/modules/securityTests/SecurityResponseAnalyzer.js +168 -0
- package/lib/services/assessment/modules/securityTests/index.d.ts +3 -1
- package/lib/services/assessment/modules/securityTests/index.d.ts.map +1 -1
- package/lib/services/assessment/modules/securityTests/index.js +2 -0
- package/package.json +1 -1
|
@@ -4,9 +4,18 @@
|
|
|
4
4
|
*/
|
|
5
5
|
import { BaseAssessor } from "./BaseAssessor.js";
|
|
6
6
|
import { createConcurrencyLimit } from "../lib/concurrencyLimit.js";
|
|
7
|
+
import { ExecutionArtifactDetector } from "./securityTests/ExecutionArtifactDetector.js";
|
|
8
|
+
import { SafeResponseDetector } from "./securityTests/SafeResponseDetector.js";
|
|
7
9
|
export class ErrorHandlingAssessor extends BaseAssessor {
|
|
10
|
+
executionDetector;
|
|
11
|
+
safeResponseDetector;
|
|
12
|
+
constructor(config) {
|
|
13
|
+
super(config);
|
|
14
|
+
this.executionDetector = new ExecutionArtifactDetector();
|
|
15
|
+
this.safeResponseDetector = new SafeResponseDetector();
|
|
16
|
+
}
|
|
8
17
|
async assess(context) {
|
|
9
|
-
this.
|
|
18
|
+
this.logger.info("Starting error handling assessment");
|
|
10
19
|
const testDetails = [];
|
|
11
20
|
let passedTests = 0;
|
|
12
21
|
// Test a sample of tools for error handling
|
|
@@ -14,7 +23,7 @@ export class ErrorHandlingAssessor extends BaseAssessor {
|
|
|
14
23
|
// Parallel tool testing with concurrency limit
|
|
15
24
|
const concurrency = this.config.maxParallelTests ?? 5;
|
|
16
25
|
const limit = createConcurrencyLimit(concurrency, this.logger);
|
|
17
|
-
this.
|
|
26
|
+
this.logger.info(`Testing ${toolsToTest.length} tools for error handling with concurrency limit of ${concurrency}`);
|
|
18
27
|
const allToolTests = await Promise.all(toolsToTest.map((tool) => limit(async () => {
|
|
19
28
|
const toolTests = await this.testToolErrorHandling(tool, context.callTool);
|
|
20
29
|
// Add delay between tests to avoid rate limiting
|
|
@@ -50,34 +59,34 @@ export class ErrorHandlingAssessor extends BaseAssessor {
|
|
|
50
59
|
if (this.config.selectedToolsForTesting !== undefined) {
|
|
51
60
|
// Warn if deprecated maxToolsToTestForErrors is also set
|
|
52
61
|
if (this.config.maxToolsToTestForErrors !== undefined) {
|
|
53
|
-
this.
|
|
62
|
+
this.logger.info(`Warning: Both selectedToolsForTesting and maxToolsToTestForErrors are set. ` +
|
|
54
63
|
`Using selectedToolsForTesting (maxToolsToTestForErrors is deprecated).`);
|
|
55
64
|
}
|
|
56
65
|
const selectedNames = new Set(this.config.selectedToolsForTesting);
|
|
57
66
|
const selectedTools = tools.filter((tool) => selectedNames.has(tool.name));
|
|
58
67
|
// Empty array means user explicitly selected 0 tools
|
|
59
68
|
if (this.config.selectedToolsForTesting.length === 0) {
|
|
60
|
-
this.
|
|
69
|
+
this.logger.info(`User selected 0 tools for error handling - skipping tests`);
|
|
61
70
|
return [];
|
|
62
71
|
}
|
|
63
72
|
// If no tools matched the names (config out of sync), log warning but respect selection
|
|
64
73
|
if (selectedTools.length === 0) {
|
|
65
|
-
this.
|
|
74
|
+
this.logger.info(`Warning: No tools matched selection (${this.config.selectedToolsForTesting.join(", ")})`);
|
|
66
75
|
return [];
|
|
67
76
|
}
|
|
68
|
-
this.
|
|
77
|
+
this.logger.info(`Testing ${selectedTools.length} selected tools out of ${tools.length} for error handling`);
|
|
69
78
|
return selectedTools;
|
|
70
79
|
}
|
|
71
80
|
// Backward compatibility: use old maxToolsToTestForErrors configuration
|
|
72
81
|
const configLimit = this.config.maxToolsToTestForErrors;
|
|
73
82
|
// If -1, test all tools
|
|
74
83
|
if (configLimit === -1) {
|
|
75
|
-
this.
|
|
84
|
+
this.logger.info(`Testing all ${tools.length} tools for error handling`);
|
|
76
85
|
return tools;
|
|
77
86
|
}
|
|
78
87
|
// Otherwise use the configured limit (default to 5 if not set)
|
|
79
88
|
const maxTools = Math.min(configLimit ?? 5, tools.length);
|
|
80
|
-
this.
|
|
89
|
+
this.logger.info(`Testing ${maxTools} out of ${tools.length} tools for error handling`);
|
|
81
90
|
return tools.slice(0, maxTools);
|
|
82
91
|
}
|
|
83
92
|
async testToolErrorHandling(tool, callTool) {
|
|
@@ -428,17 +437,122 @@ export class ErrorHandlingAssessor extends BaseAssessor {
|
|
|
428
437
|
return params;
|
|
429
438
|
}
|
|
430
439
|
// isErrorResponse and extractErrorInfo moved to BaseAssessor for reuse across all assessors
|
|
440
|
+
/**
|
|
441
|
+
* Analyze invalid_values response to determine scoring impact
|
|
442
|
+
* Issue #99: Contextual empty string validation scoring
|
|
443
|
+
*
|
|
444
|
+
* Classifications:
|
|
445
|
+
* - safe_rejection: Tool rejected with error (no penalty)
|
|
446
|
+
* - safe_reflection: Tool stored/echoed without executing (no penalty)
|
|
447
|
+
* - defensive_programming: Tool handled gracefully (no penalty)
|
|
448
|
+
* - execution_detected: Tool executed input (penalty)
|
|
449
|
+
* - unknown: Cannot determine (partial penalty)
|
|
450
|
+
*/
|
|
451
|
+
analyzeInvalidValuesResponse(test) {
|
|
452
|
+
const responseText = this.extractResponseTextSafe(test.actualResponse.rawResponse);
|
|
453
|
+
// Case 1: Tool rejected with error - best case (no penalty)
|
|
454
|
+
if (test.actualResponse.isError) {
|
|
455
|
+
return {
|
|
456
|
+
shouldPenalize: false,
|
|
457
|
+
penaltyAmount: 0,
|
|
458
|
+
classification: "safe_rejection",
|
|
459
|
+
reason: "Tool properly rejected invalid input",
|
|
460
|
+
};
|
|
461
|
+
}
|
|
462
|
+
// Case 2: Defensive programming patterns (no penalty)
|
|
463
|
+
// Check BEFORE execution detection because patterns like "query returned 0"
|
|
464
|
+
// might match execution indicators but are actually safe
|
|
465
|
+
if (this.isDefensiveProgrammingResponse(responseText)) {
|
|
466
|
+
return {
|
|
467
|
+
shouldPenalize: false,
|
|
468
|
+
penaltyAmount: 0,
|
|
469
|
+
classification: "defensive_programming",
|
|
470
|
+
reason: "Tool handled empty input defensively",
|
|
471
|
+
};
|
|
472
|
+
}
|
|
473
|
+
// Case 3: Safe reflection patterns (no penalty)
|
|
474
|
+
if (this.safeResponseDetector.isReflectionResponse(responseText)) {
|
|
475
|
+
return {
|
|
476
|
+
shouldPenalize: false,
|
|
477
|
+
penaltyAmount: 0,
|
|
478
|
+
classification: "safe_reflection",
|
|
479
|
+
reason: "Tool safely reflected input without execution",
|
|
480
|
+
};
|
|
481
|
+
}
|
|
482
|
+
// Case 4: Check for execution evidence - VULNERABLE (full penalty)
|
|
483
|
+
if (this.executionDetector.hasExecutionEvidence(responseText) ||
|
|
484
|
+
this.executionDetector.detectExecutionArtifacts(responseText)) {
|
|
485
|
+
return {
|
|
486
|
+
shouldPenalize: true,
|
|
487
|
+
penaltyAmount: 100,
|
|
488
|
+
classification: "execution_detected",
|
|
489
|
+
reason: "Tool executed input without validation",
|
|
490
|
+
};
|
|
491
|
+
}
|
|
492
|
+
// Case 5: Unknown - partial penalty for manual review
|
|
493
|
+
return {
|
|
494
|
+
shouldPenalize: true,
|
|
495
|
+
penaltyAmount: 25,
|
|
496
|
+
classification: "unknown",
|
|
497
|
+
reason: "Unable to determine safety - manual review recommended",
|
|
498
|
+
};
|
|
499
|
+
}
|
|
500
|
+
/**
|
|
501
|
+
* Safely extract response text from various response formats
|
|
502
|
+
*/
|
|
503
|
+
extractResponseTextSafe(rawResponse) {
|
|
504
|
+
if (typeof rawResponse === "string")
|
|
505
|
+
return rawResponse;
|
|
506
|
+
if (rawResponse && typeof rawResponse === "object") {
|
|
507
|
+
const resp = rawResponse;
|
|
508
|
+
if (resp.content && Array.isArray(resp.content)) {
|
|
509
|
+
return resp.content
|
|
510
|
+
.map((c) => (c.type === "text" ? c.text : ""))
|
|
511
|
+
.join(" ");
|
|
512
|
+
}
|
|
513
|
+
return JSON.stringify(rawResponse);
|
|
514
|
+
}
|
|
515
|
+
return String(rawResponse || "");
|
|
516
|
+
}
|
|
517
|
+
/**
|
|
518
|
+
* Check for defensive programming patterns - tool accepted but caused no harm
|
|
519
|
+
* Examples: "Deleted 0 keys", "No results found", "Query returned 0"
|
|
520
|
+
*/
|
|
521
|
+
isDefensiveProgrammingResponse(responseText) {
|
|
522
|
+
// Patterns for safe "no-op" responses where tool handled empty input gracefully
|
|
523
|
+
// Use word boundaries (\b) to avoid matching numbers like "10" or "15"
|
|
524
|
+
const patterns = [
|
|
525
|
+
/deleted\s+0\s+(keys?|records?|rows?|items?)/i,
|
|
526
|
+
/no\s+(results?|matches?|items?)\s+found/i,
|
|
527
|
+
/\b0\s+items?\s+(deleted|updated|processed)/i, // \b prevents matching "10 items"
|
|
528
|
+
/nothing\s+to\s+(delete|update|process)/i,
|
|
529
|
+
/empty\s+(result|response|query)/i,
|
|
530
|
+
/no\s+action\s+taken/i,
|
|
531
|
+
/query\s+returned\s+0\b/i, // \b prevents matching "query returned 05" etc.
|
|
532
|
+
];
|
|
533
|
+
return patterns.some((p) => p.test(responseText));
|
|
534
|
+
}
|
|
431
535
|
calculateMetrics(tests, _passed) {
|
|
432
536
|
// Calculate enhanced score with bonus points for quality
|
|
433
537
|
let enhancedScore = 0;
|
|
434
538
|
let maxPossibleScore = 0;
|
|
435
539
|
tests.forEach((test) => {
|
|
436
|
-
//
|
|
437
|
-
//
|
|
438
|
-
//
|
|
439
|
-
//
|
|
540
|
+
// Issue #99: Contextual scoring for invalid_values tests
|
|
541
|
+
// Instead of blanket exclusion, analyze response patterns to determine if
|
|
542
|
+
// the tool safely handled empty strings (defensive programming, reflection)
|
|
543
|
+
// or if it executed without validation (security concern).
|
|
440
544
|
if (test.testType === "invalid_values") {
|
|
441
|
-
|
|
545
|
+
const analysis = this.analyzeInvalidValuesResponse(test);
|
|
546
|
+
if (!analysis.shouldPenalize) {
|
|
547
|
+
// Safe response (rejection, reflection, or defensive programming)
|
|
548
|
+
// Skip scoring to preserve backward compatibility for well-behaved tools
|
|
549
|
+
return;
|
|
550
|
+
}
|
|
551
|
+
// Execution detected or unknown - include in scoring with penalty
|
|
552
|
+
maxPossibleScore += 100;
|
|
553
|
+
const scoreEarned = 100 * (1 - analysis.penaltyAmount / 100);
|
|
554
|
+
enhancedScore += test.passed ? scoreEarned : 0;
|
|
555
|
+
return;
|
|
442
556
|
}
|
|
443
557
|
maxPossibleScore += 100; // Base score for each test
|
|
444
558
|
if (test.passed) {
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"ExternalAPIScannerAssessor.d.ts","sourceRoot":"","sources":["../../../../src/services/assessment/modules/ExternalAPIScannerAssessor.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;GAUG;AAEH,OAAO,EAAE,YAAY,EAAE,MAAM,gBAAgB,CAAC;AAC9C,OAAO,KAAK,EAAE,iBAAiB,EAAE,MAAM,2BAA2B,CAAC;AACnE,OAAO,KAAK,EAEV,4BAA4B,EAE7B,MAAM,uBAAuB,CAAC;AAmE/B,qBAAa,0BAA2B,SAAQ,YAAY;IACpD,MAAM,CACV,OAAO,EAAE,iBAAiB,GACzB,OAAO,CAAC,4BAA4B,CAAC;
|
|
1
|
+
{"version":3,"file":"ExternalAPIScannerAssessor.d.ts","sourceRoot":"","sources":["../../../../src/services/assessment/modules/ExternalAPIScannerAssessor.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;GAUG;AAEH,OAAO,EAAE,YAAY,EAAE,MAAM,gBAAgB,CAAC;AAC9C,OAAO,KAAK,EAAE,iBAAiB,EAAE,MAAM,2BAA2B,CAAC;AACnE,OAAO,KAAK,EAEV,4BAA4B,EAE7B,MAAM,uBAAuB,CAAC;AAmE/B,qBAAa,0BAA2B,SAAQ,YAAY;IACpD,MAAM,CACV,OAAO,EAAE,iBAAiB,GACzB,OAAO,CAAC,4BAA4B,CAAC;IA+DxC;;OAEG;IACH,OAAO,CAAC,cAAc;IAItB;;OAEG;IACH,OAAO,CAAC,eAAe;IA0BvB;;OAEG;IACH,OAAO,CAAC,aAAa;IAIrB;;OAEG;IACH,OAAO,CAAC,QAAQ;IAIhB;;OAEG;IACH,OAAO,CAAC,eAAe;IASvB;;OAEG;IACH,OAAO,CAAC,gBAAgB;IAsBxB;;OAEG;IACH,OAAO,CAAC,aAAa;IAcrB;;OAEG;IACH,OAAO,CAAC,mBAAmB;IAyB3B;;OAEG;IACH,OAAO,CAAC,uBAAuB;IA2B/B;;OAEG;IACH,OAAO,CAAC,oBAAoB;CAa7B"}
|
|
@@ -74,13 +74,13 @@ const SKIP_FILE_PATTERNS = [
|
|
|
74
74
|
];
|
|
75
75
|
export class ExternalAPIScannerAssessor extends BaseAssessor {
|
|
76
76
|
async assess(context) {
|
|
77
|
-
this.
|
|
77
|
+
this.logger.info("Starting external API scanner assessment");
|
|
78
78
|
this.resetTestCount();
|
|
79
79
|
const detectedAPIs = [];
|
|
80
80
|
let scannedFiles = 0;
|
|
81
81
|
// Check if source code analysis is enabled
|
|
82
82
|
if (!context.sourceCodeFiles || !context.config.enableSourceCodeAnalysis) {
|
|
83
|
-
this.
|
|
83
|
+
this.logger.info("Source code analysis not enabled, skipping external API scan");
|
|
84
84
|
return this.createNoSourceResult();
|
|
85
85
|
}
|
|
86
86
|
// Scan each source file
|
|
@@ -100,7 +100,7 @@ export class ExternalAPIScannerAssessor extends BaseAssessor {
|
|
|
100
100
|
const status = this.computeStatus(detectedAPIs, affiliationWarning);
|
|
101
101
|
const explanation = this.generateExplanation(detectedAPIs, uniqueServices, affiliationWarning, scannedFiles);
|
|
102
102
|
const recommendations = this.generateRecommendations(uniqueServices, affiliationWarning);
|
|
103
|
-
this.
|
|
103
|
+
this.logger.info(`External API scan complete: ${detectedAPIs.length} APIs found in ${scannedFiles} files`);
|
|
104
104
|
return {
|
|
105
105
|
detectedAPIs,
|
|
106
106
|
uniqueServices,
|
|
@@ -23,23 +23,23 @@ export class FunctionalityAssessor extends BaseAssessor {
|
|
|
23
23
|
const selectedTools = tools.filter((tool) => selectedNames.has(tool.name));
|
|
24
24
|
// Empty array means user explicitly selected 0 tools
|
|
25
25
|
if (this.config.selectedToolsForTesting.length === 0) {
|
|
26
|
-
this.
|
|
26
|
+
this.logger.info(`User selected 0 tools for functionality testing - skipping tests`);
|
|
27
27
|
return [];
|
|
28
28
|
}
|
|
29
29
|
// If no tools matched the names (config out of sync), log warning but respect selection
|
|
30
30
|
if (selectedTools.length === 0) {
|
|
31
|
-
this.
|
|
31
|
+
this.logger.info(`Warning: No tools matched selection (${this.config.selectedToolsForTesting.join(", ")})`);
|
|
32
32
|
return [];
|
|
33
33
|
}
|
|
34
|
-
this.
|
|
34
|
+
this.logger.info(`Testing ${selectedTools.length} selected tools out of ${tools.length} for functionality`);
|
|
35
35
|
return selectedTools;
|
|
36
36
|
}
|
|
37
37
|
// Default: test all tools
|
|
38
|
-
this.
|
|
38
|
+
this.logger.info(`Testing all ${tools.length} tools for functionality`);
|
|
39
39
|
return tools;
|
|
40
40
|
}
|
|
41
41
|
async assess(context) {
|
|
42
|
-
this.
|
|
42
|
+
this.logger.info(`Starting functionality assessment${this.config.reviewerMode ? " (reviewer mode - quick verification)" : ""}`);
|
|
43
43
|
const toolResults = [];
|
|
44
44
|
const brokenTools = [];
|
|
45
45
|
let workingTools = 0;
|
|
@@ -71,7 +71,7 @@ export class FunctionalityAssessor extends BaseAssessor {
|
|
|
71
71
|
batchCount = 0;
|
|
72
72
|
lastBatchTime = Date.now();
|
|
73
73
|
};
|
|
74
|
-
this.
|
|
74
|
+
this.logger.info(`Testing ${toolsToTest.length} tools with concurrency limit of ${concurrency}`);
|
|
75
75
|
const results = await Promise.all(toolsToTest.map((tool) => limit(async () => {
|
|
76
76
|
this.testCount++;
|
|
77
77
|
completedTests++;
|
|
@@ -103,7 +103,7 @@ export class FunctionalityAssessor extends BaseAssessor {
|
|
|
103
103
|
else if (result.status === "broken") {
|
|
104
104
|
brokenTools.push(result.toolName);
|
|
105
105
|
if (this.config.skipBrokenTools) {
|
|
106
|
-
this.
|
|
106
|
+
this.logger.info(`Skipping further tests for broken tool: ${result.toolName}`);
|
|
107
107
|
}
|
|
108
108
|
}
|
|
109
109
|
}
|
|
@@ -141,7 +141,7 @@ export class FunctionalityAssessor extends BaseAssessor {
|
|
|
141
141
|
const cleanedParams = schema
|
|
142
142
|
? cleanParams(testParams, schema)
|
|
143
143
|
: testParams;
|
|
144
|
-
this.
|
|
144
|
+
this.logger.info(`Testing tool: ${tool.name} with params: ${JSON.stringify(cleanedParams)}`);
|
|
145
145
|
// Execute tool with timeout
|
|
146
146
|
const response = await this.executeWithTimeout(callTool(tool.name, cleanedParams), this.config.testTimeout);
|
|
147
147
|
const executionTime = Date.now() - startTime;
|
|
@@ -197,7 +197,7 @@ export class FunctionalityAssessor extends BaseAssessor {
|
|
|
197
197
|
};
|
|
198
198
|
}
|
|
199
199
|
catch (error) {
|
|
200
|
-
this.
|
|
200
|
+
this.logger.error(`Tool execution failed: ${tool.name}`, { error });
|
|
201
201
|
return {
|
|
202
202
|
toolName: tool.name,
|
|
203
203
|
tested: true,
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"MCPSpecComplianceAssessor.d.ts","sourceRoot":"","sources":["../../../../src/services/assessment/modules/MCPSpecComplianceAssessor.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAEH,OAAO,EACL,2BAA2B,EAM3B,uBAAuB,EAKxB,MAAM,uBAAuB,CAAC;AAO/B,OAAO,EAAE,YAAY,EAAE,MAAM,gBAAgB,CAAC;AAC9C,OAAO,EAAE,iBAAiB,EAAE,MAAM,2BAA2B,CAAC;AAE9D;;GAEG;AACH,qBAAa,yBAA0B,SAAQ,YAAY;IACzD,OAAO,CAAC,GAAG,CAAc;gBAEb,MAAM,EAAE,uBAAuB;IAa3C;;;OAGG;IACG,MAAM,CACV,OAAO,EAAE,iBAAiB,GACzB,OAAO,CAAC,2BAA2B,CAAC;IAyHvC;;OAEG;IACH,OAAO,CAAC,sBAAsB;
|
|
1
|
+
{"version":3,"file":"MCPSpecComplianceAssessor.d.ts","sourceRoot":"","sources":["../../../../src/services/assessment/modules/MCPSpecComplianceAssessor.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAEH,OAAO,EACL,2BAA2B,EAM3B,uBAAuB,EAKxB,MAAM,uBAAuB,CAAC;AAO/B,OAAO,EAAE,YAAY,EAAE,MAAM,gBAAgB,CAAC;AAC9C,OAAO,EAAE,iBAAiB,EAAE,MAAM,2BAA2B,CAAC;AAE9D;;GAEG;AACH,qBAAa,yBAA0B,SAAQ,YAAY;IACzD,OAAO,CAAC,GAAG,CAAc;gBAEb,MAAM,EAAE,uBAAuB;IAa3C;;;OAGG;IACG,MAAM,CACV,OAAO,EAAE,iBAAiB,GACzB,OAAO,CAAC,2BAA2B,CAAC;IAyHvC;;OAEG;IACH,OAAO,CAAC,sBAAsB;IA4B9B;;;OAGG;YACW,sBAAsB;IA6BpC;;OAEG;IACH,OAAO,CAAC,uBAAuB;IAyB/B;;OAEG;IACH,OAAO,CAAC,qBAAqB;IA0C7B;;;OAGG;YACW,mBAAmB;IAsCjC;;;OAGG;IACH,OAAO,CAAC,2BAA2B;IAoDnC;;;OAGG;IACH,OAAO,CAAC,2BAA2B;IA8FnC;;OAEG;IACH,OAAO,CAAC,yBAAyB;IAyFjC;;OAEG;IACH,OAAO,CAAC,uBAAuB;IAsB/B;;OAEG;IACH,OAAO,CAAC,sBAAsB;IA4B9B;;OAEG;IACH,OAAO,CAAC,qBAAqB;IA2C7B;;;OAGG;IACH,OAAO,CAAC,oBAAoB;IAoF5B;;OAEG;IACH,OAAO,CAAC,yBAAyB;IAyBjC;;OAEG;IACH,OAAO,CAAC,6BAA6B;CA0DtC"}
|
|
@@ -90,7 +90,7 @@ export class MCPSpecComplianceAssessor extends BaseAssessor {
|
|
|
90
90
|
const totalChecks = checksArray.length;
|
|
91
91
|
const complianceScore = (passedCount / totalChecks) * 100;
|
|
92
92
|
// Log score/check consistency for debugging
|
|
93
|
-
this.
|
|
93
|
+
this.logger.info(`MCP Compliance: ${passedCount}/${totalChecks} checks passed (${complianceScore.toFixed(1)}%)`);
|
|
94
94
|
// Determine status based on protocol checks only
|
|
95
95
|
let status;
|
|
96
96
|
if (!protocolChecks.serverInfoValidity.passed) {
|
|
@@ -135,16 +135,16 @@ export class MCPSpecComplianceAssessor extends BaseAssessor {
|
|
|
135
135
|
const metadata = context.serverInfo?.metadata;
|
|
136
136
|
const protocolVersion = metadata?.protocolVersion;
|
|
137
137
|
if (protocolVersion) {
|
|
138
|
-
this.
|
|
138
|
+
this.logger.info(`Using protocol version from metadata: ${protocolVersion}`);
|
|
139
139
|
return protocolVersion;
|
|
140
140
|
}
|
|
141
141
|
// Fall back to server version
|
|
142
142
|
if (context.serverInfo?.version) {
|
|
143
|
-
this.
|
|
143
|
+
this.logger.info(`Using server version as protocol version: ${context.serverInfo.version}`);
|
|
144
144
|
return context.serverInfo.version;
|
|
145
145
|
}
|
|
146
146
|
// Default if no version information available
|
|
147
|
-
this.
|
|
147
|
+
this.logger.info("No protocol version information available, using default");
|
|
148
148
|
return "2025-06-18"; // Current MCP spec version as fallback
|
|
149
149
|
}
|
|
150
150
|
/**
|
|
@@ -183,14 +183,14 @@ export class MCPSpecComplianceAssessor extends BaseAssessor {
|
|
|
183
183
|
// Check if name is properly set (should be a string, not null/undefined)
|
|
184
184
|
if (serverInfo.name !== undefined && serverInfo.name !== null) {
|
|
185
185
|
if (typeof serverInfo.name !== "string") {
|
|
186
|
-
this.
|
|
186
|
+
this.logger.info("Server info name is not a string");
|
|
187
187
|
return false;
|
|
188
188
|
}
|
|
189
189
|
}
|
|
190
190
|
// Check if metadata is properly formatted (should be an object if present)
|
|
191
191
|
if (serverInfo.metadata !== undefined && serverInfo.metadata !== null) {
|
|
192
192
|
if (typeof serverInfo.metadata !== "object") {
|
|
193
|
-
this.
|
|
193
|
+
this.logger.info("Server info metadata is not an object");
|
|
194
194
|
return false;
|
|
195
195
|
}
|
|
196
196
|
}
|
|
@@ -297,7 +297,7 @@ export class MCPSpecComplianceAssessor extends BaseAssessor {
|
|
|
297
297
|
const totalTools = tools.length;
|
|
298
298
|
const coveragePercent = totalTools > 0 ? Math.round((withOutputSchema / totalTools) * 100) : 0;
|
|
299
299
|
// Log for debugging
|
|
300
|
-
this.
|
|
300
|
+
this.logger.info(`Structured output support: ${withOutputSchema}/${totalTools} tools (${coveragePercent}%)`);
|
|
301
301
|
const coverage = {
|
|
302
302
|
totalTools,
|
|
303
303
|
withOutputSchema,
|
|
@@ -344,11 +344,11 @@ export class MCPSpecComplianceAssessor extends BaseAssessor {
|
|
|
344
344
|
}
|
|
345
345
|
// Check listChanged notification support
|
|
346
346
|
if (capabilities.resources.listChanged) {
|
|
347
|
-
this.
|
|
347
|
+
this.logger.info("Server declares resources.listChanged notification support");
|
|
348
348
|
}
|
|
349
349
|
// Check subscribe support
|
|
350
350
|
if (capabilities.resources.subscribe) {
|
|
351
|
-
this.
|
|
351
|
+
this.logger.info("Server declares resource subscription support");
|
|
352
352
|
}
|
|
353
353
|
this.testCount++;
|
|
354
354
|
}
|
|
@@ -362,13 +362,13 @@ export class MCPSpecComplianceAssessor extends BaseAssessor {
|
|
|
362
362
|
}
|
|
363
363
|
// Check listChanged notification support
|
|
364
364
|
if (capabilities.prompts.listChanged) {
|
|
365
|
-
this.
|
|
365
|
+
this.logger.info("Server declares prompts.listChanged notification support");
|
|
366
366
|
}
|
|
367
367
|
this.testCount++;
|
|
368
368
|
}
|
|
369
369
|
// Check logging capability
|
|
370
370
|
if (capabilities.logging) {
|
|
371
|
-
this.
|
|
371
|
+
this.logger.info("Server declares logging capability");
|
|
372
372
|
this.testCount++;
|
|
373
373
|
}
|
|
374
374
|
// Determine pass/fail
|
|
@@ -433,7 +433,7 @@ export class MCPSpecComplianceAssessor extends BaseAssessor {
|
|
|
433
433
|
(transport === "http" || transport === "streamable-http")) {
|
|
434
434
|
// For HTTP transport on 2025-06-18+, headers are required
|
|
435
435
|
// We assume compliance if using the new protocol version
|
|
436
|
-
this.
|
|
436
|
+
this.logger.info(`HTTP transport detected with protocol ${protocolVersion} - header compliance assumed`);
|
|
437
437
|
}
|
|
438
438
|
// Determine confidence based on detection method
|
|
439
439
|
const confidence = hasTransportMetadata ? "medium" : "low";
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"ManifestValidationAssessor.d.ts","sourceRoot":"","sources":["../../../../src/services/assessment/modules/ManifestValidationAssessor.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;GAWG;AAEH,OAAO,EAAE,YAAY,EAAE,MAAM,gBAAgB,CAAC;AAC9C,OAAO,EAAE,iBAAiB,EAAE,MAAM,2BAA2B,CAAC;AAC9D,OAAO,KAAK,EACV,4BAA4B,EAK7B,MAAM,uBAAuB,CAAC;AAM/B,qBAAa,0BAA2B,SAAQ,YAAY;IAC1D;;OAEG;IACG,MAAM,CACV,OAAO,EAAE,iBAAiB,GACzB,OAAO,CAAC,4BAA4B,CAAC;IA6JxC;;OAEG;IACH,OAAO,CAAC,sBAAsB;IAyB9B;;OAEG;IACH,OAAO,CAAC,uBAAuB;IAmB/B;;OAEG;IACH,OAAO,CAAC,uBAAuB;IAgC/B;;OAEG;IACH,OAAO,CAAC,qBAAqB;IAiC7B;;OAEG;IACH,OAAO,CAAC,wBAAwB;IAiChC;;OAEG;IACH,OAAO,CAAC,iBAAiB;IA+CzB;;OAEG;IACH,OAAO,CAAC,YAAY;IAqCpB;;OAEG;IACH,OAAO,CAAC,kBAAkB;IA+B1B;;OAEG;IACH,OAAO,CAAC,qBAAqB;IA8B7B;;OAEG;YACW,yBAAyB;
|
|
1
|
+
{"version":3,"file":"ManifestValidationAssessor.d.ts","sourceRoot":"","sources":["../../../../src/services/assessment/modules/ManifestValidationAssessor.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;GAWG;AAEH,OAAO,EAAE,YAAY,EAAE,MAAM,gBAAgB,CAAC;AAC9C,OAAO,EAAE,iBAAiB,EAAE,MAAM,2BAA2B,CAAC;AAC9D,OAAO,KAAK,EACV,4BAA4B,EAK7B,MAAM,uBAAuB,CAAC;AAM/B,qBAAa,0BAA2B,SAAQ,YAAY;IAC1D;;OAEG;IACG,MAAM,CACV,OAAO,EAAE,iBAAiB,GACzB,OAAO,CAAC,4BAA4B,CAAC;IA6JxC;;OAEG;IACH,OAAO,CAAC,sBAAsB;IAyB9B;;OAEG;IACH,OAAO,CAAC,uBAAuB;IAmB/B;;OAEG;IACH,OAAO,CAAC,uBAAuB;IAgC/B;;OAEG;IACH,OAAO,CAAC,qBAAqB;IAiC7B;;OAEG;IACH,OAAO,CAAC,wBAAwB;IAiChC;;OAEG;IACH,OAAO,CAAC,iBAAiB;IA+CzB;;OAEG;IACH,OAAO,CAAC,YAAY;IAqCpB;;OAEG;IACH,OAAO,CAAC,kBAAkB;IA+B1B;;OAEG;IACH,OAAO,CAAC,qBAAqB;IA8B7B;;OAEG;YACW,yBAAyB;IAqFvC;;OAEG;IACH,OAAO,CAAC,uBAAuB;IAsB/B;;OAEG;IACH,OAAO,CAAC,mBAAmB;IA0C3B;;OAEG;IACH,OAAO,CAAC,uBAAuB;CA+ChC"}
|
|
@@ -19,7 +19,7 @@ export class ManifestValidationAssessor extends BaseAssessor {
|
|
|
19
19
|
* Run manifest validation assessment
|
|
20
20
|
*/
|
|
21
21
|
async assess(context) {
|
|
22
|
-
this.
|
|
22
|
+
this.logger.info("Starting manifest validation assessment");
|
|
23
23
|
this.testCount = 0;
|
|
24
24
|
// Check if manifest is available
|
|
25
25
|
if (!context.manifestJson && !context.manifestRaw) {
|
|
@@ -91,7 +91,7 @@ export class ManifestValidationAssessor extends BaseAssessor {
|
|
|
91
91
|
if (manifest.privacy_policies &&
|
|
92
92
|
Array.isArray(manifest.privacy_policies) &&
|
|
93
93
|
manifest.privacy_policies.length > 0) {
|
|
94
|
-
this.
|
|
94
|
+
this.logger.info(`Validating ${manifest.privacy_policies.length} privacy policy URL(s)`);
|
|
95
95
|
const policyResults = await this.validatePrivacyPolicyUrls(manifest.privacy_policies);
|
|
96
96
|
privacyPolicies = {
|
|
97
97
|
declared: manifest.privacy_policies,
|
|
@@ -121,7 +121,7 @@ export class ManifestValidationAssessor extends BaseAssessor {
|
|
|
121
121
|
const status = this.determineManifestStatus(validationResults, hasRequiredFields);
|
|
122
122
|
const explanation = this.generateExplanation(validationResults, hasRequiredFields, hasIcon, privacyPolicies);
|
|
123
123
|
const recommendations = this.generateRecommendations(validationResults, privacyPolicies);
|
|
124
|
-
this.
|
|
124
|
+
this.logger.info(`Assessment complete: ${validationResults.filter((r) => r.valid).length}/${validationResults.length} checks passed`);
|
|
125
125
|
return {
|
|
126
126
|
hasManifest: true,
|
|
127
127
|
manifestVersion: manifest.manifest_version,
|
|
@@ -413,7 +413,9 @@ export class ManifestValidationAssessor extends BaseAssessor {
|
|
|
413
413
|
new URL(url);
|
|
414
414
|
}
|
|
415
415
|
catch (error) {
|
|
416
|
-
this.
|
|
416
|
+
this.logger.error(`Invalid privacy policy URL format: ${url}`, {
|
|
417
|
+
error,
|
|
418
|
+
});
|
|
417
419
|
results.push({
|
|
418
420
|
url,
|
|
419
421
|
accessible: false,
|
|
@@ -460,7 +462,9 @@ export class ManifestValidationAssessor extends BaseAssessor {
|
|
|
460
462
|
});
|
|
461
463
|
}
|
|
462
464
|
catch (fetchError) {
|
|
463
|
-
this.
|
|
465
|
+
this.logger.error(`Failed to fetch privacy policy URL: ${url}`, {
|
|
466
|
+
error: fetchError,
|
|
467
|
+
});
|
|
464
468
|
results.push({
|
|
465
469
|
url,
|
|
466
470
|
accessible: false,
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"PortabilityAssessor.d.ts","sourceRoot":"","sources":["../../../../src/services/assessment/modules/PortabilityAssessor.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;GAYG;AAEH,OAAO,EAAE,YAAY,EAAE,MAAM,gBAAgB,CAAC;AAC9C,OAAO,EAAE,iBAAiB,EAAE,MAAM,2BAA2B,CAAC;AAC9D,OAAO,KAAK,EACV,qBAAqB,EAGtB,MAAM,uBAAuB,CAAC;AA8H/B,qBAAa,mBAAoB,SAAQ,YAAY;IACnD;;OAEG;IACG,MAAM,CAAC,OAAO,EAAE,iBAAiB,GAAG,OAAO,CAAC,qBAAqB,CAAC;
|
|
1
|
+
{"version":3,"file":"PortabilityAssessor.d.ts","sourceRoot":"","sources":["../../../../src/services/assessment/modules/PortabilityAssessor.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;GAYG;AAEH,OAAO,EAAE,YAAY,EAAE,MAAM,gBAAgB,CAAC;AAC9C,OAAO,EAAE,iBAAiB,EAAE,MAAM,2BAA2B,CAAC;AAC9D,OAAO,KAAK,EACV,qBAAqB,EAGtB,MAAM,uBAAuB,CAAC;AA8H/B,qBAAa,mBAAoB,SAAQ,YAAY;IACnD;;OAEG;IACG,MAAM,CAAC,OAAO,EAAE,iBAAiB,GAAG,OAAO,CAAC,qBAAqB,CAAC;IAyHxE;;OAEG;IACH,OAAO,CAAC,oBAAoB;IAiD5B;;OAEG;IACH,OAAO,CAAC,uBAAuB;IAuE/B;;OAEG;IACH,OAAO,CAAC,QAAQ;IAiIhB;;OAEG;IACH,OAAO,CAAC,cAAc;IAkBtB;;OAEG;IACH,OAAO,CAAC,0BAA0B;IAmClC;;OAEG;IACH,OAAO,CAAC,mBAAmB;IAqC3B;;OAEG;IACH,OAAO,CAAC,uBAAuB;CAmDhC"}
|
|
@@ -124,7 +124,7 @@ export class PortabilityAssessor extends BaseAssessor {
|
|
|
124
124
|
* Run portability assessment
|
|
125
125
|
*/
|
|
126
126
|
async assess(context) {
|
|
127
|
-
this.
|
|
127
|
+
this.logger.info("Starting portability assessment");
|
|
128
128
|
this.testCount = 0;
|
|
129
129
|
const issues = [];
|
|
130
130
|
let scannedFiles = 0;
|
|
@@ -159,7 +159,7 @@ export class PortabilityAssessor extends BaseAssessor {
|
|
|
159
159
|
}
|
|
160
160
|
// Check source code files if available
|
|
161
161
|
if (context.sourceCodeFiles && context.config.enableSourceCodeAnalysis) {
|
|
162
|
-
this.
|
|
162
|
+
this.logger.info("Scanning source code files for portability issues...");
|
|
163
163
|
for (const [filePath, content] of context.sourceCodeFiles) {
|
|
164
164
|
// Skip irrelevant files
|
|
165
165
|
if (this.shouldSkipFile(filePath))
|
|
@@ -185,7 +185,7 @@ export class PortabilityAssessor extends BaseAssessor {
|
|
|
185
185
|
const status = this.determinePortabilityStatus(issues, usesDirname, usesBundleRoot);
|
|
186
186
|
const explanation = this.generateExplanation(issues, usesDirname, usesBundleRoot, scannedFiles);
|
|
187
187
|
const recommendations = this.generateRecommendations(issues, usesDirname, usesBundleRoot);
|
|
188
|
-
this.
|
|
188
|
+
this.logger.info(`Assessment complete: ${issues.length} portability issues found`);
|
|
189
189
|
// NEW: Analyze shell commands and platform coverage (Issue #9)
|
|
190
190
|
const shellCommands = this.analyzeShellCommands(context);
|
|
191
191
|
const platformCoverage = this.analyzePlatformCoverage(issues);
|
|
@@ -16,7 +16,7 @@ export class ProhibitedLibrariesAssessor extends BaseAssessor {
|
|
|
16
16
|
* Run prohibited libraries assessment
|
|
17
17
|
*/
|
|
18
18
|
async assess(context) {
|
|
19
|
-
this.
|
|
19
|
+
this.logger.info("Starting prohibited libraries assessment");
|
|
20
20
|
this.testCount = 0;
|
|
21
21
|
const matches = [];
|
|
22
22
|
const scannedFiles = [];
|
|
@@ -24,7 +24,7 @@ export class ProhibitedLibrariesAssessor extends BaseAssessor {
|
|
|
24
24
|
let hasMediaLibraries = false;
|
|
25
25
|
// Check package.json dependencies
|
|
26
26
|
if (context.packageJson) {
|
|
27
|
-
this.
|
|
27
|
+
this.logger.info("Scanning package.json dependencies...");
|
|
28
28
|
this.testCount++;
|
|
29
29
|
scannedFiles.push("package.json");
|
|
30
30
|
const packageJson = context.packageJson;
|
|
@@ -64,7 +64,7 @@ export class ProhibitedLibrariesAssessor extends BaseAssessor {
|
|
|
64
64
|
}
|
|
65
65
|
// Check source code files if available
|
|
66
66
|
if (context.sourceCodeFiles && context.config.enableSourceCodeAnalysis) {
|
|
67
|
-
this.
|
|
67
|
+
this.logger.info("Scanning source code files...");
|
|
68
68
|
for (const [filePath, content] of context.sourceCodeFiles) {
|
|
69
69
|
// Check Python requirements files
|
|
70
70
|
if (filePath.endsWith("requirements.txt") ||
|
|
@@ -126,7 +126,7 @@ export class ProhibitedLibrariesAssessor extends BaseAssessor {
|
|
|
126
126
|
const status = this.calculateStatusFromMatches(uniqueMatches);
|
|
127
127
|
const explanation = this.generateExplanation(uniqueMatches, hasFinancialLibraries, hasMediaLibraries, scannedFiles);
|
|
128
128
|
const recommendations = this.generateRecommendations(uniqueMatches);
|
|
129
|
-
this.
|
|
129
|
+
this.logger.info(`Assessment complete: ${uniqueMatches.length} prohibited libraries found`);
|
|
130
130
|
return {
|
|
131
131
|
matches: uniqueMatches,
|
|
132
132
|
scannedFiles,
|
|
@@ -67,7 +67,7 @@ export class PromptAssessor extends BaseAssessor {
|
|
|
67
67
|
if (!context.prompts || context.prompts.length === 0) {
|
|
68
68
|
return this.createNoPromptsResponse();
|
|
69
69
|
}
|
|
70
|
-
this.
|
|
70
|
+
this.logger.info(`Testing ${context.prompts.length} prompts`);
|
|
71
71
|
// Test each prompt
|
|
72
72
|
for (const prompt of context.prompts) {
|
|
73
73
|
this.testCount++;
|
|
@@ -216,7 +216,7 @@ export class PromptAssessor extends BaseAssessor {
|
|
|
216
216
|
return { success: true, unsafeContent, executionTime };
|
|
217
217
|
}
|
|
218
218
|
catch (error) {
|
|
219
|
-
this.
|
|
219
|
+
this.logger.error(`Prompt execution failed: ${prompt.name}`, { error });
|
|
220
220
|
return {
|
|
221
221
|
success: false,
|
|
222
222
|
unsafeContent: false,
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"ProtocolComplianceAssessor.d.ts","sourceRoot":"","sources":["../../../../src/services/assessment/modules/ProtocolComplianceAssessor.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;GAgBG;AAEH,OAAO,EACL,2BAA2B,EAM3B,uBAAuB,EAKxB,MAAM,uBAAuB,CAAC;AAC/B,OAAO,KAAK,EAAE,aAAa,EAAE,MAAM,gCAAgC,CAAC;AAOpE,OAAO,EAAE,YAAY,EAAE,MAAM,gBAAgB,CAAC;AAC9C,OAAO,EAAE,iBAAiB,EAAE,MAAM,2BAA2B,CAAC;AAmB9D;;;GAGG;AACH,MAAM,WAAW,4BAA6B,SAAQ,2BAA2B;IAC/E,2EAA2E;IAC3E,iBAAiB,CAAC,EAAE;QAClB,mBAAmB,EAAE,aAAa,CAAC;QACnC,kBAAkB,EAAE,aAAa,CAAC;QAClC,uBAAuB,EAAE,aAAa,CAAC;KACxC,CAAC;CACH;AAED,qBAAa,0BAA2B,SAAQ,YAAY,CAAC,4BAA4B,CAAC;IACxF,OAAO,CAAC,GAAG,CAAc;gBAEb,MAAM,EAAE,uBAAuB;IAK3C;;OAEG;IACH,OAAO,CAAC,cAAc;IAItB;;OAEG;IACH,OAAO,CAAC,cAAc;IAItB;;;OAGG;IACG,MAAM,CACV,OAAO,EAAE,iBAAiB,GACzB,OAAO,CAAC,4BAA4B,CAAC;IAyIxC;;OAEG;IACH,OAAO,CAAC,sBAAsB;
|
|
1
|
+
{"version":3,"file":"ProtocolComplianceAssessor.d.ts","sourceRoot":"","sources":["../../../../src/services/assessment/modules/ProtocolComplianceAssessor.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;GAgBG;AAEH,OAAO,EACL,2BAA2B,EAM3B,uBAAuB,EAKxB,MAAM,uBAAuB,CAAC;AAC/B,OAAO,KAAK,EAAE,aAAa,EAAE,MAAM,gCAAgC,CAAC;AAOpE,OAAO,EAAE,YAAY,EAAE,MAAM,gBAAgB,CAAC;AAC9C,OAAO,EAAE,iBAAiB,EAAE,MAAM,2BAA2B,CAAC;AAmB9D;;;GAGG;AACH,MAAM,WAAW,4BAA6B,SAAQ,2BAA2B;IAC/E,2EAA2E;IAC3E,iBAAiB,CAAC,EAAE;QAClB,mBAAmB,EAAE,aAAa,CAAC;QACnC,kBAAkB,EAAE,aAAa,CAAC;QAClC,uBAAuB,EAAE,aAAa,CAAC;KACxC,CAAC;CACH;AAED,qBAAa,0BAA2B,SAAQ,YAAY,CAAC,4BAA4B,CAAC;IACxF,OAAO,CAAC,GAAG,CAAc;gBAEb,MAAM,EAAE,uBAAuB;IAK3C;;OAEG;IACH,OAAO,CAAC,cAAc;IAItB;;OAEG;IACH,OAAO,CAAC,cAAc;IAItB;;;OAGG;IACG,MAAM,CACV,OAAO,EAAE,iBAAiB,GACzB,OAAO,CAAC,4BAA4B,CAAC;IAyIxC;;OAEG;IACH,OAAO,CAAC,sBAAsB;IAyB9B;;OAEG;YACW,sBAAsB;IAuBpC;;OAEG;IACH,OAAO,CAAC,uBAAuB;IAsB/B;;OAEG;IACH,OAAO,CAAC,qBAAqB;IAwC7B;;OAEG;YACW,mBAAmB;IAiCjC;;;OAGG;IACH,OAAO,CAAC,2BAA2B;IAiDnC;;OAEG;IACH,OAAO,CAAC,2BAA2B;IAkEnC;;OAEG;IACH,OAAO,CAAC,qBAAqB;IAS7B;;OAEG;YACW,wBAAwB;IA4GtC;;OAEG;YACW,uBAAuB;IA2FrC;;OAEG;YACW,4BAA4B;IAoD1C,OAAO,CAAC,yBAAyB;IAkEjC,OAAO,CAAC,uBAAuB;IAqB/B,OAAO,CAAC,sBAAsB;IA0B9B,OAAO,CAAC,qBAAqB;IAgC7B,OAAO,CAAC,oBAAoB;IA8E5B;;OAEG;IACH,OAAO,CAAC,mBAAmB;IAoC3B;;OAEG;IACH,OAAO,CAAC,uBAAuB;CAqEhC"}
|
|
@@ -126,7 +126,7 @@ export class ProtocolComplianceAssessor extends BaseAssessor {
|
|
|
126
126
|
// Track test count
|
|
127
127
|
this.testCount = totalChecks;
|
|
128
128
|
// Log score/check consistency for debugging
|
|
129
|
-
this.
|
|
129
|
+
this.logger.info(`Protocol Compliance: ${passedCount}/${totalChecks} checks passed (${complianceScore.toFixed(1)}%)`);
|
|
130
130
|
// Determine status based on protocol checks only
|
|
131
131
|
let status;
|
|
132
132
|
if (!protocolChecks.serverInfoValidity.passed) {
|
|
@@ -171,14 +171,14 @@ export class ProtocolComplianceAssessor extends BaseAssessor {
|
|
|
171
171
|
const metadata = context.serverInfo?.metadata;
|
|
172
172
|
const protocolVersion = metadata?.protocolVersion;
|
|
173
173
|
if (protocolVersion) {
|
|
174
|
-
this.
|
|
174
|
+
this.logger.info(`Using protocol version from metadata: ${protocolVersion}`);
|
|
175
175
|
return protocolVersion;
|
|
176
176
|
}
|
|
177
177
|
if (context.serverInfo?.version) {
|
|
178
|
-
this.
|
|
178
|
+
this.logger.info(`Using server version as protocol version: ${context.serverInfo.version}`);
|
|
179
179
|
return context.serverInfo.version;
|
|
180
180
|
}
|
|
181
|
-
this.
|
|
181
|
+
this.logger.info("No protocol version information available, using default");
|
|
182
182
|
return "2025-06-18";
|
|
183
183
|
}
|
|
184
184
|
/**
|
|
@@ -208,13 +208,13 @@ export class ProtocolComplianceAssessor extends BaseAssessor {
|
|
|
208
208
|
}
|
|
209
209
|
if (serverInfo.name !== undefined && serverInfo.name !== null) {
|
|
210
210
|
if (typeof serverInfo.name !== "string") {
|
|
211
|
-
this.
|
|
211
|
+
this.logger.info("Server info name is not a string");
|
|
212
212
|
return false;
|
|
213
213
|
}
|
|
214
214
|
}
|
|
215
215
|
if (serverInfo.metadata !== undefined && serverInfo.metadata !== null) {
|
|
216
216
|
if (typeof serverInfo.metadata !== "object") {
|
|
217
|
-
this.
|
|
217
|
+
this.logger.info("Server info metadata is not an object");
|
|
218
218
|
return false;
|
|
219
219
|
}
|
|
220
220
|
}
|
|
@@ -310,7 +310,7 @@ export class ProtocolComplianceAssessor extends BaseAssessor {
|
|
|
310
310
|
}
|
|
311
311
|
const totalTools = tools.length;
|
|
312
312
|
const coveragePercent = totalTools > 0 ? Math.round((withOutputSchema / totalTools) * 100) : 0;
|
|
313
|
-
this.
|
|
313
|
+
this.logger.info(`Structured output support: ${withOutputSchema}/${totalTools} tools (${coveragePercent}%)`);
|
|
314
314
|
const coverage = {
|
|
315
315
|
totalTools,
|
|
316
316
|
withOutputSchema,
|
|
@@ -268,7 +268,7 @@ export class ProtocolConformanceAssessor extends BaseAssessor {
|
|
|
268
268
|
};
|
|
269
269
|
}
|
|
270
270
|
catch (error) {
|
|
271
|
-
this.
|
|
271
|
+
this.logger.error("Content type validation failed", { error });
|
|
272
272
|
return {
|
|
273
273
|
passed: false,
|
|
274
274
|
confidence: "medium",
|
|
@@ -211,7 +211,7 @@ export class ResourceAssessor extends BaseAssessor {
|
|
|
211
211
|
}
|
|
212
212
|
const resources = context.resources || [];
|
|
213
213
|
const templates = context.resourceTemplates || [];
|
|
214
|
-
this.
|
|
214
|
+
this.logger.info(`Testing ${resources.length} resources and ${templates.length} resource templates`);
|
|
215
215
|
// Test each resource
|
|
216
216
|
for (const resource of resources) {
|
|
217
217
|
this.testCount++;
|