@bryan-thompson/inspector-assessment 1.19.0 → 1.19.2

package/client/dist/assets/{OAuthCallback-D_dKq_wM.js → OAuthCallback-BH_aUBF0.js}

@@ -1,4 +1,4 @@
-import { u as useToast, r as reactExports, j as jsxRuntimeExports, p as parseOAuthCallbackParams, g as generateOAuthErrorDescription, S as SESSION_KEYS, I as InspectorOAuthClientProvider, a as auth } from "./index-B5_VY0TC.js";
+import { u as useToast, r as reactExports, j as jsxRuntimeExports, p as parseOAuthCallbackParams, g as generateOAuthErrorDescription, S as SESSION_KEYS, I as InspectorOAuthClientProvider, a as auth } from "./index-O3f3KjpP.js";
 const OAuthCallback = ({ onConnect }) => {
   const { toast } = useToast();
   const hasProcessedRef = reactExports.useRef(false);

package/client/dist/assets/{OAuthDebugCallback-UqARwe_4.js → OAuthDebugCallback-hhATDmh0.js}

@@ -1,4 +1,4 @@
-import { r as reactExports, S as SESSION_KEYS, p as parseOAuthCallbackParams, j as jsxRuntimeExports, g as generateOAuthErrorDescription } from "./index-B5_VY0TC.js";
+import { r as reactExports, S as SESSION_KEYS, p as parseOAuthCallbackParams, j as jsxRuntimeExports, g as generateOAuthErrorDescription } from "./index-O3f3KjpP.js";
 const OAuthDebugCallback = ({ onConnect }) => {
   reactExports.useEffect(() => {
     let isProcessed = false;

package/client/dist/assets/{index-B5_VY0TC.js → index-O3f3KjpP.js}

@@ -16320,7 +16320,7 @@ object({
   token_type_hint: string().optional()
 }).strip();
 const name = "@bryan-thompson/inspector-assessment-client";
-const version$1 = "1.19.0";
+const version$1 = "1.19.2";
 const packageJson = {
   name,
   version: version$1
@@ -45337,7 +45337,7 @@ const useTheme = () => {
     [theme, setThemeWithSideEffect]
   );
 };
-const version = "1.19.0";
+const version = "1.19.2";
 var [createTooltipContext] = createContextScope("Tooltip", [
   createPopperScope
 ]);
@@ -53110,11 +53110,7 @@ class SecurityAssessor extends BaseAssessor {
       /gateway timeout/i,
       // HTTP 504 (gateway timeout)
       /unknown tool:/i,
-      // Tool name not in current server's tool list (stale tool list)
-      /tool.*not found/i,
-      // Alternative phrasing for missing tool
-      /tool.*does not exist/i,
-      // Alternative phrasing for missing tool
+      // MCP spec format: "Unknown tool: <name>"
       /no such tool/i
       // Alternative phrasing for missing tool
     ];
@@ -53182,11 +53178,7 @@ class SecurityAssessor extends BaseAssessor {
         /gateway timeout/i,
         // HTTP 504 (gateway timeout)
         /unknown tool:/i,
-        // Tool name not in current server's tool list (stale tool list)
-        /tool.*not found/i,
-        // Alternative phrasing for missing tool
-        /tool.*does not exist/i,
-        // Alternative phrasing for missing tool
+        // MCP spec format: "Unknown tool: <name>"
         /no such tool/i
         // Alternative phrasing for missing tool
       ];
@@ -53840,8 +53832,12 @@ class SecurityAssessor extends BaseAssessor {
    *
    * HIGH confidence: System files, commands, directory listings
    * MEDIUM confidence: Contextual patterns (root alone, paths)
+   *
+   * IMPORTANT: Excludes patterns that appear within echoed injection payloads
+   * (e.g., /etc/passwd within an XXE entity definition is NOT execution evidence)
    */
   detectExecutionArtifacts(responseText) {
+    const containsEchoedPayload = this.containsEchoedInjectionPayload(responseText);
     const executionIndicators = [
       // HIGH CONFIDENCE - System files (requires format)
       /[a-z]+:x:\d+:\d+:/i,
@@ -53868,13 +53864,58 @@ class SecurityAssessor extends BaseAssessor {
       // "root" alone on line (whoami)
       /\/root\//i,
       // Path: "/root/"
-      /\/etc\/passwd/i,
-      // Sensitive file
       // MEDIUM CONFIDENCE - Process info
       /PID:\s*\d{3,}/i
       // Process ID
     ];
-    return executionIndicators.some((pattern2) => pattern2.test(responseText));
+    const contextSensitiveIndicators = [
+      /\/etc\/passwd/i,
+      // Sensitive file - appears in XXE payloads
+      /\/etc\/shadow/i,
+      // Sensitive file - appears in XXE payloads
+      /file:\/\/\//i
+      // File protocol - appears in XXE/SSRF payloads
+    ];
+    if (executionIndicators.some((pattern2) => pattern2.test(responseText))) {
+      return true;
+    }
+    if (!containsEchoedPayload) {
+      if (contextSensitiveIndicators.some((pattern2) => pattern2.test(responseText))) {
+        return true;
+      }
+    }
+    return false;
+  }
+  /**
+   * Check if response contains echoed injection payload patterns
+   * These indicate the tool is safely echoing/storing input rather than executing it
+   */
+  containsEchoedInjectionPayload(responseText) {
+    const echoedPayloadPatterns = [
+      // XXE payload markers (echoed XML entity definitions)
+      /<!DOCTYPE\s+\w+\s+\[/i,
+      // DOCTYPE with internal subset
+      /<!ENTITY\s+\w+\s+SYSTEM/i,
+      // External entity definition
+      /<!ENTITY\s+%\s*\w+/i,
+      // Parameter entity
+      // SSRF/URL payload markers (echoed in storage context)
+      /stored.*http:\/\//i,
+      // "Stored query: http://..."
+      /saved.*http:\/\//i,
+      // "Saved: http://..."
+      // SQL injection payload markers (echoed)
+      /stored.*union\s+select/i,
+      // "Stored query: UNION SELECT..."
+      /stored.*drop\s+table/i,
+      // "Stored query: DROP TABLE..."
+      // Common echo/storage patterns with payload content
+      /stored\s+query:\s*[<'"]/i,
+      // "Stored query: <xml..." or "Stored query: '..."
+      /saved\s+data:\s*[<'"]/i
+      // "Saved data: <xml..."
+    ];
+    return echoedPayloadPatterns.some((pattern2) => pattern2.test(responseText));
   }
   /**
    * Analyze injection response (existing logic)
@@ -59061,13 +59102,13 @@ const App = () => {
   ) });
   if (window.location.pathname === "/oauth/callback") {
     const OAuthCallback = React.lazy(
-      () => __vitePreload(() => import("./OAuthCallback-D_dKq_wM.js"), true ? [] : void 0)
+      () => __vitePreload(() => import("./OAuthCallback-BH_aUBF0.js"), true ? [] : void 0)
     );
     return /* @__PURE__ */ jsxRuntimeExports.jsx(reactExports.Suspense, { fallback: /* @__PURE__ */ jsxRuntimeExports.jsx("div", { children: "Loading..." }), children: /* @__PURE__ */ jsxRuntimeExports.jsx(OAuthCallback, { onConnect: onOAuthConnect }) });
   }
   if (window.location.pathname === "/oauth/callback/debug") {
     const OAuthDebugCallback = React.lazy(
-      () => __vitePreload(() => import("./OAuthDebugCallback-UqARwe_4.js"), true ? [] : void 0)
+      () => __vitePreload(() => import("./OAuthDebugCallback-hhATDmh0.js"), true ? [] : void 0)
     );
     return /* @__PURE__ */ jsxRuntimeExports.jsx(reactExports.Suspense, { fallback: /* @__PURE__ */ jsxRuntimeExports.jsx("div", { children: "Loading..." }), children: /* @__PURE__ */ jsxRuntimeExports.jsx(OAuthDebugCallback, { onConnect: onOAuthDebugConnect }) });
   }

package/client/dist/index.html

@@ -5,7 +5,7 @@
     <link rel="icon" type="image/svg+xml" href="/mcp.svg" />
     <meta name="viewport" content="width=device-width, initial-scale=1.0" />
     <title>MCP Inspector</title>
-    <script type="module" crossorigin src="/assets/index-B5_VY0TC.js"></script>
+    <script type="module" crossorigin src="/assets/index-O3f3KjpP.js"></script>
     <link rel="stylesheet" crossorigin href="/assets/index-32-uLPhe.css">
   </head>
   <body>

package/client/lib/services/assessment/modules/SecurityAssessor.d.ts

@@ -142,8 +142,16 @@ export declare class SecurityAssessor extends BaseAssessor {
      *
      * HIGH confidence: System files, commands, directory listings
      * MEDIUM confidence: Contextual patterns (root alone, paths)
+     *
+     * IMPORTANT: Excludes patterns that appear within echoed injection payloads
+     * (e.g., /etc/passwd within an XXE entity definition is NOT execution evidence)
      */
     private detectExecutionArtifacts;
+    /**
+     * Check if response contains echoed injection payload patterns
+     * These indicate the tool is safely echoing/storing input rather than executing it
+     */
+    private containsEchoedInjectionPayload;
     /**
      * Analyze injection response (existing logic)
      * Note: payload parameter unused after refactoring to two-layer defense

package/client/lib/services/assessment/modules/SecurityAssessor.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"SecurityAssessor.d.ts","sourceRoot":"","sources":["../../../../src/services/assessment/modules/SecurityAssessor.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;GAUG;AAEH,OAAO,EACL,kBAAkB,EAInB,MAAM,uBAAuB,CAAC;AAC/B,OAAO,EAAE,YAAY,EAAE,MAAM,gBAAgB,CAAC;AAC9C,OAAO,EAAE,iBAAiB,EAAE,MAAM,2BAA2B,CAAC;AAc9D,qBAAa,gBAAiB,SAAQ,YAAY;IAChD,OAAO,CAAC,iBAAiB,CAAuC;IAC1D,MAAM,CAAC,OAAO,EAAE,iBAAiB,GAAG,OAAO,CAAC,kBAAkB,CAAC;IAuFrE;;OAEG;IACH,OAAO,CAAC,qBAAqB;IAkC7B;;;;OAIG;YACW,yBAAyB;IAuKvC;;;;OAIG;YACW,qBAAqB;IA2JnC;;OAEG;YACW,WAAW;IA2HzB;;;;;OAKG;IACH,OAAO,CAAC,iBAAiB;IAkDzB;;;OAGG;IACH,OAAO,CAAC,8BAA8B;IAmDtC;;OAEG;IACH,OAAO,CAAC,aAAa;IA+BrB;;OAEG;IACH,OAAO,CAAC,0BAA0B;IAgClC;;;OAGG;IACH,OAAO,CAAC,eAAe;IA6HvB;;;;;;;OAOG;IACH,OAAO,CAAC,qBAAqB;IAiE7B;;;;;;;;;OASG;IACH,OAAO,CAAC,oBAAoB;IAqC5B;;;;;OAKG;IACH,OAAO,CAAC,mBAAmB;IAsB3B;;;;;;;OAOG;IACH,OAAO,CAAC,oBAAoB;IAkC5B;;OAEG;YACW,+BAA+B;IAiC7C;;OAEG;IACH,OAAO,CAAC,yBAAyB;IAYjC;;OAEG;IACH,OAAO,CAAC,uBAAuB;IA0B/B;;OAEG;IACH,OAAO,CAAC,2BAA2B;IAkEnC;;;OAGG;IACH,OAAO,CAAC,mBAAmB;IAuI3B;;;OAGG;IACH,OAAO,CAAC,oBAAoB;IAsB5B;;;;;;;;;;;;OAYG;IACH,OAAO,CAAC,oBAAoB;IAuM5B;;;;;;OAMG;IACH,OAAO,CAAC,wBAAwB;IA8BhC;;;OAGG;IACH,OAAO,CAAC,wBAAwB;IA8BhC;;OAEG;IACH,OAAO,CAAC,sBAAsB;IAW9B;;OAEG;IACH,OAAO,CAAC,kBAAkB;IAO1B,OAAO,CAAC,oBAAoB;IAoH5B;;OAEG;IACH,OAAO,CAAC,YAAY;IASpB;;;OAGG;IACH,OAAO,CAAC,eAAe;IASvB;;;OAGG;IACH,OAAO,CAAC,sBAAsB;IAiB9B;;;OAGG;IACH,OAAO,CAAC,kBAAkB;CAmB3B"}
+{"version":3,"file":"SecurityAssessor.d.ts","sourceRoot":"","sources":["../../../../src/services/assessment/modules/SecurityAssessor.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;GAUG;AAEH,OAAO,EACL,kBAAkB,EAInB,MAAM,uBAAuB,CAAC;AAC/B,OAAO,EAAE,YAAY,EAAE,MAAM,gBAAgB,CAAC;AAC9C,OAAO,EAAE,iBAAiB,EAAE,MAAM,2BAA2B,CAAC;AAc9D,qBAAa,gBAAiB,SAAQ,YAAY;IAChD,OAAO,CAAC,iBAAiB,CAAuC;IAC1D,MAAM,CAAC,OAAO,EAAE,iBAAiB,GAAG,OAAO,CAAC,kBAAkB,CAAC;IAuFrE;;OAEG;IACH,OAAO,CAAC,qBAAqB;IAkC7B;;;;OAIG;YACW,yBAAyB;IAuKvC;;;;OAIG;YACW,qBAAqB;IA2JnC;;OAEG;YACW,WAAW;IA2HzB;;;;;OAKG;IACH,OAAO,CAAC,iBAAiB;IAgDzB;;;OAGG;IACH,OAAO,CAAC,8BAA8B;IAiDtC;;OAEG;IACH,OAAO,CAAC,aAAa;IA+BrB;;OAEG;IACH,OAAO,CAAC,0BAA0B;IAgClC;;;OAGG;IACH,OAAO,CAAC,eAAe;IA6HvB;;;;;;;OAOG;IACH,OAAO,CAAC,qBAAqB;IAiE7B;;;;;;;;;OASG;IACH,OAAO,CAAC,oBAAoB;IAqC5B;;;;;OAKG;IACH,OAAO,CAAC,mBAAmB;IAsB3B;;;;;;;OAOG;IACH,OAAO,CAAC,oBAAoB;IAkC5B;;OAEG;YACW,+BAA+B;IAiC7C;;OAEG;IACH,OAAO,CAAC,yBAAyB;IAYjC;;OAEG;IACH,OAAO,CAAC,uBAAuB;IA0B/B;;OAEG;IACH,OAAO,CAAC,2BAA2B;IAkEnC;;;OAGG;IACH,OAAO,CAAC,mBAAmB;IAuI3B;;;OAGG;IACH,OAAO,CAAC,oBAAoB;IAsB5B;;;;;;;;;;;;OAYG;IACH,OAAO,CAAC,oBAAoB;IAuM5B;;;;;;;;;OASG;IACH,OAAO,CAAC,wBAAwB;IAwDhC;;;OAGG;IACH,OAAO,CAAC,8BAA8B;IAuBtC;;;OAGG;IACH,OAAO,CAAC,wBAAwB;IA8BhC;;OAEG;IACH,OAAO,CAAC,sBAAsB;IAW9B;;OAEG;IACH,OAAO,CAAC,kBAAkB;IAO1B,OAAO,CAAC,oBAAoB;IAoH5B;;OAEG;IACH,OAAO,CAAC,YAAY;IASpB;;;OAGG;IACH,OAAO,CAAC,eAAe;IASvB;;;OAGG;IACH,OAAO,CAAC,sBAAsB;IAiB9B;;;OAGG;IACH,OAAO,CAAC,kBAAkB;CAmB3B"}

package/client/lib/services/assessment/modules/SecurityAssessor.js

@@ -460,9 +460,7 @@ export class SecurityAssessor extends BaseAssessor {
             /error GETting.*endpoint/i, // Transport layer GET errors (requires 'endpoint' to avoid false positives)
             /service unavailable/i, // HTTP 503 (server down)
             /gateway timeout/i, // HTTP 504 (gateway timeout)
-            /unknown tool:/i, // Tool name not in current server's tool list (stale tool list)
-            /tool.*not found/i, // Alternative phrasing for missing tool
-            /tool.*does not exist/i, // Alternative phrasing for missing tool
+            /unknown tool:/i, // MCP spec format: "Unknown tool: <name>"
             /no such tool/i, // Alternative phrasing for missing tool
         ];
         // Check unambiguous patterns first
@@ -510,9 +508,7 @@ export class SecurityAssessor extends BaseAssessor {
                 /error GETting/i, // Transport layer GET errors
                 /service unavailable/i, // HTTP 503 (server down)
                 /gateway timeout/i, // HTTP 504 (gateway timeout)
-                /unknown tool:/i, // Tool name not in current server's tool list (stale tool list)
-                /tool.*not found/i, // Alternative phrasing for missing tool
-                /tool.*does not exist/i, // Alternative phrasing for missing tool
+                /unknown tool:/i, // MCP spec format: "Unknown tool: <name>"
                 /no such tool/i, // Alternative phrasing for missing tool
             ];
             // Check unambiguous patterns first
@@ -1259,8 +1255,14 @@ export class SecurityAssessor extends BaseAssessor {
      *
      * HIGH confidence: System files, commands, directory listings
      * MEDIUM confidence: Contextual patterns (root alone, paths)
+     *
+     * IMPORTANT: Excludes patterns that appear within echoed injection payloads
+     * (e.g., /etc/passwd within an XXE entity definition is NOT execution evidence)
      */
     detectExecutionArtifacts(responseText) {
+        // First, check if this response contains echoed injection payload patterns
+        // If so, we need to be more careful about what we consider "execution evidence"
+        const containsEchoedPayload = this.containsEchoedInjectionPayload(responseText);
         const executionIndicators = [
             // HIGH CONFIDENCE - System files (requires format)
             /[a-z]+:x:\d+:\d+:/i, // passwd: "root:x:0:0:"
@@ -1277,11 +1279,49 @@ export class SecurityAssessor extends BaseAssessor {
             // MEDIUM CONFIDENCE - System identity (contextual only)
             /\b(root|administrator)\s*$/im, // "root" alone on line (whoami)
             /\/root\//i, // Path: "/root/"
-            /\/etc\/passwd/i, // Sensitive file
             // MEDIUM CONFIDENCE - Process info
             /PID:\s*\d{3,}/i, // Process ID
         ];
-        return executionIndicators.some((pattern) => pattern.test(responseText));
+        // Patterns that indicate execution ONLY if NOT in an echoed payload context
+        // These patterns can appear in injection payloads (XXE, SSRF, etc.)
+        const contextSensitiveIndicators = [
+            /\/etc\/passwd/i, // Sensitive file - appears in XXE payloads
+            /\/etc\/shadow/i, // Sensitive file - appears in XXE payloads
+            /file:\/\/\//i, // File protocol - appears in XXE/SSRF payloads
+        ];
+        // Check high-confidence indicators first (always count as execution)
+        if (executionIndicators.some((pattern) => pattern.test(responseText))) {
+            return true;
+        }
+        // Check context-sensitive indicators only if NOT in echoed payload context
+        if (!containsEchoedPayload) {
+            if (contextSensitiveIndicators.some((pattern) => pattern.test(responseText))) {
+                return true;
+            }
+        }
+        return false;
+    }
+    /**
+     * Check if response contains echoed injection payload patterns
+     * These indicate the tool is safely echoing/storing input rather than executing it
+     */
+    containsEchoedInjectionPayload(responseText) {
+        const echoedPayloadPatterns = [
+            // XXE payload markers (echoed XML entity definitions)
+            /<!DOCTYPE\s+\w+\s+\[/i, // DOCTYPE with internal subset
+            /<!ENTITY\s+\w+\s+SYSTEM/i, // External entity definition
+            /<!ENTITY\s+%\s*\w+/i, // Parameter entity
+            // SSRF/URL payload markers (echoed in storage context)
+            /stored.*http:\/\//i, // "Stored query: http://..."
+            /saved.*http:\/\//i, // "Saved: http://..."
+            // SQL injection payload markers (echoed)
+            /stored.*union\s+select/i, // "Stored query: UNION SELECT..."
+            /stored.*drop\s+table/i, // "Stored query: DROP TABLE..."
+            // Common echo/storage patterns with payload content
+            /stored\s+query:\s*[<'"]/i, // "Stored query: <xml..." or "Stored query: '..."
+            /saved\s+data:\s*[<'"]/i, // "Saved data: <xml..."
+        ];
+        return echoedPayloadPatterns.some((pattern) => pattern.test(responseText));
     }
     /**
      * Analyze injection response (existing logic)

package/client/lib/services/assessment/modules/ToolAnnotationAssessor.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"ToolAnnotationAssessor.d.ts","sourceRoot":"","sources":["../../../../src/services/assessment/modules/ToolAnnotationAssessor.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;GAWG;AAEH,OAAO,EAAE,YAAY,EAAE,MAAM,gBAAgB,CAAC;AAC9C,OAAO,EAAE,iBAAiB,EAAE,MAAM,2BAA2B,CAAC;AAC9D,OAAO,KAAK,EACV,wBAAwB,EACxB,oBAAoB,EAKpB,uBAAuB,EAExB,MAAM,uBAAuB,CAAC;AAE/B,OAAO,KAAK,EAAE,gBAAgB,EAAE,MAAM,yBAAyB,CAAC;AAChE,OAAO,EACL,KAAK,gBAAgB,EAGtB,MAAM,8BAA8B,CAAC;AAgNtC;;GAEG;AACH,MAAM,WAAW,4BAA6B,SAAQ,oBAAoB;IACxE,eAAe,CAAC,EAAE;QAChB,gBAAgB,EAAE,OAAO,CAAC;QAC1B,mBAAmB,EAAE,OAAO,CAAC;QAC7B,UAAU,EAAE,MAAM,CAAC;QACnB,SAAS,EAAE,MAAM,CAAC;QAClB,oBAAoB,EAAE;YACpB,YAAY,CAAC,EAAE,OAAO,CAAC;YACvB,eAAe,CAAC,EAAE,OAAO,CAAC;YAC1B,cAAc,CAAC,EAAE,OAAO,CAAC;SAC1B,CAAC;QACF,oBAAoB,EAAE,OAAO,CAAC;QAC9B,mBAAmB,CAAC,EAAE,MAAM,CAAC;QAC7B,MAAM,EAAE,iBAAiB,GAAG,eAAe,CAAC;KAC7C,CAAC;CACH;AAED;;GAEG;AACH,MAAM,WAAW,gCAAiC,SAAQ,wBAAwB;IAChF,WAAW,EAAE,4BAA4B,EAAE,CAAC;IAC5C,cAAc,EAAE,OAAO,CAAC;IACxB,2BAA2B,EAAE,4BAA4B,EAAE,CAAC;CAC7D;AAKD,qBAAa,sBAAuB,SAAQ,YAAY;IACtD,OAAO,CAAC,YAAY,CAAC,CAAmB;IACxC,OAAO,CAAC,gBAAgB,CAAmB;gBAE/B,MAAM,EAAE,uBAAuB;IAM3C;;OAEG;IACH,WAAW,CAAC,QAAQ,EAAE,gBAAgB,GAAG,IAAI;IAK7C;;OAEG;IACH,eAAe,CAAC,MAAM,EAAE,gBAAgB,GAAG,IAAI;IAK/C;;OAEG;IACH,eAAe,IAAI,OAAO;IAO1B;;OAEG;IACG,MAAM,CACV,OAAO,EAAE,iBAAiB,GACzB,OAAO,CAAC,wBAAwB,GAAG,gCAAgC,CAAC;IAkSvE;;OAEG;YACW,0BAA0B;IA+IxC;;OAEG;IACH,OAAO,CAAC,2BAA2B;IAiCnC;;OAEG;IACH,OAAO,CAAC,+BAA+B;IAoFvC;;;OAGG;IACH,OAAO,CAAC,UAAU;IA2HlB;;;OAGG;IACH,OAAO,CAAC,2BAA2B;IA2DnC;;;;;;;;;OASG;IACH,OAAO,CAAC,kBAAkB;IAyE1B;;OAEG;IACH,OAAO,CAAC,iBAAiB;IAuBzB;;;OAGG;IACH,OAAO,CAAC,aAAa;IAgGrB;;;OAGG;IACH,OAAO,CAAC,yBAAyB;IA0DjC;;OAEG;IACH,OAAO,CAAC,gBAAgB;IAiDxB;;OAEG;IACH,OAAO,CAAC,mBAAmB;IAmC3B;;OAEG;IACH,OAAO,CAAC,uBAAuB;CA2ChC"}
+{"version":3,"file":"ToolAnnotationAssessor.d.ts","sourceRoot":"","sources":["../../../../src/services/assessment/modules/ToolAnnotationAssessor.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;GAWG;AAEH,OAAO,EAAE,YAAY,EAAE,MAAM,gBAAgB,CAAC;AAC9C,OAAO,EAAE,iBAAiB,EAAE,MAAM,2BAA2B,CAAC;AAC9D,OAAO,KAAK,EACV,wBAAwB,EACxB,oBAAoB,EAKpB,uBAAuB,EAExB,MAAM,uBAAuB,CAAC;AAE/B,OAAO,KAAK,EAAE,gBAAgB,EAAE,MAAM,yBAAyB,CAAC;AAChE,OAAO,EACL,KAAK,gBAAgB,EAGtB,MAAM,8BAA8B,CAAC;AAmNtC;;GAEG;AACH,MAAM,WAAW,4BAA6B,SAAQ,oBAAoB;IACxE,eAAe,CAAC,EAAE;QAChB,gBAAgB,EAAE,OAAO,CAAC;QAC1B,mBAAmB,EAAE,OAAO,CAAC;QAC7B,UAAU,EAAE,MAAM,CAAC;QACnB,SAAS,EAAE,MAAM,CAAC;QAClB,oBAAoB,EAAE;YACpB,YAAY,CAAC,EAAE,OAAO,CAAC;YACvB,eAAe,CAAC,EAAE,OAAO,CAAC;YAC1B,cAAc,CAAC,EAAE,OAAO,CAAC;SAC1B,CAAC;QACF,oBAAoB,EAAE,OAAO,CAAC;QAC9B,mBAAmB,CAAC,EAAE,MAAM,CAAC;QAC7B,MAAM,EAAE,iBAAiB,GAAG,eAAe,CAAC;KAC7C,CAAC;CACH;AAED;;GAEG;AACH,MAAM,WAAW,gCAAiC,SAAQ,wBAAwB;IAChF,WAAW,EAAE,4BAA4B,EAAE,CAAC;IAC5C,cAAc,EAAE,OAAO,CAAC;IACxB,2BAA2B,EAAE,4BAA4B,EAAE,CAAC;CAC7D;AAKD,qBAAa,sBAAuB,SAAQ,YAAY;IACtD,OAAO,CAAC,YAAY,CAAC,CAAmB;IACxC,OAAO,CAAC,gBAAgB,CAAmB;gBAE/B,MAAM,EAAE,uBAAuB;IAM3C;;OAEG;IACH,WAAW,CAAC,QAAQ,EAAE,gBAAgB,GAAG,IAAI;IAK7C;;OAEG;IACH,eAAe,CAAC,MAAM,EAAE,gBAAgB,GAAG,IAAI;IAK/C;;OAEG;IACH,eAAe,IAAI,OAAO;IAO1B;;OAEG;IACG,MAAM,CACV,OAAO,EAAE,iBAAiB,GACzB,OAAO,CAAC,wBAAwB,GAAG,gCAAgC,CAAC;IAkSvE;;OAEG;YACW,0BAA0B;IA+IxC;;OAEG;IACH,OAAO,CAAC,2BAA2B;IAiCnC;;OAEG;IACH,OAAO,CAAC,+BAA+B;IAoFvC;;;OAGG;IACH,OAAO,CAAC,UAAU;IA2HlB;;;OAGG;IACH,OAAO,CAAC,2BAA2B;IA2DnC;;;;;;;;;OASG;IACH,OAAO,CAAC,kBAAkB;IAyE1B;;OAEG;IACH,OAAO,CAAC,iBAAiB;IAuBzB;;;OAGG;IACH,OAAO,CAAC,aAAa;IAgGrB;;;OAGG;IACH,OAAO,CAAC,yBAAyB;IA0DjC;;OAEG;IACH,OAAO,CAAC,gBAAgB;IAiDxB;;OAEG;IACH,OAAO,CAAC,mBAAmB;IAmC3B;;OAEG;IACH,OAAO,CAAC,uBAAuB;CA2ChC"}

package/client/lib/services/assessment/modules/ToolAnnotationAssessor.js

@@ -91,7 +91,9 @@ const DESCRIPTION_POISONING_PATTERNS = [
     },
     {
         name: "include_credentials",
-        pattern: /include.*(api.?key|credential|password|secret)/i,
+        // More specific: requires directive context (in/with/when/to) to reduce false positives
+        // from legitimate documentation like "does not include credential storage"
+        pattern: /include\s+(the\s+|all\s+|your\s+)?(api.?key|credential|password|secret)s?\s*(in|with|when|to)/i,
         severity: "HIGH",
         category: "exfiltration",
     },

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@bryan-thompson/inspector-assessment",
-  "version": "1.19.0",
+  "version": "1.19.2",
   "description": "Enhanced MCP Inspector with comprehensive assessment capabilities for server validation",
   "license": "MIT",
   "author": "Bryan Thompson <bryan@triepod.ai>",
@@ -79,9 +79,9 @@
     "access": "public"
   },
   "dependencies": {
-    "@bryan-thompson/inspector-assessment-cli": "^1.19.0",
-    "@bryan-thompson/inspector-assessment-client": "^1.19.0",
-    "@bryan-thompson/inspector-assessment-server": "^1.19.0",
+    "@bryan-thompson/inspector-assessment-cli": "^1.19.2",
+    "@bryan-thompson/inspector-assessment-client": "^1.19.2",
+    "@bryan-thompson/inspector-assessment-server": "^1.19.2",
     "@modelcontextprotocol/sdk": "^1.24.3",
     "concurrently": "^9.2.0",
     "node-fetch": "^3.3.2",