@bryan-thompson/inspector-assessment 1.22.0 → 1.22.1

package/cli/build/assess-full.js

@@ -25,7 +25,26 @@ import { generatePolicyComplianceReport } from "../../client/lib/services/assess
 import { compareAssessments } from "../../client/lib/lib/assessmentDiffer.js";
 import { formatDiffAsMarkdown } from "../../client/lib/lib/reportFormatters/DiffReportFormatter.js";
 import { AssessmentStateManager } from "./assessmentState.js";
-import { emitServerConnected, emitToolDiscovered, emitToolsDiscoveryComplete, emitAssessmentComplete, emitTestBatch, emitVulnerabilityFound, emitAnnotationMissing, emitAnnotationMisaligned, emitAnnotationReviewRecommended, emitAnnotationAligned, } from "./lib/jsonl-events.js";
+import { emitServerConnected, emitToolDiscovered, emitToolsDiscoveryComplete, emitAssessmentComplete, emitTestBatch, emitVulnerabilityFound, emitAnnotationMissing, emitAnnotationMisaligned, emitAnnotationReviewRecommended, emitAnnotationAligned, emitModulesConfigured, } from "./lib/jsonl-events.js";
+// Valid module names derived from ASSESSMENT_CATEGORY_METADATA
+const VALID_MODULE_NAMES = Object.keys(ASSESSMENT_CATEGORY_METADATA);
+/**
+ * Validate module names from CLI input
+ */
+function validateModuleNames(input, flagName) {
+    const names = input
+        .split(",")
+        .map((n) => n.trim())
+        .filter(Boolean);
+    const invalid = names.filter((n) => !VALID_MODULE_NAMES.includes(n));
+    if (invalid.length > 0) {
+        console.error(`Error: Invalid module name(s) for ${flagName}: ${invalid.join(", ")}`);
+        console.error(`Valid modules: ${VALID_MODULE_NAMES.join(", ")}`);
+        setTimeout(() => process.exit(1), 10);
+        return [];
+    }
+    return names;
+}
 /**
  * Load server configuration from Claude Code's MCP settings
  */
@@ -317,7 +336,8 @@ function buildConfig(options) {
         enableSourceCodeAnalysis: !!options.sourceCodePath,
     };
     if (options.fullAssessment !== false) {
-        config.assessmentCategories = {
+        // Start with all modules enabled by default
+        const allModules = {
             functionality: true,
             security: true,
             documentation: true,
@@ -336,6 +356,23 @@ function buildConfig(options) {
             prompts: true,
             crossCapability: true,
         };
+        // Apply --only-modules filter (whitelist mode)
+        if (options.onlyModules?.length) {
+            for (const key of Object.keys(allModules)) {
+                // Disable all modules except those in the whitelist
+                allModules[key] = options.onlyModules.includes(key);
+            }
+        }
+        // Apply --skip-modules filter (blacklist mode)
+        if (options.skipModules?.length) {
+            for (const module of options.skipModules) {
+                if (module in allModules) {
+                    allModules[module] = false;
+                }
+            }
+        }
+        config.assessmentCategories =
+            allModules;
     }
     // Temporal/rug pull detection configuration
     if (options.temporalInvocations) {
@@ -519,6 +556,25 @@ async function runFullAssessment(options) {
         return {};
     }
     const config = buildConfig(options);
+    // Emit modules_configured event for consumer progress tracking
+    if (config.assessmentCategories) {
+        const enabled = [];
+        const skipped = [];
+        for (const [key, value] of Object.entries(config.assessmentCategories)) {
+            if (value) {
+                enabled.push(key);
+            }
+            else {
+                skipped.push(key);
+            }
+        }
+        const reason = options.onlyModules?.length
+            ? "only-modules"
+            : options.skipModules?.length
+                ? "skip-modules"
+                : "default";
+        emitModulesConfigured(enabled, skipped, reason);
+    }
     const orchestrator = new AssessmentOrchestrator(config);
     if (!options.jsonOnly) {
         if (orchestrator.isClaudeEnabled()) {
@@ -825,6 +881,36 @@ function parseArgs() {
             case "--skip-temporal":
                 options.skipTemporal = true;
                 break;
+            case "--skip-modules": {
+                const skipValue = args[++i];
+                if (!skipValue) {
+                    console.error("Error: --skip-modules requires a comma-separated list");
+                    setTimeout(() => process.exit(1), 10);
+                    options.helpRequested = true;
+                    return options;
+                }
+                options.skipModules = validateModuleNames(skipValue, "--skip-modules");
+                if (options.skipModules.length === 0 && skipValue) {
+                    options.helpRequested = true;
+                    return options;
+                }
+                break;
+            }
+            case "--only-modules": {
+                const onlyValue = args[++i];
+                if (!onlyValue) {
+                    console.error("Error: --only-modules requires a comma-separated list");
+                    setTimeout(() => process.exit(1), 10);
+                    options.helpRequested = true;
+                    return options;
+                }
+                options.onlyModules = validateModuleNames(onlyValue, "--only-modules");
+                if (options.onlyModules.length === 0 && onlyValue) {
+                    options.helpRequested = true;
+                    return options;
+                }
+                break;
+            }
             case "--help":
             case "-h":
                 printHelp();
@@ -845,6 +931,13 @@ function parseArgs() {
                 }
         }
     }
+    // Validate mutual exclusivity of --skip-modules and --only-modules
+    if (options.skipModules?.length && options.onlyModules?.length) {
+        console.error("Error: --skip-modules and --only-modules are mutually exclusive");
+        setTimeout(() => process.exit(1), 10);
+        options.helpRequested = true;
+        return options;
+    }
     if (!options.serverName) {
         console.error("Error: --server is required");
         printHelp();
@@ -880,11 +973,23 @@ Options:
   --full                 Enable all assessment modules (default)
   --temporal-invocations <n>  Number of invocations per tool for rug pull detection (default: 25)
   --skip-temporal        Skip temporal/rug pull testing (faster assessment)
+  --skip-modules <list>  Skip specific modules (comma-separated)
+  --only-modules <list>  Run only specific modules (comma-separated)
   --json                 Output only JSON path (no console summary)
   --verbose, -v          Enable verbose logging
   --help, -h             Show this help message
 
-Assessment Modules (12 total):
+Module Selection:
+  --skip-modules and --only-modules are mutually exclusive.
+  Use --skip-modules for faster runs by disabling expensive modules.
+  Use --only-modules to focus on specific areas (e.g., tool annotation PRs).
+
+  Valid module names:
+    functionality, security, documentation, errorHandling, usability,
+    mcpSpecCompliance, aupCompliance, toolAnnotations, prohibitedLibraries,
+    manifestValidation, portability, temporal, resources, prompts, crossCapability
+
+Assessment Modules (16 total):
   • Functionality      - Tests all tools work correctly
   • Security           - Prompt injection & vulnerability testing
   • Documentation      - README completeness checks
@@ -905,6 +1010,10 @@ Examples:
   mcp-assess-full --server my-server --format markdown --include-policy
   mcp-assess-full --server my-server --compare ./baseline.json
   mcp-assess-full --server my-server --compare ./baseline.json --diff-only --format markdown
+
+  # Module selection examples:
+  mcp-assess-full my-server --skip-modules security,aupCompliance    # Fast CI run
+  mcp-assess-full my-server --only-modules functionality,toolAnnotations  # Annotation PR review
   `);
 }
 /**

package/cli/build/lib/jsonl-events.js

@@ -178,3 +178,15 @@ export function emitAnnotationAligned(tool, confidence, annotations) {
         annotations,
     });
 }
+/**
+ * Emit modules_configured event to inform consumers which modules are enabled.
+ * Useful for accurate progress tracking when using --skip-modules or --only-modules.
+ */
+export function emitModulesConfigured(enabled, skipped, reason) {
+    emitJSONL({
+        event: "modules_configured",
+        enabled,
+        skipped,
+        reason,
+    });
+}

package/client/dist/assets/{OAuthCallback-CKq3cbse.js → OAuthCallback-BkruhH1p.js}

@@ -1,4 +1,4 @@
-import { u as useToast, r as reactExports, j as jsxRuntimeExports, p as parseOAuthCallbackParams, g as generateOAuthErrorDescription, S as SESSION_KEYS, I as InspectorOAuthClientProvider, a as auth } from "./index-BlnJHX-f.js";
+import { u as useToast, r as reactExports, j as jsxRuntimeExports, p as parseOAuthCallbackParams, g as generateOAuthErrorDescription, S as SESSION_KEYS, I as InspectorOAuthClientProvider, a as auth } from "./index-R4iLdUb0.js";
 const OAuthCallback = ({ onConnect }) => {
   const { toast } = useToast();
   const hasProcessedRef = reactExports.useRef(false);

package/client/dist/assets/{OAuthDebugCallback-CKb5HPif.js → OAuthDebugCallback-T5sA9xQb.js}

@@ -1,4 +1,4 @@
-import { r as reactExports, S as SESSION_KEYS, p as parseOAuthCallbackParams, j as jsxRuntimeExports, g as generateOAuthErrorDescription } from "./index-BlnJHX-f.js";
+import { r as reactExports, S as SESSION_KEYS, p as parseOAuthCallbackParams, j as jsxRuntimeExports, g as generateOAuthErrorDescription } from "./index-R4iLdUb0.js";
 const OAuthDebugCallback = ({ onConnect }) => {
   reactExports.useEffect(() => {
     let isProcessed = false;

package/client/dist/assets/{index-BlnJHX-f.js → index-R4iLdUb0.js}

@@ -16320,7 +16320,7 @@ object({
   token_type_hint: string().optional()
 }).strip();
 const name = "@bryan-thompson/inspector-assessment-client";
-const version$1 = "1.22.0";
+const version$1 = "1.22.1";
 const packageJson = {
   name,
   version: version$1
@@ -45352,7 +45352,7 @@ const useTheme = () => {
     [theme, setThemeWithSideEffect]
   );
 };
-const version = "1.22.0";
+const version = "1.22.1";
 var [createTooltipContext] = createContextScope("Tooltip", [
   createPopperScope
 ]);
@@ -53359,6 +53359,12 @@ class SecurityAssessor extends BaseAssessor {
         evidence: "Tool safely reflected input without execution"
       };
     }
+    if (this.isComputedMathResult(payload.payload, responseText)) {
+      return {
+        isVulnerable: true,
+        evidence: `Tool computed math expression result instead of storing/echoing it (payload: ${payload.payload})`
+      };
+    }
     if (this.isValidationRejection(response)) {
       return {
         isVulnerable: false,
@@ -53537,6 +53543,72 @@ class SecurityAssessor extends BaseAssessor {
     ];
     return executionIndicators.some((pattern2) => pattern2.test(responseText));
   }
+  /**
+   * Check if a math expression payload was computed (execution evidence)
+   * Returns true if the response contains the computed result but NOT the original expression.
+   *
+   * This is key evidence of execution:
+   * - VULNERABLE: payload "15*37+100" → response contains "655" (computed result)
+   * - SAFE: payload "15*37+100" → response contains "15*37+100" (echoed, not computed)
+   *
+   * Added for Issue #14: False positives on safe input reflection
+   */
+  isComputedMathResult(payload, responseText) {
+    const simpleMathPattern = /^\s*(\d+)\s*([+\-*\/])\s*(\d+)(?:\s*([+\-*\/])\s*(\d+))?\s*$/;
+    const match = payload.match(simpleMathPattern);
+    if (!match) {
+      return false;
+    }
+    try {
+      const num1 = parseInt(match[1], 10);
+      const op1 = match[2];
+      const num2 = parseInt(match[3], 10);
+      const op2 = match[4];
+      const num3 = match[5] ? parseInt(match[5], 10) : void 0;
+      let result;
+      switch (op1) {
+        case "+":
+          result = num1 + num2;
+          break;
+        case "-":
+          result = num1 - num2;
+          break;
+        case "*":
+          result = num1 * num2;
+          break;
+        case "/":
+          result = Math.floor(num1 / num2);
+          break;
+        default:
+          return false;
+      }
+      if (op2 && num3 !== void 0) {
+        switch (op2) {
+          case "+":
+            result = result + num3;
+            break;
+          case "-":
+            result = result - num3;
+            break;
+          case "*":
+            result = result * num3;
+            break;
+          case "/":
+            result = Math.floor(result / num3);
+            break;
+          default:
+            return false;
+        }
+      }
+      const resultStr = result.toString();
+      const hasComputedResult = responseText.includes(resultStr);
+      const normalizedPayload = payload.replace(/\s+/g, "");
+      const hasOriginalExpression = responseText.includes(payload) || responseText.includes(normalizedPayload);
+      return hasComputedResult && !hasOriginalExpression;
+    } catch {
+      return false;
+    }
+  }
   /**
    * Perform additional security checks
    */
@@ -53841,7 +53913,27 @@ class SecurityAssessor extends BaseAssessor {
       /data.?stored.?safely/i,
       /without.?deserialization/i,
       /no.?pickle/i,
-      /stored.?without.?deserializ/i
+      /stored.?without.?deserializ/i,
+      // NEW: Hash-based sanitization patterns (Issue #14 fix)
+      // These indicate the tool replaced dangerous input with safe hash identifiers
+      /\[ref-[a-f0-9]+\]/i,
+      // Hash-based sanitization: [ref-a1b2c3d4]
+      /stored.*\[ref-/i,
+      // "Expression stored: [ref-...]"
+      /\[sanitized\]/i,
+      // [sanitized] placeholder
+      /\[redacted\]/i,
+      // [redacted] placeholder
+      /\[filtered\]/i,
+      // [filtered] placeholder
+      /\[blocked\]/i,
+      // [blocked] placeholder
+      /expression.*stored:/i,
+      // "Expression stored:" prefix
+      /input.*sanitized/i,
+      // "Input sanitized"
+      /content.*replaced/i
+      // "Content replaced with hash"
     ];
     const hasReflection = reflectionPatterns.some(
       (pattern2) => pattern2.test(responseText)
@@ -59174,13 +59266,13 @@ const App = () => {
   ) });
   if (window.location.pathname === "/oauth/callback") {
     const OAuthCallback = React.lazy(
-      () => __vitePreload(() => import("./OAuthCallback-CKq3cbse.js"), true ? [] : void 0)
+      () => __vitePreload(() => import("./OAuthCallback-BkruhH1p.js"), true ? [] : void 0)
     );
     return /* @__PURE__ */ jsxRuntimeExports.jsx(reactExports.Suspense, { fallback: /* @__PURE__ */ jsxRuntimeExports.jsx("div", { children: "Loading..." }), children: /* @__PURE__ */ jsxRuntimeExports.jsx(OAuthCallback, { onConnect: onOAuthConnect }) });
   }
   if (window.location.pathname === "/oauth/callback/debug") {
     const OAuthDebugCallback = React.lazy(
-      () => __vitePreload(() => import("./OAuthDebugCallback-CKb5HPif.js"), true ? [] : void 0)
+      () => __vitePreload(() => import("./OAuthDebugCallback-T5sA9xQb.js"), true ? [] : void 0)
     );
     return /* @__PURE__ */ jsxRuntimeExports.jsx(reactExports.Suspense, { fallback: /* @__PURE__ */ jsxRuntimeExports.jsx("div", { children: "Loading..." }), children: /* @__PURE__ */ jsxRuntimeExports.jsx(OAuthDebugCallback, { onConnect: onOAuthDebugConnect }) });
   }

package/client/dist/index.html

@@ -5,7 +5,7 @@
     <link rel="icon" type="image/svg+xml" href="/mcp.svg" />
     <meta name="viewport" content="width=device-width, initial-scale=1.0" />
     <title>MCP Inspector</title>
-    <script type="module" crossorigin src="/assets/index-BlnJHX-f.js"></script>
+    <script type="module" crossorigin src="/assets/index-R4iLdUb0.js"></script>
     <link rel="stylesheet" crossorigin href="/assets/index-DiyPO_Zj.css">
   </head>
   <body>

package/client/lib/services/assessment/modules/SecurityAssessor.d.ts

@@ -102,6 +102,17 @@ export declare class SecurityAssessor extends BaseAssessor {
      * - VULNERABLE: "SQL executed: syntax error" (error DURING execution)
      */
     private hasExecutionEvidence;
+    /**
+     * Check if a math expression payload was computed (execution evidence)
+     * Returns true if the response contains the computed result but NOT the original expression.
+     *
+     * This is key evidence of execution:
+     * - VULNERABLE: payload "15*37+100" → response contains "655" (computed result)
+     * - SAFE: payload "15*37+100" → response contains "15*37+100" (echoed, not computed)
+     *
+     * Added for Issue #14: False positives on safe input reflection
+     */
+    private isComputedMathResult;
     /**
      * Perform additional security checks
      */

package/client/lib/services/assessment/modules/SecurityAssessor.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"SecurityAssessor.d.ts","sourceRoot":"","sources":["../../../../src/services/assessment/modules/SecurityAssessor.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;GAgBG;AAEH,OAAO,EACL,kBAAkB,EAInB,MAAM,uBAAuB,CAAC;AAC/B,OAAO,EAAE,YAAY,EAAE,MAAM,gBAAgB,CAAC;AAC9C,OAAO,EAAE,iBAAiB,EAAE,MAAM,2BAA2B,CAAC;AAc9D,qBAAa,gBAAiB,SAAQ,YAAY;IAChD,OAAO,CAAC,iBAAiB,CAAuC;IAC1D,MAAM,CAAC,OAAO,EAAE,iBAAiB,GAAG,OAAO,CAAC,kBAAkB,CAAC;IAuFrE;;OAEG;IACH,OAAO,CAAC,qBAAqB;IAkC7B;;;;OAIG;YACW,yBAAyB;IAuKvC;;;;OAIG;YACW,qBAAqB;IA4JnC;;OAEG;YACW,WAAW;IA2HzB;;;;;OAKG;IACH,OAAO,CAAC,iBAAiB;IAgDzB;;;OAGG;IACH,OAAO,CAAC,8BAA8B;IAiDtC;;OAEG;IACH,OAAO,CAAC,aAAa;IA+BrB;;OAEG;IACH,OAAO,CAAC,0BAA0B;IAgClC;;;OAGG;IACH,OAAO,CAAC,eAAe;IA6HvB;;;;;;;OAOG;IACH,OAAO,CAAC,qBAAqB;IAiE7B;;;;;;;;;OASG;IACH,OAAO,CAAC,oBAAoB;IAqC5B;;;;;OAKG;IACH,OAAO,CAAC,mBAAmB;IAsB3B;;;;;;;OAOG;IACH,OAAO,CAAC,oBAAoB;IAkC5B;;OAEG;YACW,+BAA+B;IAiC7C;;OAEG;IACH,OAAO,CAAC,yBAAyB;IAYjC;;OAEG;IACH,OAAO,CAAC,uBAAuB;IA0B/B;;OAEG;IACH,OAAO,CAAC,2BAA2B;IAkEnC;;;OAGG;IACH,OAAO,CAAC,mBAAmB;IAuI3B;;;OAGG;IACH,OAAO,CAAC,oBAAoB;IAsB5B;;;;;;;;;;;;OAYG;IACH,OAAO,CAAC,oBAAoB;IAwM5B;;;;;;;;;OASG;IACH,OAAO,CAAC,wBAAwB;IAwDhC;;;OAGG;IACH,OAAO,CAAC,8BAA8B;IAuBtC;;;OAGG;IACH,OAAO,CAAC,wBAAwB;IA8BhC;;OAEG;IACH,OAAO,CAAC,sBAAsB;IAW9B;;OAEG;IACH,OAAO,CAAC,kBAAkB;IAO1B,OAAO,CAAC,oBAAoB;IAoH5B;;OAEG;IACH,OAAO,CAAC,YAAY;IASpB;;;OAGG;IACH,OAAO,CAAC,eAAe;IASvB;;;OAGG;IACH,OAAO,CAAC,sBAAsB;IAiB9B;;;OAGG;IACH,OAAO,CAAC,kBAAkB;CAmB3B"}
+{"version":3,"file":"SecurityAssessor.d.ts","sourceRoot":"","sources":["../../../../src/services/assessment/modules/SecurityAssessor.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;GAgBG;AAEH,OAAO,EACL,kBAAkB,EAInB,MAAM,uBAAuB,CAAC;AAC/B,OAAO,EAAE,YAAY,EAAE,MAAM,gBAAgB,CAAC;AAC9C,OAAO,EAAE,iBAAiB,EAAE,MAAM,2BAA2B,CAAC;AAc9D,qBAAa,gBAAiB,SAAQ,YAAY;IAChD,OAAO,CAAC,iBAAiB,CAAuC;IAC1D,MAAM,CAAC,OAAO,EAAE,iBAAiB,GAAG,OAAO,CAAC,kBAAkB,CAAC;IAuFrE;;OAEG;IACH,OAAO,CAAC,qBAAqB;IAkC7B;;;;OAIG;YACW,yBAAyB;IAuKvC;;;;OAIG;YACW,qBAAqB;IA4JnC;;OAEG;YACW,WAAW;IA2HzB;;;;;OAKG;IACH,OAAO,CAAC,iBAAiB;IAgDzB;;;OAGG;IACH,OAAO,CAAC,8BAA8B;IAiDtC;;OAEG;IACH,OAAO,CAAC,aAAa;IA+BrB;;OAEG;IACH,OAAO,CAAC,0BAA0B;IAgClC;;;OAGG;IACH,OAAO,CAAC,eAAe;IAuIvB;;;;;;;OAOG;IACH,OAAO,CAAC,qBAAqB;IAiE7B;;;;;;;;;OASG;IACH,OAAO,CAAC,oBAAoB;IAqC5B;;;;;OAKG;IACH,OAAO,CAAC,mBAAmB;IAsB3B;;;;;;;OAOG;IACH,OAAO,CAAC,oBAAoB;IAkC5B;;;;;;;;;OASG;IACH,OAAO,CAAC,oBAAoB;IA8E5B;;OAEG;YACW,+BAA+B;IAiC7C;;OAEG;IACH,OAAO,CAAC,yBAAyB;IAYjC;;OAEG;IACH,OAAO,CAAC,uBAAuB;IA0B/B;;OAEG;IACH,OAAO,CAAC,2BAA2B;IAkEnC;;;OAGG;IACH,OAAO,CAAC,mBAAmB;IAuI3B;;;OAGG;IACH,OAAO,CAAC,oBAAoB;IAsB5B;;;;;;;;;;;;OAYG;IACH,OAAO,CAAC,oBAAoB;IAoN5B;;;;;;;;;OASG;IACH,OAAO,CAAC,wBAAwB;IAwDhC;;;OAGG;IACH,OAAO,CAAC,8BAA8B;IAuBtC;;;OAGG;IACH,OAAO,CAAC,wBAAwB;IA8BhC;;OAEG;IACH,OAAO,CAAC,sBAAsB;IAW9B;;OAEG;IACH,OAAO,CAAC,kBAAkB;IAO1B,OAAO,CAAC,oBAAoB;IAoH5B;;OAEG;IACH,OAAO,CAAC,YAAY;IASpB;;;OAGG;IACH,OAAO,CAAC,eAAe;IASvB;;;OAGG;IACH,OAAO,CAAC,sBAAsB;IAiB9B;;;OAGG;IACH,OAAO,CAAC,kBAAkB;CAmB3B"}

package/client/lib/services/assessment/modules/SecurityAssessor.js

@@ -646,6 +646,15 @@ export class SecurityAssessor extends BaseAssessor {
         }
         // Response doesn't match reflection patterns - continue checking
         // Falls through - might be execution (with or without echo of input)
+        // ✅ STEP 1.7: Check for computed math results (Issue #14 fix)
+        // If payload is a math expression and response contains the computed result
+        // (but NOT the original expression), that's evidence of execution
+        if (this.isComputedMathResult(payload.payload, responseText)) {
+            return {
+                isVulnerable: true,
+                evidence: `Tool computed math expression result instead of storing/echoing it (payload: ${payload.payload})`,
+            };
+        }
         // ✅ STEP 2: Check if tool explicitly rejected the input (SAFE)
         // CRITICAL: Check this BEFORE evidence matching to prevent false positives
         // Tools that reject invalid input are secure, regardless of error message content
@@ -849,6 +858,84 @@ export class SecurityAssessor extends BaseAssessor {
         ];
         return executionIndicators.some((pattern) => pattern.test(responseText));
     }
+    /**
+     * Check if a math expression payload was computed (execution evidence)
+     * Returns true if the response contains the computed result but NOT the original expression.
+     *
+     * This is key evidence of execution:
+     * - VULNERABLE: payload "15*37+100" → response contains "655" (computed result)
+     * - SAFE: payload "15*37+100" → response contains "15*37+100" (echoed, not computed)
+     *
+     * Added for Issue #14: False positives on safe input reflection
+     */
+    isComputedMathResult(payload, responseText) {
+        // Check if payload looks like a simple math expression
+        // Matches: "2+2", "15*37+100", "10/2", "5-3", etc.
+        const simpleMathPattern = /^\s*(\d+)\s*([+\-*\/])\s*(\d+)(?:\s*([+\-*\/])\s*(\d+))?\s*$/;
+        const match = payload.match(simpleMathPattern);
+        if (!match) {
+            return false; // Not a simple math expression
+        }
+        // Try to safely evaluate the expression
+        try {
+            // Parse numbers and operators manually (avoid eval)
+            const num1 = parseInt(match[1], 10);
+            const op1 = match[2];
+            const num2 = parseInt(match[3], 10);
+            const op2 = match[4];
+            const num3 = match[5] ? parseInt(match[5], 10) : undefined;
+            let result;
+            // Calculate first operation
+            switch (op1) {
+                case "+":
+                    result = num1 + num2;
+                    break;
+                case "-":
+                    result = num1 - num2;
+                    break;
+                case "*":
+                    result = num1 * num2;
+                    break;
+                case "/":
+                    result = Math.floor(num1 / num2);
+                    break;
+                default:
+                    return false;
+            }
+            // Calculate second operation if present (left-to-right, no precedence)
+            if (op2 && num3 !== undefined) {
+                switch (op2) {
+                    case "+":
+                        result = result + num3;
+                        break;
+                    case "-":
+                        result = result - num3;
+                        break;
+                    case "*":
+                        result = result * num3;
+                        break;
+                    case "/":
+                        result = Math.floor(result / num3);
+                        break;
+                    default:
+                        return false;
+                }
+            }
+            // Check if response contains the computed result
+            const resultStr = result.toString();
+            const hasComputedResult = responseText.includes(resultStr);
+            // Check if response also contains the original expression (reflection)
+            const normalizedPayload = payload.replace(/\s+/g, "");
+            const hasOriginalExpression = responseText.includes(payload) ||
+                responseText.includes(normalizedPayload);
+            // Vulnerable if: has computed result AND does NOT have original expression
+            // This means the tool executed the expression instead of just echoing it
+            return hasComputedResult && !hasOriginalExpression;
+        }
+        catch {
+            return false;
+        }
+    }
     /**
      * Perform additional security checks
      */
@@ -1195,6 +1282,17 @@ export class SecurityAssessor extends BaseAssessor {
             /without.?deserialization/i,
             /no.?pickle/i,
             /stored.?without.?deserializ/i,
+            // NEW: Hash-based sanitization patterns (Issue #14 fix)
+            // These indicate the tool replaced dangerous input with safe hash identifiers
+            /\[ref-[a-f0-9]+\]/i, // Hash-based sanitization: [ref-a1b2c3d4]
+            /stored.*\[ref-/i, // "Expression stored: [ref-...]"
+            /\[sanitized\]/i, // [sanitized] placeholder
+            /\[redacted\]/i, // [redacted] placeholder
+            /\[filtered\]/i, // [filtered] placeholder
+            /\[blocked\]/i, // [blocked] placeholder
+            /expression.*stored:/i, // "Expression stored:" prefix
+            /input.*sanitized/i, // "Input sanitized"
+            /content.*replaced/i, // "Content replaced with hash"
         ];
         // LAYER 1: Check for reflection/status patterns
         const hasReflection = reflectionPatterns.some((pattern) => pattern.test(responseText));

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@bryan-thompson/inspector-assessment",
-  "version": "1.22.0",
+  "version": "1.22.1",
   "description": "Enhanced MCP Inspector with comprehensive assessment capabilities for server validation",
   "license": "MIT",
   "author": "Bryan Thompson <bryan@triepod.ai>",
@@ -79,9 +79,9 @@
     "access": "public"
   },
   "dependencies": {
-    "@bryan-thompson/inspector-assessment-cli": "^1.22.0",
-    "@bryan-thompson/inspector-assessment-client": "^1.22.0",
-    "@bryan-thompson/inspector-assessment-server": "^1.22.0",
+    "@bryan-thompson/inspector-assessment-cli": "^1.22.1",
+    "@bryan-thompson/inspector-assessment-client": "^1.22.1",
+    "@bryan-thompson/inspector-assessment-server": "^1.22.1",
     "@modelcontextprotocol/sdk": "^1.24.3",
     "concurrently": "^9.2.0",
     "node-fetch": "^3.3.2",