@bryan-thompson/inspector-assessment 1.26.5 → 1.26.7

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (102) hide show
  1. package/cli/build/__tests__/assessment-runner/assessment-executor.test.js +248 -0
  2. package/cli/build/__tests__/assessment-runner/config-builder.test.js +289 -0
  3. package/cli/build/__tests__/assessment-runner/index.test.js +41 -0
  4. package/cli/build/__tests__/assessment-runner/server-config.test.js +249 -0
  5. package/cli/build/__tests__/assessment-runner/server-connection.test.js +221 -0
  6. package/cli/build/__tests__/assessment-runner/source-loader.test.js +341 -0
  7. package/cli/build/__tests__/assessment-runner/tool-wrapper.test.js +114 -0
  8. package/cli/build/__tests__/assessment-runner-facade.test.js +118 -0
  9. package/cli/build/assess-full.js +26 -1254
  10. package/cli/build/lib/assessment-runner/assessment-executor.js +323 -0
  11. package/cli/build/lib/assessment-runner/config-builder.js +127 -0
  12. package/cli/build/lib/assessment-runner/index.js +20 -0
  13. package/cli/build/lib/assessment-runner/server-config.js +78 -0
  14. package/cli/build/lib/assessment-runner/server-connection.js +80 -0
  15. package/cli/build/lib/assessment-runner/source-loader.js +139 -0
  16. package/cli/build/lib/assessment-runner/tool-wrapper.js +40 -0
  17. package/cli/build/lib/assessment-runner/types.js +8 -0
  18. package/cli/build/lib/assessment-runner.js +12 -0
  19. package/cli/build/lib/cli-parser.js +419 -0
  20. package/cli/build/lib/comparison-handler.js +84 -0
  21. package/cli/build/lib/result-output.js +154 -0
  22. package/cli/package.json +1 -1
  23. package/client/dist/assets/{OAuthCallback-DpdInvWI.js → OAuthCallback-kF1MLuwg.js} +1 -1
  24. package/client/dist/assets/{OAuthDebugCallback-D1ImpKK5.js → OAuthDebugCallback-Nv-8u0GR.js} +1 -1
  25. package/client/dist/assets/{index-umcoGmYw.js → index-CCiX5wkF.js} +4 -4
  26. package/client/dist/index.html +1 -1
  27. package/client/lib/lib/assessment/configTypes.d.ts +2 -0
  28. package/client/lib/lib/assessment/configTypes.d.ts.map +1 -1
  29. package/client/lib/lib/securityPatterns.d.ts +4 -2
  30. package/client/lib/lib/securityPatterns.d.ts.map +1 -1
  31. package/client/lib/lib/securityPatterns.js +146 -2
  32. package/client/lib/services/assessment/modules/AUPComplianceAssessor.js +9 -9
  33. package/client/lib/services/assessment/modules/AuthenticationAssessor.js +4 -4
  34. package/client/lib/services/assessment/modules/BaseAssessor.d.ts +0 -14
  35. package/client/lib/services/assessment/modules/BaseAssessor.d.ts.map +1 -1
  36. package/client/lib/services/assessment/modules/BaseAssessor.js +1 -33
  37. package/client/lib/services/assessment/modules/CrossCapabilitySecurityAssessor.js +1 -1
  38. package/client/lib/services/assessment/modules/DeveloperExperienceAssessor.js +1 -1
  39. package/client/lib/services/assessment/modules/DocumentationAssessor.js +2 -2
  40. package/client/lib/services/assessment/modules/ErrorHandlingAssessor.d.ts.map +1 -1
  41. package/client/lib/services/assessment/modules/ErrorHandlingAssessor.js +8 -8
  42. package/client/lib/services/assessment/modules/ExternalAPIScannerAssessor.d.ts.map +1 -1
  43. package/client/lib/services/assessment/modules/ExternalAPIScannerAssessor.js +3 -3
  44. package/client/lib/services/assessment/modules/FunctionalityAssessor.js +9 -9
  45. package/client/lib/services/assessment/modules/MCPSpecComplianceAssessor.d.ts.map +1 -1
  46. package/client/lib/services/assessment/modules/MCPSpecComplianceAssessor.js +12 -12
  47. package/client/lib/services/assessment/modules/ManifestValidationAssessor.d.ts.map +1 -1
  48. package/client/lib/services/assessment/modules/ManifestValidationAssessor.js +9 -5
  49. package/client/lib/services/assessment/modules/PortabilityAssessor.d.ts.map +1 -1
  50. package/client/lib/services/assessment/modules/PortabilityAssessor.js +3 -3
  51. package/client/lib/services/assessment/modules/ProhibitedLibrariesAssessor.js +4 -4
  52. package/client/lib/services/assessment/modules/PromptAssessor.js +2 -2
  53. package/client/lib/services/assessment/modules/ProtocolComplianceAssessor.d.ts.map +1 -1
  54. package/client/lib/services/assessment/modules/ProtocolComplianceAssessor.js +7 -7
  55. package/client/lib/services/assessment/modules/ProtocolConformanceAssessor.js +1 -1
  56. package/client/lib/services/assessment/modules/ResourceAssessor.js +1 -1
  57. package/client/lib/services/assessment/modules/SecurityAssessor.d.ts +25 -2
  58. package/client/lib/services/assessment/modules/SecurityAssessor.d.ts.map +1 -1
  59. package/client/lib/services/assessment/modules/SecurityAssessor.js +149 -17
  60. package/client/lib/services/assessment/modules/TemporalAssessor.d.ts.map +1 -1
  61. package/client/lib/services/assessment/modules/TemporalAssessor.js +10 -10
  62. package/client/lib/services/assessment/modules/ToolAnnotationAssessor.js +9 -9
  63. package/client/lib/services/assessment/modules/UsabilityAssessor.js +1 -1
  64. package/client/lib/services/assessment/modules/annotations/DescriptionPoisoningDetector.d.ts.map +1 -1
  65. package/client/lib/services/assessment/modules/annotations/DescriptionPoisoningDetector.js +37 -0
  66. package/client/lib/services/assessment/modules/index.d.ts +3 -0
  67. package/client/lib/services/assessment/modules/index.d.ts.map +1 -1
  68. package/client/lib/services/assessment/modules/securityTests/ChainExecutionTester.d.ts +104 -0
  69. package/client/lib/services/assessment/modules/securityTests/ChainExecutionTester.d.ts.map +1 -0
  70. package/client/lib/services/assessment/modules/securityTests/ChainExecutionTester.js +257 -0
  71. package/client/lib/services/assessment/modules/securityTests/ConfidenceScorer.d.ts +57 -0
  72. package/client/lib/services/assessment/modules/securityTests/ConfidenceScorer.d.ts.map +1 -0
  73. package/client/lib/services/assessment/modules/securityTests/ConfidenceScorer.js +199 -0
  74. package/client/lib/services/assessment/modules/securityTests/CrossToolStateTester.d.ts +91 -0
  75. package/client/lib/services/assessment/modules/securityTests/CrossToolStateTester.d.ts.map +1 -0
  76. package/client/lib/services/assessment/modules/securityTests/CrossToolStateTester.js +225 -0
  77. package/client/lib/services/assessment/modules/securityTests/ErrorClassifier.d.ts +57 -0
  78. package/client/lib/services/assessment/modules/securityTests/ErrorClassifier.d.ts.map +1 -0
  79. package/client/lib/services/assessment/modules/securityTests/ErrorClassifier.js +113 -0
  80. package/client/lib/services/assessment/modules/securityTests/ExecutionArtifactDetector.d.ts +49 -0
  81. package/client/lib/services/assessment/modules/securityTests/ExecutionArtifactDetector.d.ts.map +1 -0
  82. package/client/lib/services/assessment/modules/securityTests/ExecutionArtifactDetector.js +74 -0
  83. package/client/lib/services/assessment/modules/securityTests/MathAnalyzer.d.ts +58 -0
  84. package/client/lib/services/assessment/modules/securityTests/MathAnalyzer.d.ts.map +1 -0
  85. package/client/lib/services/assessment/modules/securityTests/MathAnalyzer.js +251 -0
  86. package/client/lib/services/assessment/modules/securityTests/SafeResponseDetector.d.ts +59 -0
  87. package/client/lib/services/assessment/modules/securityTests/SafeResponseDetector.d.ts.map +1 -0
  88. package/client/lib/services/assessment/modules/securityTests/SafeResponseDetector.js +151 -0
  89. package/client/lib/services/assessment/modules/securityTests/SecurityPatternLibrary.d.ts +349 -0
  90. package/client/lib/services/assessment/modules/securityTests/SecurityPatternLibrary.d.ts.map +1 -0
  91. package/client/lib/services/assessment/modules/securityTests/SecurityPatternLibrary.js +904 -0
  92. package/client/lib/services/assessment/modules/securityTests/SecurityPayloadGenerator.d.ts.map +1 -1
  93. package/client/lib/services/assessment/modules/securityTests/SecurityPayloadGenerator.js +49 -24
  94. package/client/lib/services/assessment/modules/securityTests/SecurityResponseAnalyzer.d.ts +122 -85
  95. package/client/lib/services/assessment/modules/securityTests/SecurityResponseAnalyzer.d.ts.map +1 -1
  96. package/client/lib/services/assessment/modules/securityTests/SecurityResponseAnalyzer.js +443 -1176
  97. package/client/lib/services/assessment/modules/securityTests/index.d.ts +3 -1
  98. package/client/lib/services/assessment/modules/securityTests/index.d.ts.map +1 -1
  99. package/client/lib/services/assessment/modules/securityTests/index.js +2 -0
  100. package/client/package.json +1 -1
  101. package/package.json +9 -1
  102. package/server/package.json +1 -1
package/client/lib/services/assessment/modules/securityTests/index.d.ts CHANGED
@@ -2,7 +2,9 @@
2
2
  * Security Assessment Module
3
3
  * Exports all security-related components
4
4
  */
5
- export { SecurityResponseAnalyzer, type ConfidenceResult, type AnalysisResult, type ErrorClassification, } from "./SecurityResponseAnalyzer.js";
5
+ export { SecurityResponseAnalyzer, type ConfidenceResult, type AnalysisResult, type ErrorClassification, type StateBasedAuthResult, type ChainExploitationAnalysis, type ChainExecutionType, type ChainVulnerabilityCategory, } from "./SecurityResponseAnalyzer.js";
6
6
  export { SecurityPayloadTester, type TestProgressCallback, type PayloadTestConfig, type TestLogger, } from "./SecurityPayloadTester.js";
7
7
  export { SecurityPayloadGenerator } from "./SecurityPayloadGenerator.js";
8
+ export { CrossToolStateTester, type CrossToolTestResult, type ToolPair, type CallToolFunction, type CrossToolTestConfig, } from "./CrossToolStateTester.js";
9
+ export { ChainExecutionTester, type ChainExecutionTestResult, type ChainExploitationSummary, type ChainExecutionTesterConfig, type ChainTestReason, } from "./ChainExecutionTester.js";
8
10
  //# sourceMappingURL=index.d.ts.map
package/client/lib/services/assessment/modules/securityTests/index.d.ts.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../../../../src/services/assessment/modules/securityTests/index.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAEH,OAAO,EACL,wBAAwB,EACxB,KAAK,gBAAgB,EACrB,KAAK,cAAc,EACnB,KAAK,mBAAmB,GACzB,MAAM,4BAA4B,CAAC;AAEpC,OAAO,EACL,qBAAqB,EACrB,KAAK,oBAAoB,EACzB,KAAK,iBAAiB,EACtB,KAAK,UAAU,GAChB,MAAM,yBAAyB,CAAC;AAEjC,OAAO,EAAE,wBAAwB,EAAE,MAAM,4BAA4B,CAAC"}
1
+ {"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../../../../src/services/assessment/modules/securityTests/index.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAEH,OAAO,EACL,wBAAwB,EACxB,KAAK,gBAAgB,EACrB,KAAK,cAAc,EACnB,KAAK,mBAAmB,EACxB,KAAK,oBAAoB,EACzB,KAAK,yBAAyB,EAC9B,KAAK,kBAAkB,EACvB,KAAK,0BAA0B,GAChC,MAAM,4BAA4B,CAAC;AAEpC,OAAO,EACL,qBAAqB,EACrB,KAAK,oBAAoB,EACzB,KAAK,iBAAiB,EACtB,KAAK,UAAU,GAChB,MAAM,yBAAyB,CAAC;AAEjC,OAAO,EAAE,wBAAwB,EAAE,MAAM,4BAA4B,CAAC;AAEtE,OAAO,EACL,oBAAoB,EACpB,KAAK,mBAAmB,EACxB,KAAK,QAAQ,EACb,KAAK,gBAAgB,EACrB,KAAK,mBAAmB,GACzB,MAAM,wBAAwB,CAAC;AAEhC,OAAO,EACL,oBAAoB,EACpB,KAAK,wBAAwB,EAC7B,KAAK,wBAAwB,EAC7B,KAAK,0BAA0B,EAC/B,KAAK,eAAe,GACrB,MAAM,wBAAwB,CAAC"}
package/client/lib/services/assessment/modules/securityTests/index.js CHANGED
@@ -5,3 +5,5 @@
5
5
  export { SecurityResponseAnalyzer, } from "./SecurityResponseAnalyzer.js";
6
6
  export { SecurityPayloadTester, } from "./SecurityPayloadTester.js";
7
7
  export { SecurityPayloadGenerator } from "./SecurityPayloadGenerator.js";
8
+ export { CrossToolStateTester, } from "./CrossToolStateTester.js";
9
+ export { ChainExecutionTester, } from "./ChainExecutionTester.js";
package/client/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "@bryan-thompson/inspector-assessment-client",
3
- "version": "1.26.5",
3
+ "version": "1.26.7",
4
4
  "description": "Client-side application for the Enhanced MCP Inspector with assessment capabilities",
5
5
  "license": "MIT",
6
6
  "author": "Bryan Thompson <bryan@triepod.ai>",
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "@bryan-thompson/inspector-assessment",
3
- "version": "1.26.5",
3
+ "version": "1.26.7",
4
4
  "description": "Enhanced MCP Inspector with comprehensive assessment capabilities for server validation",
5
5
  "license": "MIT",
6
6
  "author": "Bryan Thompson <bryan@triepod.ai>",
@@ -53,6 +53,14 @@
53
53
  "./performance": {
54
54
  "types": "./client/lib/services/assessment/config/performanceConfig.d.ts",
55
55
  "default": "./client/lib/services/assessment/config/performanceConfig.js"
56
+ },
57
+ "./modules": {
58
+ "types": "./client/lib/services/assessment/modules/index.d.ts",
59
+ "default": "./client/lib/services/assessment/modules/index.js"
60
+ },
61
+ "./security": {
62
+ "types": "./client/lib/services/assessment/modules/securityTests/index.d.ts",
63
+ "default": "./client/lib/services/assessment/modules/securityTests/index.js"
56
64
  }
57
65
  },
58
66
  "bin": {
package/server/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "@bryan-thompson/inspector-assessment-server",
3
- "version": "1.26.5",
3
+ "version": "1.26.7",
4
4
  "description": "Server-side application for the Enhanced MCP Inspector with assessment capabilities",
5
5
  "license": "MIT",
6
6
  "author": "Bryan Thompson <bryan@triepod.ai>",