@bryan-thompson/inspector-assessment 1.26.5 → 1.26.7

package/cli/build/lib/comparison-handler.js

@@ -0,0 +1,84 @@
+/**
+ * Comparison Handler Module
+ *
+ * Handles assessment comparison/diff logic for comparing
+ * current results against a baseline.
+ *
+ * @module cli/lib/comparison-handler
+ */
+import * as fs from "fs";
+import { compareAssessments, } from "../../../client/lib/lib/assessmentDiffer.js";
+import { formatDiffAsMarkdown } from "../../../client/lib/lib/reportFormatters/DiffReportFormatter.js";
+// ============================================================================
+// Comparison Functions
+// ============================================================================
+/**
+ * Handle comparison mode - compare current results against a baseline.
+ *
+ * @param results - Current assessment results
+ * @param options - CLI options including comparePath and diffOnly
+ * @returns ComparisonResult if comparison was performed, null if no comparison
+ */
+export function handleComparison(results, options) {
+    if (!options.comparePath) {
+        return null;
+    }
+    if (!fs.existsSync(options.comparePath)) {
+        console.error(`Error: Baseline file not found: ${options.comparePath}`);
+        // Return null to indicate comparison failed - caller handles null returns
+        return null;
+    }
+    const baselineData = JSON.parse(fs.readFileSync(options.comparePath, "utf-8"));
+    // Validate baseline has expected structure
+    if (!baselineData.functionality || !baselineData.security) {
+        console.warn("Warning: Baseline file may be incomplete (missing functionality or security)");
+    }
+    const baseline = baselineData;
+    const diff = compareAssessments(baseline, results);
+    // Handle diff-only mode
+    if (options.diffOnly) {
+        let diffPath;
+        if (options.format === "markdown") {
+            diffPath =
+                options.outputPath || `/tmp/inspector-diff-${options.serverName}.md`;
+            fs.writeFileSync(diffPath, formatDiffAsMarkdown(diff));
+        }
+        else {
+            diffPath =
+                options.outputPath || `/tmp/inspector-diff-${options.serverName}.json`;
+            fs.writeFileSync(diffPath, JSON.stringify(diff, null, 2));
+        }
+        const exitCode = diff.summary.overallChange === "regressed" ? 1 : 0;
+        return { diff, exitCode, diffOutputPath: diffPath };
+    }
+    // Return comparison result for normal mode
+    const exitCode = diff.summary.overallChange === "regressed" ? 1 : 0;
+    return { diff, exitCode };
+}
+/**
+ * Display comparison summary to console.
+ *
+ * @param diff - Assessment diff to display
+ */
+export function displayComparisonSummary(diff) {
+    console.log("\n" + "=".repeat(70));
+    console.log("VERSION COMPARISON");
+    console.log("=".repeat(70));
+    console.log(`Baseline: ${diff.baseline.version || "N/A"} (${diff.baseline.date})`);
+    console.log(`Current:  ${diff.current.version || "N/A"} (${diff.current.date})`);
+    console.log(`Overall Change: ${diff.summary.overallChange.toUpperCase()}`);
+    console.log(`Modules Improved: ${diff.summary.modulesImproved}`);
+    console.log(`Modules Regressed: ${diff.summary.modulesRegressed}`);
+    if (diff.securityDelta.newVulnerabilities.length > 0) {
+        console.log(`\n⚠️  NEW VULNERABILITIES: ${diff.securityDelta.newVulnerabilities.length}`);
+    }
+    if (diff.securityDelta.fixedVulnerabilities.length > 0) {
+        console.log(`✅ FIXED VULNERABILITIES: ${diff.securityDelta.fixedVulnerabilities.length}`);
+    }
+    if (diff.functionalityDelta.newBrokenTools.length > 0) {
+        console.log(`❌ NEW BROKEN TOOLS: ${diff.functionalityDelta.newBrokenTools.length}`);
+    }
+    if (diff.functionalityDelta.fixedTools.length > 0) {
+        console.log(`✅ FIXED TOOLS: ${diff.functionalityDelta.fixedTools.length}`);
+    }
+}

package/cli/build/lib/result-output.js

@@ -0,0 +1,154 @@
+/**
+ * Result Output Module
+ *
+ * Handles saving assessment results to files and displaying
+ * summaries to the console.
+ *
+ * @module cli/lib/result-output
+ */
+import * as fs from "fs";
+import { ASSESSMENT_CATEGORY_METADATA, } from "../../../client/lib/lib/assessmentTypes.js";
+import { createFormatter } from "../../../client/lib/lib/reportFormatters/index.js";
+import { generatePolicyComplianceReport } from "../../../client/lib/services/assessment/PolicyComplianceGenerator.js";
+// ============================================================================
+// Result Output
+// ============================================================================
+/**
+ * Save results to file with appropriate format
+ */
+export function saveResults(serverName, results, options) {
+    const format = options.format || "json";
+    // Generate policy compliance report if requested
+    const policyReport = options.includePolicy
+        ? generatePolicyComplianceReport(results, serverName)
+        : undefined;
+    // Create formatter with options
+    const formatter = createFormatter({
+        format,
+        includePolicyMapping: options.includePolicy,
+        policyReport,
+        serverName,
+        includeDetails: true,
+        prettyPrint: true,
+    });
+    const fileExtension = formatter.getFileExtension();
+    const defaultPath = `/tmp/inspector-full-assessment-${serverName}${fileExtension}`;
+    const finalPath = options.outputPath || defaultPath;
+    // For JSON format, add metadata wrapper
+    if (format === "json") {
+        // Filter out undefined/skipped modules from results (--skip-modules support)
+        const filteredResults = Object.fromEntries(Object.entries(results).filter(([_, v]) => v !== undefined));
+        const output = {
+            timestamp: new Date().toISOString(),
+            assessmentType: "full",
+            ...filteredResults,
+            ...(policyReport ? { policyCompliance: policyReport } : {}),
+        };
+        fs.writeFileSync(finalPath, JSON.stringify(output, null, 2));
+    }
+    else {
+        // For other formats (markdown), use the formatter
+        const content = formatter.format(results);
+        fs.writeFileSync(finalPath, content);
+    }
+    return finalPath;
+}
+// ============================================================================
+// Summary Display
+// ============================================================================
+/**
+ * Display summary to console
+ */
+export function displaySummary(results) {
+    const { overallStatus, summary, totalTestsRun, executionTime, 
+    // Destructuring order matches display order below
+    functionality, security, documentation, errorHandling, usability, mcpSpecCompliance, aupCompliance, toolAnnotations, prohibitedLibraries, manifestValidation, portability, externalAPIScanner, authentication, temporal, resources, prompts, crossCapability, } = results;
+    console.log("\n" + "=".repeat(70));
+    console.log("FULL ASSESSMENT RESULTS");
+    console.log("=".repeat(70));
+    console.log(`Server: ${results.serverName}`);
+    console.log(`Overall Status: ${overallStatus}`);
+    console.log(`Total Tests Run: ${totalTestsRun}`);
+    console.log(`Execution Time: ${executionTime}ms`);
+    console.log("-".repeat(70));
+    console.log("\n📊 MODULE STATUS:");
+    // eslint-disable-next-line @typescript-eslint/no-explicit-any
+    const modules = [
+        ["Functionality", functionality, "functionality"],
+        ["Security", security, "security"],
+        ["Documentation", documentation, "documentation"],
+        ["Error Handling", errorHandling, "errorHandling"],
+        ["Usability", usability, "usability"],
+        ["MCP Spec Compliance", mcpSpecCompliance, "mcpSpecCompliance"],
+        ["AUP Compliance", aupCompliance, "aupCompliance"],
+        ["Tool Annotations", toolAnnotations, "toolAnnotations"],
+        ["Prohibited Libraries", prohibitedLibraries, "prohibitedLibraries"],
+        ["Manifest Validation", manifestValidation, "manifestValidation"],
+        ["Portability", portability, "portability"],
+        ["External API Scanner", externalAPIScanner, "externalAPIScanner"],
+        ["Authentication", authentication, "authentication"],
+        ["Temporal", temporal, "temporal"],
+        ["Resources", resources, "resources"],
+        ["Prompts", prompts, "prompts"],
+        ["Cross-Capability", crossCapability, "crossCapability"],
+    ];
+    for (const [name, module, categoryKey] of modules) {
+        if (module) {
+            const metadata = ASSESSMENT_CATEGORY_METADATA[categoryKey];
+            const optionalMarker = metadata?.tier === "optional" ? " (optional)" : "";
+            const icon = module.status === "PASS"
+                ? "✅"
+                : module.status === "FAIL"
+                    ? "❌"
+                    : "⚠️";
+            console.log(`   ${icon} ${name}${optionalMarker}: ${module.status}`);
+        }
+    }
+    console.log("\n📋 KEY FINDINGS:");
+    console.log(`   ${summary}`);
+    // eslint-disable-next-line @typescript-eslint/no-explicit-any
+    const securityModule = security;
+    if (securityModule?.vulnerabilities?.length > 0) {
+        const vulns = securityModule.vulnerabilities;
+        console.log(`\n🔒 SECURITY VULNERABILITIES (${vulns.length}):`);
+        for (const vuln of vulns.slice(0, 5)) {
+            console.log(`   • ${vuln}`);
+        }
+        if (vulns.length > 5) {
+            console.log(`   ... and ${vulns.length - 5} more`);
+        }
+    }
+    // eslint-disable-next-line @typescript-eslint/no-explicit-any
+    const aupModule = aupCompliance;
+    if (aupModule?.violations?.length > 0) {
+        const violations = aupModule.violations;
+        // eslint-disable-next-line @typescript-eslint/no-explicit-any
+        const critical = violations.filter((v) => v.severity === "CRITICAL");
+        console.log(`\n⚖️  AUP FINDINGS:`);
+        console.log(`   Total flagged: ${violations.length}`);
+        if (critical.length > 0) {
+            console.log(`   🚨 CRITICAL violations: ${critical.length}`);
+        }
+    }
+    // eslint-disable-next-line @typescript-eslint/no-explicit-any
+    const annotationsModule = toolAnnotations;
+    if (annotationsModule) {
+        // eslint-disable-next-line @typescript-eslint/no-explicit-any
+        const funcModule = functionality;
+        console.log(`\n🏷️  TOOL ANNOTATIONS:`);
+        console.log(`   Annotated: ${annotationsModule.annotatedCount || 0}/${funcModule?.workingTools || 0}`);
+        if (annotationsModule.missingAnnotationsCount > 0) {
+            console.log(`   Missing: ${annotationsModule.missingAnnotationsCount}`);
+        }
+        if (annotationsModule.misalignedAnnotationsCount > 0) {
+            console.log(`   ⚠️  Misalignments: ${annotationsModule.misalignedAnnotationsCount}`);
+        }
+    }
+    if (results.recommendations?.length > 0) {
+        console.log("\n💡 RECOMMENDATIONS:");
+        for (const rec of results.recommendations.slice(0, 5)) {
+            console.log(`   • ${rec}`);
+        }
+    }
+    console.log("\n" + "=".repeat(70));
+}

package/cli/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@bryan-thompson/inspector-assessment-cli",
-  "version": "1.26.5",
+  "version": "1.26.7",
   "description": "CLI for the Enhanced MCP Inspector with assessment capabilities",
   "license": "MIT",
   "author": "Bryan Thompson <bryan@triepod.ai>",

package/client/dist/assets/{OAuthCallback-DpdInvWI.js → OAuthCallback-kF1MLuwg.js}

@@ -1,4 +1,4 @@
-import { u as useToast, r as reactExports, j as jsxRuntimeExports, p as parseOAuthCallbackParams, g as generateOAuthErrorDescription, S as SESSION_KEYS, I as InspectorOAuthClientProvider, a as auth } from "./index-umcoGmYw.js";
+import { u as useToast, r as reactExports, j as jsxRuntimeExports, p as parseOAuthCallbackParams, g as generateOAuthErrorDescription, S as SESSION_KEYS, I as InspectorOAuthClientProvider, a as auth } from "./index-CCiX5wkF.js";
 const OAuthCallback = ({ onConnect }) => {
   const { toast } = useToast();
   const hasProcessedRef = reactExports.useRef(false);

package/client/dist/assets/{OAuthDebugCallback-D1ImpKK5.js → OAuthDebugCallback-Nv-8u0GR.js}

@@ -1,4 +1,4 @@
-import { r as reactExports, S as SESSION_KEYS, p as parseOAuthCallbackParams, j as jsxRuntimeExports, g as generateOAuthErrorDescription } from "./index-umcoGmYw.js";
+import { r as reactExports, S as SESSION_KEYS, p as parseOAuthCallbackParams, j as jsxRuntimeExports, g as generateOAuthErrorDescription } from "./index-CCiX5wkF.js";
 const OAuthDebugCallback = ({ onConnect }) => {
   reactExports.useEffect(() => {
     let isProcessed = false;

package/client/dist/assets/{index-umcoGmYw.js → index-CCiX5wkF.js}

@@ -16373,7 +16373,7 @@ object({
   token_type_hint: string().optional()
 }).strip();
 const name = "@bryan-thompson/inspector-assessment-client";
-const version$1 = "1.26.5";
+const version$1 = "1.26.7";
 const packageJson = {
   name,
   version: version$1
@@ -45288,7 +45288,7 @@ const useTheme = () => {
     [theme, setThemeWithSideEffect]
   );
 };
-const version = "1.26.5";
+const version = "1.26.7";
 var [createTooltipContext] = createContextScope("Tooltip", [
   createPopperScope
 ]);
@@ -48845,13 +48845,13 @@ const App = () => {
   ) });
   if (window.location.pathname === "/oauth/callback") {
     const OAuthCallback = React.lazy(
-      () => __vitePreload(() => import("./OAuthCallback-DpdInvWI.js"), true ? [] : void 0)
+      () => __vitePreload(() => import("./OAuthCallback-kF1MLuwg.js"), true ? [] : void 0)
     );
     return /* @__PURE__ */ jsxRuntimeExports.jsx(reactExports.Suspense, { fallback: /* @__PURE__ */ jsxRuntimeExports.jsx("div", { children: "Loading..." }), children: /* @__PURE__ */ jsxRuntimeExports.jsx(OAuthCallback, { onConnect: onOAuthConnect }) });
   }
   if (window.location.pathname === "/oauth/callback/debug") {
     const OAuthDebugCallback = React.lazy(
-      () => __vitePreload(() => import("./OAuthDebugCallback-D1ImpKK5.js"), true ? [] : void 0)
+      () => __vitePreload(() => import("./OAuthDebugCallback-Nv-8u0GR.js"), true ? [] : void 0)
     );
     return /* @__PURE__ */ jsxRuntimeExports.jsx(reactExports.Suspense, { fallback: /* @__PURE__ */ jsxRuntimeExports.jsx("div", { children: "Loading..." }), children: /* @__PURE__ */ jsxRuntimeExports.jsx(OAuthDebugCallback, { onConnect: onOAuthDebugConnect }) });
   }

package/client/dist/index.html

@@ -5,7 +5,7 @@
     <link rel="icon" type="image/svg+xml" href="/mcp.svg" />
     <meta name="viewport" content="width=device-width, initial-scale=1.0" />
     <title>MCP Inspector</title>
-    <script type="module" crossorigin src="/assets/index-umcoGmYw.js"></script>
+    <script type="module" crossorigin src="/assets/index-CCiX5wkF.js"></script>
     <link rel="stylesheet" crossorigin href="/assets/index-cHhcEXbr.css">
   </head>
   <body>

package/client/lib/lib/assessment/configTypes.d.ts

@@ -50,6 +50,8 @@ export interface AssessmentConfiguration {
     selectedToolsForTesting?: string[];
     securityPatternsToTest?: number;
     enableDomainTesting?: boolean;
+    /** Enable cross-tool sequence testing for privilege escalation (Issue #92, default true) */
+    enableSequenceTesting?: boolean;
     mcpProtocolVersion?: string;
     enableSourceCodeAnalysis?: boolean;
     patternConfigPath?: string;

package/client/lib/lib/assessment/configTypes.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"configTypes.d.ts","sourceRoot":"","sources":["../../../src/lib/assessment/configTypes.ts"],"names":[],"mappings":"AAAA;;;;;;GAMG;AAEH,OAAO,EACL,aAAa,EACb,QAAQ,EACR,sBAAsB,EACvB,MAAM,kCAAkC,CAAC;AAG1C,YAAY,EAAE,aAAa,EAAE,QAAQ,EAAE,CAAC;AACxC,OAAO,EAAE,sBAAsB,EAAE,CAAC;AAElC;;GAEG;AACH,MAAM,WAAW,mBAAmB;IAClC,OAAO,EAAE,MAAM,CAAC;IAChB,MAAM,CAAC,EAAE,MAAM,CAAC;IAChB,OAAO,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;CAClC;AAED;;;GAGG;AACH,MAAM,WAAW,gBAAgB;IAC/B,OAAO,EAAE,OAAO,CAAC;IACjB,QAAQ,EAAE;QACR,yBAAyB,EAAE,OAAO,CAAC;QACnC,mBAAmB,EAAE,OAAO,CAAC;QAC7B,mBAAmB,EAAE,OAAO,CAAC;QAC7B,oBAAoB,EAAE,OAAO,CAAC;KAC/B,CAAC;IACF,OAAO,EAAE,MAAM,CAAC;IAChB,UAAU,CAAC,EAAE,MAAM,CAAC;IACpB,UAAU,CAAC,EAAE,MAAM,CAAC;IACpB,SAAS,CAAC,EAAE,KAAK,GAAG,MAAM,CAAC;IAC3B,UAAU,CAAC,EAAE,mBAAmB,CAAC;CAClC;AAED,MAAM,WAAW,uBAAuB;IACtC,WAAW,EAAE,MAAM,CAAC;IACpB,6GAA6G;IAC7G,mBAAmB,CAAC,EAAE,MAAM,CAAC;IAC7B,iBAAiB,CAAC,EAAE,MAAM,CAAC;IAC3B,eAAe,EAAE,OAAO,CAAC;IAEzB,YAAY,CAAC,EAAE,OAAO,CAAC;IAEvB,wBAAwB,CAAC,EAAE,OAAO,CAAC;IAEnC,sBAAsB,CAAC,EAAE,SAAS,GAAG,UAAU,GAAG,SAAS,CAAC;IAI5D,eAAe,CAAC,EAAE,OAAO,CAAC;IAC1B,gBAAgB,CAAC,EAAE,MAAM,CAAC;IAE1B,gBAAgB,CAAC,EAAE,MAAM,CAAC;IAC1B,uBAAuB,CAAC,EAAE,MAAM,CAAC;IACjC,uBAAuB,CAAC,EAAE,MAAM,EAAE,CAAC;IACnC,sBAAsB,CAAC,EAAE,MAAM,CAAC;IAEhC,mBAAmB,CAAC,EAAE,OAAO,CAAC;IAC9B,kBAAkB,CAAC,EAAE,MAAM,CAAC;IAE5B,wBAAwB,CAAC,EAAE,OAAO,CAAC;IAEnC,iBAAiB,CAAC,EAAE,MAAM,CAAC;IAE3B,UAAU,CAAC,EAAE,gBAAgB,CAAC;IAE9B,mBAAmB,CAAC,EAAE,MAAM,CAAC;IAC7B,kDAAkD;IAClD,OAAO,CAAC,EAAE,aAAa,CAAC;IACxB,oBAAoB,CAAC,EAAE;QACrB,aAAa,EAAE,OAAO,CAAC;QACvB,QAAQ,EAAE,OAAO,CAAC;QAClB,aAAa,EAAE,OAAO,CAAC;QACvB,aAAa,EAAE,OAAO,CAAC;QACvB,SAAS,EAAE,OAAO,CAAC;QACnB,6EAA6E;QAC7E,iBAAiB,CAAC,EAAE,OAAO,CAAC;QAE5B,kBAAkB,CAAC,EAAE,OAAO,CAAC;QAE7B,aAAa,CAAC,EAAE,OAAO,CAAC;QACxB,eAAe,CAAC,EAAE,OAAO,CAAC;QAC1B,mBAAmB,CAAC,EAAE,OAAO,CAAC;QAC9B,kBAAkB,CAAC,EAAE,OAAO,CAAC;QAC7B,WAAW,CAAC,EAAE,OAAO,CAAC;QACtB,kBAAkB,CAAC,EAAE,OAAO,CAAC;QAC7B,cAAc,CAAC,EAAE,OAAO,CAAC;QACzB,QAAQ,CAAC,EAAE,OAAO,CAAC;QAEnB,SAAS,CAAC,EAAE,OAAO,CAAC;QACpB,OAAO,CAAC,EAAE,OAAO,CAAC;QAClB,eAAe,CAAC,EAAE,OAAO,CAAC;QAE1B,6EAA6E;QAC7E,mBAAmB,CAAC,EAAE,OAAO,CAAC;KAC/B,CAAC;CACH;AAMD,eAAO,MAAM,yBAAyB,EAAE,uBAoCvC,CAAC;AAIF,eAAO,MAAM,oBAAoB,EAAE,uBAqClC,CAAC;AAGF,eAAO,MAAM,qBAAqB,EAAE,uBAoCnC,CAAC;AAIF,eAAO,MAAM,iBAAiB,EAAE,uBAoC/B,CAAC;AAIF,eAAO,MAAM,4BAA4B,EAAE,uBA+C1C,CAAC"}
+{"version":3,"file":"configTypes.d.ts","sourceRoot":"","sources":["../../../src/lib/assessment/configTypes.ts"],"names":[],"mappings":"AAAA;;;;;;GAMG;AAEH,OAAO,EACL,aAAa,EACb,QAAQ,EACR,sBAAsB,EACvB,MAAM,kCAAkC,CAAC;AAG1C,YAAY,EAAE,aAAa,EAAE,QAAQ,EAAE,CAAC;AACxC,OAAO,EAAE,sBAAsB,EAAE,CAAC;AAElC;;GAEG;AACH,MAAM,WAAW,mBAAmB;IAClC,OAAO,EAAE,MAAM,CAAC;IAChB,MAAM,CAAC,EAAE,MAAM,CAAC;IAChB,OAAO,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;CAClC;AAED;;;GAGG;AACH,MAAM,WAAW,gBAAgB;IAC/B,OAAO,EAAE,OAAO,CAAC;IACjB,QAAQ,EAAE;QACR,yBAAyB,EAAE,OAAO,CAAC;QACnC,mBAAmB,EAAE,OAAO,CAAC;QAC7B,mBAAmB,EAAE,OAAO,CAAC;QAC7B,oBAAoB,EAAE,OAAO,CAAC;KAC/B,CAAC;IACF,OAAO,EAAE,MAAM,CAAC;IAChB,UAAU,CAAC,EAAE,MAAM,CAAC;IACpB,UAAU,CAAC,EAAE,MAAM,CAAC;IACpB,SAAS,CAAC,EAAE,KAAK,GAAG,MAAM,CAAC;IAC3B,UAAU,CAAC,EAAE,mBAAmB,CAAC;CAClC;AAED,MAAM,WAAW,uBAAuB;IACtC,WAAW,EAAE,MAAM,CAAC;IACpB,6GAA6G;IAC7G,mBAAmB,CAAC,EAAE,MAAM,CAAC;IAC7B,iBAAiB,CAAC,EAAE,MAAM,CAAC;IAC3B,eAAe,EAAE,OAAO,CAAC;IAEzB,YAAY,CAAC,EAAE,OAAO,CAAC;IAEvB,wBAAwB,CAAC,EAAE,OAAO,CAAC;IAEnC,sBAAsB,CAAC,EAAE,SAAS,GAAG,UAAU,GAAG,SAAS,CAAC;IAI5D,eAAe,CAAC,EAAE,OAAO,CAAC;IAC1B,gBAAgB,CAAC,EAAE,MAAM,CAAC;IAE1B,gBAAgB,CAAC,EAAE,MAAM,CAAC;IAC1B,uBAAuB,CAAC,EAAE,MAAM,CAAC;IACjC,uBAAuB,CAAC,EAAE,MAAM,EAAE,CAAC;IACnC,sBAAsB,CAAC,EAAE,MAAM,CAAC;IAEhC,mBAAmB,CAAC,EAAE,OAAO,CAAC;IAC9B,4FAA4F;IAC5F,qBAAqB,CAAC,EAAE,OAAO,CAAC;IAChC,kBAAkB,CAAC,EAAE,MAAM,CAAC;IAE5B,wBAAwB,CAAC,EAAE,OAAO,CAAC;IAEnC,iBAAiB,CAAC,EAAE,MAAM,CAAC;IAE3B,UAAU,CAAC,EAAE,gBAAgB,CAAC;IAE9B,mBAAmB,CAAC,EAAE,MAAM,CAAC;IAC7B,kDAAkD;IAClD,OAAO,CAAC,EAAE,aAAa,CAAC;IACxB,oBAAoB,CAAC,EAAE;QACrB,aAAa,EAAE,OAAO,CAAC;QACvB,QAAQ,EAAE,OAAO,CAAC;QAClB,aAAa,EAAE,OAAO,CAAC;QACvB,aAAa,EAAE,OAAO,CAAC;QACvB,SAAS,EAAE,OAAO,CAAC;QACnB,6EAA6E;QAC7E,iBAAiB,CAAC,EAAE,OAAO,CAAC;QAE5B,kBAAkB,CAAC,EAAE,OAAO,CAAC;QAE7B,aAAa,CAAC,EAAE,OAAO,CAAC;QACxB,eAAe,CAAC,EAAE,OAAO,CAAC;QAC1B,mBAAmB,CAAC,EAAE,OAAO,CAAC;QAC9B,kBAAkB,CAAC,EAAE,OAAO,CAAC;QAC7B,WAAW,CAAC,EAAE,OAAO,CAAC;QACtB,kBAAkB,CAAC,EAAE,OAAO,CAAC;QAC7B,cAAc,CAAC,EAAE,OAAO,CAAC;QACzB,QAAQ,CAAC,EAAE,OAAO,CAAC;QAEnB,SAAS,CAAC,EAAE,OAAO,CAAC;QACpB,OAAO,CAAC,EAAE,OAAO,CAAC;QAClB,eAAe,CAAC,EAAE,OAAO,CAAC;QAE1B,6EAA6E;QAC7E,mBAAmB,CAAC,EAAE,OAAO,CAAC;KAC/B,CAAC;CACH;AAMD,eAAO,MAAM,yBAAyB,EAAE,uBAoCvC,CAAC;AAIF,eAAO,MAAM,oBAAoB,EAAE,uBAqClC,CAAC;AAGF,eAAO,MAAM,qBAAqB,EAAE,uBAoCnC,CAAC;AAIF,eAAO,MAAM,iBAAiB,EAAE,uBAoC/B,CAAC;AAIF,eAAO,MAAM,4BAA4B,EAAE,uBA+C1C,CAAC"}

package/client/lib/lib/securityPatterns.d.ts

@@ -1,6 +1,6 @@
 /**
  * Backend API Security Patterns
- * Tests MCP server API security with 24 focused patterns
+ * Tests MCP server API security with 26 focused patterns
  *
  * Architecture: Attack-Type with Specific Payloads
  * - Critical Injection (6 patterns): Command, Calculator, SQL, Path Traversal, XXE, NoSQL
@@ -12,6 +12,8 @@
  * - Token Theft (1 pattern): Authentication token leakage
  * - Permission Scope (1 pattern): Privilege escalation and scope bypass
  * - Auth Bypass (1 pattern): Fail-open authentication vulnerabilities (Issue #75)
+ * - Cross-Tool State Bypass (1 pattern): Cross-tool privilege escalation via shared state (Issue #92)
+ * - Chained Exploitation (1 pattern): Multi-tool chain execution attacks (Issue #93)
  *
  * Scope: Backend API Security ONLY
  * - Tests structured data inputs to API endpoints
@@ -43,7 +45,7 @@ export interface AttackPattern {
  * BACKEND API SECURITY PATTERNS
  * ========================================
  *
- * 23 focused patterns for MCP server API security
+ * 26 focused patterns for MCP server API security
  */
 export declare const SECURITY_ATTACK_PATTERNS: AttackPattern[];
 /**

package/client/lib/lib/securityPatterns.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"securityPatterns.d.ts","sourceRoot":"","sources":["../../src/lib/securityPatterns.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;;;;;;;GAyBG;AAEH,OAAO,EAAE,iBAAiB,EAAE,MAAM,mBAAmB,CAAC;AAEtD,MAAM,WAAW,eAAe;IAC9B,OAAO,EAAE,MAAM,CAAC;IAChB,QAAQ,EAAE,MAAM,CAAC;IACjB,SAAS,EAAE,iBAAiB,CAAC;IAC7B,WAAW,EAAE,MAAM,CAAC;IACpB,WAAW,EAAE,MAAM,CAAC;IACpB,cAAc,CAAC,EAAE,MAAM,EAAE,CAAC;CAC3B;AAED,MAAM,WAAW,aAAa;IAC5B,UAAU,EAAE,MAAM,CAAC;IACnB,WAAW,EAAE,MAAM,CAAC;IACpB,QAAQ,EAAE,eAAe,EAAE,CAAC;CAC7B;AAED;;;;;;GAMG;AACH,eAAO,MAAM,wBAAwB,EAAE,aAAa,EA64CnD,CAAC;AAEF;;GAEG;AACH,wBAAgB,oBAAoB,CAClC,UAAU,EAAE,MAAM,EAClB,KAAK,CAAC,EAAE,MAAM,GACb,eAAe,EAAE,CAQnB;AAED;;GAEG;AACH,wBAAgB,oBAAoB,IAAI,aAAa,EAAE,CAEtD;AAED;;GAEG;AACH,wBAAgB,oBAAoB;;;;;;;;EA8BnC"}
+{"version":3,"file":"securityPatterns.d.ts","sourceRoot":"","sources":["../../src/lib/securityPatterns.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;;;;;;;;;GA2BG;AAEH,OAAO,EAAE,iBAAiB,EAAE,MAAM,mBAAmB,CAAC;AAEtD,MAAM,WAAW,eAAe;IAC9B,OAAO,EAAE,MAAM,CAAC;IAChB,QAAQ,EAAE,MAAM,CAAC;IACjB,SAAS,EAAE,iBAAiB,CAAC;IAC7B,WAAW,EAAE,MAAM,CAAC;IACpB,WAAW,EAAE,MAAM,CAAC;IACpB,cAAc,CAAC,EAAE,MAAM,EAAE,CAAC;CAC3B;AAED,MAAM,WAAW,aAAa;IAC5B,UAAU,EAAE,MAAM,CAAC;IACnB,WAAW,EAAE,MAAM,CAAC;IACpB,QAAQ,EAAE,eAAe,EAAE,CAAC;CAC7B;AAED;;;;;;GAMG;AACH,eAAO,MAAM,wBAAwB,EAAE,aAAa,EAwjDnD,CAAC;AAEF;;GAEG;AACH,wBAAgB,oBAAoB,CAClC,UAAU,EAAE,MAAM,EAClB,KAAK,CAAC,EAAE,MAAM,GACb,eAAe,EAAE,CAQnB;AAED;;GAEG;AACH,wBAAgB,oBAAoB,IAAI,aAAa,EAAE,CAEtD;AAED;;GAEG;AACH,wBAAgB,oBAAoB;;;;;;;;EA8BnC"}

package/client/lib/lib/securityPatterns.js

@@ -1,6 +1,6 @@
 /**
  * Backend API Security Patterns
- * Tests MCP server API security with 24 focused patterns
+ * Tests MCP server API security with 26 focused patterns
  *
  * Architecture: Attack-Type with Specific Payloads
  * - Critical Injection (6 patterns): Command, Calculator, SQL, Path Traversal, XXE, NoSQL
@@ -12,6 +12,8 @@
  * - Token Theft (1 pattern): Authentication token leakage
  * - Permission Scope (1 pattern): Privilege escalation and scope bypass
  * - Auth Bypass (1 pattern): Fail-open authentication vulnerabilities (Issue #75)
+ * - Cross-Tool State Bypass (1 pattern): Cross-tool privilege escalation via shared state (Issue #92)
+ * - Chained Exploitation (1 pattern): Multi-tool chain execution attacks (Issue #93)
  *
  * Scope: Backend API Security ONLY
  * - Tests structured data inputs to API endpoints
@@ -29,7 +31,7 @@
  * BACKEND API SECURITY PATTERNS
  * ========================================
  *
- * 23 focused patterns for MCP server API security
+ * 26 focused patterns for MCP server API security
  */
 export const SECURITY_ATTACK_PATTERNS = [
     // ==========================================
@@ -1315,6 +1317,148 @@ export const SECURITY_ATTACK_PATTERNS = [
             },
         ],
     },
+    // ==========================================
+    // CROSS-TOOL STATE BYPASS TESTS (Issue #92, Challenge #7)
+    // ==========================================
+    // 25. CROSS-TOOL STATE BYPASS
+    {
+        attackName: "Cross-Tool State Bypass",
+        description: "Tests for privilege escalation via shared mutable state between tools (Challenge #7)",
+        payloads: [
+            // Admin action payloads - tests tools that check shared state
+            {
+                payload: "read secrets",
+                evidence: /(admin_mode.*true.*cross-tool|enabled\s+by.*another\s+tool|"evidence".*privilege.*escalation)/i,
+                riskLevel: "HIGH",
+                description: "Admin action checking shared state for authorization",
+                payloadType: "state_bypass",
+                parameterTypes: ["action", "command", "request", "operation"],
+            },
+            {
+                payload: "delete user admin",
+                evidence: /(admin_mode.*true.*privilege|destructive.*enabled.*cross-tool|"evidence".*state.*dependency)/i,
+                riskLevel: "HIGH",
+                description: "Destructive action via cross-tool state dependency",
+                payloadType: "state_bypass",
+                parameterTypes: ["action", "command", "request"],
+            },
+            {
+                payload: "modify config security=disabled",
+                evidence: /(admin_mode.*enabled.*config|config\s+modification.*admin|privilege.*escalation.*config)/i,
+                riskLevel: "HIGH",
+                description: "Config modification via cross-tool privilege escalation",
+                payloadType: "state_bypass",
+                parameterTypes: ["action", "setting", "config"],
+            },
+            // State modifier payloads - tests tools that modify shared state
+            {
+                payload: "admin_mode=true",
+                evidence: /(admin\s+mode\s+activated|elevated\s+privileges?\s+granted|admin_mode.*enabled)/i,
+                riskLevel: "HIGH",
+                description: "Tool modifies shared state affecting other tools' authorization",
+                payloadType: "state_modifier",
+                parameterTypes: ["setting", "config", "option"],
+            },
+            {
+                payload: "set admin_mode=true",
+                evidence: /(admin\s+mode\s+activated|elevated\s+privileges?\s+granted|configuration.*updated.*admin)/i,
+                riskLevel: "HIGH",
+                description: "Explicit shared state modification request",
+                payloadType: "state_modifier",
+                parameterTypes: ["setting", "config", "option", "input"],
+            },
+            {
+                payload: "enable elevated privileges",
+                evidence: /(elevated.*granted|privilege.*enabled|admin.*activated)/i,
+                riskLevel: "HIGH",
+                description: "Privilege elevation via shared state",
+                payloadType: "state_modifier",
+                parameterTypes: ["setting", "config", "option", "command"],
+            },
+        ],
+    },
+    // ==========================================
+    // CHAINED EXPLOITATION TESTS (Issue #93, Challenge #6)
+    // ==========================================
+    // 26. CHAINED EXPLOITATION
+    {
+        attackName: "Chained Exploitation",
+        description: "Tests for multi-tool chain execution allowing arbitrary tool invocation, output injection, and recursive attacks",
+        payloads: [
+            // Single-step chain execution without allowlist
+            {
+                payload: '[{"tool": "vulnerable_calculator", "args": {"query": "2+2"}}]',
+                evidence: /(chain_results|steps_executed|vulnerabilities_triggered|chain.*executed)/i,
+                riskLevel: "HIGH",
+                description: "Single-step chain execution without tool allowlist validation",
+                payloadType: "chain_execution",
+                parameterTypes: ["chain", "steps", "sequence", "pipeline"],
+            },
+            // Output injection via {{output}} template
+            {
+                payload: '[{"tool": "calc", "args": {"q": "2+2"}}, {"tool": "exec", "args": {"cmd": "{{output}}"}}]',
+                evidence: /(output_injection|{{output}}.*substituted|\{\{output\}\}.*replaced|output.*injection.*step)/i,
+                riskLevel: "HIGH",
+                description: "Output injection - raw output flows between chain steps",
+                payloadType: "chain_output_injection",
+                parameterTypes: ["chain", "steps", "sequence"],
+            },
+            // Recursive chain (DoS via self-reference)
+            {
+                payload: '[{"tool": "vulnerable_chain_executor", "args": {"chain": "[]"}}]',
+                evidence: /(recursive_chain|chain_executor.*within.*chain|circular.*chain|self.*referential)/i,
+                riskLevel: "HIGH",
+                description: "Recursive chain execution - DoS via self-referential chains",
+                payloadType: "chain_recursion",
+                parameterTypes: ["chain", "steps", "sequence"],
+            },
+            // Arbitrary tool name acceptance
+            {
+                payload: '[{"tool": "MALICIOUS_TOOL_12345", "args": {}}]',
+                evidence: /(arbitrary.*tool|unknown.*tool.*executed|attempted.*execute.*unknown|accepted.*arbitrary)/i,
+                riskLevel: "HIGH",
+                description: "Chain accepts arbitrary tool names without allowlist",
+                payloadType: "chain_arbitrary_tool",
+                parameterTypes: ["chain", "steps", "sequence"],
+            },
+            // State poisoning via multi-step chain
+            {
+                payload: '[{"tool": "config_modifier", "args": {"setting": "admin=true"}}, {"tool": "admin_action", "args": {"action": "read secrets"}}]',
+                evidence: /(state.*poison|admin_mode.*true.*chain|privilege.*escalation.*chain|config.*modified.*chain)/i,
+                riskLevel: "HIGH",
+                description: "State poisoning - earlier step modifies state affecting later steps",
+                payloadType: "chain_state_poisoning",
+                parameterTypes: ["chain", "steps", "sequence"],
+            },
+            // Depth limit bypass
+            {
+                payload: '[{"tool":"a"},{"tool":"b"},{"tool":"c"},{"tool":"d"},{"tool":"e"},{"tool":"f"},{"tool":"g"},{"tool":"h"},{"tool":"i"},{"tool":"j"},{"tool":"k"},{"tool":"l"}]',
+                evidence: /(steps_executed.*1[0-9]|executed.*beyond.*limit|depth.*limit.*bypassed|no.*depth.*limit)/i,
+                riskLevel: "MEDIUM",
+                description: "Missing or bypassable chain depth limits",
+                payloadType: "chain_depth_bypass",
+                parameterTypes: ["chain", "steps", "sequence"],
+            },
+            // Tool shadowing via chain
+            {
+                payload: '[{"tool": "shadowed_tool_name", "args": {}}]',
+                evidence: /(shadowed.*tool|tool.*poison|shadowed_definition|executed.*shadowed)/i,
+                riskLevel: "HIGH",
+                description: "Chain executes shadowed/poisoned tool definitions",
+                payloadType: "chain_shadowing",
+                parameterTypes: ["chain", "steps", "sequence"],
+            },
+            // Large chain input (unbounded input)
+            {
+                payload: '[{"tool":"t","args":{}},{"tool":"t","args":{}},{"tool":"t","args":{}},{"tool":"t","args":{}},{"tool":"t","args":{}},{"tool":"t","args":{}},{"tool":"t","args":{}},{"tool":"t","args":{}},{"tool":"t","args":{}},{"tool":"t","args":{}},{"tool":"t","args":{}},{"tool":"t","args":{}},{"tool":"t","args":{}},{"tool":"t","args":{}},{"tool":"t","args":{}},{"tool":"t","args":{}},{"tool":"t","args":{}},{"tool":"t","args":{}},{"tool":"t","args":{}},{"tool":"t","args":{}}]',
+                evidence: /(steps_executed.*[1-2][0-9]|no.*size.*limit|unbounded.*input|executed.*all.*steps)/i,
+                riskLevel: "MEDIUM",
+                description: "No input size validation on chain definitions",
+                payloadType: "chain_unbounded",
+                parameterTypes: ["chain", "steps", "sequence"],
+            },
+        ],
+    },
 ];
 /**
  * Get all payloads for an attack type

package/client/lib/services/assessment/modules/AUPComplianceAssessor.js

@@ -35,7 +35,7 @@ export class AUPComplianceAssessor extends BaseAssessor {
      * If Claude semantic analysis is enabled, violations are verified to reduce false positives.
      */
     async assess(context) {
-        this.log("Starting AUP compliance assessment");
+        this.logger.info("Starting AUP compliance assessment");
         this.testCount = 0;
         const violations = [];
         const highRiskDomains = [];
@@ -51,7 +51,7 @@ export class AUPComplianceAssessor extends BaseAssessor {
             toolDescriptionMap.set(tool.name, tool.description || "");
         }
         // Scan tool names
-        this.log("Scanning tool names...");
+        this.logger.info("Scanning tool names...");
         scannedLocations.toolNames = true;
         for (const tool of context.tools) {
             this.testCount++;
@@ -66,7 +66,7 @@ export class AUPComplianceAssessor extends BaseAssessor {
             }
         }
         // Scan tool descriptions
-        this.log("Scanning tool descriptions...");
+        this.logger.info("Scanning tool descriptions...");
         scannedLocations.toolDescriptions = true;
         for (const tool of context.tools) {
             if (tool.description) {
@@ -83,7 +83,7 @@ export class AUPComplianceAssessor extends BaseAssessor {
         }
         // Scan README content
         if (context.readmeContent) {
-            this.log("Scanning README content...");
+            this.logger.info("Scanning README content...");
             scannedLocations.readme = true;
             this.testCount++;
             const readmeViolations = this.scanReadme(context.readmeContent);
@@ -97,7 +97,7 @@ export class AUPComplianceAssessor extends BaseAssessor {
         }
         // Scan source code if available
         if (context.sourceCodeFiles && context.config.enableSourceCodeAnalysis) {
-            this.log("Scanning source code files...");
+            this.logger.info("Scanning source code files...");
             scannedLocations.sourceCode = true;
             for (const [filePath, content] of context.sourceCodeFiles) {
                 // Skip non-relevant files
@@ -110,14 +110,14 @@ export class AUPComplianceAssessor extends BaseAssessor {
         }
         // If Claude semantic analysis is enabled, verify violations to reduce false positives
         if (this.isSemanticAnalysisEnabled() && violations.length > 0) {
-            this.log(`Running semantic analysis on ${violations.length} potential violations...`);
+            this.logger.info(`Running semantic analysis on ${violations.length} potential violations...`);
             return await this.runSemanticAnalysis(violations, highRiskDomains, scannedLocations, toolDescriptionMap);
         }
         // Standard assessment without semantic analysis
         const status = this.determineAUPStatus(violations);
         const explanation = this.generateExplanation(violations, highRiskDomains, scannedLocations);
         const recommendations = this.generateRecommendations(violations, highRiskDomains);
-        this.log(`Assessment complete: ${violations.length} violations found, ${highRiskDomains.length} high-risk domains`);
+        this.logger.info(`Assessment complete: ${violations.length} violations found, ${highRiskDomains.length} high-risk domains`);
         return {
             violations,
             highRiskDomains,
@@ -185,7 +185,7 @@ export class AUPComplianceAssessor extends BaseAssessor {
                 // Low confidence - likely false positive
                 else {
                     falsePositivesFiltered++;
-                    this.log(`Filtered likely false positive: "${violation.matchedText}" - ${analysis.reasoning}`);
+                    this.logger.info(`Filtered likely false positive: "${violation.matchedText}" - ${analysis.reasoning}`);
                 }
             }
             catch (error) {
@@ -205,7 +205,7 @@ export class AUPComplianceAssessor extends BaseAssessor {
         const status = this.determineAUPStatus(confirmedViolations);
         const explanation = this.generateSemanticExplanation(confirmedViolations, flaggedForReview, falsePositivesFiltered, highRiskDomains, scannedLocations);
         const recommendations = this.generateSemanticRecommendations(confirmedViolations, flaggedForReview, highRiskDomains);
-        this.log(`Semantic analysis complete: ${confirmedViolations.length} confirmed, ${flaggedForReview.length} flagged, ${falsePositivesFiltered} filtered`);
+        this.logger.info(`Semantic analysis complete: ${confirmedViolations.length} confirmed, ${flaggedForReview.length} flagged, ${falsePositivesFiltered} filtered`);
         return {
             violations: [...confirmedViolations, ...flaggedForReview],
             confirmedViolations,