@bryan-thompson/inspector-assessment 1.6.0 → 1.7.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/cli/build/assess-full.js +528 -0
- package/cli/build/assess-security.js +342 -0
- package/client/dist/assets/{OAuthCallback-ZcXdfhZQ.js → OAuthCallback-Xo9zS7pv.js} +1 -1
- package/client/dist/assets/{OAuthDebugCallback-xt1SlIHS.js → OAuthDebugCallback-CaIey8K_.js} +1 -1
- package/client/dist/assets/{index-B3lTiDVe.js → index-nCPw6E-c.js} +4 -4
- package/client/dist/index.html +1 -1
- package/client/lib/lib/assessmentTypes.d.ts +670 -0
- package/client/lib/lib/assessmentTypes.d.ts.map +1 -0
- package/client/lib/lib/assessmentTypes.js +220 -0
- package/client/lib/lib/aupPatterns.d.ts +63 -0
- package/client/lib/lib/aupPatterns.d.ts.map +1 -0
- package/client/lib/lib/aupPatterns.js +344 -0
- package/client/lib/lib/prohibitedLibraries.d.ts +76 -0
- package/client/lib/lib/prohibitedLibraries.d.ts.map +1 -0
- package/client/lib/lib/prohibitedLibraries.js +364 -0
- package/client/lib/lib/securityPatterns.d.ts +64 -0
- package/client/lib/lib/securityPatterns.d.ts.map +1 -0
- package/client/lib/lib/securityPatterns.js +453 -0
- package/client/lib/services/assessment/AssessmentOrchestrator.d.ts +88 -0
- package/client/lib/services/assessment/AssessmentOrchestrator.d.ts.map +1 -0
- package/client/lib/services/assessment/AssessmentOrchestrator.js +418 -0
- package/client/lib/services/assessment/ResponseValidator.d.ts +69 -0
- package/client/lib/services/assessment/ResponseValidator.d.ts.map +1 -0
- package/client/lib/services/assessment/ResponseValidator.js +1038 -0
- package/client/lib/services/assessment/TestDataGenerator.d.ts +86 -0
- package/client/lib/services/assessment/TestDataGenerator.d.ts.map +1 -0
- package/client/lib/services/assessment/TestDataGenerator.js +669 -0
- package/client/lib/services/assessment/TestScenarioEngine.d.ts +91 -0
- package/client/lib/services/assessment/TestScenarioEngine.d.ts.map +1 -0
- package/client/lib/services/assessment/TestScenarioEngine.js +505 -0
- package/client/lib/services/assessment/ToolClassifier.d.ts +61 -0
- package/client/lib/services/assessment/ToolClassifier.d.ts.map +1 -0
- package/client/lib/services/assessment/ToolClassifier.js +349 -0
- package/client/lib/services/assessment/lib/claudeCodeBridge.d.ts +160 -0
- package/client/lib/services/assessment/lib/claudeCodeBridge.d.ts.map +1 -0
- package/client/lib/services/assessment/lib/claudeCodeBridge.js +357 -0
- package/client/lib/services/assessment/modules/AUPComplianceAssessor.d.ts +100 -0
- package/client/lib/services/assessment/modules/AUPComplianceAssessor.d.ts.map +1 -0
- package/client/lib/services/assessment/modules/AUPComplianceAssessor.js +474 -0
- package/client/lib/services/assessment/modules/BaseAssessor.d.ts +71 -0
- package/client/lib/services/assessment/modules/BaseAssessor.d.ts.map +1 -0
- package/client/lib/services/assessment/modules/BaseAssessor.js +171 -0
- package/client/lib/services/assessment/modules/DocumentationAssessor.d.ts +45 -0
- package/client/lib/services/assessment/modules/DocumentationAssessor.d.ts.map +1 -0
- package/client/lib/services/assessment/modules/DocumentationAssessor.js +355 -0
- package/client/lib/services/assessment/modules/ErrorHandlingAssessor.d.ts +25 -0
- package/client/lib/services/assessment/modules/ErrorHandlingAssessor.d.ts.map +1 -0
- package/client/lib/services/assessment/modules/ErrorHandlingAssessor.js +564 -0
- package/client/lib/services/assessment/modules/FunctionalityAssessor.d.ts +20 -0
- package/client/lib/services/assessment/modules/FunctionalityAssessor.d.ts.map +1 -0
- package/client/lib/services/assessment/modules/FunctionalityAssessor.js +253 -0
- package/client/lib/services/assessment/modules/MCPSpecComplianceAssessor.d.ts +70 -0
- package/client/lib/services/assessment/modules/MCPSpecComplianceAssessor.d.ts.map +1 -0
- package/client/lib/services/assessment/modules/MCPSpecComplianceAssessor.js +508 -0
- package/client/lib/services/assessment/modules/ManifestValidationAssessor.d.ts +70 -0
- package/client/lib/services/assessment/modules/ManifestValidationAssessor.d.ts.map +1 -0
- package/client/lib/services/assessment/modules/ManifestValidationAssessor.js +430 -0
- package/client/lib/services/assessment/modules/PortabilityAssessor.d.ts +43 -0
- package/client/lib/services/assessment/modules/PortabilityAssessor.d.ts.map +1 -0
- package/client/lib/services/assessment/modules/PortabilityAssessor.js +347 -0
- package/client/lib/services/assessment/modules/ProhibitedLibrariesAssessor.d.ts +41 -0
- package/client/lib/services/assessment/modules/ProhibitedLibrariesAssessor.d.ts.map +1 -0
- package/client/lib/services/assessment/modules/ProhibitedLibrariesAssessor.js +256 -0
- package/client/lib/services/assessment/modules/SecurityAssessor.d.ts +176 -0
- package/client/lib/services/assessment/modules/SecurityAssessor.d.ts.map +1 -0
- package/client/lib/services/assessment/modules/SecurityAssessor.js +1333 -0
- package/client/lib/services/assessment/modules/ToolAnnotationAssessor.d.ts +96 -0
- package/client/lib/services/assessment/modules/ToolAnnotationAssessor.d.ts.map +1 -0
- package/client/lib/services/assessment/modules/ToolAnnotationAssessor.js +593 -0
- package/client/lib/services/assessment/modules/UsabilityAssessor.d.ts +21 -0
- package/client/lib/services/assessment/modules/UsabilityAssessor.d.ts.map +1 -0
- package/client/lib/services/assessment/modules/UsabilityAssessor.js +241 -0
- package/client/lib/services/assessment/modules/index.d.ts +33 -0
- package/client/lib/services/assessment/modules/index.d.ts.map +1 -0
- package/client/lib/services/assessment/modules/index.js +35 -0
- package/package.json +5 -2
|
@@ -0,0 +1,349 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* Tool Classifier
|
|
3
|
+
* Categorizes MCP tools based on name/description to select appropriate security test patterns
|
|
4
|
+
*
|
|
5
|
+
* Validated against broken-mcp server with 16 tools (6 HIGH, 4 MEDIUM, 6 SAFE)
|
|
6
|
+
*/
|
|
7
|
+
export var ToolCategory;
|
|
8
|
+
(function (ToolCategory) {
|
|
9
|
+
ToolCategory["CALCULATOR"] = "calculator";
|
|
10
|
+
ToolCategory["SYSTEM_EXEC"] = "system_exec";
|
|
11
|
+
ToolCategory["DATA_ACCESS"] = "data_access";
|
|
12
|
+
ToolCategory["TOOL_OVERRIDE"] = "tool_override";
|
|
13
|
+
ToolCategory["CONFIG_MODIFIER"] = "config_modifier";
|
|
14
|
+
ToolCategory["URL_FETCHER"] = "fetcher";
|
|
15
|
+
ToolCategory["UNICODE_PROCESSOR"] = "unicode";
|
|
16
|
+
ToolCategory["JSON_PARSER"] = "parser";
|
|
17
|
+
ToolCategory["PACKAGE_INSTALLER"] = "installer";
|
|
18
|
+
ToolCategory["RUG_PULL"] = "rug_pull";
|
|
19
|
+
ToolCategory["SAFE_STORAGE"] = "safe_storage";
|
|
20
|
+
ToolCategory["API_WRAPPER"] = "api_wrapper";
|
|
21
|
+
ToolCategory["SEARCH_RETRIEVAL"] = "search_retrieval";
|
|
22
|
+
ToolCategory["CRUD_CREATION"] = "crud_creation";
|
|
23
|
+
ToolCategory["READ_ONLY_INFO"] = "read_only_info";
|
|
24
|
+
ToolCategory["GENERIC"] = "generic";
|
|
25
|
+
})(ToolCategory || (ToolCategory = {}));
|
|
26
|
+
/**
|
|
27
|
+
* Classifies MCP tools into vulnerability categories based on naming patterns
|
|
28
|
+
* and descriptions. Uses patterns validated by testing against broken-mcp server.
|
|
29
|
+
*/
|
|
30
|
+
export class ToolClassifier {
|
|
31
|
+
/**
|
|
32
|
+
* Classify a tool into one or more categories
|
|
33
|
+
* Returns multiple categories if tool matches multiple patterns
|
|
34
|
+
*/
|
|
35
|
+
classify(toolName, description) {
|
|
36
|
+
const categories = [];
|
|
37
|
+
const confidenceScores = [];
|
|
38
|
+
const reasons = [];
|
|
39
|
+
const toolText = `${toolName} ${description || ""}`.toLowerCase();
|
|
40
|
+
// Calculator tools (HIGH RISK)
|
|
41
|
+
// Validated: vulnerable_calculator_tool
|
|
42
|
+
if (this.matchesPattern(toolText, [
|
|
43
|
+
/calculator/i,
|
|
44
|
+
/compute/i,
|
|
45
|
+
/math/i,
|
|
46
|
+
/calc/i,
|
|
47
|
+
/eval/i,
|
|
48
|
+
/arithmetic/i,
|
|
49
|
+
/expression/i,
|
|
50
|
+
])) {
|
|
51
|
+
categories.push(ToolCategory.CALCULATOR);
|
|
52
|
+
confidenceScores.push(90);
|
|
53
|
+
reasons.push("Calculator pattern detected (arithmetic execution risk)");
|
|
54
|
+
}
|
|
55
|
+
// System execution tools (HIGH RISK)
|
|
56
|
+
// Validated: vulnerable_system_exec_tool
|
|
57
|
+
if (this.matchesPattern(toolText, [
|
|
58
|
+
/system.*exec/i,
|
|
59
|
+
/exec.*tool/i,
|
|
60
|
+
/command/i,
|
|
61
|
+
/shell/i,
|
|
62
|
+
/\brun\b/i,
|
|
63
|
+
/execute/i,
|
|
64
|
+
/process/i,
|
|
65
|
+
])) {
|
|
66
|
+
categories.push(ToolCategory.SYSTEM_EXEC);
|
|
67
|
+
confidenceScores.push(95);
|
|
68
|
+
reasons.push("System execution pattern detected (command injection risk)");
|
|
69
|
+
}
|
|
70
|
+
// Data access/leak tools (HIGH RISK)
|
|
71
|
+
// Validated: vulnerable_data_leak_tool
|
|
72
|
+
if (this.matchesPattern(toolText, [
|
|
73
|
+
/leak/i,
|
|
74
|
+
/\bdata\b/i,
|
|
75
|
+
/show/i,
|
|
76
|
+
/\bget\b/i,
|
|
77
|
+
/\blist\b/i,
|
|
78
|
+
/display/i,
|
|
79
|
+
/\benv/i,
|
|
80
|
+
/secret/i,
|
|
81
|
+
/\bkey\b/i,
|
|
82
|
+
/credential/i,
|
|
83
|
+
/exfiltrat/i,
|
|
84
|
+
])) {
|
|
85
|
+
categories.push(ToolCategory.DATA_ACCESS);
|
|
86
|
+
confidenceScores.push(85);
|
|
87
|
+
reasons.push("Data access pattern detected (data exfiltration risk)");
|
|
88
|
+
}
|
|
89
|
+
// Tool override/shadowing (HIGH RISK)
|
|
90
|
+
// Validated: vulnerable_tool_override_tool
|
|
91
|
+
if (this.matchesPattern(toolText, [
|
|
92
|
+
/override/i,
|
|
93
|
+
/shadow/i,
|
|
94
|
+
/poison/i,
|
|
95
|
+
/create.*tool/i,
|
|
96
|
+
/register.*tool/i,
|
|
97
|
+
/define.*tool/i,
|
|
98
|
+
/tool.*creator/i,
|
|
99
|
+
/add.*tool/i,
|
|
100
|
+
])) {
|
|
101
|
+
categories.push(ToolCategory.TOOL_OVERRIDE);
|
|
102
|
+
confidenceScores.push(92);
|
|
103
|
+
reasons.push("Tool override pattern detected (shadowing/poisoning risk)");
|
|
104
|
+
}
|
|
105
|
+
// Config modification tools (HIGH RISK)
|
|
106
|
+
// Validated: vulnerable_config_modifier_tool
|
|
107
|
+
if (this.matchesPattern(toolText, [
|
|
108
|
+
/config/i,
|
|
109
|
+
/setting/i,
|
|
110
|
+
/modifier/i,
|
|
111
|
+
/\badmin\b/i,
|
|
112
|
+
/privilege/i,
|
|
113
|
+
/permission/i,
|
|
114
|
+
/configure/i,
|
|
115
|
+
/drift/i,
|
|
116
|
+
])) {
|
|
117
|
+
categories.push(ToolCategory.CONFIG_MODIFIER);
|
|
118
|
+
confidenceScores.push(88);
|
|
119
|
+
reasons.push("Config modification pattern detected (configuration drift risk)");
|
|
120
|
+
}
|
|
121
|
+
// URL fetching tools (HIGH RISK)
|
|
122
|
+
// Validated: vulnerable_fetcher_tool
|
|
123
|
+
if (this.matchesPattern(toolText, [
|
|
124
|
+
/fetch/i,
|
|
125
|
+
/\burl\b/i,
|
|
126
|
+
/http/i,
|
|
127
|
+
/download/i,
|
|
128
|
+
/load/i,
|
|
129
|
+
/retrieve/i,
|
|
130
|
+
/\bget\b.*url/i,
|
|
131
|
+
/external/i,
|
|
132
|
+
])) {
|
|
133
|
+
categories.push(ToolCategory.URL_FETCHER);
|
|
134
|
+
confidenceScores.push(87);
|
|
135
|
+
reasons.push("URL fetcher pattern detected (indirect prompt injection risk)");
|
|
136
|
+
}
|
|
137
|
+
// Unicode processing tools (MEDIUM RISK)
|
|
138
|
+
// Validated: vulnerable_unicode_processor_tool
|
|
139
|
+
if (this.matchesPattern(toolText, [
|
|
140
|
+
/unicode/i,
|
|
141
|
+
/encode/i,
|
|
142
|
+
/decode/i,
|
|
143
|
+
/charset/i,
|
|
144
|
+
/utf/i,
|
|
145
|
+
/hex/i,
|
|
146
|
+
/escape/i,
|
|
147
|
+
])) {
|
|
148
|
+
categories.push(ToolCategory.UNICODE_PROCESSOR);
|
|
149
|
+
confidenceScores.push(75);
|
|
150
|
+
reasons.push("Unicode processor pattern detected (bypass encoding risk)");
|
|
151
|
+
}
|
|
152
|
+
// JSON/nested parsing tools (MEDIUM RISK)
|
|
153
|
+
// Validated: vulnerable_nested_parser_tool
|
|
154
|
+
if (this.matchesPattern(toolText, [
|
|
155
|
+
/parser/i,
|
|
156
|
+
/parse/i,
|
|
157
|
+
/json/i,
|
|
158
|
+
/xml/i,
|
|
159
|
+
/yaml/i,
|
|
160
|
+
/nested/i,
|
|
161
|
+
/deserialize/i,
|
|
162
|
+
/unmarshal/i,
|
|
163
|
+
])) {
|
|
164
|
+
categories.push(ToolCategory.JSON_PARSER);
|
|
165
|
+
confidenceScores.push(78);
|
|
166
|
+
reasons.push("JSON/nested parser pattern detected (nested injection risk)");
|
|
167
|
+
}
|
|
168
|
+
// Package installation tools (MEDIUM RISK)
|
|
169
|
+
// Validated: vulnerable_package_installer_tool
|
|
170
|
+
if (this.matchesPattern(toolText, [
|
|
171
|
+
/install/i,
|
|
172
|
+
/package/i,
|
|
173
|
+
/\bnpm\b/i,
|
|
174
|
+
/\bpip\b/i,
|
|
175
|
+
/dependency/i,
|
|
176
|
+
/module/i,
|
|
177
|
+
/library/i,
|
|
178
|
+
/\bgem\b/i,
|
|
179
|
+
])) {
|
|
180
|
+
categories.push(ToolCategory.PACKAGE_INSTALLER);
|
|
181
|
+
confidenceScores.push(70);
|
|
182
|
+
reasons.push("Package installer pattern detected (typosquatting risk)");
|
|
183
|
+
}
|
|
184
|
+
// Rug pull (behavioral change over time) (MEDIUM RISK)
|
|
185
|
+
// Validated: vulnerable_rug_pull_tool
|
|
186
|
+
if (this.matchesPattern(toolText, [
|
|
187
|
+
/rug.*pull/i,
|
|
188
|
+
/trust/i,
|
|
189
|
+
/behavior.*change/i,
|
|
190
|
+
/malicious.*after/i,
|
|
191
|
+
/invocation.*count/i,
|
|
192
|
+
])) {
|
|
193
|
+
categories.push(ToolCategory.RUG_PULL);
|
|
194
|
+
confidenceScores.push(80);
|
|
195
|
+
reasons.push("Rug pull pattern detected (behavioral change risk)");
|
|
196
|
+
}
|
|
197
|
+
// API wrapper tools (SAFE - data passing, not code execution)
|
|
198
|
+
// These tools call external APIs and return data as text, not execute it as code
|
|
199
|
+
// Examples: Firecrawl (scrape, crawl, search), HTTP clients, REST/GraphQL clients
|
|
200
|
+
if (this.matchesPattern(toolText, [
|
|
201
|
+
/firecrawl/i,
|
|
202
|
+
/\bscrape\b/i,
|
|
203
|
+
/\bcrawl\b/i,
|
|
204
|
+
/web.*scraping/i,
|
|
205
|
+
/api.*wrapper/i,
|
|
206
|
+
/http.*client/i,
|
|
207
|
+
/web.*client/i,
|
|
208
|
+
/rest.*client/i,
|
|
209
|
+
/graphql.*client/i,
|
|
210
|
+
/fetch.*web.*content/i,
|
|
211
|
+
])) {
|
|
212
|
+
categories.push(ToolCategory.API_WRAPPER);
|
|
213
|
+
confidenceScores.push(95);
|
|
214
|
+
reasons.push("API wrapper pattern detected (safe data passing, not code execution)");
|
|
215
|
+
}
|
|
216
|
+
// Search and retrieval tools (SAFE - returns search results/data, not code execution)
|
|
217
|
+
// Examples: notion-search, notion-query-database, search, find, lookup
|
|
218
|
+
if (this.matchesPattern(toolText, [
|
|
219
|
+
/\bsearch\b/i,
|
|
220
|
+
/\bfind\b/i,
|
|
221
|
+
/\blookup\b/i,
|
|
222
|
+
/\bquery\b/i,
|
|
223
|
+
/retrieve/i,
|
|
224
|
+
/\blist\b/i,
|
|
225
|
+
/get.*users/i,
|
|
226
|
+
/get.*pages/i,
|
|
227
|
+
/get.*database/i,
|
|
228
|
+
])) {
|
|
229
|
+
categories.push(ToolCategory.SEARCH_RETRIEVAL);
|
|
230
|
+
confidenceScores.push(93);
|
|
231
|
+
reasons.push("Search/retrieval pattern detected (returns data, not code execution)");
|
|
232
|
+
}
|
|
233
|
+
// CRUD creation/modification tools (SAFE - creates/modifies resources, not code execution)
|
|
234
|
+
// Examples: notion-create-database, notion-create-page, create, add, insert, update
|
|
235
|
+
if (this.matchesPattern(toolText, [
|
|
236
|
+
/\bcreate\b/i,
|
|
237
|
+
/\badd\b/i,
|
|
238
|
+
/\binsert\b/i,
|
|
239
|
+
/\bupdate\b/i,
|
|
240
|
+
/\bmodify\b/i,
|
|
241
|
+
/\bdelete\b/i,
|
|
242
|
+
/\bduplicate\b/i,
|
|
243
|
+
/\bmove\b/i,
|
|
244
|
+
/\bappend\b/i,
|
|
245
|
+
])) {
|
|
246
|
+
categories.push(ToolCategory.CRUD_CREATION);
|
|
247
|
+
confidenceScores.push(92);
|
|
248
|
+
reasons.push("CRUD operation pattern detected (data manipulation, not code execution)");
|
|
249
|
+
}
|
|
250
|
+
// Read-only info tools (SAFE - returns user/workspace info, intended data exposure)
|
|
251
|
+
// Examples: notion-get-self, notion-get-teams, get-self, whoami, get-info, get-status
|
|
252
|
+
if (this.matchesPattern(toolText, [
|
|
253
|
+
/get.*self/i,
|
|
254
|
+
/get.*teams/i,
|
|
255
|
+
/get.*info/i,
|
|
256
|
+
/get.*status/i,
|
|
257
|
+
/\bwhoami\b/i,
|
|
258
|
+
/get.*workspace/i,
|
|
259
|
+
/get.*user/i,
|
|
260
|
+
/current.*user/i,
|
|
261
|
+
])) {
|
|
262
|
+
categories.push(ToolCategory.READ_ONLY_INFO);
|
|
263
|
+
confidenceScores.push(94);
|
|
264
|
+
reasons.push("Read-only info pattern detected (intended data exposure, not vulnerability)");
|
|
265
|
+
}
|
|
266
|
+
// Safe storage tools (CONTROL GROUP - should never show vulnerabilities)
|
|
267
|
+
// Validated: safe_storage_tool_mcp, safe_search_tool_mcp, safe_list_tool_mcp,
|
|
268
|
+
// safe_info_tool_mcp, safe_echo_tool_mcp, safe_validate_tool_mcp
|
|
269
|
+
if (this.matchesPattern(toolText, [
|
|
270
|
+
/safe.*storage/i,
|
|
271
|
+
/safe.*search/i,
|
|
272
|
+
/safe.*list/i,
|
|
273
|
+
/safe.*info/i,
|
|
274
|
+
/safe.*echo/i,
|
|
275
|
+
/safe.*validate/i,
|
|
276
|
+
/safe.*tool/i,
|
|
277
|
+
])) {
|
|
278
|
+
categories.push(ToolCategory.SAFE_STORAGE);
|
|
279
|
+
confidenceScores.push(99);
|
|
280
|
+
reasons.push("Safe tool pattern detected (control group - should be safe)");
|
|
281
|
+
}
|
|
282
|
+
// Default to generic if no specific matches
|
|
283
|
+
if (categories.length === 0) {
|
|
284
|
+
categories.push(ToolCategory.GENERIC);
|
|
285
|
+
confidenceScores.push(50);
|
|
286
|
+
reasons.push("No specific pattern match, using generic tests");
|
|
287
|
+
}
|
|
288
|
+
// Calculate overall confidence (average of matched pattern confidences)
|
|
289
|
+
const avgConfidence = confidenceScores.reduce((a, b) => a + b, 0) / confidenceScores.length;
|
|
290
|
+
return {
|
|
291
|
+
toolName,
|
|
292
|
+
categories,
|
|
293
|
+
confidence: Math.round(avgConfidence),
|
|
294
|
+
reasoning: reasons.join("; "),
|
|
295
|
+
};
|
|
296
|
+
}
|
|
297
|
+
/**
|
|
298
|
+
* Check if text matches any of the provided patterns
|
|
299
|
+
*/
|
|
300
|
+
matchesPattern(text, patterns) {
|
|
301
|
+
return patterns.some((pattern) => pattern.test(text));
|
|
302
|
+
}
|
|
303
|
+
/**
|
|
304
|
+
* Get all tool categories (for testing/debugging)
|
|
305
|
+
*/
|
|
306
|
+
static getAllCategories() {
|
|
307
|
+
return Object.values(ToolCategory);
|
|
308
|
+
}
|
|
309
|
+
/**
|
|
310
|
+
* Get risk level for a category
|
|
311
|
+
*/
|
|
312
|
+
static getRiskLevel(category) {
|
|
313
|
+
const highRiskCategories = [
|
|
314
|
+
ToolCategory.CALCULATOR,
|
|
315
|
+
ToolCategory.SYSTEM_EXEC,
|
|
316
|
+
ToolCategory.DATA_ACCESS,
|
|
317
|
+
ToolCategory.TOOL_OVERRIDE,
|
|
318
|
+
ToolCategory.CONFIG_MODIFIER,
|
|
319
|
+
ToolCategory.URL_FETCHER,
|
|
320
|
+
];
|
|
321
|
+
const mediumRiskCategories = [
|
|
322
|
+
ToolCategory.UNICODE_PROCESSOR,
|
|
323
|
+
ToolCategory.JSON_PARSER,
|
|
324
|
+
ToolCategory.PACKAGE_INSTALLER,
|
|
325
|
+
ToolCategory.RUG_PULL,
|
|
326
|
+
];
|
|
327
|
+
const lowRiskCategories = [
|
|
328
|
+
ToolCategory.API_WRAPPER,
|
|
329
|
+
ToolCategory.SEARCH_RETRIEVAL,
|
|
330
|
+
ToolCategory.CRUD_CREATION,
|
|
331
|
+
ToolCategory.READ_ONLY_INFO,
|
|
332
|
+
ToolCategory.SAFE_STORAGE,
|
|
333
|
+
ToolCategory.GENERIC,
|
|
334
|
+
];
|
|
335
|
+
if (highRiskCategories.includes(category))
|
|
336
|
+
return "HIGH";
|
|
337
|
+
if (mediumRiskCategories.includes(category))
|
|
338
|
+
return "MEDIUM";
|
|
339
|
+
if (lowRiskCategories.includes(category))
|
|
340
|
+
return "LOW";
|
|
341
|
+
return "LOW";
|
|
342
|
+
}
|
|
343
|
+
/**
|
|
344
|
+
* Classify multiple tools at once
|
|
345
|
+
*/
|
|
346
|
+
classifyBatch(tools) {
|
|
347
|
+
return tools.map((tool) => this.classify(tool.name, tool.description));
|
|
348
|
+
}
|
|
349
|
+
}
|
|
@@ -0,0 +1,160 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* Claude Code Bridge
|
|
3
|
+
*
|
|
4
|
+
* Provides integration with Claude Code CLI for intelligent analysis tasks.
|
|
5
|
+
* Uses shell execution with `claude --print` for stateless reasoning.
|
|
6
|
+
*
|
|
7
|
+
* This bridge enables:
|
|
8
|
+
* - Intelligent test parameter generation
|
|
9
|
+
* - Semantic AUP violation analysis
|
|
10
|
+
* - Tool behavior inference for annotation validation
|
|
11
|
+
* - Documentation quality assessment
|
|
12
|
+
*/
|
|
13
|
+
import type { Tool } from "@modelcontextprotocol/sdk/types.js";
|
|
14
|
+
import type { AUPCategory } from "../../../lib/assessmentTypes.js";
|
|
15
|
+
/**
|
|
16
|
+
* Response from Claude Code execution
|
|
17
|
+
*/
|
|
18
|
+
export interface ClaudeCodeResponse {
|
|
19
|
+
success: boolean;
|
|
20
|
+
output: string;
|
|
21
|
+
error?: string;
|
|
22
|
+
executionTimeMs?: number;
|
|
23
|
+
}
|
|
24
|
+
/**
|
|
25
|
+
* Configuration for Claude Code Bridge
|
|
26
|
+
*/
|
|
27
|
+
export interface ClaudeCodeBridgeConfig {
|
|
28
|
+
enabled: boolean;
|
|
29
|
+
timeout?: number;
|
|
30
|
+
maxRetries?: number;
|
|
31
|
+
features: {
|
|
32
|
+
intelligentTestGeneration?: boolean;
|
|
33
|
+
aupSemanticAnalysis?: boolean;
|
|
34
|
+
behaviorInference?: boolean;
|
|
35
|
+
annotationInference?: boolean;
|
|
36
|
+
documentationAssessment?: boolean;
|
|
37
|
+
documentationQuality?: boolean;
|
|
38
|
+
};
|
|
39
|
+
}
|
|
40
|
+
/**
|
|
41
|
+
* Context for AUP violation analysis
|
|
42
|
+
*/
|
|
43
|
+
export interface AUPViolationContext {
|
|
44
|
+
toolName: string;
|
|
45
|
+
toolDescription: string;
|
|
46
|
+
category: AUPCategory;
|
|
47
|
+
categoryName: string;
|
|
48
|
+
location: string;
|
|
49
|
+
}
|
|
50
|
+
/**
|
|
51
|
+
* Result of AUP semantic analysis
|
|
52
|
+
*/
|
|
53
|
+
export interface AUPSemanticAnalysisResult {
|
|
54
|
+
isViolation: boolean;
|
|
55
|
+
isConfirmedViolation: boolean;
|
|
56
|
+
confidence: number;
|
|
57
|
+
reasoning: string;
|
|
58
|
+
category: AUPCategory;
|
|
59
|
+
suggestedAction: "block" | "flag_for_review" | "allow";
|
|
60
|
+
contextFactors: string[];
|
|
61
|
+
}
|
|
62
|
+
/**
|
|
63
|
+
* Result of tool behavior inference
|
|
64
|
+
*/
|
|
65
|
+
export interface BehaviorInferenceResult {
|
|
66
|
+
expectedReadOnly: boolean;
|
|
67
|
+
expectedDestructive: boolean;
|
|
68
|
+
confidence: number;
|
|
69
|
+
reasoning: string;
|
|
70
|
+
suggestedAnnotations: {
|
|
71
|
+
readOnlyHint?: boolean;
|
|
72
|
+
destructiveHint?: boolean;
|
|
73
|
+
idempotentHint?: boolean;
|
|
74
|
+
};
|
|
75
|
+
misalignmentDetected: boolean;
|
|
76
|
+
misalignmentDetails?: string;
|
|
77
|
+
}
|
|
78
|
+
/**
|
|
79
|
+
* Result of intelligent test generation
|
|
80
|
+
*/
|
|
81
|
+
export interface TestGenerationResult {
|
|
82
|
+
scenarios: Array<{
|
|
83
|
+
name: string;
|
|
84
|
+
description: string;
|
|
85
|
+
params: Record<string, unknown>;
|
|
86
|
+
expectedBehavior: string;
|
|
87
|
+
category: "happy_path" | "edge_case" | "boundary" | "error_case";
|
|
88
|
+
}>;
|
|
89
|
+
reasoning: string;
|
|
90
|
+
}
|
|
91
|
+
/**
|
|
92
|
+
* Default configuration with minimal features
|
|
93
|
+
*/
|
|
94
|
+
export declare const DEFAULT_CLAUDE_CODE_CONFIG: ClaudeCodeBridgeConfig;
|
|
95
|
+
/**
|
|
96
|
+
* Full configuration with all features enabled
|
|
97
|
+
*/
|
|
98
|
+
export declare const FULL_CLAUDE_CODE_CONFIG: ClaudeCodeBridgeConfig;
|
|
99
|
+
/**
|
|
100
|
+
* Claude Code Bridge
|
|
101
|
+
* Executes Claude CLI for intelligent analysis during MCP assessments
|
|
102
|
+
*/
|
|
103
|
+
export declare class ClaudeCodeBridge {
|
|
104
|
+
private config;
|
|
105
|
+
private isAvailable;
|
|
106
|
+
constructor(config: ClaudeCodeBridgeConfig);
|
|
107
|
+
/**
|
|
108
|
+
* Check if a specific feature is enabled
|
|
109
|
+
* Note: annotationInference is an alias for behaviorInference
|
|
110
|
+
*/
|
|
111
|
+
isFeatureEnabled(feature: keyof ClaudeCodeBridgeConfig["features"]): boolean;
|
|
112
|
+
/**
|
|
113
|
+
* Check if Claude CLI is available on the system
|
|
114
|
+
*/
|
|
115
|
+
private checkClaudeAvailability;
|
|
116
|
+
/**
|
|
117
|
+
* Execute Claude CLI with a prompt
|
|
118
|
+
*/
|
|
119
|
+
private executeClaudeCommand;
|
|
120
|
+
/**
|
|
121
|
+
* Execute with retries
|
|
122
|
+
*/
|
|
123
|
+
private executeWithRetry;
|
|
124
|
+
/**
|
|
125
|
+
* Parse JSON from Claude response, handling markdown code blocks
|
|
126
|
+
*/
|
|
127
|
+
private parseJsonResponse;
|
|
128
|
+
/**
|
|
129
|
+
* Analyze an AUP violation for false positives using semantic analysis
|
|
130
|
+
* @param matchedText - The text that matched the AUP pattern
|
|
131
|
+
* @param context - Context about the violation
|
|
132
|
+
*/
|
|
133
|
+
analyzeAUPViolation(matchedText: string, context: AUPViolationContext): Promise<AUPSemanticAnalysisResult | null>;
|
|
134
|
+
/**
|
|
135
|
+
* Infer expected tool behavior for annotation validation
|
|
136
|
+
*/
|
|
137
|
+
inferToolBehavior(tool: Tool, currentAnnotations?: {
|
|
138
|
+
readOnlyHint?: boolean;
|
|
139
|
+
destructiveHint?: boolean;
|
|
140
|
+
idempotentHint?: boolean;
|
|
141
|
+
}): Promise<BehaviorInferenceResult | null>;
|
|
142
|
+
/**
|
|
143
|
+
* Generate intelligent test scenarios for a tool
|
|
144
|
+
*/
|
|
145
|
+
generateTestScenarios(tool: Tool, existingScenarios: number): Promise<TestGenerationResult | null>;
|
|
146
|
+
/**
|
|
147
|
+
* Generate test parameters for a tool
|
|
148
|
+
* This returns just the parameter sets, used by TestDataGenerator
|
|
149
|
+
*/
|
|
150
|
+
generateTestParameters(tool: Tool): Promise<Record<string, unknown>[] | null>;
|
|
151
|
+
/**
|
|
152
|
+
* Assess documentation quality
|
|
153
|
+
*/
|
|
154
|
+
assessDocumentation(readmeContent: string, toolCount: number): Promise<{
|
|
155
|
+
score: number;
|
|
156
|
+
issues: string[];
|
|
157
|
+
suggestions: string[];
|
|
158
|
+
} | null>;
|
|
159
|
+
}
|
|
160
|
+
//# sourceMappingURL=claudeCodeBridge.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"claudeCodeBridge.d.ts","sourceRoot":"","sources":["../../../../src/services/assessment/lib/claudeCodeBridge.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;GAWG;AAGH,OAAO,KAAK,EAAE,IAAI,EAAE,MAAM,oCAAoC,CAAC;AAC/D,OAAO,KAAK,EAAE,WAAW,EAAE,MAAM,uBAAuB,CAAC;AAEzD;;GAEG;AACH,MAAM,WAAW,kBAAkB;IACjC,OAAO,EAAE,OAAO,CAAC;IACjB,MAAM,EAAE,MAAM,CAAC;IACf,KAAK,CAAC,EAAE,MAAM,CAAC;IACf,eAAe,CAAC,EAAE,MAAM,CAAC;CAC1B;AAED;;GAEG;AACH,MAAM,WAAW,sBAAsB;IACrC,OAAO,EAAE,OAAO,CAAC;IACjB,OAAO,CAAC,EAAE,MAAM,CAAC;IACjB,UAAU,CAAC,EAAE,MAAM,CAAC;IACpB,QAAQ,EAAE;QACR,yBAAyB,CAAC,EAAE,OAAO,CAAC;QACpC,mBAAmB,CAAC,EAAE,OAAO,CAAC;QAC9B,iBAAiB,CAAC,EAAE,OAAO,CAAC;QAC5B,mBAAmB,CAAC,EAAE,OAAO,CAAC;QAC9B,uBAAuB,CAAC,EAAE,OAAO,CAAC;QAClC,oBAAoB,CAAC,EAAE,OAAO,CAAC;KAChC,CAAC;CACH;AAED;;GAEG;AACH,MAAM,WAAW,mBAAmB;IAClC,QAAQ,EAAE,MAAM,CAAC;IACjB,eAAe,EAAE,MAAM,CAAC;IACxB,QAAQ,EAAE,WAAW,CAAC;IACtB,YAAY,EAAE,MAAM,CAAC;IACrB,QAAQ,EAAE,MAAM,CAAC;CAClB;AAED;;GAEG;AACH,MAAM,WAAW,yBAAyB;IACxC,WAAW,EAAE,OAAO,CAAC;IACrB,oBAAoB,EAAE,OAAO,CAAC;IAC9B,UAAU,EAAE,MAAM,CAAC;IACnB,SAAS,EAAE,MAAM,CAAC;IAClB,QAAQ,EAAE,WAAW,CAAC;IACtB,eAAe,EAAE,OAAO,GAAG,iBAAiB,GAAG,OAAO,CAAC;IACvD,cAAc,EAAE,MAAM,EAAE,CAAC;CAC1B;AAED;;GAEG;AACH,MAAM,WAAW,uBAAuB;IACtC,gBAAgB,EAAE,OAAO,CAAC;IAC1B,mBAAmB,EAAE,OAAO,CAAC;IAC7B,UAAU,EAAE,MAAM,CAAC;IACnB,SAAS,EAAE,MAAM,CAAC;IAClB,oBAAoB,EAAE;QACpB,YAAY,CAAC,EAAE,OAAO,CAAC;QACvB,eAAe,CAAC,EAAE,OAAO,CAAC;QAC1B,cAAc,CAAC,EAAE,OAAO,CAAC;KAC1B,CAAC;IACF,oBAAoB,EAAE,OAAO,CAAC;IAC9B,mBAAmB,CAAC,EAAE,MAAM,CAAC;CAC9B;AAED;;GAEG;AACH,MAAM,WAAW,oBAAoB;IACnC,SAAS,EAAE,KAAK,CAAC;QACf,IAAI,EAAE,MAAM,CAAC;QACb,WAAW,EAAE,MAAM,CAAC;QACpB,MAAM,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;QAChC,gBAAgB,EAAE,MAAM,CAAC;QACzB,QAAQ,EAAE,YAAY,GAAG,WAAW,GAAG,UAAU,GAAG,YAAY,CAAC;KAClE,CAAC,CAAC;IACH,SAAS,EAAE,MAAM,CAAC;CACnB;AAED;;GAEG;AACH,eAAO,MAAM,0BAA0B,EAAE,sBAYxC,CAAC;AAEF;;GAEG;AACH,eAAO,MAAM,uBAAuB,EAAE,sBAYrC,CAAC;AAEF;;;GAGG;AACH,qBAAa,gBAAgB;IAC3B,OAAO,CAAC,MAAM,CAAyB;IACvC,OAAO,CAAC,WAAW,CAAkB;gBAEzB,MAAM,EAAE,sBAAsB;IAW1C;;;OAGG;IACH,gBAAgB,CAAC,OAAO,EAAE,MAAM,sBAAsB,CAAC,UAAU,CAAC,GAAG,OAAO;IAgB5E;;OAEG;IACH,OAAO,CAAC,uBAAuB;IAS/B;;OAEG;IACH,OAAO,CAAC,oBAAoB;IA+B5B;;OAEG;YACW,gBAAgB;IAwB9B;;OAEG;IACH,OAAO,CAAC,iBAAiB;IAqBzB;;;;OAIG;IACG,mBAAmB,CACvB,WAAW,EAAE,MAAM,EACnB,OAAO,EAAE,mBAAmB,GAC3B,OAAO,CAAC,yBAAyB,GAAG,IAAI,CAAC;IA2C5C;;OAEG;IACG,iBAAiB,CACrB,IAAI,EAAE,IAAI,EACV,kBAAkB,CAAC,EAAE;QACnB,YAAY,CAAC,EAAE,OAAO,CAAC;QACvB,eAAe,CAAC,EAAE,OAAO,CAAC;QAC1B,cAAc,CAAC,EAAE,OAAO,CAAC;KAC1B,GACA,OAAO,CAAC,uBAAuB,GAAG,IAAI,CAAC;IAgD1C;;OAEG;IACG,qBAAqB,CACzB,IAAI,EAAE,IAAI,EACV,iBAAiB,EAAE,MAAM,GACxB,OAAO,CAAC,oBAAoB,GAAG,IAAI,CAAC;IAuCvC;;;OAGG;IACG,sBAAsB,CAC1B,IAAI,EAAE,IAAI,GACT,OAAO,CAAC,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,EAAE,GAAG,IAAI,CAAC;IAqC5C;;OAEG;IACG,mBAAmB,CACvB,aAAa,EAAE,MAAM,EACrB,SAAS,EAAE,MAAM,GAChB,OAAO,CAAC;QACT,KAAK,EAAE,MAAM,CAAC;QACd,MAAM,EAAE,MAAM,EAAE,CAAC;QACjB,WAAW,EAAE,MAAM,EAAE,CAAC;KACvB,GAAG,IAAI,CAAC;CA0CV"}
|