@fruition/fcp-mcp-server 1.24.0 → 1.25.0

package/dist/index.js

@@ -93,6 +93,7 @@ const TOOL_PERMISSIONS = {
     fcp_clone_to_staging: 'super_admin',
     fcp_clone_confirm: 'super_admin',
     fcp_shield_remove_domain: 'super_admin',
+    fcp_trusted_ip_remove_range: 'super_admin',
     fcp_backup_delete_pairing: 'super_admin',
     fcp_filesync_cancel_sync: 'super_admin',
     // --- admin+: mutating ops with real-world side effects ---
@@ -103,6 +104,8 @@ const TOOL_PERMISSIONS = {
     fcp_delete_checklist_item: 'admin',
     fcp_shield_add_domain: 'admin',
     fcp_shield_update_domain: 'admin',
+    fcp_trusted_ip_add_range: 'admin',
+    fcp_trusted_ip_update_range: 'admin',
     fcp_backup_enable: 'admin',
     fcp_backup_trigger: 'admin',
     fcp_backup_check_trigger: 'admin',
@@ -149,6 +152,8 @@ const TOOL_PERMISSIONS = {
     fcp_shield_list_domains: 'viewer',
     fcp_shield_get_domain: 'viewer',
     fcp_shield_get_metrics: 'viewer',
+    fcp_trusted_ip_list_ranges: 'viewer',
+    fcp_trusted_ip_export: 'viewer',
     fcp_backup_list_sites: 'viewer',
     fcp_backup_get_config: 'viewer',
     fcp_backup_list_eligible: 'viewer',
@@ -699,6 +704,78 @@ class FCPClient {
         });
     }
     // ============================================================================
+    // Trusted IP Range Methods (FRUPRI-761)
+    // ============================================================================
+    // Text-returning sibling of fetch() for endpoints that emit text/plain or
+    // text/yaml (export) or an empty 204 body (delete). The base fetch() always
+    // calls response.json() and would throw on those.
+    async fetchText(path, options = {}, timeoutMs) {
+        const url = `${this.baseUrl}${path}`;
+        const headers = {
+            ...(options.headers || {}),
+        };
+        if (this.token) {
+            if (this.token === 'dev_bypass') {
+                headers['X-Dev-Bypass'] = 'true';
+            }
+            else {
+                headers['X-API-Key'] = this.token;
+            }
+        }
+        const response = await fetch(url, {
+            ...options,
+            headers,
+            signal: AbortSignal.timeout(timeoutMs || this.defaultTimeout),
+        });
+        if (!response.ok) {
+            const error = await response.text();
+            throw new Error(`FCP API error (${response.status}): ${error}`);
+        }
+        return response.text();
+    }
+    async trustedIpListRanges(filters) {
+        const params = new URLSearchParams();
+        if (filters?.group)
+            params.append('group', filters.group);
+        if (filters?.include_pending)
+            params.append('include_pending', 'true');
+        if (filters?.include_expired)
+            params.append('include_expired', 'true');
+        const qs = params.toString();
+        return this.fetch(`/api/infrastructure/trusted-ips/entries${qs ? `?${qs}` : ''}`);
+    }
+    async trustedIpAddRange(input) {
+        return this.fetch('/api/infrastructure/trusted-ips/entries', {
+            method: 'POST',
+            body: JSON.stringify(input),
+        });
+    }
+    async trustedIpUpdateRange(id, updates) {
+        return this.fetch(`/api/infrastructure/trusted-ips/entries/${id}`, {
+            method: 'PUT',
+            body: JSON.stringify(updates),
+        });
+    }
+    async trustedIpRemoveRange(id) {
+        await this.fetchText(`/api/infrastructure/trusted-ips/entries/${id}`, {
+            method: 'DELETE',
+        });
+        return { ok: true, id, message: `Removed trusted IP entry ${id}` };
+    }
+    async trustedIpExport(opts) {
+        const params = new URLSearchParams();
+        if (opts?.format)
+            params.append('format', opts.format);
+        if (opts?.group)
+            params.append('group', opts.group);
+        if (opts?.purpose)
+            params.append('purpose', opts.purpose);
+        if (opts?.separator)
+            params.append('separator', opts.separator);
+        const qs = params.toString();
+        return this.fetchText(`/api/infrastructure/trusted-ips/export${qs ? `?${qs}` : ''}`);
+    }
+    // ============================================================================
     // Backup Management Methods
     // ============================================================================
     async backupListSites() {
@@ -2274,7 +2351,7 @@ const TOOLS = [
     // Nuclei Security Scanning
     {
         name: 'fcp_trigger_nuclei_scan',
-        description: 'Trigger a Nuclei security scan for a website. Creates a Kubernetes Job that runs the scan and stores results in the FCP database.',
+        description: 'Trigger a Nuclei security scan for a website. Queues the scan as a pending record in the FCP database for the local scanner to pick up and run; findings are written back to the database. Returns the scan ID for follow-up queries with fcp_get_nuclei_results.',
         inputSchema: {
             type: 'object',
             properties: {
@@ -2292,7 +2369,7 @@ const TOOLS = [
                 },
                 templates: {
                     type: 'string',
-                    description: 'Comma-separated Nuclei template categories (default: cves,exposures,misconfiguration). Options: cves, vulnerabilities, exposures, misconfiguration, technologies',
+                    description: 'Comma-separated Nuclei template categories (default: cves,exposures,misconfiguration). Options: cves, vulnerabilities, exposures, misconfiguration, technologies, ssl, dns, headless',
                 },
             },
             required: ['website_id'],
@@ -2843,6 +2920,126 @@ const TOOLS = [
         },
     },
     // ============================================================================
+    // Trusted IP Range Tools (FRUPRI-761)
+    // ============================================================================
+    {
+        name: 'fcp_trusted_ip_list_ranges',
+        description: 'List trusted IP ranges (CIDR entries). Scope to a group by id or slug, or omit group to list entries for every group (each tagged with group_slug). By default only approved, non-expired entries are returned.',
+        inputSchema: {
+            type: 'object',
+            properties: {
+                group: {
+                    type: 'string',
+                    description: 'Group id or slug to scope to (optional; omit for all groups)',
+                },
+                include_pending: {
+                    type: 'boolean',
+                    description: 'Include entries awaiting approval (default false)',
+                },
+                include_expired: {
+                    type: 'boolean',
+                    description: 'Include entries past their expires_at (default false)',
+                },
+            },
+        },
+    },
+    {
+        name: 'fcp_trusted_ip_add_range',
+        description: 'Add a CIDR to a trusted IP group. If the CIDR overlaps an existing entry the request is rejected with code=overlap unless override_reason (>=10 chars) is supplied to force-insert.',
+        inputSchema: {
+            type: 'object',
+            properties: {
+                group_id: { type: 'number', description: 'Target group id' },
+                cidr: {
+                    type: 'string',
+                    description: 'CIDR or bare IP (e.g. 73.241.16.0/24 or 73.241.16.5)',
+                },
+                label: { type: 'string', description: 'Human label for the range' },
+                purpose: {
+                    type: 'string',
+                    enum: ['employee-home', 'office', 'vendor', 'ci-runner', 'migration', 'partner', 'other'],
+                    description: 'Structured purpose',
+                },
+                ticket_ref: { type: 'string', description: 'Associated ticket reference' },
+                expires_at: {
+                    type: 'string',
+                    description: 'ISO-8601 expiry timestamp, or null for permanent',
+                },
+                override_reason: {
+                    type: 'string',
+                    description: 'Reason (>=10 chars) to force-insert past an overlap',
+                },
+            },
+            required: ['group_id', 'cidr'],
+        },
+    },
+    {
+        name: 'fcp_trusted_ip_update_range',
+        description: 'Update mutable fields of a trusted IP entry (label, purpose, ticket_ref, expires_at, approval_state). The CIDR itself is immutable; remove and re-add to change it.',
+        inputSchema: {
+            type: 'object',
+            properties: {
+                id: { type: 'number', description: 'Entry id to update' },
+                label: { type: 'string', description: 'New label' },
+                purpose: {
+                    type: 'string',
+                    enum: ['employee-home', 'office', 'vendor', 'ci-runner', 'migration', 'partner', 'other'],
+                    description: 'New purpose',
+                },
+                ticket_ref: { type: 'string', description: 'New ticket reference' },
+                expires_at: {
+                    type: 'string',
+                    description: 'New ISO-8601 expiry, or null for permanent',
+                },
+                approval_state: {
+                    type: 'string',
+                    enum: ['approved', 'pending', 'denied'],
+                    description: 'New approval state',
+                },
+            },
+            required: ['id'],
+        },
+    },
+    {
+        name: 'fcp_trusted_ip_remove_range',
+        description: 'Remove a trusted IP entry by id. The next sync run withdraws the CIDR from any live ingress/WAF targets the group propagates to.',
+        inputSchema: {
+            type: 'object',
+            properties: {
+                id: { type: 'number', description: 'Entry id to remove' },
+            },
+            required: ['id'],
+        },
+    },
+    {
+        name: 'fcp_trusted_ip_export',
+        description: 'Export approved, non-expired CIDRs for a group (or all groups) in a consumable form. format=plain (default) joins CIDRs with separator (use separator=comma for an ingress-nginx whitelist-source-range value); format=json and format=yaml are also supported.',
+        inputSchema: {
+            type: 'object',
+            properties: {
+                format: {
+                    type: 'string',
+                    enum: ['plain', 'json', 'yaml'],
+                    description: 'Output format (default plain)',
+                },
+                group: {
+                    type: 'string',
+                    description: 'Group id or slug to scope to (optional; omit for all groups)',
+                },
+                purpose: {
+                    type: 'string',
+                    enum: ['employee-home', 'office', 'vendor', 'ci-runner', 'migration', 'partner', 'other'],
+                    description: 'Optional purpose filter',
+                },
+                separator: {
+                    type: 'string',
+                    enum: ['newline', 'comma', 'space'],
+                    description: 'Separator for plain format (default newline)',
+                },
+            },
+        },
+    },
+    // ============================================================================
     // Backup Management Tools
     // ============================================================================
     {
@@ -4573,6 +4770,72 @@ server.setRequestHandler(CallToolRequestSchema, async (request) => {
                 };
             }
             // ============================================================================
+            // Trusted IP Range Handlers (FRUPRI-761)
+            // ============================================================================
+            case 'fcp_trusted_ip_list_ranges': {
+                const { group, include_pending, include_expired } = args;
+                const result = await client.trustedIpListRanges({
+                    group,
+                    include_pending,
+                    include_expired,
+                });
+                return {
+                    content: [{ type: 'text', text: JSON.stringify(result, null, 2) }],
+                };
+            }
+            case 'fcp_trusted_ip_add_range': {
+                const { group_id, cidr, label, purpose, ticket_ref, expires_at, override_reason, } = args;
+                const result = await client.trustedIpAddRange({
+                    group_id,
+                    cidr,
+                    label,
+                    purpose,
+                    ticket_ref,
+                    expires_at,
+                    override_reason,
+                });
+                return {
+                    content: [{ type: 'text', text: JSON.stringify(result, null, 2) }],
+                };
+            }
+            case 'fcp_trusted_ip_update_range': {
+                const { id, label, purpose, ticket_ref, expires_at, approval_state } = args;
+                const updates = {};
+                if (label !== undefined)
+                    updates.label = label;
+                if (purpose !== undefined)
+                    updates.purpose = purpose;
+                if (ticket_ref !== undefined)
+                    updates.ticket_ref = ticket_ref;
+                if (expires_at !== undefined)
+                    updates.expires_at = expires_at;
+                if (approval_state !== undefined)
+                    updates.approval_state = approval_state;
+                const result = await client.trustedIpUpdateRange(id, updates);
+                return {
+                    content: [{ type: 'text', text: JSON.stringify(result, null, 2) }],
+                };
+            }
+            case 'fcp_trusted_ip_remove_range': {
+                const { id } = args;
+                const result = await client.trustedIpRemoveRange(id);
+                return {
+                    content: [{ type: 'text', text: JSON.stringify(result, null, 2) }],
+                };
+            }
+            case 'fcp_trusted_ip_export': {
+                const { format, group, purpose, separator } = args;
+                const text = await client.trustedIpExport({
+                    format,
+                    group,
+                    purpose,
+                    separator,
+                });
+                return {
+                    content: [{ type: 'text', text }],
+                };
+            }
+            // ============================================================================
             // Backup Management Handlers
             // ============================================================================
             case 'fcp_backup_list_sites': {

package/dist/skills-sync.d.ts

@@ -105,6 +105,17 @@ export declare function discoverLocalSkills(skillsDir: string): Promise<ParsedSk
  * Returns null if pushable, or a reason string if not.
  */
 export declare function pushSkipReason(skill: ParsedSkill): string | null;
+/**
+ * Validate a slug that arrives from the *remote* knowledge graph before it is
+ * used to build a filesystem path on pull. `node.source_id`/`node.name` are
+ * attacker-influenceable (any team member or compromised KG can author a skill
+ * node with an arbitrary source_id), so an unchecked slug like
+ * `../../../.config/autostart/x` would let `join(skillsDir, slug, ...)` escape
+ * the skills directory and write attacker content anywhere the user can write.
+ * A safe slug is a single path component: no separators, no `..`, no leading
+ * dot/tilde, no control/whitespace. Returns null if safe, else a reason string.
+ */
+export declare function pullSlugReason(slug: string): string | null;
 /**
  * Detect control characters (other than tab, LF, CR) in the body. The Unroo
  * capture-skill endpoint 500s on null bytes — and they're never legitimate

package/dist/skills-sync.js

@@ -24,7 +24,7 @@
  */
 import { promises as fs, existsSync, readFileSync, writeFileSync, mkdirSync, } from 'fs';
 import { homedir } from 'os';
-import { join, basename } from 'path';
+import { join, basename, resolve, sep } from 'path';
 import { createHash } from 'crypto';
 // ---------------------------------------------------------------------------
 // Constants
@@ -268,6 +268,28 @@ export function pushSkipReason(skill) {
     }
     return null;
 }
+/**
+ * Validate a slug that arrives from the *remote* knowledge graph before it is
+ * used to build a filesystem path on pull. `node.source_id`/`node.name` are
+ * attacker-influenceable (any team member or compromised KG can author a skill
+ * node with an arbitrary source_id), so an unchecked slug like
+ * `../../../.config/autostart/x` would let `join(skillsDir, slug, ...)` escape
+ * the skills directory and write attacker content anywhere the user can write.
+ * A safe slug is a single path component: no separators, no `..`, no leading
+ * dot/tilde, no control/whitespace. Returns null if safe, else a reason string.
+ */
+export function pullSlugReason(slug) {
+    if (!slug)
+        return 'empty slug';
+    // Single, conservative path component. Mirrors the directory names the push
+    // side produces (kebab-case skill slugs) and rejects everything else.
+    if (!/^[A-Za-z0-9][A-Za-z0-9._-]*$/.test(slug)) {
+        return 'slug is not a safe single path component';
+    }
+    if (slug.includes('..'))
+        return 'slug contains ".."';
+    return null;
+}
 /**
  * Detect control characters (other than tab, LF, CR) in the body. The Unroo
  * capture-skill endpoint 500s on null bytes — and they're never legitimate
@@ -421,13 +443,35 @@ async function pullOnce(ctx, state, result) {
         const slug = node.source_id || node.name;
         if (!slug)
             continue;
+        // Never let a remote-controlled slug escape the skills directory.
+        const unsafeReason = pullSlugReason(slug);
+        if (unsafeReason) {
+            result.skipped.push({ slug, why: unsafeReason });
+            continue;
+        }
         const props = node.properties ?? {};
-        const bodyMarkdown = typeof props.bodyMarkdown === 'string' ? props.bodyMarkdown : '';
+        // The capture endpoint receives `bodyMarkdown` from the wire but persists
+        // it to kg_nodes.properties as `body_md` (see knowledge-graph.ts upsertSkill).
+        // The search endpoint returns properties verbatim, so the pull side reads
+        // `body_md`. Accept either for forward-compat in case the storage shape
+        // is normalized later.
+        const bodyMarkdown = typeof props.body_md === 'string'
+            ? props.body_md
+            : typeof props.bodyMarkdown === 'string'
+                ? props.bodyMarkdown
+                : '';
         if (!bodyMarkdown) {
-            result.skipped.push({ slug, why: 'remote has no bodyMarkdown' });
+            result.skipped.push({ slug, why: 'remote has no body_md' });
             continue;
         }
         const localPath = join(ctx.skillsDir, slug, 'SKILL.md');
+        // Defense in depth: even with a validated slug, confirm the resolved path
+        // stays inside the skills directory before any mkdir/write.
+        const skillsRoot = resolve(ctx.skillsDir);
+        if (!resolve(localPath).startsWith(skillsRoot + sep)) {
+            result.skipped.push({ slug, why: 'resolved path escapes skills dir' });
+            continue;
+        }
         const existed = existsSync(localPath);
         const prev = state.skills[slug] ?? {};
         // Local doesn't exist — straight pull (clean install or new team skill)

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@fruition/fcp-mcp-server",
-  "version": "1.24.0",
+  "version": "1.25.0",
   "description": "MCP Server for FCP Launch Coordination System - enables Claude Code to interact with FCP launches and track development time",
   "main": "dist/index.js",
   "type": "module",