@lhi/tdd-audit 1.10.0 → 1.11.0

package/index.js

@@ -48,10 +48,12 @@ const targetTestDir = path.join(projectDir, testBaseDir, 'security');
 // ─── Init mode early exit ────────────────────────────────────────────────────
 
 if (args[0] === 'init') {
-  const destArg = args[1] && !args[1].startsWith('-') ? args[1] : undefined;
-  const force   = args.includes('--force');
+  const destArg    = args[1] && !args[1].startsWith('-') ? args[1] : undefined;
+  const force      = args.includes('--force');
+  const providerIdx = args.indexOf('--provider');
+  const provider   = providerIdx !== -1 ? args[providerIdx + 1] : 'openai';
   try {
-    const written = writeInitConfig(destArg, force);
+    const written = writeInitConfig(destArg, force, provider);
     console.log(`✅ Created ${path.relative(process.cwd(), written)}`);
     console.log('   Edit it, then run: node index.js serve   or   node index.js --scan');
   } catch (e) {

package/lib/config.js

@@ -19,12 +19,36 @@ const DEFAULTS = {
   trustProxy:        false,     // trust X-Forwarded-For for rate limiting
 };
 
+// Provider-specific defaults for `tdd-audit init --provider <name>`
+const PROVIDER_TEMPLATES = {
+  openai: {
+    provider:  'openai',
+    model:     'gpt-4o',
+    apiKeyEnv: 'OPENAI_API_KEY',
+    baseUrl:   null,
+  },
+  anthropic: {
+    provider:  'anthropic',
+    model:     'claude-opus-4-6',
+    apiKeyEnv: 'ANTHROPIC_API_KEY',
+    baseUrl:   null,
+  },
+  gemini: {
+    provider:  'gemini',
+    model:     'gemini-2.0-flash',
+    apiKeyEnv: 'GEMINI_API_KEY',
+    baseUrl:   null,
+  },
+  ollama: {
+    provider:  'ollama',
+    model:     'llama3',
+    apiKeyEnv: null,
+    baseUrl:   'http://localhost:11434',
+  },
+};
+
 // Template written by `tdd-audit init`
 const INIT_TEMPLATE = {
-  provider:          'openai',
-  model:             'gpt-4o',
-  apiKeyEnv:         'OPENAI_API_KEY',
-  baseUrl:           null,
   output:            'text',
   severityThreshold: 'LOW',
   port:              3000,
@@ -102,15 +126,23 @@ function parseCliOverrides(args) {
  *
  * @param {string}  [destPath]
  * @param {boolean} [force=false]
+ * @param {string}  [provider='openai']
  * @returns {string}
  */
-function writeInitConfig(destPath, force = false) {
+function writeInitConfig(destPath, force = false, provider = 'openai') {
+  const providerDefaults = PROVIDER_TEMPLATES[provider];
+  if (!providerDefaults) {
+    throw new Error(
+      `Unknown provider "${provider}". Valid options: ${Object.keys(PROVIDER_TEMPLATES).join(', ')}`
+    );
+  }
   const target = destPath || path.join(process.cwd(), CONFIG_FILE);
   if (fs.existsSync(target) && !force) {
     throw new Error(`${target} already exists. Pass --force to overwrite.`);
   }
-  fs.writeFileSync(target, JSON.stringify(INIT_TEMPLATE, null, 2) + '\n', 'utf8');
+  const template = { ...providerDefaults, ...INIT_TEMPLATE };
+  fs.writeFileSync(target, JSON.stringify(template, null, 2) + '\n', 'utf8');
   return target;
 }
 
-module.exports = { loadConfig, parseCliOverrides, writeInitConfig, DEFAULTS, INIT_TEMPLATE, CONFIG_FILE };
+module.exports = { loadConfig, parseCliOverrides, writeInitConfig, DEFAULTS, INIT_TEMPLATE, PROVIDER_TEMPLATES, CONFIG_FILE };

package/lib/remediator.js

@@ -68,15 +68,32 @@ function sanitizeSnippet(raw) {
     .trim();
 }
 
+/**
+ * Sanitize a scalar finding field (name, file, line, severity) before
+ * embedding it in an AI prompt. Strips null bytes and collapses newlines
+ * so that attacker-controlled metadata cannot inject top-level instructions.
+ */
+function sanitizeField(raw) {
+  const s = typeof raw === 'string' ? raw : String(raw ?? '');
+  return s
+    .replace(/\x00/g, '')
+    .replace(/[\r\n]+/g, ' ')
+    .trim();
+}
+
 function buildRemediationPrompt(finding) {
-  const snippet = sanitizeSnippet(finding.snippet);
+  const snippet  = sanitizeSnippet(finding.snippet);
+  const name     = sanitizeField(finding.name);
+  const severity = sanitizeField(finding.severity);
+  const file     = sanitizeField(finding.file);
+  const line     = sanitizeField(finding.line);
   return `You are a security engineer applying the Red-Green-Refactor TDD remediation protocol.
 
 VULNERABILITY FINDING:
-- Type: ${finding.name}
-- Severity: ${finding.severity}
-- File: ${finding.file}
-- Line: ${finding.line}
+- Type: ${name}
+- Severity: ${severity}
+- File: ${file}
+- Line: ${line}
 - Code snippet: <snippet>${snippet}</snippet>
 
 TASK:
@@ -118,6 +135,18 @@ async function callProvider(provider, apiKey, model, prompt, baseUrl) {
 
   let url = typeof p.url === 'function' ? p.url(apiKey) : p.url;
   if (baseUrl && p.openaiCompat) {
+    // Validate baseUrl to prevent SSRF: must be HTTPS or a localhost origin.
+    let parsed;
+    try { parsed = new URL(baseUrl); } catch {
+      throw new Error(`Invalid baseUrl "${baseUrl}" — must be a valid URL`);
+    }
+    const isLocalhost = ['localhost', '127.0.0.1', '::1'].includes(parsed.hostname);
+    if (parsed.protocol !== 'https:' && !isLocalhost) {
+      throw new Error(
+        `baseUrl must use HTTPS for non-localhost hosts (got "${parsed.protocol}//${parsed.hostname}"). ` +
+        'Plain HTTP is only allowed for localhost.'
+      );
+    }
     // Any OpenAI-compatible service: strip trailing slash and append path
     url = baseUrl.replace(/\/+$/, '') + '/chat/completions';
   }
@@ -126,8 +155,11 @@ async function callProvider(provider, apiKey, model, prompt, baseUrl) {
 
   const res = await fetch(url, { method: 'POST', headers, body });
   if (!res.ok) {
-    const text = await res.text().catch(() => '');
-    throw new Error(`Provider ${provider} returned ${res.status}: ${text.slice(0, 200)}`);
+    const raw  = await res.text().catch(() => '');
+    // Redact the apiKey from provider error bodies before surfacing the message —
+    // some providers echo the submitted key in 401/403 responses.
+    const safe = apiKey ? raw.split(apiKey).join('[REDACTED]') : raw;
+    throw new Error(`Provider ${provider} returned ${res.status}: ${safe.slice(0, 200)}`);
   }
   const data = await res.json();
   return p.extract(data);

package/lib/server.js

@@ -65,10 +65,11 @@ const rateLimiter = {
 function json(res, status, body) {
   const payload = JSON.stringify(body);
   res.writeHead(status, {
-    'Content-Type':  'application/json',
-    'Content-Length': Buffer.byteLength(payload),
-    'X-Content-Type-Options': 'nosniff',
-    'X-Frame-Options': 'DENY',
+    'Content-Type':            'application/json',
+    'Content-Length':           Buffer.byteLength(payload),
+    'X-Content-Type-Options':  'nosniff',
+    'X-Frame-Options':         'DENY',
+    'Content-Security-Policy': "default-src 'none'",
   });
   res.end(payload);
 }

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@lhi/tdd-audit",
-  "version": "1.10.0",
+  "version": "1.11.0",
   "description": "Security skill installer for Claude Code, Gemini CLI, Cursor, Codex, and OpenCode. Patches vulnerabilities using a Red-Green-Refactor exploit-test protocol.",
   "main": "index.js",
   "bin": {
@@ -21,6 +21,7 @@
     "test": "jest --forceExit",
     "test:unit": "jest --testPathPatterns=__tests__/unit --forceExit --coverage",
     "test:security": "jest --testPathPatterns=__tests__/security --forceExit",
+    "test:e2e": "jest --testPathPatterns=__tests__/e2e --forceExit",
     "test:smoke": "node index.js --local --skip-scan && echo 'Smoke test passed'"
   },
   "keywords": [