npm - @lhi/tdd-audit - Versions diffs - 1.16.0 → 1.20.0 - Mend

@lhi/tdd-audit 1.16.0 → 1.20.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (20) hide show

package/README.md +214 -93
package/SKILL.md +6 -0
package/docs/ai-remediation.md +114 -42
package/docs/configuration.md +236 -0
package/docs/rest-api.md +144 -131
package/docs/scanner.md +5 -3
package/docs/vulnerability-patterns.md +241 -1
package/index.js +37 -26
package/lib/auditor.js +880 -0
package/lib/badge.js +34 -7
package/lib/config.js +50 -1
package/lib/github.js +1 -1
package/lib/plugin.js +118 -23
package/lib/reporter.js +23 -5
package/lib/scanner.js +29 -0
package/package.json +1 -1
package/prompts/ai-security.md +329 -0
package/prompts/auto-audit.md +462 -17
package/prompts/node-advanced-security.md +394 -0
package/prompts/security-test-patterns.md +522 -0

package/lib/badge.js CHANGED Viewed

@@ -8,6 +8,24 @@ const BADGE_MARKER = 'tdd-audit-badge';
 const NPM_URL = 'https://www.npmjs.com/package/@lhi/tdd-audit';
+/**
+ * Validate that a URL uses http: or https:. Returns the URL if safe, NPM_URL otherwise.
+ * Prevents javascript:, data:, file:, and protocol-relative URLs from landing in
+ * badge links or SARIF output.
+ * @param {string} raw
+ * @returns {string}
+ */
+function safeSiteUrl(raw) {
+  if (!raw || !raw.trim()) return NPM_URL;
+  try {
+    const parsed = new URL(raw.trim());
+    if (parsed.protocol !== 'http:' && parsed.protocol !== 'https:') return NPM_URL;
+    return raw.trim();
+  } catch {
+    return NPM_URL;
+  }
+}
 /**
  * Build a shields.io badge markdown line reflecting actual scan results.
  *
@@ -22,11 +40,15 @@ const NPM_URL = 'https://www.npmjs.com/package/@lhi/tdd-audit';
  * no config file exists — the link falls back to the @lhi/tdd-audit npm page
  * so readers always know where the security tooling came from.
  *
- * @param {Array}  findings  - findings array returned by quickScan()
- * @param {string} [siteUrl] - optional override link (from config.tdd_site)
- * @returns {string}         - single-line markdown badge ending with \n
+ * The badge label text defaults to "tdd-audit" but can be overridden via
+ * `badge_label` in .tdd-audit.json — useful for white-labeled distributions.
+ *
+ * @param {Array}  findings   - findings array returned by quickScan()
+ * @param {string} [siteUrl]  - optional override link (from config.tdd_site)
+ * @param {string} [label]    - optional badge label (from config.badge_label)
+ * @returns {string}          - single-line markdown badge ending with \n
  */
-function badgeLine(findings, siteUrl) {
+function badgeLine(findings, siteUrl, label) {
   // Exclude test-file findings and likely false positives — badge reflects production code only
   const real     = (findings || []).filter(f => !f.likelyFalsePositive && !f.inTestFile);
   const criticals = real.filter(f => f.severity === 'CRITICAL').length;
@@ -44,11 +66,16 @@ function badgeLine(findings, siteUrl) {
     color   = 'brightgreen';
   }
-  const badgeUrl  = `https://img.shields.io/badge/tdd--audit-${message}-${color}`;
-  const targetUrl = (siteUrl && siteUrl.trim()) ? siteUrl.trim() : NPM_URL;
+  const rawLabel  = (label && label.trim()) ? label.trim() : 'tdd-audit';
+  // Strip markdown link-breaking characters before embedding in alt text or URL
+  const badgeLabel = rawLabel.replace(/[[\]()]/g, '');
+  // Encode the label for use in a shields.io URL (spaces → %20, hyphens → --)
+  const encodedLabel = badgeLabel.replace(/ /g, '%20').replace(/-/g, '--');
+  const badgeUrl  = `https://img.shields.io/badge/${encodedLabel}-${message}-${color}`;
+  const targetUrl = safeSiteUrl(siteUrl);
   // Embed the marker as a hidden HTML comment after the badge so injectBadge()
   // can locate and replace the line on subsequent runs.
-  return `[![tdd-audit](${badgeUrl})](${targetUrl}) <!-- ${BADGE_MARKER} -->\n`;
+  return `[![${badgeLabel}](${badgeUrl})](${targetUrl}) <!-- ${BADGE_MARKER} -->\n`;
 }
 /**

package/lib/config.js CHANGED Viewed

@@ -18,6 +18,47 @@ const DEFAULTS = {
   serverApiKey:      null,      // key required on REST API calls
   trustProxy:        false,     // trust X-Forwarded-For for rate limiting
   tdd_site:          null,      // custom URL for the README badge link; falls back to npm page
+  // Branding — for wrapper/rebranded distributions
+  org:               null,      // org name in reports, SECURITY.md, and pattern PRs
+  project:           null,      // project name in reports and pattern contribution branch names
+  badge_label:       null,      // badge label text; defaults to 'tdd-audit'
+  security_name:     null,      // name of the security contact (stamped into SECURITY.md, compliance reports, and webhook payloads)
+  security_email:    null,      // email of the security contact (used as the vulnerability reporting address in SECURITY.md)
+  // Extensibility — both the CLI and the Claude Code skill honour these
+  pattern_repos:     [],        // [{name, url, local_path, namespace}] — RAG-indexed at startup
+  extra_skill_dirs:  [],        // relative paths to extra Claude Code skill directories
+  extra_repos:       [],        // [{url, local_path}] — cloned/pulled for reference
+  mcp_services:      [],        // [{name, cwd, command, args}] — started before first agent turn
+  extra_domains:     [],        // [{name, prompt_file}] — custom audit domains
+  // Policy as code — org-level severity overrides
+  // e.g. { "CORS Wildcard": "CRITICAL", "Sensitive Log": "HIGH" }
+  severity_overrides: {},
+  // Notifications — fire on scan complete
+  webhook_url:       null,      // POST findings JSON to this URL on scan complete
+  slack_webhook:     null,      // Slack incoming webhook URL for findings summary
+  slack_channel:     null,      // override default channel for the Slack webhook
+  // Workflow integration
+  open_pr:           false,     // open a GitHub PR per finding instead of committing directly
+  github_token:      null,      // token for PR creation; falls back to GITHUB_TOKEN env var
+  github_repo:       null,      // 'owner/repo' for PR creation; auto-detected from git remote if null
+  // Scheduled / CI modes
+  schedule:          null,      // cron expression — used by external schedulers, not the CLI itself
+  pr_mode:           false,     // lightweight scan only (no agents, no RAG) — designed for CI PR gates
+  org_scan:          null,      // GitHub org name — scan all repos in the org
+  // Output additions
+  sbom:              false,     // generate a CycloneDX SBOM alongside the audit report
+  report:            false,     // generate a human-readable compliance report (PDF/markdown)
+  watch:             false,     // re-scan affected files on change (watch mode)
+  // Secret rotation — when a hardcoded key is found, offer to rotate via provider API
+  rotate_secrets:    false,     // prompt to rotate detected secrets via provider API
 };
 // Provider-specific defaults for `tdd-audit init --provider <name>`
@@ -117,7 +158,15 @@ function parseCliOverrides(args) {
   const baseUrl    = get('--base-url'); if (baseUrl)    overrides.baseUrl = baseUrl;
   const format     = get('--format');   if (format)     overrides.output = format;
   const srvKey     = get('--api-key');  if (srvKey)     overrides.serverApiKey = srvKey;
-  if (args.includes('--json')) overrides.output = 'json';
+  const threshold  = get('--threshold'); if (threshold) overrides.severityThreshold = threshold;
+  const org        = get('--org');      if (org)        overrides.org_scan = org;
+  if (args.includes('--json'))          overrides.output = 'json';
+  if (args.includes('--pr'))            overrides.pr_mode = true;
+  if (args.includes('--open-pr'))       overrides.open_pr = true;
+  if (args.includes('--sbom'))          overrides.sbom = true;
+  if (args.includes('--watch'))         overrides.watch = true;
+  if (args.includes('--report'))        overrides.report = true;
+  if (args.includes('--rotate-secrets')) overrides.rotate_secrets = true;
   return overrides;
 }

package/lib/github.js CHANGED Viewed

@@ -90,4 +90,4 @@ function parseRepo(repoStr) {
   return { owner, repo };
 }
-module.exports = { uploadSarif, postReviewComments, parseRepo };
+module.exports = { uploadSarif, postReviewComments, parseRepo, ghFetch };

package/lib/plugin.js CHANGED Viewed

@@ -4,9 +4,8 @@ const crypto  = require('crypto');
 const path    = require('path');
 const Fastify = require('fastify');
-const { quickScan }        = require('./scanner');
-const { toJson, toSarif }  = require('./reporter');
-const { remediate }        = require('./remediator');
+const { quickScan }   = require('./scanner');
+const { remediate }   = require('./remediator');
 const { version }          = require('../package.json');
 const {
   jobs, createJob, updateJob, subscribe, MAX_JOBS,
@@ -56,6 +55,26 @@ function createRateLimit() {
   };
 }
+// ─── Webhook URL validation ───────────────────────────────────────────────────
+const PRIVATE_IP = /^(127\.|10\.|172\.(1[6-9]|2\d|3[01])\.|192\.168\.|169\.254\.|::1$|fc00:|fd)/;
+/**
+ * Validate a user-supplied webhook URL before calling fetch().
+ * Accepts only https:// with a non-private hostname.
+ * Throws an Error describing the violation so callers can return 400.
+ */
+function assertSafeWebhook(url) {
+  let parsed;
+  try { parsed = new URL(url); } catch { throw new Error('Invalid webhook URL'); }
+  if (parsed.protocol !== 'https:') {
+    throw new Error('webhook must use https://');
+  }
+  if (PRIVATE_IP.test(parsed.hostname) || parsed.hostname === 'localhost') {
+    throw new Error('webhook hostname is not allowed');
+  }
+}
 // ─── Path validation ──────────────────────────────────────────────────────────
 function safeScanPath(rawPath) {
@@ -116,26 +135,6 @@ async function tddAuditPlugin(fastify, opts) {
     }
   });
-  // ── POST /scan ──────────────────────────────────────────────────────────
-  fastify.post('/scan', {
-    config: { rawBody: false },
-  }, async (request, reply) => {
-    const body = request.body || {};
-    let scanPath;
-    try { scanPath = safeScanPath(body.path); }
-    catch (e) { return reply.code(400).send({ error: e.message }); }
-    const format   = body.format || cfg.output || 'json';
-    const t0       = Date.now();
-    const findings = quickScan(scanPath);
-    const exempted = findings.exempted || [];
-    const duration = Date.now() - t0;
-    if (format === 'sarif') return toSarif(findings, scanPath);
-    return { ...toJson(findings, exempted), duration };
-  });
   // ── POST /remediate ──────────────────────────────────────────────────────
   fastify.post('/remediate', async (request, reply) => {
     const body = request.body || {};
@@ -173,6 +172,11 @@ async function tddAuditPlugin(fastify, opts) {
     try { scanPath = safeScanPath(rawPath); }
     catch (e) { return reply.code(400).send({ error: e.message }); }
+    if (webhook) {
+      try { assertSafeWebhook(webhook); }
+      catch (e) { return reply.code(400).send({ error: `Invalid webhook: ${e.message}` }); }
+    }
     const jobId = createJob();
     setImmediate(async () => {
@@ -225,6 +229,96 @@ async function tddAuditPlugin(fastify, opts) {
     return reply.code(202).send({ jobId });
   });
+  // ── POST /audit/ai — LLM-powered agentic audit ────────────────────────────
+  // Accepts { path?, provider?, apiKey?, model?, baseUrl?, scanOnly?, allowWrites? }
+  // Falls back to cfg values for provider/apiKey/model/baseUrl when not supplied.
+  // Returns 202 { jobId }. Poll GET /jobs/:id or stream GET /jobs/:id/stream.
+  fastify.post('/audit/ai', async (request, reply) => {
+    const body = request.body || {};
+    const {
+      path:       rawPath,
+      provider:   bodyProvider,
+      apiKey:     bodyApiKey,
+      model:      bodyModel,
+      baseUrl:    bodyBaseUrl,
+      depth       = 'tier-1',
+      // scanOnly / allowWrites may still be overridden explicitly; depth takes precedence otherwise
+      scanOnly    = null,
+      allowWrites = false,
+      // Pre-identified findings from a prior tier-3 report (triggers targeted-apply mode when depth=tier-4)
+      findings    = null,
+    } = body;
+    const provider = bodyProvider || cfg.provider;
+    const apiKey   = bodyApiKey   || cfg.apiKey;
+    const model    = bodyModel    || cfg.model;
+    const baseUrl  = bodyBaseUrl  || cfg.baseUrl;
+    if (!provider || !apiKey) {
+      return reply.code(400).send({
+        error: 'provider and apiKey are required (supply in body or configure in .tdd-audit.json)',
+      });
+    }
+    let scanPath = process.cwd();
+    if (rawPath) {
+      try { scanPath = safeScanPath(rawPath); }
+      catch (e) { return reply.code(400).send({ error: e.message }); }
+    }
+    const jobId = createJob();
+    updateJob(jobId, { depth });  // stamp depth on initial pending state
+    setImmediate(async () => {
+      try {
+        const log = [];
+        updateJob(jobId, { status: 'running', depth, startedAt: new Date().toISOString() });
+        const { runAudit } = require('./auditor');
+        let capturedJson = null;
+        await runAudit({
+          projectDir:   scanPath,
+          packageDir:   path.join(__dirname, '..'),
+          provider,
+          apiKey,
+          model,
+          baseUrl,
+          outputFormat: 'json',
+          depth,
+          scanOnly,
+          allowWrites,
+          findings,
+          onText: (text) => {
+            log.push(text);
+            updateJob(jobId, { status: 'running', log: log.join(''), startedAt: new Date().toISOString() });
+          },
+          outputWriter: (jsonStr) => { capturedJson = jsonStr; },
+        });
+        let result;
+        try {
+          result = capturedJson ? JSON.parse(capturedJson.trim()) : { log: log.join('') };
+        } catch {
+          result = { raw: capturedJson, log: log.join('') };
+        }
+        updateJob(jobId, {
+          status:      'done',
+          completedAt: new Date().toISOString(),
+          result,
+        });
+      } catch (err) {
+        updateJob(jobId, { status: 'error', error: err.message });
+      }
+    });
+    reply.header('Location',    `/jobs/${jobId}`);
+    reply.header('Retry-After', '5');
+    return reply.code(202).send({ jobId });
+  });
   // ── GET /jobs/:id ────────────────────────────────────────────────────────
   fastify.get('/jobs/:id', async (request, reply) => {
     const job = jobs.get(request.params.id);
@@ -303,6 +397,7 @@ module.exports = {
   buildApp,
   authenticate,
   safeScanPath,
+  assertSafeWebhook,
   createRateLimit,
   RATE_LIMIT_MAX,
 };

package/lib/reporter.js CHANGED Viewed

@@ -8,16 +8,17 @@ const { version } = require('../package.json');
  * Return findings as a structured JSON-serialisable object.
  * @param {Array}    findings
  * @param {string[]} [exempted=[]]
+ * @param {object}   [config={}]   - loaded config; security_officer stamped when set
  * @returns {object}
  */
-function toJson(findings, exempted = []) {
+function toJson(findings, exempted = [], config = {}) {
   const real  = findings.filter(f => !f.likelyFalsePositive);
   const noisy = findings.filter(f =>  f.likelyFalsePositive);
   const summary = { CRITICAL: 0, HIGH: 0, MEDIUM: 0, LOW: 0 };
   for (const f of real) summary[f.severity] = (summary[f.severity] || 0) + 1;
-  return {
+  const envelope = {
     version,
     summary,
     findings: real,
@@ -25,6 +26,9 @@ function toJson(findings, exempted = []) {
     exempted,
     scannedAt: new Date().toISOString(),
   };
+  if (config.security_name)  envelope.security_name  = config.security_name;
+  if (config.security_email) envelope.security_email = config.security_email;
+  return envelope;
 }
 // ─── SARIF ────────────────────────────────────────────────────────────────────
@@ -60,13 +64,27 @@ const CWE_MAP = {
   'Timing-Unsafe Comparison':  'CWE-208',
 };
+const NPM_URL = 'https://www.npmjs.com/package/@lhi/tdd-audit';
+function safeSiteUrl(raw) {
+  if (!raw || !raw.trim()) return NPM_URL;
+  try {
+    const parsed = new URL(raw.trim());
+    if (parsed.protocol !== 'http:' && parsed.protocol !== 'https:') return NPM_URL;
+    return raw.trim();
+  } catch {
+    return NPM_URL;
+  }
+}
 /**
  * Return findings as a SARIF 2.1.0 object (GitHub code scanning compatible).
  * @param {Array}  findings
  * @param {string} [projectDir='']  - used to build relative artifact URIs
+ * @param {object} [config={}]      - tdd-audit config (tdd_site, badge_label, org)
  * @returns {object}
  */
-function toSarif(findings, projectDir = '') {
+function toSarif(findings, projectDir = '', config = {}) {
   const rules = [];
   const ruleIndex = {};
@@ -108,9 +126,9 @@ function toSarif(findings, projectDir = '') {
     runs: [{
       tool: {
         driver: {
-          name:            '@lhi/tdd-audit',
+          name:            config.badge_label || '@lhi/tdd-audit',
           version,
-          informationUri:  'https://www.npmjs.com/package/@lhi/tdd-audit',
+          informationUri:  safeSiteUrl(config.tdd_site),
           rules,
         },
       },

package/lib/scanner.js CHANGED Viewed

@@ -64,6 +64,35 @@ const VULN_PATTERNS = [
   { name: 'NEXT_PUBLIC Secret',         severity: 'HIGH',     skipInTests: true, pattern: /\bNEXT_PUBLIC_\w*(?:SECRET|PRIVATE|API_KEY|TOKEN|PASSWORD|CREDENTIAL)\w*/i },
   { name: 'Electron contextIsolation Off', severity: 'HIGH',  pattern: /\bcontextIsolation\s*:\s*false\b/ },
   { name: 'Trojan Source',              severity: 'HIGH',     pattern: /[\u202A-\u202E\u2066-\u2069]/ },
+  // ── AI/LLM — deeper coverage (Semgrep ai-best-practices + OWASP LLM Top 10) ─
+  { name: 'Hardcoded Gemini Key',       severity: 'CRITICAL', skipInTests: true, pattern: /['"]AIza[A-Za-z0-9_\-]{35}['"]/ },
+  { name: 'Hardcoded Cohere Key',       severity: 'CRITICAL', skipInTests: true, pattern: /['"][A-Za-z0-9]{40}['"]\s*[,\n].*cohere|cohere.*['"][A-Za-z0-9]{40}['"]/i },
+  { name: 'Hardcoded Mistral Key',      severity: 'CRITICAL', skipInTests: true, pattern: /['"][A-Za-z0-9]{32}['"]\s*[,\n].*mistral|mistral.*['"][A-Za-z0-9]{32}['"]/i },
+  { name: 'LLM Output to exec',         severity: 'CRITICAL', pattern: /(?:exec|execSync|spawn|spawnSync)\s*\([^)]*(?:response|result|output|completion|generated|llmResult|aiResult)\b/i },
+  { name: 'Missing max_tokens',         severity: 'HIGH',     pattern: /(?:messages\.create|chat\.completions\.create|generateContent)\s*\(\s*\{(?![^}]*max_tokens)(?![^}]*maxTokens)/i },
+  { name: 'Missing system message',     severity: 'MEDIUM',   pattern: /(?:messages\.create|chat\.completions\.create)\s*\(\s*\{[^}]*messages\s*:\s*\[[^\]]*\{[^\]]*role\s*:\s*['"]user['"]/i },
+  { name: 'MCP Credential in Response', severity: 'HIGH',     pattern: /(?:tool_result|toolResult|function_result)\s*[=:][^;\n]{0,200}(?:password|secret|token|api.?key|credential)/i },
+  { name: 'Agent Unbounded Loop',       severity: 'HIGH',     pattern: /while\s*\(\s*true\s*\)[^}]*(?:tool_use|function_call|tool_calls|runAgent|agent\.run)/i },
+  { name: 'Unsafe Model Load',          severity: 'HIGH',     pattern: /torch\.load\s*\([^)]*(?<!weights_only\s*=\s*True)|pickle\.load\s*\([^)]*(?:req\.|url\.|download)/i },
+  // ── Node.js advanced (njsscan + Bearer + ESLint security) ────────────────────
+  { name: 'Host Header Injection',      severity: 'HIGH',     pattern: /req\.(?:headers\[['"]host['"]\]|hostname|get\s*\(\s*['"]host['"]\))[^;\n]{0,120}(?:redirect|resetLink|confirmUrl|href|url)/i },
+  { name: 'Headless Browser SSRF',      severity: 'CRITICAL', pattern: /(?:page\.goto|page\.navigate|browser\.goto|wkhtmltopdf|wkhtmltoimage|phantom\.create)\s*\([^)]*req\.(?:query|body|params)/i },
+  { name: 'Body Parser DoS',            severity: 'HIGH',     pattern: /express\.(?:json|urlencoded|text|raw)\s*\(\s*\)(?!\s*\/\/)|bodyParser\.(?:json|urlencoded)\s*\(\s*\)(?!\s*\/\/)/ },
+  { name: 'vm2 Deprecated',             severity: 'CRITICAL', pattern: /require\s*\(\s*['"]vm2['"]\)|from\s*['"]vm2['"]/i },
+  { name: 'Pug Raw Output',             severity: 'HIGH',     pattern: /!\{(?!\s*#\{)[^}]+\}/  },
+  { name: 'EJS Unescaped Output',       severity: 'HIGH',     pattern: /<%[-=](?!=)/            },
+  { name: 'Handlebars Triple-Stache',   severity: 'HIGH',     pattern: /\{\{\{(?!\s*>)[^}]+\}\}\}/ },
+  { name: 'postMessage No Origin',      severity: 'HIGH',     pattern: /addEventListener\s*\(\s*['"]message['"]\s*,[^)]+\)(?![^{]*event\.origin|[^{]*e\.origin)/i },
+  { name: 'Dynamic Import User Input',  severity: 'HIGH',     pattern: /import\s*\(\s*req\.|import\s*\(\s*[a-z_]*[Pp]ath\s*\+|import\s*\(\s*`[^`]*\$\{req\./i },
+  { name: 'JWT No Revocation',          severity: 'HIGH',     pattern: /jwt\.sign\s*\([^)]*expiresIn\s*:\s*['"][0-9]+[dDhH](?:[0-9]+)?['"]/i },
+  { name: 'X-Powered-By Exposed',       severity: 'MEDIUM',   pattern: /app\s*=\s*express\s*\(\s*\)(?![^;]{0,500}disable\s*\(\s*['"]x-powered-by['"])/i },
+  { name: 'GraphQL Introspection On',   severity: 'HIGH',     pattern: /introspection\s*:\s*true\b/i },
+  { name: 'GraphQL No Depth Limit',     severity: 'MEDIUM',   pattern: /new ApolloServer\s*\(\s*\{(?![^}]*depthLimit|[^}]*createDepthLimitPlugin)/i },
+  { name: 'Sequelize TLS Disabled',     severity: 'HIGH',     pattern: /dialectOptions[^}]*ssl\s*:\s*(?:false|require\s*:\s*false)/i },
+  { name: 'Silent Exception Swallow',   severity: 'MEDIUM',   skipInTests: true, pattern: /catch\s*\([^)]*\)\s*\{\s*(?:\/\/[^\n]*)?\s*\}/i },
+  { name: 'Insecure WebSocket URL',     severity: 'MEDIUM',   skipInTests: true, pattern: /new WebSocket\s*\(\s*['"]ws:\/\/(?!localhost|127\.0\.0\.1)/i },
 ];
 const SCAN_EXTENSIONS = new Set(['.js', '.ts', '.jsx', '.tsx', '.mjs', '.py', '.go', '.dart', '.yml', '.yaml']);

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "@lhi/tdd-audit",
-  "version": "1.16.0",
+  "version": "1.20.0",
   "description": "Security skill installer for Claude Code, Gemini CLI, Cursor, Codex, and OpenCode. Patches vulnerabilities using a Red-Green-Refactor exploit-test protocol.",
   "main": "index.js",
   "bin": {