@mcp-shark/mcp-shark 1.5.13 → 1.7.2

package/core/services/security/rules/scans/agentic04SupplyChain.js

@@ -1,130 +0,0 @@
-import { convertPacketFinding, createRuleAdapter } from '../utils/adapter.js';
-import { packetToText, promptToText, resourceToText, toolToText } from '../utils/text.js';
-
-const RULE_ID = 'asi04-supply-chain';
-const OWASP_ID = 'ASI04';
-const RECOMMENDATION =
-  'Verify agent framework and model integrity. Use signed and verified dependencies. Monitor for supply chain attacks.';
-
-const AGENTIC_SUPPLY_CHAIN_PATTERNS = [
-  /(?:compromised|vulnerable|malicious)\s+(?:agent|framework|model|dependency|package)/i,
-  /(?:supply\s+chain|dependency)\s+(?:attack|vulnerability|compromise|tampering)/i,
-  /(?:unsigned|unverified|untrusted)\s+(?:agent|framework|model|dependency)/i,
-  /(?:tampered|modified|altered)\s+(?:agent|framework|model|dependency)/i,
-  /(?:typosquatting|brandjacking|namespace)\s+(?:agent|framework|model|package)/i,
-];
-
-function scanText(text) {
-  if (!text) {
-    return null;
-  }
-  const matches = [];
-  for (const pattern of AGENTIC_SUPPLY_CHAIN_PATTERNS) {
-    const match = text.match(pattern);
-    if (match) {
-      matches.push(match[0]);
-    }
-  }
-  return matches.length > 0 ? matches : null;
-}
-
-function buildReason(entity, matches) {
-  return `Potential agentic supply chain vulnerability in ${entity}: ${matches.join(', ')}`;
-}
-
-export function scanAgentic04SupplyChain(mcpData = {}) {
-  const results = {
-    toolFindings: [],
-    resourceFindings: [],
-    promptFindings: [],
-    notablePatterns: [],
-    recommendations: [RECOMMENDATION],
-  };
-
-  for (const tool of mcpData.tools || []) {
-    const matches = scanText(toolToText(tool));
-    if (matches) {
-      results.toolFindings.push({
-        issueType: 'Supply Chain Agentic',
-        name: tool?.name || 'tool',
-        severity: 'high',
-        reasons: [buildReason(`tool "${tool?.name || 'unknown'}"`, matches)],
-        tags: ['supply-chain', 'agentic'],
-        agenticCategory: OWASP_ID,
-        safeUseNotes:
-          'Verify agent framework and dependencies. Use trusted sources and verify integrity.',
-      });
-    }
-  }
-
-  for (const resource of mcpData.resources || []) {
-    const matches = scanText(resourceToText(resource));
-    if (matches) {
-      results.resourceFindings.push({
-        issueType: 'Supply Chain Agentic',
-        uri: resource?.uri || resource?.name || 'resource',
-        severity: 'high',
-        reasons: [
-          buildReason(`resource "${resource?.name || resource?.uri || 'unknown'}"`, matches),
-        ],
-        tags: ['supply-chain', 'agentic'],
-        agenticCategory: OWASP_ID,
-      });
-    }
-  }
-
-  for (const prompt of mcpData.prompts || []) {
-    const matches = scanText(promptToText(prompt));
-    if (matches) {
-      results.promptFindings.push({
-        issueType: 'Supply Chain Agentic',
-        name: prompt?.name || 'prompt',
-        severity: 'medium',
-        reasons: [buildReason(`prompt "${prompt?.name || 'unknown'}"`, matches)],
-        tags: ['supply-chain', 'agentic'],
-        agenticCategory: OWASP_ID,
-      });
-    }
-  }
-
-  return results;
-}
-
-const adapter = createRuleAdapter(scanAgentic04SupplyChain, RULE_ID, OWASP_ID, RECOMMENDATION);
-
-export const analyzeTool = adapter.analyzeTool;
-export const analyzePrompt = adapter.analyzePrompt;
-export const analyzeResource = adapter.analyzeResource;
-
-export function analyzePacket(packet) {
-  const text = packetToText(packet);
-  const matches = scanText(text);
-  if (!matches) {
-    return [];
-  }
-  return [
-    convertPacketFinding(
-      {
-        issueType: 'Supply Chain Agentic',
-        severity: 'high',
-        title: 'Agentic Supply Chain Pattern in Traffic',
-        description: `Potential agentic supply chain vulnerability in packet: ${matches.join(', ')}`,
-        evidence: matches[0]?.substring(0, 50) || '',
-      },
-      RULE_ID,
-      OWASP_ID,
-      RECOMMENDATION,
-      packet
-    ),
-  ];
-}
-
-export const ruleMetadata = {
-  id: RULE_ID,
-  name: 'Agentic Supply Chain Detection',
-  owasp_id: OWASP_ID,
-  severity: 'high',
-  description: 'Detects agentic supply chain vulnerabilities.',
-  source: 'static',
-  type: 'agentic-security',
-};

package/core/services/security/rules/scans/agentic06MemoryPoisoning.js

@@ -1,130 +0,0 @@
-import { convertPacketFinding, createRuleAdapter } from '../utils/adapter.js';
-import { packetToText, promptToText, resourceToText, toolToText } from '../utils/text.js';
-
-const RULE_ID = 'asi06-memory-poisoning';
-const OWASP_ID = 'ASI06';
-const RECOMMENDATION =
-  'Implement memory and context validation. Monitor for data poisoning. Use memory isolation and sanitization.';
-
-const MEMORY_POISONING_PATTERNS = [
-  /(?:poison|corrupt|taint|contaminate|manipulate)\s+(?:memory|context|data|information)/i,
-  /(?:inject|insert|inject)\s+(?:malicious|harmful|poisoned|corrupted)\s+(?:data|information|memory|context)/i,
-  /(?:memory|context|data)\s+(?:poisoning|corruption|manipulation|tampering)/i,
-  /(?:compromise|compromised)\s+(?:memory|context|data|information)/i,
-  /(?:tainted|poisoned|corrupted)\s+(?:memory|context|data|information)/i,
-];
-
-function scanText(text) {
-  if (!text) {
-    return null;
-  }
-  const matches = [];
-  for (const pattern of MEMORY_POISONING_PATTERNS) {
-    const match = text.match(pattern);
-    if (match) {
-      matches.push(match[0]);
-    }
-  }
-  return matches.length > 0 ? matches : null;
-}
-
-function buildReason(entity, matches) {
-  return `Potential memory/context poisoning in ${entity}: ${matches.join(', ')}`;
-}
-
-export function scanAgentic06MemoryPoisoning(mcpData = {}) {
-  const results = {
-    toolFindings: [],
-    resourceFindings: [],
-    promptFindings: [],
-    notablePatterns: [],
-    recommendations: [RECOMMENDATION],
-  };
-
-  for (const tool of mcpData.tools || []) {
-    const matches = scanText(toolToText(tool));
-    if (matches) {
-      results.toolFindings.push({
-        issueType: 'Memory Poisoning',
-        name: tool?.name || 'tool',
-        severity: 'high',
-        reasons: [buildReason(`tool "${tool?.name || 'unknown'}"`, matches)],
-        tags: ['memory-poisoning', 'context-poisoning'],
-        agenticCategory: OWASP_ID,
-        safeUseNotes:
-          'Review tool for memory poisoning vulnerabilities. Validate and sanitize all context data.',
-      });
-    }
-  }
-
-  for (const resource of mcpData.resources || []) {
-    const matches = scanText(resourceToText(resource));
-    if (matches) {
-      results.resourceFindings.push({
-        issueType: 'Memory Poisoning',
-        uri: resource?.uri || resource?.name || 'resource',
-        severity: 'high',
-        reasons: [
-          buildReason(`resource "${resource?.name || resource?.uri || 'unknown'}"`, matches),
-        ],
-        tags: ['memory-poisoning', 'context-poisoning'],
-        agenticCategory: OWASP_ID,
-      });
-    }
-  }
-
-  for (const prompt of mcpData.prompts || []) {
-    const matches = scanText(promptToText(prompt));
-    if (matches) {
-      results.promptFindings.push({
-        issueType: 'Memory Poisoning',
-        name: prompt?.name || 'prompt',
-        severity: 'critical',
-        reasons: [buildReason(`prompt "${prompt?.name || 'unknown'}"`, matches)],
-        tags: ['memory-poisoning', 'context-poisoning'],
-        agenticCategory: OWASP_ID,
-      });
-    }
-  }
-
-  return results;
-}
-
-const adapter = createRuleAdapter(scanAgentic06MemoryPoisoning, RULE_ID, OWASP_ID, RECOMMENDATION);
-
-export const analyzeTool = adapter.analyzeTool;
-export const analyzePrompt = adapter.analyzePrompt;
-export const analyzeResource = adapter.analyzeResource;
-
-export function analyzePacket(packet) {
-  const text = packetToText(packet);
-  const matches = scanText(text);
-  if (!matches) {
-    return [];
-  }
-  return [
-    convertPacketFinding(
-      {
-        issueType: 'Memory Poisoning',
-        severity: 'high',
-        title: 'Memory Poisoning Pattern in Traffic',
-        description: `Potential memory/context poisoning in packet: ${matches.join(', ')}`,
-        evidence: matches[0]?.substring(0, 50) || '',
-      },
-      RULE_ID,
-      OWASP_ID,
-      RECOMMENDATION,
-      packet
-    ),
-  ];
-}
-
-export const ruleMetadata = {
-  id: RULE_ID,
-  name: 'Memory Poisoning Detection',
-  owasp_id: OWASP_ID,
-  severity: 'high',
-  description: 'Detects memory and context poisoning patterns.',
-  source: 'static',
-  type: 'agentic-security',
-};

package/core/services/security/rules/scans/agentic07InsecureCommunication.js

@@ -1,135 +0,0 @@
-import { convertPacketFinding, createRuleAdapter } from '../utils/adapter.js';
-import { packetToText, promptToText, resourceToText, toolToText } from '../utils/text.js';
-
-const RULE_ID = 'asi07-insecure-communication';
-const OWASP_ID = 'ASI07';
-const RECOMMENDATION =
-  'Implement encrypted communication channels. Use TLS/SSL for all inter-agent communications. Authenticate all agent interactions.';
-
-const INSECURE_COMMUNICATION_PATTERNS = [
-  /(?:unencrypted|plaintext|cleartext|unsecured)\s+(?:communication|channel|connection|transmission)/i,
-  /(?:http:\/\/|ftp:\/\/|ws:\/\/)\s+(?:instead\s+of|without|missing)/i,
-  /(?:no|missing|lack|without)\s+(?:encryption|tls|ssl|https|authentication|auth)/i,
-  /(?:insecure|vulnerable|weak)\s+(?:communication|channel|protocol|connection)/i,
-  /(?:intercept|eavesdrop|man-in-the-middle|mitm)\s+(?:communication|channel|message)/i,
-];
-
-function scanText(text) {
-  if (!text) {
-    return null;
-  }
-  const matches = [];
-  for (const pattern of INSECURE_COMMUNICATION_PATTERNS) {
-    const match = text.match(pattern);
-    if (match) {
-      matches.push(match[0]);
-    }
-  }
-  return matches.length > 0 ? matches : null;
-}
-
-function buildReason(entity, matches) {
-  return `Potential insecure inter-agent communication in ${entity}: ${matches.join(', ')}`;
-}
-
-export function scanAgentic07InsecureCommunication(mcpData = {}) {
-  const results = {
-    toolFindings: [],
-    resourceFindings: [],
-    promptFindings: [],
-    notablePatterns: [],
-    recommendations: [RECOMMENDATION],
-  };
-
-  for (const tool of mcpData.tools || []) {
-    const matches = scanText(toolToText(tool));
-    if (matches) {
-      results.toolFindings.push({
-        issueType: 'Insecure Communication',
-        name: tool?.name || 'tool',
-        severity: 'high',
-        reasons: [buildReason(`tool "${tool?.name || 'unknown'}"`, matches)],
-        tags: ['insecure-communication', 'inter-agent'],
-        agenticCategory: OWASP_ID,
-        safeUseNotes:
-          'Review tool communication mechanisms. Ensure all inter-agent communications are encrypted and authenticated.',
-      });
-    }
-  }
-
-  for (const resource of mcpData.resources || []) {
-    const matches = scanText(resourceToText(resource));
-    if (matches) {
-      results.resourceFindings.push({
-        issueType: 'Insecure Communication',
-        uri: resource?.uri || resource?.name || 'resource',
-        severity: 'high',
-        reasons: [
-          buildReason(`resource "${resource?.name || resource?.uri || 'unknown'}"`, matches),
-        ],
-        tags: ['insecure-communication', 'inter-agent'],
-        agenticCategory: OWASP_ID,
-      });
-    }
-  }
-
-  for (const prompt of mcpData.prompts || []) {
-    const matches = scanText(promptToText(prompt));
-    if (matches) {
-      results.promptFindings.push({
-        issueType: 'Insecure Communication',
-        name: prompt?.name || 'prompt',
-        severity: 'medium',
-        reasons: [buildReason(`prompt "${prompt?.name || 'unknown'}"`, matches)],
-        tags: ['insecure-communication', 'inter-agent'],
-        agenticCategory: OWASP_ID,
-      });
-    }
-  }
-
-  return results;
-}
-
-const adapter = createRuleAdapter(
-  scanAgentic07InsecureCommunication,
-  RULE_ID,
-  OWASP_ID,
-  RECOMMENDATION
-);
-
-export const analyzeTool = adapter.analyzeTool;
-export const analyzePrompt = adapter.analyzePrompt;
-export const analyzeResource = adapter.analyzeResource;
-
-export function analyzePacket(packet) {
-  const text = packetToText(packet);
-  const matches = scanText(text);
-  if (!matches) {
-    return [];
-  }
-  return [
-    convertPacketFinding(
-      {
-        issueType: 'Insecure Communication',
-        severity: 'high',
-        title: 'Insecure Communication Pattern in Traffic',
-        description: `Potential insecure communication in packet: ${matches.join(', ')}`,
-        evidence: matches[0]?.substring(0, 50) || '',
-      },
-      RULE_ID,
-      OWASP_ID,
-      RECOMMENDATION,
-      packet
-    ),
-  ];
-}
-
-export const ruleMetadata = {
-  id: RULE_ID,
-  name: 'Insecure Communication Detection',
-  owasp_id: OWASP_ID,
-  severity: 'high',
-  description: 'Detects insecure inter-agent communication patterns.',
-  source: 'static',
-  type: 'agentic-security',
-};

package/core/services/security/rules/scans/agentic08CascadingFailures.js

@@ -1,135 +0,0 @@
-import { convertPacketFinding, createRuleAdapter } from '../utils/adapter.js';
-import { packetToText, promptToText, resourceToText, toolToText } from '../utils/text.js';
-
-const RULE_ID = 'asi08-cascading-failures';
-const OWASP_ID = 'ASI08';
-const RECOMMENDATION =
-  'Implement failure isolation and containment. Use circuit breakers and failover mechanisms. Design for graceful degradation.';
-
-const CASCADING_FAILURE_PATTERNS = [
-  /(?:cascade|cascading|chain|domino)\s+(?:failure|error|exception|outage|breakdown)/i,
-  /(?:propagate|spread|ripple|amplify)\s+(?:failure|error|exception|outage)/i,
-  /(?:single\s+point\s+of\s+failure|spof)/i,
-  /(?:no|missing|lack|without)\s+(?:isolation|containment|circuit\s+breaker|failover|redundancy)/i,
-  /(?:unhandled|uncaught|unrecoverable)\s+(?:failure|error|exception)/i,
-];
-
-function scanText(text) {
-  if (!text) {
-    return null;
-  }
-  const matches = [];
-  for (const pattern of CASCADING_FAILURE_PATTERNS) {
-    const match = text.match(pattern);
-    if (match) {
-      matches.push(match[0]);
-    }
-  }
-  return matches.length > 0 ? matches : null;
-}
-
-function buildReason(entity, matches) {
-  return `Potential cascading failures in ${entity}: ${matches.join(', ')}`;
-}
-
-export function scanAgentic08CascadingFailures(mcpData = {}) {
-  const results = {
-    toolFindings: [],
-    resourceFindings: [],
-    promptFindings: [],
-    notablePatterns: [],
-    recommendations: [RECOMMENDATION],
-  };
-
-  for (const tool of mcpData.tools || []) {
-    const matches = scanText(toolToText(tool));
-    if (matches) {
-      results.toolFindings.push({
-        issueType: 'Cascading Failures',
-        name: tool?.name || 'tool',
-        severity: 'medium',
-        reasons: [buildReason(`tool "${tool?.name || 'unknown'}"`, matches)],
-        tags: ['cascading-failures', 'resilience'],
-        agenticCategory: OWASP_ID,
-        safeUseNotes:
-          'Review tool failure handling. Implement isolation and circuit breakers to prevent cascading failures.',
-      });
-    }
-  }
-
-  for (const resource of mcpData.resources || []) {
-    const matches = scanText(resourceToText(resource));
-    if (matches) {
-      results.resourceFindings.push({
-        issueType: 'Cascading Failures',
-        uri: resource?.uri || resource?.name || 'resource',
-        severity: 'medium',
-        reasons: [
-          buildReason(`resource "${resource?.name || resource?.uri || 'unknown'}"`, matches),
-        ],
-        tags: ['cascading-failures', 'resilience'],
-        agenticCategory: OWASP_ID,
-      });
-    }
-  }
-
-  for (const prompt of mcpData.prompts || []) {
-    const matches = scanText(promptToText(prompt));
-    if (matches) {
-      results.promptFindings.push({
-        issueType: 'Cascading Failures',
-        name: prompt?.name || 'prompt',
-        severity: 'low',
-        reasons: [buildReason(`prompt "${prompt?.name || 'unknown'}"`, matches)],
-        tags: ['cascading-failures', 'resilience'],
-        agenticCategory: OWASP_ID,
-      });
-    }
-  }
-
-  return results;
-}
-
-const adapter = createRuleAdapter(
-  scanAgentic08CascadingFailures,
-  RULE_ID,
-  OWASP_ID,
-  RECOMMENDATION
-);
-
-export const analyzeTool = adapter.analyzeTool;
-export const analyzePrompt = adapter.analyzePrompt;
-export const analyzeResource = adapter.analyzeResource;
-
-export function analyzePacket(packet) {
-  const text = packetToText(packet);
-  const matches = scanText(text);
-  if (!matches) {
-    return [];
-  }
-  return [
-    convertPacketFinding(
-      {
-        issueType: 'Cascading Failures',
-        severity: 'medium',
-        title: 'Cascading Failure Pattern in Traffic',
-        description: `Potential cascading failure indicators in packet: ${matches.join(', ')}`,
-        evidence: matches[0]?.substring(0, 50) || '',
-      },
-      RULE_ID,
-      OWASP_ID,
-      RECOMMENDATION,
-      packet
-    ),
-  ];
-}
-
-export const ruleMetadata = {
-  id: RULE_ID,
-  name: 'Cascading Failures Detection',
-  owasp_id: OWASP_ID,
-  severity: 'medium',
-  description: 'Detects cascading failure vulnerabilities.',
-  source: 'static',
-  type: 'agentic-security',
-};

package/core/services/security/rules/scans/agentic09TrustExploitation.js

@@ -1,135 +0,0 @@
-import { convertPacketFinding, createRuleAdapter } from '../utils/adapter.js';
-import { packetToText, promptToText, resourceToText, toolToText } from '../utils/text.js';
-
-const RULE_ID = 'asi09-trust-exploitation';
-const OWASP_ID = 'ASI09';
-const RECOMMENDATION =
-  'Implement trust verification mechanisms. Educate users about agent limitations. Monitor for trust exploitation patterns.';
-
-const TRUST_EXPLOITATION_PATTERNS = [
-  /(?:exploit|abuse|manipulate|misuse)\s+(?:trust|confidence|reliance|relationship)/i,
-  /(?:social\s+engineering|phishing|deception|manipulation)\s+(?:to|for|in\s+order\s+to)/i,
-  /(?:impersonate|spoof|pretend|masquerade)\s+(?:as|to\s+be)/i,
-  /(?:exploit|abuse)\s+(?:human|user|operator)\s+(?:trust|confidence|reliance)/i,
-  /(?:mislead|deceive|trick|fool)\s+(?:human|user|operator|agent)/i,
-];
-
-function scanText(text) {
-  if (!text) {
-    return null;
-  }
-  const matches = [];
-  for (const pattern of TRUST_EXPLOITATION_PATTERNS) {
-    const match = text.match(pattern);
-    if (match) {
-      matches.push(match[0]);
-    }
-  }
-  return matches.length > 0 ? matches : null;
-}
-
-function buildReason(entity, matches) {
-  return `Potential human-agent trust exploitation in ${entity}: ${matches.join(', ')}`;
-}
-
-export function scanAgentic09TrustExploitation(mcpData = {}) {
-  const results = {
-    toolFindings: [],
-    resourceFindings: [],
-    promptFindings: [],
-    notablePatterns: [],
-    recommendations: [RECOMMENDATION],
-  };
-
-  for (const tool of mcpData.tools || []) {
-    const matches = scanText(toolToText(tool));
-    if (matches) {
-      results.toolFindings.push({
-        issueType: 'Trust Exploitation',
-        name: tool?.name || 'tool',
-        severity: 'high',
-        reasons: [buildReason(`tool "${tool?.name || 'unknown'}"`, matches)],
-        tags: ['trust-exploitation', 'social-engineering'],
-        agenticCategory: OWASP_ID,
-        safeUseNotes:
-          'Review tool for trust exploitation vulnerabilities. Implement verification mechanisms for sensitive operations.',
-      });
-    }
-  }
-
-  for (const resource of mcpData.resources || []) {
-    const matches = scanText(resourceToText(resource));
-    if (matches) {
-      results.resourceFindings.push({
-        issueType: 'Trust Exploitation',
-        uri: resource?.uri || resource?.name || 'resource',
-        severity: 'high',
-        reasons: [
-          buildReason(`resource "${resource?.name || resource?.uri || 'unknown'}"`, matches),
-        ],
-        tags: ['trust-exploitation', 'social-engineering'],
-        agenticCategory: OWASP_ID,
-      });
-    }
-  }
-
-  for (const prompt of mcpData.prompts || []) {
-    const matches = scanText(promptToText(prompt));
-    if (matches) {
-      results.promptFindings.push({
-        issueType: 'Trust Exploitation',
-        name: prompt?.name || 'prompt',
-        severity: 'critical',
-        reasons: [buildReason(`prompt "${prompt?.name || 'unknown'}"`, matches)],
-        tags: ['trust-exploitation', 'social-engineering'],
-        agenticCategory: OWASP_ID,
-      });
-    }
-  }
-
-  return results;
-}
-
-const adapter = createRuleAdapter(
-  scanAgentic09TrustExploitation,
-  RULE_ID,
-  OWASP_ID,
-  RECOMMENDATION
-);
-
-export const analyzeTool = adapter.analyzeTool;
-export const analyzePrompt = adapter.analyzePrompt;
-export const analyzeResource = adapter.analyzeResource;
-
-export function analyzePacket(packet) {
-  const text = packetToText(packet);
-  const matches = scanText(text);
-  if (!matches) {
-    return [];
-  }
-  return [
-    convertPacketFinding(
-      {
-        issueType: 'Trust Exploitation',
-        severity: 'high',
-        title: 'Trust Exploitation Pattern in Traffic',
-        description: `Potential trust exploitation in packet: ${matches.join(', ')}`,
-        evidence: matches[0]?.substring(0, 50) || '',
-      },
-      RULE_ID,
-      OWASP_ID,
-      RECOMMENDATION,
-      packet
-    ),
-  ];
-}
-
-export const ruleMetadata = {
-  id: RULE_ID,
-  name: 'Trust Exploitation Detection',
-  owasp_id: OWASP_ID,
-  severity: 'high',
-  description: 'Detects human-agent trust exploitation patterns.',
-  source: 'static',
-  type: 'agentic-security',
-};