@mcp-shark/mcp-shark 1.5.13 → 1.7.2

package/core/services/security/rules/scans/agentic10RogueAgent.js

@@ -1,130 +0,0 @@
-import { convertPacketFinding, createRuleAdapter } from '../utils/adapter.js';
-import { packetToText, promptToText, resourceToText, toolToText } from '../utils/text.js';
-
-const RULE_ID = 'asi10-rogue-agent';
-const OWASP_ID = 'ASI10';
-const RECOMMENDATION =
-  'Implement agent registration and approval processes. Monitor for unauthorized agent creation. Enforce agent lifecycle management.';
-
-const ROGUE_AGENT_PATTERNS = [
-  /(?:rogue|unauthorized|unapproved|malicious|harmful)\s+(?:agent|bot|automation|system)/i,
-  /(?:unauthorized|unapproved|unmanaged)\s+(?:agent|bot)\s+(?:creation|deployment|execution|activation)/i,
-  /(?:bypass|circumvent|avoid)\s+(?:approval|authorization|review|governance)\s+(?:for|to\s+create|to\s+deploy)/i,
-  /(?:hidden|concealed|undocumented|unregistered)\s+(?:agent|bot|automation)/i,
-  /(?:self-replicating|self-propagating|autonomous)\s+(?:agent|bot)\s+(?:without|lacking)/i,
-];
-
-function scanText(text) {
-  if (!text) {
-    return null;
-  }
-  const matches = [];
-  for (const pattern of ROGUE_AGENT_PATTERNS) {
-    const match = text.match(pattern);
-    if (match) {
-      matches.push(match[0]);
-    }
-  }
-  return matches.length > 0 ? matches : null;
-}
-
-function buildReason(entity, matches) {
-  return `Potential rogue agent indicators in ${entity}: ${matches.join(', ')}`;
-}
-
-export function scanAgentic10RogueAgent(mcpData = {}) {
-  const results = {
-    toolFindings: [],
-    resourceFindings: [],
-    promptFindings: [],
-    notablePatterns: [],
-    recommendations: [RECOMMENDATION],
-  };
-
-  for (const tool of mcpData.tools || []) {
-    const matches = scanText(toolToText(tool));
-    if (matches) {
-      results.toolFindings.push({
-        issueType: 'Rogue Agent',
-        name: tool?.name || 'tool',
-        severity: 'critical',
-        reasons: [buildReason(`tool "${tool?.name || 'unknown'}"`, matches)],
-        tags: ['rogue-agent', 'unauthorized'],
-        agenticCategory: OWASP_ID,
-        safeUseNotes:
-          'Verify agent registration and approval status. Ensure all agents are properly managed and monitored.',
-      });
-    }
-  }
-
-  for (const resource of mcpData.resources || []) {
-    const matches = scanText(resourceToText(resource));
-    if (matches) {
-      results.resourceFindings.push({
-        issueType: 'Rogue Agent',
-        uri: resource?.uri || resource?.name || 'resource',
-        severity: 'critical',
-        reasons: [
-          buildReason(`resource "${resource?.name || resource?.uri || 'unknown'}"`, matches),
-        ],
-        tags: ['rogue-agent', 'unauthorized'],
-        agenticCategory: OWASP_ID,
-      });
-    }
-  }
-
-  for (const prompt of mcpData.prompts || []) {
-    const matches = scanText(promptToText(prompt));
-    if (matches) {
-      results.promptFindings.push({
-        issueType: 'Rogue Agent',
-        name: prompt?.name || 'prompt',
-        severity: 'high',
-        reasons: [buildReason(`prompt "${prompt?.name || 'unknown'}"`, matches)],
-        tags: ['rogue-agent', 'unauthorized'],
-        agenticCategory: OWASP_ID,
-      });
-    }
-  }
-
-  return results;
-}
-
-const adapter = createRuleAdapter(scanAgentic10RogueAgent, RULE_ID, OWASP_ID, RECOMMENDATION);
-
-export const analyzeTool = adapter.analyzeTool;
-export const analyzePrompt = adapter.analyzePrompt;
-export const analyzeResource = adapter.analyzeResource;
-
-export function analyzePacket(packet) {
-  const text = packetToText(packet);
-  const matches = scanText(text);
-  if (!matches) {
-    return [];
-  }
-  return [
-    convertPacketFinding(
-      {
-        issueType: 'Rogue Agent',
-        severity: 'critical',
-        title: 'Rogue Agent Pattern in Traffic',
-        description: `Potential rogue agent indicators in packet: ${matches.join(', ')}`,
-        evidence: matches[0]?.substring(0, 50) || '',
-      },
-      RULE_ID,
-      OWASP_ID,
-      RECOMMENDATION,
-      packet
-    ),
-  ];
-}
-
-export const ruleMetadata = {
-  id: RULE_ID,
-  name: 'Rogue Agent Detection',
-  owasp_id: OWASP_ID,
-  severity: 'critical',
-  description: 'Detects rogue agent vulnerabilities.',
-  source: 'static',
-  type: 'agentic-security',
-};

package/core/services/security/rules/scans/hardcodedSecrets.js

@@ -1,130 +0,0 @@
-import { SECRET_PATTERNS } from '../constants.js';
-import { convertPacketFinding, createRuleAdapter } from '../utils/adapter.js';
-import { packetToText, promptToText, resourceToText, toolToText } from '../utils/text.js';
-
-const RULE_ID = 'hardcoded-secrets';
-const OWASP_ID = 'SECRET';
-const RECOMMENDATION =
-  'Move secrets or API tokens to secure storage; never embed them directly in tool or resource metadata.';
-
-function redacted(value) {
-  if (!value) {
-    return '';
-  }
-  if (value.length <= 8) {
-    return '***';
-  }
-  return `${value.slice(0, 4)}...${value.slice(-4)}`;
-}
-
-function scanText(text) {
-  if (!text) {
-    return null;
-  }
-  for (const pattern of SECRET_PATTERNS) {
-    pattern.regex.lastIndex = 0;
-    const match = text.match(pattern.regex);
-    if (match) {
-      return {
-        type: pattern.type,
-        sample: redacted(match[0]),
-      };
-    }
-  }
-  return null;
-}
-
-function buildReason(entity, secretInfo) {
-  return `Potential ${secretInfo.type} secret leaked inside ${entity} (sample ${secretInfo.sample}).`;
-}
-
-export function scanHardcodedSecrets(mcpData = {}) {
-  const results = {
-    toolFindings: [],
-    resourceFindings: [],
-    promptFindings: [],
-    notablePatterns: [],
-    recommendations: [RECOMMENDATION],
-  };
-
-  for (const tool of mcpData.tools || []) {
-    const info = scanText(toolToText(tool));
-    if (info) {
-      results.toolFindings.push({
-        issueType: 'Hardcoded Secret',
-        name: tool?.name || 'tool',
-        severity: 'high',
-        reasons: [buildReason(`tool "${tool?.name || 'unknown'}"`, info)],
-        tags: ['secret'],
-        safeUseNotes: 'Remove the leaked credential and rotate it immediately.',
-      });
-    }
-  }
-
-  for (const resource of mcpData.resources || []) {
-    const info = scanText(resourceToText(resource));
-    if (info) {
-      results.resourceFindings.push({
-        issueType: 'Hardcoded Secret',
-        uri: resource?.uri || resource?.name || 'resource',
-        severity: 'high',
-        reasons: [buildReason(`resource "${resource?.name || resource?.uri || 'unknown'}"`, info)],
-        tags: ['secret'],
-      });
-    }
-  }
-
-  for (const prompt of mcpData.prompts || []) {
-    const info = scanText(promptToText(prompt));
-    if (info) {
-      results.promptFindings.push({
-        issueType: 'Hardcoded Secret',
-        name: prompt?.name || 'prompt',
-        severity: 'medium',
-        reasons: [buildReason(`prompt "${prompt?.name || 'unknown'}"`, info)],
-        tags: ['secret'],
-      });
-    }
-  }
-
-  return results;
-}
-
-const adapter = createRuleAdapter(scanHardcodedSecrets, RULE_ID, OWASP_ID, RECOMMENDATION);
-
-export const analyzeTool = adapter.analyzeTool;
-export const analyzePrompt = adapter.analyzePrompt;
-export const analyzeResource = adapter.analyzeResource;
-
-export function analyzePacket(packet) {
-  const text = packetToText(packet);
-  const info = scanText(text);
-  if (!info) {
-    return [];
-  }
-  return [
-    convertPacketFinding(
-      {
-        issueType: 'Hardcoded Secret',
-        severity: 'high',
-        title: 'Secret Detected in Traffic',
-        description: `Potential ${info.type} secret in packet (sample ${info.sample}).`,
-        evidence: info.sample,
-      },
-      RULE_ID,
-      OWASP_ID,
-      RECOMMENDATION,
-      packet
-    ),
-  ];
-}
-
-export const ruleMetadata = {
-  id: RULE_ID,
-  name: 'Hardcoded Secrets Detection',
-  owasp_id: OWASP_ID,
-  severity: 'high',
-  description: 'Detects hardcoded secrets and API tokens in metadata.',
-  source: 'static',
-  type: 'general-security',
-};

package/core/services/security/rules/scans/mcp01TokenMismanagement.js

@@ -1,127 +0,0 @@
-import { SECRET_PATTERNS } from '../constants.js';
-import { convertPacketFinding, createRuleAdapter } from '../utils/adapter.js';
-import { packetToText, promptToText, resourceToText, toolToText } from '../utils/text.js';
-
-const RULE_ID = 'mcp01-token-mismanagement';
-const OWASP_ID = 'MCP01';
-const RECOMMENDATION =
-  'Move all tokens and secrets to secure storage (environment variables, secret managers). Never embed credentials in MCP server configurations.';
-
-function scanText(text) {
-  if (!text) {
-    return null;
-  }
-  const matches = [];
-  for (const pattern of SECRET_PATTERNS) {
-    pattern.regex.lastIndex = 0;
-    const match = text.match(pattern.regex);
-    if (match) {
-      matches.push({ type: pattern.type, sample: match[0] });
-    }
-  }
-  return matches.length > 0 ? matches : null;
-}
-
-function buildReason(entity, matches) {
-  const types = matches.map((m) => m.type).join(', ');
-  return `Token or secret exposure detected in ${entity}: ${types}`;
-}
-
-export function scanMCP01TokenMismanagement(mcpData = {}) {
-  const results = {
-    toolFindings: [],
-    resourceFindings: [],
-    promptFindings: [],
-    notablePatterns: [],
-    recommendations: [RECOMMENDATION],
-  };
-
-  for (const tool of mcpData.tools || []) {
-    const matches = scanText(toolToText(tool));
-    if (matches) {
-      results.toolFindings.push({
-        issueType: 'Token Mismanagement',
-        name: tool?.name || 'tool',
-        severity: 'high',
-        reasons: [buildReason(`tool "${tool?.name || 'unknown'}"`, matches)],
-        tags: ['token-mismanagement', 'secret-exposure'],
-        mcpCategory: OWASP_ID,
-        safeUseNotes:
-          'Remove all tokens and secrets from tool metadata. Use secure storage mechanisms.',
-      });
-    }
-  }
-
-  for (const resource of mcpData.resources || []) {
-    const matches = scanText(resourceToText(resource));
-    if (matches) {
-      results.resourceFindings.push({
-        issueType: 'Token Mismanagement',
-        uri: resource?.uri || resource?.name || 'resource',
-        severity: 'high',
-        reasons: [
-          buildReason(`resource "${resource?.name || resource?.uri || 'unknown'}"`, matches),
-        ],
-        tags: ['token-mismanagement', 'secret-exposure'],
-        mcpCategory: OWASP_ID,
-      });
-    }
-  }
-
-  for (const prompt of mcpData.prompts || []) {
-    const matches = scanText(promptToText(prompt));
-    if (matches) {
-      results.promptFindings.push({
-        issueType: 'Token Mismanagement',
-        name: prompt?.name || 'prompt',
-        severity: 'medium',
-        reasons: [buildReason(`prompt "${prompt?.name || 'unknown'}"`, matches)],
-        tags: ['token-mismanagement', 'secret-exposure'],
-        mcpCategory: OWASP_ID,
-      });
-    }
-  }
-
-  return results;
-}
-
-const adapter = createRuleAdapter(scanMCP01TokenMismanagement, RULE_ID, OWASP_ID, RECOMMENDATION);
-
-export const analyzeTool = adapter.analyzeTool;
-export const analyzePrompt = adapter.analyzePrompt;
-export const analyzeResource = adapter.analyzeResource;
-
-export function analyzePacket(packet) {
-  const text = packetToText(packet);
-  const matches = scanText(text);
-  if (!matches) {
-    return [];
-  }
-  const types = matches.map((m) => m.type).join(', ');
-  return [
-    convertPacketFinding(
-      {
-        issueType: 'Token Mismanagement',
-        severity: 'high',
-        title: 'Token/Secret Detected in Traffic',
-        description: `Potential secret exposure in packet: ${types}`,
-        evidence: matches[0]?.sample?.substring(0, 50) || '',
-      },
-      RULE_ID,
-      OWASP_ID,
-      RECOMMENDATION,
-      packet
-    ),
-  ];
-}
-
-export const ruleMetadata = {
-  id: RULE_ID,
-  name: 'Token Mismanagement & Secret Exposure',
-  owasp_id: OWASP_ID,
-  severity: 'high',
-  description:
-    'Detects hard-coded credentials, API keys, and secrets that could be exposed through prompt injection or compromised context.',
-  source: 'static',
-  type: 'owasp-mcp',
-};

package/core/services/security/rules/scans/mcp02ScopeCreep.js

@@ -1,130 +0,0 @@
-import { convertPacketFinding, createRuleAdapter } from '../utils/adapter.js';
-import { packetToText, promptToText, resourceToText, toolToText } from '../utils/text.js';
-
-const RULE_ID = 'mcp02-scope-creep';
-const OWASP_ID = 'MCP02';
-const RECOMMENDATION =
-  'Implement strict scope boundaries for tools. Monitor for unauthorized scope expansion and enforce least privilege principles.';
-
-const SCOPE_CREEP_PATTERNS = [
-  /(?:expand|extend|increase|broaden|widen)\s+(?:scope|permission|access|capability|authority)/i,
-  /(?:additional|extra|more|further)\s+(?:privilege|permission|access|right)/i,
-  /(?:escalate|elevate|raise|upgrade)\s+(?:privilege|permission|access|level)/i,
-  /(?:unrestricted|unlimited|full|complete|total)\s+(?:access|permission|privilege|control)/i,
-  /(?:bypass|override|circumvent)\s+(?:restriction|limit|constraint|control)/i,
-];
-
-function scanText(text) {
-  if (!text) {
-    return null;
-  }
-  const matches = [];
-  for (const pattern of SCOPE_CREEP_PATTERNS) {
-    const match = text.match(pattern);
-    if (match) {
-      matches.push(match[0]);
-    }
-  }
-  return matches.length > 0 ? matches : null;
-}
-
-function buildReason(entity, matches) {
-  return `Potential scope creep detected in ${entity}: ${matches.join(', ')}`;
-}
-
-export function scanMCP02ScopeCreep(mcpData = {}) {
-  const results = {
-    toolFindings: [],
-    resourceFindings: [],
-    promptFindings: [],
-    notablePatterns: [],
-    recommendations: [RECOMMENDATION],
-  };
-
-  for (const tool of mcpData.tools || []) {
-    const matches = scanText(toolToText(tool));
-    if (matches) {
-      results.toolFindings.push({
-        issueType: 'Scope Creep',
-        name: tool?.name || 'tool',
-        severity: 'medium',
-        reasons: [buildReason(`tool "${tool?.name || 'unknown'}"`, matches)],
-        tags: ['scope-creep', 'privilege-escalation'],
-        mcpCategory: OWASP_ID,
-        safeUseNotes:
-          'Review tool scope boundaries. Ensure tools cannot expand their permissions beyond intended limits.',
-      });
-    }
-  }
-
-  for (const resource of mcpData.resources || []) {
-    const matches = scanText(resourceToText(resource));
-    if (matches) {
-      results.resourceFindings.push({
-        issueType: 'Scope Creep',
-        uri: resource?.uri || resource?.name || 'resource',
-        severity: 'medium',
-        reasons: [
-          buildReason(`resource "${resource?.name || resource?.uri || 'unknown'}"`, matches),
-        ],
-        tags: ['scope-creep', 'privilege-escalation'],
-        mcpCategory: OWASP_ID,
-      });
-    }
-  }
-
-  for (const prompt of mcpData.prompts || []) {
-    const matches = scanText(promptToText(prompt));
-    if (matches) {
-      results.promptFindings.push({
-        issueType: 'Scope Creep',
-        name: prompt?.name || 'prompt',
-        severity: 'low',
-        reasons: [buildReason(`prompt "${prompt?.name || 'unknown'}"`, matches)],
-        tags: ['scope-creep', 'privilege-escalation'],
-        mcpCategory: OWASP_ID,
-      });
-    }
-  }
-
-  return results;
-}
-
-const adapter = createRuleAdapter(scanMCP02ScopeCreep, RULE_ID, OWASP_ID, RECOMMENDATION);
-
-export const analyzeTool = adapter.analyzeTool;
-export const analyzePrompt = adapter.analyzePrompt;
-export const analyzeResource = adapter.analyzeResource;
-
-export function analyzePacket(packet) {
-  const text = packetToText(packet);
-  const matches = scanText(text);
-  if (!matches) {
-    return [];
-  }
-  return [
-    convertPacketFinding(
-      {
-        issueType: 'Scope Creep',
-        severity: 'medium',
-        title: 'Scope Creep Pattern in Traffic',
-        description: `Potential scope creep in packet: ${matches.join(', ')}`,
-        evidence: matches[0]?.substring(0, 50) || '',
-      },
-      RULE_ID,
-      OWASP_ID,
-      RECOMMENDATION,
-      packet
-    ),
-  ];
-}
-
-export const ruleMetadata = {
-  id: RULE_ID,
-  name: 'Scope Creep Detection',
-  owasp_id: OWASP_ID,
-  severity: 'medium',
-  description: 'Detects potential privilege escalation via scope creep in tool definitions.',
-  source: 'static',
-  type: 'owasp-mcp',
-};

package/core/services/security/rules/scans/mcp03ToolPoisoning.js

@@ -1,132 +0,0 @@
-import { convertPacketFinding, createRuleAdapter } from '../utils/adapter.js';
-import { packetToText, promptToText, resourceToText, toolToText } from '../utils/text.js';
-
-const RULE_ID = 'mcp03-tool-poisoning';
-const OWASP_ID = 'MCP03';
-const RECOMMENDATION =
-  'Verify tool authenticity and integrity. Implement tool signing and verification mechanisms. Monitor for suspicious tool behavior.';
-
-const TOOL_POISONING_PATTERNS = [
-  /(?:malicious|harmful|dangerous|exploit|attack|backdoor|trojan|virus)/i,
-  /(?:unauthorized|illegitimate|fake|spoofed|forged|tampered)/i,
-  /(?:steal|exfiltrate|leak|extract)\s+(?:data|information|credentials|secrets)/i,
-  /(?:delete|remove|destroy|wipe|erase)\s+(?:file|data|information)/i,
-  /(?:override|bypass|disable)\s+(?:security|protection|safeguard|control)/i,
-  /(?:hidden|concealed|obfuscated|encoded)\s+(?:functionality|behavior|action)/i,
-];
-
-function scanText(text) {
-  if (!text) {
-    return null;
-  }
-  const matches = [];
-  for (const pattern of TOOL_POISONING_PATTERNS) {
-    const match = text.match(pattern);
-    if (match) {
-      matches.push(match[0]);
-    }
-  }
-  return matches.length > 0 ? matches : null;
-}
-
-function buildReason(entity, matches) {
-  return `Potential tool poisoning indicators in ${entity}: ${matches.join(', ')}`;
-}
-
-export function scanMCP03ToolPoisoning(mcpData = {}) {
-  const results = {
-    toolFindings: [],
-    resourceFindings: [],
-    promptFindings: [],
-    notablePatterns: [],
-    recommendations: [RECOMMENDATION],
-  };
-
-  for (const tool of mcpData.tools || []) {
-    const matches = scanText(toolToText(tool));
-    if (matches) {
-      results.toolFindings.push({
-        issueType: 'Tool Poisoning',
-        name: tool?.name || 'tool',
-        severity: 'high',
-        reasons: [buildReason(`tool "${tool?.name || 'unknown'}"`, matches)],
-        tags: ['tool-poisoning', 'malicious'],
-        mcpCategory: OWASP_ID,
-        is_potentially_poisoned: true,
-        safeUseNotes:
-          'Review tool description and behavior carefully. Verify tool source and integrity before use.',
-      });
-    }
-  }
-
-  for (const resource of mcpData.resources || []) {
-    const matches = scanText(resourceToText(resource));
-    if (matches) {
-      results.resourceFindings.push({
-        issueType: 'Tool Poisoning',
-        uri: resource?.uri || resource?.name || 'resource',
-        severity: 'high',
-        reasons: [
-          buildReason(`resource "${resource?.name || resource?.uri || 'unknown'}"`, matches),
-        ],
-        tags: ['tool-poisoning', 'malicious'],
-        mcpCategory: OWASP_ID,
-      });
-    }
-  }
-
-  for (const prompt of mcpData.prompts || []) {
-    const matches = scanText(promptToText(prompt));
-    if (matches) {
-      results.promptFindings.push({
-        issueType: 'Tool Poisoning',
-        name: prompt?.name || 'prompt',
-        severity: 'medium',
-        reasons: [buildReason(`prompt "${prompt?.name || 'unknown'}"`, matches)],
-        tags: ['tool-poisoning', 'malicious'],
-        mcpCategory: OWASP_ID,
-      });
-    }
-  }
-
-  return results;
-}
-
-const adapter = createRuleAdapter(scanMCP03ToolPoisoning, RULE_ID, OWASP_ID, RECOMMENDATION);
-
-export const analyzeTool = adapter.analyzeTool;
-export const analyzePrompt = adapter.analyzePrompt;
-export const analyzeResource = adapter.analyzeResource;
-
-export function analyzePacket(packet) {
-  const text = packetToText(packet);
-  const matches = scanText(text);
-  if (!matches) {
-    return [];
-  }
-  return [
-    convertPacketFinding(
-      {
-        issueType: 'Tool Poisoning',
-        severity: 'high',
-        title: 'Tool Poisoning Pattern in Traffic',
-        description: `Potential malicious pattern in packet: ${matches.join(', ')}`,
-        evidence: matches[0]?.substring(0, 50) || '',
-      },
-      RULE_ID,
-      OWASP_ID,
-      RECOMMENDATION,
-      packet
-    ),
-  ];
-}
-
-export const ruleMetadata = {
-  id: RULE_ID,
-  name: 'Tool Poisoning Detection',
-  owasp_id: OWASP_ID,
-  severity: 'high',
-  description: 'Detects malicious patterns that could indicate tool poisoning attacks.',
-  source: 'static',
-  type: 'owasp-mcp',
-};