@mcp-shark/mcp-shark 1.5.13 → 1.7.2

package/core/services/security/rules/scans/mcp04SupplyChain.js

@@ -1,131 +0,0 @@
-import { convertPacketFinding, createRuleAdapter } from '../utils/adapter.js';
-import { packetToText, promptToText, resourceToText, toolToText } from '../utils/text.js';
-
-const RULE_ID = 'mcp04-supply-chain';
-const OWASP_ID = 'MCP04';
-const RECOMMENDATION =
-  'Pin all dependencies to specific versions. Verify package integrity and signatures. Use trusted repositories and registries.';
-
-const SUPPLY_CHAIN_PATTERNS = [
-  /(?:unsigned|unverified|untrusted|unauthenticated)\s+(?:package|dependency|module|library)/i,
-  /(?:tampered|modified|altered|compromised)\s+(?:package|dependency|module|library)/i,
-  /(?:dependency|package|module)\s+(?:confusion|substitution|hijacking)/i,
-  /(?:typosquatting|brandjacking|namespace)\s+(?:package|dependency|module)/i,
-  /(?:unpinned|floating|wildcard)\s+(?:version|dependency|package)/i,
-  /(?:from|source)\s+(?:unknown|unverified|suspicious|untrusted)\s+(?:source|repository|registry)/i,
-];
-
-function scanText(text) {
-  if (!text) {
-    return null;
-  }
-  const matches = [];
-  for (const pattern of SUPPLY_CHAIN_PATTERNS) {
-    const match = text.match(pattern);
-    if (match) {
-      matches.push(match[0]);
-    }
-  }
-  return matches.length > 0 ? matches : null;
-}
-
-function buildReason(entity, matches) {
-  return `Potential supply chain vulnerability in ${entity}: ${matches.join(', ')}`;
-}
-
-export function scanMCP04SupplyChain(mcpData = {}) {
-  const results = {
-    toolFindings: [],
-    resourceFindings: [],
-    promptFindings: [],
-    notablePatterns: [],
-    recommendations: [RECOMMENDATION],
-  };
-
-  for (const tool of mcpData.tools || []) {
-    const matches = scanText(toolToText(tool));
-    if (matches) {
-      results.toolFindings.push({
-        issueType: 'Supply Chain',
-        name: tool?.name || 'tool',
-        severity: 'high',
-        reasons: [buildReason(`tool "${tool?.name || 'unknown'}"`, matches)],
-        tags: ['supply-chain', 'dependency-tampering'],
-        mcpCategory: OWASP_ID,
-        safeUseNotes:
-          'Verify all dependencies and packages. Use signed packages from trusted sources.',
-      });
-    }
-  }
-
-  for (const resource of mcpData.resources || []) {
-    const matches = scanText(resourceToText(resource));
-    if (matches) {
-      results.resourceFindings.push({
-        issueType: 'Supply Chain',
-        uri: resource?.uri || resource?.name || 'resource',
-        severity: 'high',
-        reasons: [
-          buildReason(`resource "${resource?.name || resource?.uri || 'unknown'}"`, matches),
-        ],
-        tags: ['supply-chain', 'dependency-tampering'],
-        mcpCategory: OWASP_ID,
-      });
-    }
-  }
-
-  for (const prompt of mcpData.prompts || []) {
-    const matches = scanText(promptToText(prompt));
-    if (matches) {
-      results.promptFindings.push({
-        issueType: 'Supply Chain',
-        name: prompt?.name || 'prompt',
-        severity: 'medium',
-        reasons: [buildReason(`prompt "${prompt?.name || 'unknown'}"`, matches)],
-        tags: ['supply-chain', 'dependency-tampering'],
-        mcpCategory: OWASP_ID,
-      });
-    }
-  }
-
-  return results;
-}
-
-const adapter = createRuleAdapter(scanMCP04SupplyChain, RULE_ID, OWASP_ID, RECOMMENDATION);
-
-export const analyzeTool = adapter.analyzeTool;
-export const analyzePrompt = adapter.analyzePrompt;
-export const analyzeResource = adapter.analyzeResource;
-
-export function analyzePacket(packet) {
-  const text = packetToText(packet);
-  const matches = scanText(text);
-  if (!matches) {
-    return [];
-  }
-  return [
-    convertPacketFinding(
-      {
-        issueType: 'Supply Chain',
-        severity: 'high',
-        title: 'Supply Chain Pattern in Traffic',
-        description: `Potential supply chain vulnerability in packet: ${matches.join(', ')}`,
-        evidence: matches[0]?.substring(0, 50) || '',
-      },
-      RULE_ID,
-      OWASP_ID,
-      RECOMMENDATION,
-      packet
-    ),
-  ];
-}
-
-export const ruleMetadata = {
-  id: RULE_ID,
-  name: 'Supply Chain Vulnerability Detection',
-  owasp_id: OWASP_ID,
-  severity: 'high',
-  description: 'Detects potential supply chain vulnerabilities in MCP configurations.',
-  source: 'static',
-  type: 'owasp-mcp',
-};

package/core/services/security/rules/scans/mcp06PromptInjection.js

@@ -1,200 +0,0 @@
-import { convertPacketFinding, createRuleAdapter } from '../utils/adapter.js';
-import { packetToText, promptToText, resourceToText, toolToText } from '../utils/text.js';
-
-const RULE_ID = 'mcp06-prompt-injection';
-const OWASP_ID = 'MCP06';
-const RECOMMENDATION =
-  'Implement prompt injection defenses. Validate and sanitize all user inputs. Use prompt isolation and output filtering.';
-
-const PROMPT_INJECTION_PATTERNS = [
-  /(?:ignore|forget|disregard)\s+(?:\w+\s+)*(?:previous|prior|earlier|above|instructions|prompts|system)/i,
-  /(?:new|different|override|replace)\s+(?:instructions|prompt|system|rules)/i,
-  /(?:you\s+are|act\s+as|pretend\s+to\s+be|roleplay\s+as)/i,
-  /(?:system|admin|root|sudo)\s+(?:access|privilege|permission|command)/i,
-  /(?:extract|reveal|show|display|output)\s+(?:system|prompt|instruction|secret|password|token)/i,
-  /(?:execute|run|perform)\s+(?:arbitrary|any|unrestricted|unlimited)\s+(?:command|action|code)/i,
-];
-
-const SUSPICIOUS_TOOL_NAME_PATTERNS = [
-  { pattern: /instruction_?override/i, name: 'Instruction Override Tool', severity: 'critical' },
-  {
-    pattern: /system_?prompt|systemprompt/i,
-    name: 'System Prompt Access Tool',
-    severity: 'critical',
-  },
-  { pattern: /ignore_?instruction/i, name: 'Ignore Instruction Tool', severity: 'critical' },
-  { pattern: /bypass_?security/i, name: 'Security Bypass Tool', severity: 'critical' },
-  { pattern: /admin_?override/i, name: 'Admin Override Tool', severity: 'critical' },
-  { pattern: /privilege_?escalat/i, name: 'Privilege Escalation Tool', severity: 'high' },
-  { pattern: /sudo|root_?access/i, name: 'Elevated Privilege Tool', severity: 'high' },
-  { pattern: /hidden_?command/i, name: 'Hidden Command Tool', severity: 'high' },
-  { pattern: /secret_?access/i, name: 'Secret Access Tool', severity: 'high' },
-];
-
-function scanText(text) {
-  if (!text) {
-    return null;
-  }
-  const matches = [];
-  for (const pattern of PROMPT_INJECTION_PATTERNS) {
-    const match = text.match(pattern);
-    if (match) {
-      matches.push(match[0]);
-    }
-  }
-  return matches.length > 0 ? matches : null;
-}
-
-function checkToolName(toolName) {
-  if (!toolName) {
-    return null;
-  }
-  for (const { pattern, name, severity } of SUSPICIOUS_TOOL_NAME_PATTERNS) {
-    if (pattern.test(toolName)) {
-      return { name, severity, match: toolName };
-    }
-  }
-  return null;
-}
-
-function buildReason(entity, matches) {
-  return `Potential prompt injection via contextual payloads in ${entity}: ${matches.join(', ')}`;
-}
-
-export function scanMCP06PromptInjection(mcpData = {}) {
-  const results = {
-    toolFindings: [],
-    resourceFindings: [],
-    promptFindings: [],
-    notablePatterns: [],
-    recommendations: [RECOMMENDATION],
-  };
-
-  for (const tool of mcpData.tools || []) {
-    // Check tool name for suspicious patterns
-    const nameCheck = checkToolName(tool?.name);
-    if (nameCheck) {
-      results.toolFindings.push({
-        issueType: 'Prompt Injection Context',
-        name: tool?.name || 'tool',
-        severity: nameCheck.severity,
-        reasons: [`Suspicious tool name detected: "${nameCheck.name}" pattern in "${tool.name}"`],
-        tags: ['prompt-injection', 'suspicious-tool-name'],
-        mcpCategory: OWASP_ID,
-        safeUseNotes:
-          'This tool name suggests potential prompt injection or security bypass intent.',
-      });
-    }
-
-    const matches = scanText(toolToText(tool));
-    if (matches) {
-      results.toolFindings.push({
-        issueType: 'Prompt Injection Context',
-        name: tool?.name || 'tool',
-        severity: 'high',
-        reasons: [buildReason(`tool "${tool?.name || 'unknown'}"`, matches)],
-        tags: ['prompt-injection', 'context-injection'],
-        mcpCategory: OWASP_ID,
-        safeUseNotes:
-          'Review tool inputs for prompt injection vulnerabilities. Implement input validation and sanitization.',
-      });
-    }
-  }
-
-  for (const resource of mcpData.resources || []) {
-    const matches = scanText(resourceToText(resource));
-    if (matches) {
-      results.resourceFindings.push({
-        issueType: 'Prompt Injection Context',
-        uri: resource?.uri || resource?.name || 'resource',
-        severity: 'high',
-        reasons: [
-          buildReason(`resource "${resource?.name || resource?.uri || 'unknown'}"`, matches),
-        ],
-        tags: ['prompt-injection', 'context-injection'],
-        mcpCategory: OWASP_ID,
-      });
-    }
-  }
-
-  for (const prompt of mcpData.prompts || []) {
-    const matches = scanText(promptToText(prompt));
-    if (matches) {
-      results.promptFindings.push({
-        issueType: 'Prompt Injection Context',
-        name: prompt?.name || 'prompt',
-        severity: 'critical',
-        reasons: [buildReason(`prompt "${prompt?.name || 'unknown'}"`, matches)],
-        tags: ['prompt-injection', 'context-injection'],
-        mcpCategory: OWASP_ID,
-      });
-    }
-  }
-
-  return results;
-}
-
-const adapter = createRuleAdapter(scanMCP06PromptInjection, RULE_ID, OWASP_ID, RECOMMENDATION);
-
-export const analyzeTool = adapter.analyzeTool;
-export const analyzePrompt = adapter.analyzePrompt;
-export const analyzeResource = adapter.analyzeResource;
-
-export function analyzePacket(packet) {
-  const findings = [];
-  const text = packetToText(packet);
-
-  // Check for suspicious tool names in tools/call requests
-  if (packet.body?.method === 'tools/call' && packet.body?.params?.name) {
-    const nameCheck = checkToolName(packet.body.params.name);
-    if (nameCheck) {
-      findings.push(
-        convertPacketFinding(
-          {
-            issueType: 'Prompt Injection Context',
-            severity: nameCheck.severity,
-            title: `Suspicious Tool Call: ${nameCheck.name}`,
-            description: `Tool "${packet.body.params.name}" matches suspicious pattern: ${nameCheck.name}`,
-            evidence: packet.body.params.name,
-          },
-          RULE_ID,
-          OWASP_ID,
-          RECOMMENDATION,
-          packet
-        )
-      );
-    }
-  }
-
-  const matches = scanText(text);
-  if (matches) {
-    findings.push(
-      convertPacketFinding(
-        {
-          issueType: 'Prompt Injection Context',
-          severity: 'high',
-          title: 'Prompt Injection Pattern in Traffic',
-          description: `Potential prompt injection in packet: ${matches.join(', ')}`,
-          evidence: matches[0]?.substring(0, 50) || '',
-        },
-        RULE_ID,
-        OWASP_ID,
-        RECOMMENDATION,
-        packet
-      )
-    );
-  }
-
-  return findings;
-}
-
-export const ruleMetadata = {
-  id: RULE_ID,
-  name: 'Prompt Injection Detection',
-  owasp_id: OWASP_ID,
-  severity: 'critical',
-  description:
-    'Detects prompt injection attempts via contextual payloads and suspicious tool names.',
-  source: 'static',
-  type: 'owasp-mcp',
-};

package/core/services/security/rules/scans/mcp07InsufficientAuth.js

@@ -1,130 +0,0 @@
-import { convertPacketFinding, createRuleAdapter } from '../utils/adapter.js';
-import { packetToText, promptToText, resourceToText, toolToText } from '../utils/text.js';
-
-const RULE_ID = 'mcp07-insufficient-auth';
-const OWASP_ID = 'MCP07';
-const RECOMMENDATION =
-  'Implement proper authentication and authorization mechanisms. Enforce access controls for all tools and resources.';
-
-const INSUFFICIENT_AUTH_PATTERNS = [
-  /(?:no|missing|lack|absent|without)\s+(?:authentication|auth|authorization|authz|access\s+control)/i,
-  /(?:public|open|unrestricted|unprotected|unsecured)\s+(?:access|endpoint|api|tool|resource)/i,
-  /(?:anonymous|guest|unauthenticated)\s+(?:user|access|request)/i,
-  /(?:skip|bypass|ignore|disable)\s+(?:authentication|auth|authorization|check|validation)/i,
-  /(?:weak|insecure|poor|insufficient)\s+(?:authentication|auth|authorization|security)/i,
-];
-
-function scanText(text) {
-  if (!text) {
-    return null;
-  }
-  const matches = [];
-  for (const pattern of INSUFFICIENT_AUTH_PATTERNS) {
-    const match = text.match(pattern);
-    if (match) {
-      matches.push(match[0]);
-    }
-  }
-  return matches.length > 0 ? matches : null;
-}
-
-function buildReason(entity, matches) {
-  return `Potential insufficient authentication/authorization in ${entity}: ${matches.join(', ')}`;
-}
-
-export function scanMCP07InsufficientAuth(mcpData = {}) {
-  const results = {
-    toolFindings: [],
-    resourceFindings: [],
-    promptFindings: [],
-    notablePatterns: [],
-    recommendations: [RECOMMENDATION],
-  };
-
-  for (const tool of mcpData.tools || []) {
-    const matches = scanText(toolToText(tool));
-    if (matches) {
-      results.toolFindings.push({
-        issueType: 'Insufficient Auth',
-        name: tool?.name || 'tool',
-        severity: 'high',
-        reasons: [buildReason(`tool "${tool?.name || 'unknown'}"`, matches)],
-        tags: ['insufficient-auth', 'authentication', 'authorization'],
-        mcpCategory: OWASP_ID,
-        safeUseNotes:
-          'Review tool authentication requirements. Ensure proper access controls are in place.',
-      });
-    }
-  }
-
-  for (const resource of mcpData.resources || []) {
-    const matches = scanText(resourceToText(resource));
-    if (matches) {
-      results.resourceFindings.push({
-        issueType: 'Insufficient Auth',
-        uri: resource?.uri || resource?.name || 'resource',
-        severity: 'high',
-        reasons: [
-          buildReason(`resource "${resource?.name || resource?.uri || 'unknown'}"`, matches),
-        ],
-        tags: ['insufficient-auth', 'authentication', 'authorization'],
-        mcpCategory: OWASP_ID,
-      });
-    }
-  }
-
-  for (const prompt of mcpData.prompts || []) {
-    const matches = scanText(promptToText(prompt));
-    if (matches) {
-      results.promptFindings.push({
-        issueType: 'Insufficient Auth',
-        name: prompt?.name || 'prompt',
-        severity: 'medium',
-        reasons: [buildReason(`prompt "${prompt?.name || 'unknown'}"`, matches)],
-        tags: ['insufficient-auth', 'authentication', 'authorization'],
-        mcpCategory: OWASP_ID,
-      });
-    }
-  }
-
-  return results;
-}
-
-const adapter = createRuleAdapter(scanMCP07InsufficientAuth, RULE_ID, OWASP_ID, RECOMMENDATION);
-
-export const analyzeTool = adapter.analyzeTool;
-export const analyzePrompt = adapter.analyzePrompt;
-export const analyzeResource = adapter.analyzeResource;
-
-export function analyzePacket(packet) {
-  const text = packetToText(packet);
-  const matches = scanText(text);
-  if (!matches) {
-    return [];
-  }
-  return [
-    convertPacketFinding(
-      {
-        issueType: 'Insufficient Auth',
-        severity: 'high',
-        title: 'Insufficient Auth Pattern in Traffic',
-        description: `Potential authentication weakness in packet: ${matches.join(', ')}`,
-        evidence: matches[0]?.substring(0, 50) || '',
-      },
-      RULE_ID,
-      OWASP_ID,
-      RECOMMENDATION,
-      packet
-    ),
-  ];
-}
-
-export const ruleMetadata = {
-  id: RULE_ID,
-  name: 'Insufficient Authentication Detection',
-  owasp_id: OWASP_ID,
-  severity: 'high',
-  description: 'Detects potential authentication and authorization weaknesses.',
-  source: 'static',
-  type: 'owasp-mcp',
-};

package/core/services/security/rules/scans/mcp08LackAudit.js

@@ -1,129 +0,0 @@
-import { convertPacketFinding, createRuleAdapter } from '../utils/adapter.js';
-import { packetToText, promptToText, resourceToText, toolToText } from '../utils/text.js';
-
-const RULE_ID = 'mcp08-lack-audit';
-const OWASP_ID = 'MCP08';
-const RECOMMENDATION =
-  'Implement comprehensive logging, audit trails, and telemetry. Monitor all tool usage and resource access.';
-
-const LACK_AUDIT_PATTERNS = [
-  /(?:no|missing|lack|absent|without)\s+(?:logging|log|audit|telemetry|monitoring|tracking)/i,
-  /(?:disable|turn\s+off|remove)\s+(?:logging|log|audit|telemetry|monitoring)/i,
-  /(?:silent|quiet|no\s+output)\s+(?:mode|operation|execution)/i,
-  /(?:unlogged|unmonitored|untracked)\s+(?:action|operation|event|access)/i,
-];
-
-function scanText(text) {
-  if (!text) {
-    return null;
-  }
-  const matches = [];
-  for (const pattern of LACK_AUDIT_PATTERNS) {
-    const match = text.match(pattern);
-    if (match) {
-      matches.push(match[0]);
-    }
-  }
-  return matches.length > 0 ? matches : null;
-}
-
-function buildReason(entity, matches) {
-  return `Potential lack of audit/telemetry in ${entity}: ${matches.join(', ')}`;
-}
-
-export function scanMCP08LackAudit(mcpData = {}) {
-  const results = {
-    toolFindings: [],
-    resourceFindings: [],
-    promptFindings: [],
-    notablePatterns: [],
-    recommendations: [RECOMMENDATION],
-  };
-
-  for (const tool of mcpData.tools || []) {
-    const matches = scanText(toolToText(tool));
-    if (matches) {
-      results.toolFindings.push({
-        issueType: 'Lack Audit',
-        name: tool?.name || 'tool',
-        severity: 'medium',
-        reasons: [buildReason(`tool "${tool?.name || 'unknown'}"`, matches)],
-        tags: ['lack-audit', 'telemetry', 'logging'],
-        mcpCategory: OWASP_ID,
-        safeUseNotes:
-          'Ensure tool operations are logged and audited. Implement telemetry for security monitoring.',
-      });
-    }
-  }
-
-  for (const resource of mcpData.resources || []) {
-    const matches = scanText(resourceToText(resource));
-    if (matches) {
-      results.resourceFindings.push({
-        issueType: 'Lack Audit',
-        uri: resource?.uri || resource?.name || 'resource',
-        severity: 'medium',
-        reasons: [
-          buildReason(`resource "${resource?.name || resource?.uri || 'unknown'}"`, matches),
-        ],
-        tags: ['lack-audit', 'telemetry', 'logging'],
-        mcpCategory: OWASP_ID,
-      });
-    }
-  }
-
-  for (const prompt of mcpData.prompts || []) {
-    const matches = scanText(promptToText(prompt));
-    if (matches) {
-      results.promptFindings.push({
-        issueType: 'Lack Audit',
-        name: prompt?.name || 'prompt',
-        severity: 'low',
-        reasons: [buildReason(`prompt "${prompt?.name || 'unknown'}"`, matches)],
-        tags: ['lack-audit', 'telemetry', 'logging'],
-        mcpCategory: OWASP_ID,
-      });
-    }
-  }
-
-  return results;
-}
-
-const adapter = createRuleAdapter(scanMCP08LackAudit, RULE_ID, OWASP_ID, RECOMMENDATION);
-
-export const analyzeTool = adapter.analyzeTool;
-export const analyzePrompt = adapter.analyzePrompt;
-export const analyzeResource = adapter.analyzeResource;
-
-export function analyzePacket(packet) {
-  const text = packetToText(packet);
-  const matches = scanText(text);
-  if (!matches) {
-    return [];
-  }
-  return [
-    convertPacketFinding(
-      {
-        issueType: 'Lack Audit',
-        severity: 'medium',
-        title: 'Audit Bypass Pattern in Traffic',
-        description: `Potential audit bypass in packet: ${matches.join(', ')}`,
-        evidence: matches[0]?.substring(0, 50) || '',
-      },
-      RULE_ID,
-      OWASP_ID,
-      RECOMMENDATION,
-      packet
-    ),
-  ];
-}
-
-export const ruleMetadata = {
-  id: RULE_ID,
-  name: 'Lack of Audit Detection',
-  owasp_id: OWASP_ID,
-  severity: 'medium',
-  description: 'Detects potential lack of audit trails and telemetry.',
-  source: 'static',
-  type: 'owasp-mcp',
-};