@pan-sec/notebooklm-mcp 1.4.0

package/dist/utils/response-validator.d.ts

@@ -0,0 +1,98 @@
+/**
+ * Response Validator for NotebookLM MCP Server
+ *
+ * Validates and sanitizes responses from NotebookLM:
+ * - Prompt injection detection
+ * - Malicious URL detection
+ * - Encoded payload detection
+ * - Response sanitization
+ *
+ * Uses patterns derived from MEDUSA AI Security Scanner.
+ * Added by Pantheon Security for hardened fork.
+ */
+/**
+ * Response validation result
+ */
+export interface ValidationResult {
+    safe: boolean;
+    warnings: string[];
+    blocked: string[];
+    sanitized: string;
+    originalLength: number;
+    sanitizedLength: number;
+}
+/**
+ * Response validator configuration
+ */
+export interface ResponseValidatorConfig {
+    /** Enable response validation (default: true) */
+    enabled: boolean;
+    /** Block responses containing prompt injection (default: true) */
+    blockPromptInjection: boolean;
+    /** Block responses containing suspicious URLs (default: true) */
+    blockSuspiciousUrls: boolean;
+    /** Block responses containing encoded payloads (default: false - just warn) */
+    blockEncodedPayloads: boolean;
+    /** Warn on suspicious content without blocking (default: true) */
+    warnOnSuspicious: boolean;
+    /** Allowed domains for URLs in responses */
+    allowedDomains: string[];
+}
+/**
+ * Response Validator Class
+ */
+export declare class ResponseValidator {
+    private config;
+    private stats;
+    constructor(config?: Partial<ResponseValidatorConfig>);
+    /**
+     * Validate a response from NotebookLM
+     */
+    validate(response: string): Promise<ValidationResult>;
+    /**
+     * Detect prompt injection attempts in text
+     */
+    detectPromptInjection(text: string): Array<{
+        pattern: RegExp;
+        description: string;
+        severity: string;
+        match: string;
+    }>;
+    /**
+     * Detect suspicious URLs in text
+     */
+    detectSuspiciousUrls(text: string): Array<{
+        pattern: RegExp;
+        description: string;
+        url: string;
+    }>;
+    /**
+     * Detect encoded payloads in text
+     */
+    detectEncodedPayloads(text: string): Array<{
+        pattern: RegExp;
+        description: string;
+        match: string;
+    }>;
+    /**
+     * Get validation statistics
+     */
+    getStats(): typeof this.stats;
+    /**
+     * Reset statistics
+     */
+    resetStats(): void;
+    /**
+     * Update configuration
+     */
+    updateConfig(config: Partial<ResponseValidatorConfig>): void;
+}
+/**
+ * Get or create the global response validator
+ */
+export declare function getResponseValidator(): ResponseValidator;
+/**
+ * Convenience function to validate a response
+ */
+export declare function validateResponse(response: string): Promise<ValidationResult>;
+//# sourceMappingURL=response-validator.d.ts.map

package/dist/utils/response-validator.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"response-validator.d.ts","sourceRoot":"","sources":["../../src/utils/response-validator.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;GAWG;AAKH;;GAEG;AACH,MAAM,WAAW,gBAAgB;IAC/B,IAAI,EAAE,OAAO,CAAC;IACd,QAAQ,EAAE,MAAM,EAAE,CAAC;IACnB,OAAO,EAAE,MAAM,EAAE,CAAC;IAClB,SAAS,EAAE,MAAM,CAAC;IAClB,cAAc,EAAE,MAAM,CAAC;IACvB,eAAe,EAAE,MAAM,CAAC;CACzB;AAED;;GAEG;AACH,MAAM,WAAW,uBAAuB;IACtC,iDAAiD;IACjD,OAAO,EAAE,OAAO,CAAC;IACjB,kEAAkE;IAClE,oBAAoB,EAAE,OAAO,CAAC;IAC9B,iEAAiE;IACjE,mBAAmB,EAAE,OAAO,CAAC;IAC7B,+EAA+E;IAC/E,oBAAoB,EAAE,OAAO,CAAC;IAC9B,kEAAkE;IAClE,gBAAgB,EAAE,OAAO,CAAC;IAC1B,4CAA4C;IAC5C,cAAc,EAAE,MAAM,EAAE,CAAC;CAC1B;AAwID;;GAEG;AACH,qBAAa,iBAAiB;IAC5B,OAAO,CAAC,MAAM,CAA0B;IACxC,OAAO,CAAC,KAAK,CAKX;gBAEU,MAAM,CAAC,EAAE,OAAO,CAAC,uBAAuB,CAAC;IAIrD;;OAEG;IACG,QAAQ,CAAC,QAAQ,EAAE,MAAM,GAAG,OAAO,CAAC,gBAAgB,CAAC;IAmG3D;;OAEG;IACH,qBAAqB,CAAC,IAAI,EAAE,MAAM,GAAG,KAAK,CAAC;QAAE,OAAO,EAAE,MAAM,CAAC;QAAC,WAAW,EAAE,MAAM,CAAC;QAAC,QAAQ,EAAE,MAAM,CAAC;QAAC,KAAK,EAAE,MAAM,CAAA;KAAE,CAAC;IAkBrH;;OAEG;IACH,oBAAoB,CAAC,IAAI,EAAE,MAAM,GAAG,KAAK,CAAC;QAAE,OAAO,EAAE,MAAM,CAAC;QAAC,WAAW,EAAE,MAAM,CAAC;QAAC,GAAG,EAAE,MAAM,CAAA;KAAE,CAAC;IAiBhG;;OAEG;IACH,qBAAqB,CAAC,IAAI,EAAE,MAAM,GAAG,KAAK,CAAC;QAAE,OAAO,EAAE,MAAM,CAAC;QAAC,WAAW,EAAE,MAAM,CAAC;QAAC,KAAK,EAAE,MAAM,CAAA;KAAE,CAAC;IAoBnG;;OAEG;IACH,QAAQ,IAAI,OAAO,IAAI,CAAC,KAAK;IAI7B;;OAEG;IACH,UAAU,IAAI,IAAI;IASlB;;OAEG;IACH,YAAY,CAAC,MAAM,EAAE,OAAO,CAAC,uBAAuB,CAAC,GAAG,IAAI;CAG7D;AAOD;;GAEG;AACH,wBAAgB,oBAAoB,IAAI,iBAAiB,CAKxD;AAED;;GAEG;AACH,wBAAsB,gBAAgB,CAAC,QAAQ,EAAE,MAAM,GAAG,OAAO,CAAC,gBAAgB,CAAC,CAElF"}

package/dist/utils/response-validator.js

@@ -0,0 +1,352 @@
+/**
+ * Response Validator for NotebookLM MCP Server
+ *
+ * Validates and sanitizes responses from NotebookLM:
+ * - Prompt injection detection
+ * - Malicious URL detection
+ * - Encoded payload detection
+ * - Response sanitization
+ *
+ * Uses patterns derived from MEDUSA AI Security Scanner.
+ * Added by Pantheon Security for hardened fork.
+ */
+import { audit } from "./audit-logger.js";
+import { log } from "./logger.js";
+/**
+ * Get validator configuration from environment
+ */
+function getValidatorConfig() {
+    return {
+        enabled: process.env.NLMCP_RESPONSE_VALIDATION !== "false",
+        blockPromptInjection: process.env.NLMCP_BLOCK_PROMPT_INJECTION !== "false",
+        blockSuspiciousUrls: process.env.NLMCP_BLOCK_SUSPICIOUS_URLS !== "false",
+        blockEncodedPayloads: process.env.NLMCP_BLOCK_ENCODED_PAYLOADS === "true",
+        warnOnSuspicious: process.env.NLMCP_WARN_SUSPICIOUS !== "false",
+        allowedDomains: (process.env.NLMCP_ALLOWED_DOMAINS || "").split(",").filter(d => d.length > 0),
+    };
+}
+/**
+ * Prompt injection detection patterns
+ * Derived from MEDUSA AI Security Scanner (AIC001-030)
+ */
+const PROMPT_INJECTION_PATTERNS = [
+    // Direct instruction override attempts
+    {
+        pattern: /ignore\s+(all\s+)?(previous|prior|above|earlier)\s+(instructions?|prompts?|rules?|guidelines?)/i,
+        description: "Instruction override attempt",
+        severity: "critical",
+    },
+    {
+        pattern: /disregard\s+(all\s+)?(previous|prior|above|earlier)\s+(instructions?|prompts?|text|context)/i,
+        description: "Disregard instruction attempt",
+        severity: "critical",
+    },
+    {
+        pattern: /forget\s+(everything|all|your)\s+(you('ve)?|instructions?|training|learned)/i,
+        description: "Memory reset attempt",
+        severity: "critical",
+    },
+    {
+        pattern: /you\s+are\s+now\s+(in\s+)?(\w+)\s+mode/i,
+        description: "Mode switching attempt",
+        severity: "high",
+    },
+    {
+        pattern: /new\s+instructions?\s*:/i,
+        description: "New instruction injection",
+        severity: "high",
+    },
+    {
+        pattern: /system\s*:\s*[^\n]{10,}/i,
+        description: "System prompt injection",
+        severity: "critical",
+    },
+    {
+        pattern: /\[INST\]|\[\/INST\]/i,
+        description: "Instruction delimiter injection (Llama-style)",
+        severity: "high",
+    },
+    {
+        pattern: /<\|im_start\|>|<\|im_end\|>/i,
+        description: "Chat template injection",
+        severity: "high",
+    },
+    {
+        pattern: /###\s*(system|user|assistant)\s*:/i,
+        description: "Role delimiter injection",
+        severity: "high",
+    },
+    {
+        pattern: /pretend\s+(you('re)?|to\s+be)\s+(a|an|the)?\s*(different|new|another)/i,
+        description: "Identity manipulation attempt",
+        severity: "medium",
+    },
+    {
+        pattern: /act\s+as\s+(if\s+)?(you('re)?|a|an)\s*(unrestricted|unfiltered|jailbroken)/i,
+        description: "Jailbreak attempt",
+        severity: "critical",
+    },
+    {
+        pattern: /bypass\s+(your\s+)?(safety|security|restrictions?|filters?|guidelines?)/i,
+        description: "Safety bypass attempt",
+        severity: "critical",
+    },
+    {
+        pattern: /do\s+not\s+(follow|obey|respect)\s+(your\s+)?(rules?|guidelines?|instructions?)/i,
+        description: "Rule violation instruction",
+        severity: "high",
+    },
+    // Claude-specific patterns
+    {
+        pattern: /human\s*:\s*[^\n]{20,}/i,
+        description: "Human turn injection (Claude-style)",
+        severity: "high",
+    },
+    {
+        pattern: /assistant\s*:\s*[^\n]{20,}/i,
+        description: "Assistant turn injection (Claude-style)",
+        severity: "high",
+    },
+];
+/**
+ * Suspicious URL patterns
+ */
+const SUSPICIOUS_URL_PATTERNS = [
+    // URL shorteners (could hide malicious destinations)
+    { pattern: /https?:\/\/(bit\.ly|tinyurl\.com|t\.co|goo\.gl|ow\.ly|is\.gd|buff\.ly|adf\.ly|j\.mp)\//i, description: "URL shortener" },
+    // Paste/sharing services (data exfiltration)
+    { pattern: /https?:\/\/(pastebin\.com|hastebin\.com|paste\.ee|ghostbin\.com|dpaste\.org)\//i, description: "Paste service" },
+    // File sharing (potential malware)
+    { pattern: /https?:\/\/(anonfiles\.com|mediafire\.com|zippyshare\.com|sendspace\.com)\//i, description: "File sharing service" },
+    // Dangerous protocols
+    { pattern: /javascript:/i, description: "JavaScript protocol" },
+    { pattern: /data:/i, description: "Data protocol" },
+    { pattern: /file:\/\//i, description: "File protocol" },
+    { pattern: /vbscript:/i, description: "VBScript protocol" },
+    // IP addresses (potential C2)
+    { pattern: /https?:\/\/\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}/i, description: "Raw IP address URL" },
+    // Webhook URLs (data exfiltration)
+    { pattern: /https?:\/\/[^\/]*webhook/i, description: "Webhook URL" },
+    { pattern: /https?:\/\/[^\/]*discord(app)?\.com\/api\/webhooks/i, description: "Discord webhook" },
+];
+/**
+ * Encoded payload patterns
+ */
+const ENCODED_PAYLOAD_PATTERNS = [
+    // Base64 encoded data (long strings)
+    { pattern: /[A-Za-z0-9+\/]{100,}={0,2}/g, description: "Possible Base64 encoded data" },
+    // Hex encoded data
+    { pattern: /(?:0x)?[0-9a-fA-F]{40,}/g, description: "Possible hex encoded data" },
+    // URL encoded data
+    { pattern: /(?:%[0-9A-Fa-f]{2}){10,}/g, description: "Heavily URL encoded content" },
+    // Unicode escape sequences
+    { pattern: /(?:\\u[0-9A-Fa-f]{4}){5,}/g, description: "Unicode escape sequences" },
+];
+/**
+ * Response Validator Class
+ */
+export class ResponseValidator {
+    config;
+    stats = {
+        validated: 0,
+        blocked: 0,
+        warned: 0,
+        passed: 0,
+    };
+    constructor(config) {
+        this.config = { ...getValidatorConfig(), ...config };
+    }
+    /**
+     * Validate a response from NotebookLM
+     */
+    async validate(response) {
+        if (!this.config.enabled) {
+            return {
+                safe: true,
+                warnings: [],
+                blocked: [],
+                sanitized: response,
+                originalLength: response.length,
+                sanitizedLength: response.length,
+            };
+        }
+        this.stats.validated++;
+        const warnings = [];
+        const blocked = [];
+        let sanitized = response;
+        // Check for prompt injection
+        if (this.config.blockPromptInjection) {
+            const injectionResults = this.detectPromptInjection(response);
+            for (const result of injectionResults) {
+                if (result.severity === "critical" || result.severity === "high") {
+                    blocked.push(`Prompt injection (${result.severity}): ${result.description}`);
+                    // Redact the matched content
+                    sanitized = sanitized.replace(result.match, "[REDACTED: prompt injection detected]");
+                }
+                else {
+                    warnings.push(`Suspicious pattern (${result.severity}): ${result.description}`);
+                }
+            }
+        }
+        // Check for suspicious URLs
+        if (this.config.blockSuspiciousUrls) {
+            const urlResults = this.detectSuspiciousUrls(response);
+            for (const result of urlResults) {
+                if (this.config.allowedDomains.length > 0) {
+                    // Check if URL is in allowed domains
+                    const isAllowed = this.config.allowedDomains.some(domain => result.url.includes(domain));
+                    if (isAllowed)
+                        continue;
+                }
+                blocked.push(`Suspicious URL: ${result.description} - ${result.url.substring(0, 50)}`);
+                sanitized = sanitized.replace(result.url, "[REDACTED: suspicious URL]");
+            }
+        }
+        // Check for encoded payloads
+        const encodedResults = this.detectEncodedPayloads(response);
+        for (const result of encodedResults) {
+            if (this.config.blockEncodedPayloads) {
+                blocked.push(`Encoded payload: ${result.description}`);
+                sanitized = sanitized.replace(result.match, "[REDACTED: encoded payload]");
+            }
+            else if (this.config.warnOnSuspicious) {
+                warnings.push(`Encoded content detected: ${result.description}`);
+            }
+        }
+        // Determine if response is safe
+        const safe = blocked.length === 0;
+        // Update stats
+        if (!safe) {
+            this.stats.blocked++;
+        }
+        else if (warnings.length > 0) {
+            this.stats.warned++;
+        }
+        else {
+            this.stats.passed++;
+        }
+        // Audit if issues found
+        if (blocked.length > 0 || warnings.length > 0) {
+            await audit.security("response_validation", safe ? "warning" : "error", {
+                blocked_count: blocked.length,
+                warning_count: warnings.length,
+                blocked_reasons: blocked,
+                warnings: warnings,
+                original_length: response.length,
+                sanitized_length: sanitized.length,
+            });
+            if (!safe) {
+                log.warning(`🛡️ Response blocked: ${blocked.join(", ")}`);
+            }
+            else {
+                log.info(`⚠️ Response warnings: ${warnings.join(", ")}`);
+            }
+        }
+        return {
+            safe,
+            warnings,
+            blocked,
+            sanitized,
+            originalLength: response.length,
+            sanitizedLength: sanitized.length,
+        };
+    }
+    /**
+     * Detect prompt injection attempts in text
+     */
+    detectPromptInjection(text) {
+        const results = [];
+        for (const { pattern, description, severity } of PROMPT_INJECTION_PATTERNS) {
+            const match = text.match(pattern);
+            if (match) {
+                results.push({
+                    pattern,
+                    description,
+                    severity,
+                    match: match[0],
+                });
+            }
+        }
+        return results;
+    }
+    /**
+     * Detect suspicious URLs in text
+     */
+    detectSuspiciousUrls(text) {
+        const results = [];
+        for (const { pattern, description } of SUSPICIOUS_URL_PATTERNS) {
+            const matches = text.matchAll(new RegExp(pattern, "gi"));
+            for (const match of matches) {
+                results.push({
+                    pattern,
+                    description,
+                    url: match[0],
+                });
+            }
+        }
+        return results;
+    }
+    /**
+     * Detect encoded payloads in text
+     */
+    detectEncodedPayloads(text) {
+        const results = [];
+        for (const { pattern, description } of ENCODED_PAYLOAD_PATTERNS) {
+            const matches = text.matchAll(pattern);
+            for (const match of matches) {
+                // Only flag if it's actually suspiciously long
+                if (match[0].length > 100) {
+                    results.push({
+                        pattern,
+                        description,
+                        match: match[0].substring(0, 50) + "...",
+                    });
+                }
+            }
+        }
+        return results;
+    }
+    /**
+     * Get validation statistics
+     */
+    getStats() {
+        return { ...this.stats };
+    }
+    /**
+     * Reset statistics
+     */
+    resetStats() {
+        this.stats = {
+            validated: 0,
+            blocked: 0,
+            warned: 0,
+            passed: 0,
+        };
+    }
+    /**
+     * Update configuration
+     */
+    updateConfig(config) {
+        this.config = { ...this.config, ...config };
+    }
+}
+/**
+ * Global validator instance
+ */
+let globalValidator = null;
+/**
+ * Get or create the global response validator
+ */
+export function getResponseValidator() {
+    if (!globalValidator) {
+        globalValidator = new ResponseValidator();
+    }
+    return globalValidator;
+}
+/**
+ * Convenience function to validate a response
+ */
+export async function validateResponse(response) {
+    return getResponseValidator().validate(response);
+}
+//# sourceMappingURL=response-validator.js.map

package/dist/utils/response-validator.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"response-validator.js","sourceRoot":"","sources":["../../src/utils/response-validator.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;GAWG;AAEH,OAAO,EAAE,KAAK,EAAE,MAAM,mBAAmB,CAAC;AAC1C,OAAO,EAAE,GAAG,EAAE,MAAM,aAAa,CAAC;AAgClC;;GAEG;AACH,SAAS,kBAAkB;IACzB,OAAO;QACL,OAAO,EAAE,OAAO,CAAC,GAAG,CAAC,yBAAyB,KAAK,OAAO;QAC1D,oBAAoB,EAAE,OAAO,CAAC,GAAG,CAAC,4BAA4B,KAAK,OAAO;QAC1E,mBAAmB,EAAE,OAAO,CAAC,GAAG,CAAC,2BAA2B,KAAK,OAAO;QACxE,oBAAoB,EAAE,OAAO,CAAC,GAAG,CAAC,4BAA4B,KAAK,MAAM;QACzE,gBAAgB,EAAE,OAAO,CAAC,GAAG,CAAC,qBAAqB,KAAK,OAAO;QAC/D,cAAc,EAAE,CAAC,OAAO,CAAC,GAAG,CAAC,qBAAqB,IAAI,EAAE,CAAC,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,MAAM,GAAG,CAAC,CAAC;KAC/F,CAAC;AACJ,CAAC;AAED;;;GAGG;AACH,MAAM,yBAAyB,GAA8F;IAC3H,uCAAuC;IACvC;QACE,OAAO,EAAE,iGAAiG;QAC1G,WAAW,EAAE,8BAA8B;QAC3C,QAAQ,EAAE,UAAU;KACrB;IACD;QACE,OAAO,EAAE,8FAA8F;QACvG,WAAW,EAAE,+BAA+B;QAC5C,QAAQ,EAAE,UAAU;KACrB;IACD;QACE,OAAO,EAAE,8EAA8E;QACvF,WAAW,EAAE,sBAAsB;QACnC,QAAQ,EAAE,UAAU;KACrB;IACD;QACE,OAAO,EAAE,yCAAyC;QAClD,WAAW,EAAE,wBAAwB;QACrC,QAAQ,EAAE,MAAM;KACjB;IACD;QACE,OAAO,EAAE,0BAA0B;QACnC,WAAW,EAAE,2BAA2B;QACxC,QAAQ,EAAE,MAAM;KACjB;IACD;QACE,OAAO,EAAE,0BAA0B;QACnC,WAAW,EAAE,yBAAyB;QACtC,QAAQ,EAAE,UAAU;KACrB;IACD;QACE,OAAO,EAAE,sBAAsB;QAC/B,WAAW,EAAE,+CAA+C;QAC5D,QAAQ,EAAE,MAAM;KACjB;IACD;QACE,OAAO,EAAE,8BAA8B;QACvC,WAAW,EAAE,yBAAyB;QACtC,QAAQ,EAAE,MAAM;KACjB;IACD;QACE,OAAO,EAAE,oCAAoC;QAC7C,WAAW,EAAE,0BAA0B;QACvC,QAAQ,EAAE,MAAM;KACjB;IACD;QACE,OAAO,EAAE,wEAAwE;QACjF,WAAW,EAAE,+BAA+B;QAC5C,QAAQ,EAAE,QAAQ;KACnB;IACD;QACE,OAAO,EAAE,6EAA6E;QACtF,WAAW,EAAE,mBAAmB;QAChC,QAAQ,EAAE,UAAU;KACrB;IACD;QACE,OAAO,EAAE,0EAA0E;QACnF,WAAW,EAAE,uBAAuB;QACpC,QAAQ,EAAE,UAAU;KACrB;IACD;QACE,OAAO,EAAE,kFAAkF;QAC3F,WAAW,EAAE,4BAA4B;QACzC,QAAQ,EAAE,MAAM;KACjB;IACD,2BAA2B;IAC3B;QACE,OAAO,EAAE,yBAAyB;QAClC,WAAW,EAAE,qCAAqC;QAClD,QAAQ,EAAE,MAAM;KACjB;IACD;QACE,OAAO,EAAE,6BAA6B;QACtC,WAAW,EAAE,yCAAyC;QACtD,QAAQ,EAAE,MAAM;KACjB;CACF,CAAC;AAEF;;GAEG;AACH,MAAM,uBAAuB,GAAoD;IAC/E,qDAAqD;IACrD,EAAE,OAAO,EAAE,yFAAyF,EAAE,WAAW,EAAE,eAAe,EAAE;IACpI,6CAA6C;IAC7C,EAAE,OAAO,EAAE,iFAAiF,EAAE,WAAW,EAAE,eAAe,EAAE;IAC5H,mCAAmC;IACnC,EAAE,OAAO,EAAE,8EAA8E,EAAE,WAAW,EAAE,sBAAsB,EAAE;IAChI,sBAAsB;IACtB,EAAE,OAAO,EAAE,cAAc,EAAE,WAAW,EAAE,qBAAqB,EAAE;IAC/D,EAAE,OAAO,EAAE,QAAQ,EAAE,WAAW,EAAE,eAAe,EAAE;IACnD,EAAE,OAAO,EAAE,YAAY,EAAE,WAAW,EAAE,eAAe,EAAE;IACvD,EAAE,OAAO,EAAE,YAAY,EAAE,WAAW,EAAE,mBAAmB,EAAE;IAC3D,8BAA8B;IAC9B,EAAE,OAAO,EAAE,gDAAgD,EAAE,WAAW,EAAE,oBAAoB,EAAE;IAChG,mCAAmC;IACnC,EAAE,OAAO,EAAE,2BAA2B,EAAE,WAAW,EAAE,aAAa,EAAE;IACpE,EAAE,OAAO,EAAE,qDAAqD,EAAE,WAAW,EAAE,iBAAiB,EAAE;CACnG,CAAC;AAEF;;GAEG;AACH,MAAM,wBAAwB,GAAoD;IAChF,qCAAqC;IACrC,EAAE,OAAO,EAAE,6BAA6B,EAAE,WAAW,EAAE,8BAA8B,EAAE;IACvF,mBAAmB;IACnB,EAAE,OAAO,EAAE,0BAA0B,EAAE,WAAW,EAAE,2BAA2B,EAAE;IACjF,mBAAmB;IACnB,EAAE,OAAO,EAAE,2BAA2B,EAAE,WAAW,EAAE,6BAA6B,EAAE;IACpF,2BAA2B;IAC3B,EAAE,OAAO,EAAE,4BAA4B,EAAE,WAAW,EAAE,0BAA0B,EAAE;CACnF,CAAC;AAEF;;GAEG;AACH,MAAM,OAAO,iBAAiB;IACpB,MAAM,CAA0B;IAChC,KAAK,GAAG;QACd,SAAS,EAAE,CAAC;QACZ,OAAO,EAAE,CAAC;QACV,MAAM,EAAE,CAAC;QACT,MAAM,EAAE,CAAC;KACV,CAAC;IAEF,YAAY,MAAyC;QACnD,IAAI,CAAC,MAAM,GAAG,EAAE,GAAG,kBAAkB,EAAE,EAAE,GAAG,MAAM,EAAE,CAAC;IACvD,CAAC;IAED;;OAEG;IACH,KAAK,CAAC,QAAQ,CAAC,QAAgB;QAC7B,IAAI,CAAC,IAAI,CAAC,MAAM,CAAC,OAAO,EAAE,CAAC;YACzB,OAAO;gBACL,IAAI,EAAE,IAAI;gBACV,QAAQ,EAAE,EAAE;gBACZ,OAAO,EAAE,EAAE;gBACX,SAAS,EAAE,QAAQ;gBACnB,cAAc,EAAE,QAAQ,CAAC,MAAM;gBAC/B,eAAe,EAAE,QAAQ,CAAC,MAAM;aACjC,CAAC;QACJ,CAAC;QAED,IAAI,CAAC,KAAK,CAAC,SAAS,EAAE,CAAC;QAEvB,MAAM,QAAQ,GAAa,EAAE,CAAC;QAC9B,MAAM,OAAO,GAAa,EAAE,CAAC;QAC7B,IAAI,SAAS,GAAG,QAAQ,CAAC;QAEzB,6BAA6B;QAC7B,IAAI,IAAI,CAAC,MAAM,CAAC,oBAAoB,EAAE,CAAC;YACrC,MAAM,gBAAgB,GAAG,IAAI,CAAC,qBAAqB,CAAC,QAAQ,CAAC,CAAC;YAC9D,KAAK,MAAM,MAAM,IAAI,gBAAgB,EAAE,CAAC;gBACtC,IAAI,MAAM,CAAC,QAAQ,KAAK,UAAU,IAAI,MAAM,CAAC,QAAQ,KAAK,MAAM,EAAE,CAAC;oBACjE,OAAO,CAAC,IAAI,CAAC,qBAAqB,MAAM,CAAC,QAAQ,MAAM,MAAM,CAAC,WAAW,EAAE,CAAC,CAAC;oBAC7E,6BAA6B;oBAC7B,SAAS,GAAG,SAAS,CAAC,OAAO,CAAC,MAAM,CAAC,KAAK,EAAE,uCAAuC,CAAC,CAAC;gBACvF,CAAC;qBAAM,CAAC;oBACN,QAAQ,CAAC,IAAI,CAAC,uBAAuB,MAAM,CAAC,QAAQ,MAAM,MAAM,CAAC,WAAW,EAAE,CAAC,CAAC;gBAClF,CAAC;YACH,CAAC;QACH,CAAC;QAED,4BAA4B;QAC5B,IAAI,IAAI,CAAC,MAAM,CAAC,mBAAmB,EAAE,CAAC;YACpC,MAAM,UAAU,GAAG,IAAI,CAAC,oBAAoB,CAAC,QAAQ,CAAC,CAAC;YACvD,KAAK,MAAM,MAAM,IAAI,UAAU,EAAE,CAAC;gBAChC,IAAI,IAAI,CAAC,MAAM,CAAC,cAAc,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;oBAC1C,qCAAqC;oBACrC,MAAM,SAAS,GAAG,IAAI,CAAC,MAAM,CAAC,cAAc,CAAC,IAAI,CAAC,MAAM,CAAC,EAAE,CACzD,MAAM,CAAC,GAAG,CAAC,QAAQ,CAAC,MAAM,CAAC,CAC5B,CAAC;oBACF,IAAI,SAAS;wBAAE,SAAS;gBAC1B,CAAC;gBACD,OAAO,CAAC,IAAI,CAAC,mBAAmB,MAAM,CAAC,WAAW,MAAM,MAAM,CAAC,GAAG,CAAC,SAAS,CAAC,CAAC,EAAE,EAAE,CAAC,EAAE,CAAC,CAAC;gBACvF,SAAS,GAAG,SAAS,CAAC,OAAO,CAAC,MAAM,CAAC,GAAG,EAAE,4BAA4B,CAAC,CAAC;YAC1E,CAAC;QACH,CAAC;QAED,6BAA6B;QAC7B,MAAM,cAAc,GAAG,IAAI,CAAC,qBAAqB,CAAC,QAAQ,CAAC,CAAC;QAC5D,KAAK,MAAM,MAAM,IAAI,cAAc,EAAE,CAAC;YACpC,IAAI,IAAI,CAAC,MAAM,CAAC,oBAAoB,EAAE,CAAC;gBACrC,OAAO,CAAC,IAAI,CAAC,oBAAoB,MAAM,CAAC,WAAW,EAAE,CAAC,CAAC;gBACvD,SAAS,GAAG,SAAS,CAAC,OAAO,CAAC,MAAM,CAAC,KAAK,EAAE,6BAA6B,CAAC,CAAC;YAC7E,CAAC;iBAAM,IAAI,IAAI,CAAC,MAAM,CAAC,gBAAgB,EAAE,CAAC;gBACxC,QAAQ,CAAC,IAAI,CAAC,6BAA6B,MAAM,CAAC,WAAW,EAAE,CAAC,CAAC;YACnE,CAAC;QACH,CAAC;QAED,gCAAgC;QAChC,MAAM,IAAI,GAAG,OAAO,CAAC,MAAM,KAAK,CAAC,CAAC;QAElC,eAAe;QACf,IAAI,CAAC,IAAI,EAAE,CAAC;YACV,IAAI,CAAC,KAAK,CAAC,OAAO,EAAE,CAAC;QACvB,CAAC;aAAM,IAAI,QAAQ,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;YAC/B,IAAI,CAAC,KAAK,CAAC,MAAM,EAAE,CAAC;QACtB,CAAC;aAAM,CAAC;YACN,IAAI,CAAC,KAAK,CAAC,MAAM,EAAE,CAAC;QACtB,CAAC;QAED,wBAAwB;QACxB,IAAI,OAAO,CAAC,MAAM,GAAG,CAAC,IAAI,QAAQ,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;YAC9C,MAAM,KAAK,CAAC,QAAQ,CAAC,qBAAqB,EAAE,IAAI,CAAC,CAAC,CAAC,SAAS,CAAC,CAAC,CAAC,OAAO,EAAE;gBACtE,aAAa,EAAE,OAAO,CAAC,MAAM;gBAC7B,aAAa,EAAE,QAAQ,CAAC,MAAM;gBAC9B,eAAe,EAAE,OAAO;gBACxB,QAAQ,EAAE,QAAQ;gBAClB,eAAe,EAAE,QAAQ,CAAC,MAAM;gBAChC,gBAAgB,EAAE,SAAS,CAAC,MAAM;aACnC,CAAC,CAAC;YAEH,IAAI,CAAC,IAAI,EAAE,CAAC;gBACV,GAAG,CAAC,OAAO,CAAC,yBAAyB,OAAO,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;YAC7D,CAAC;iBAAM,CAAC;gBACN,GAAG,CAAC,IAAI,CAAC,yBAAyB,QAAQ,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;YAC3D,CAAC;QACH,CAAC;QAED,OAAO;YACL,IAAI;YACJ,QAAQ;YACR,OAAO;YACP,SAAS;YACT,cAAc,EAAE,QAAQ,CAAC,MAAM;YAC/B,eAAe,EAAE,SAAS,CAAC,MAAM;SAClC,CAAC;IACJ,CAAC;IAED;;OAEG;IACH,qBAAqB,CAAC,IAAY;QAChC,MAAM,OAAO,GAAqF,EAAE,CAAC;QAErG,KAAK,MAAM,EAAE,OAAO,EAAE,WAAW,EAAE,QAAQ,EAAE,IAAI,yBAAyB,EAAE,CAAC;YAC3E,MAAM,KAAK,GAAG,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC;YAClC,IAAI,KAAK,EAAE,CAAC;gBACV,OAAO,CAAC,IAAI,CAAC;oBACX,OAAO;oBACP,WAAW;oBACX,QAAQ;oBACR,KAAK,EAAE,KAAK,CAAC,CAAC,CAAC;iBAChB,CAAC,CAAC;YACL,CAAC;QACH,CAAC;QAED,OAAO,OAAO,CAAC;IACjB,CAAC;IAED;;OAEG;IACH,oBAAoB,CAAC,IAAY;QAC/B,MAAM,OAAO,GAAiE,EAAE,CAAC;QAEjF,KAAK,MAAM,EAAE,OAAO,EAAE,WAAW,EAAE,IAAI,uBAAuB,EAAE,CAAC;YAC/D,MAAM,OAAO,GAAG,IAAI,CAAC,QAAQ,CAAC,IAAI,MAAM,CAAC,OAAO,EAAE,IAAI,CAAC,CAAC,CAAC;YACzD,KAAK,MAAM,KAAK,IAAI,OAAO,EAAE,CAAC;gBAC5B,OAAO,CAAC,IAAI,CAAC;oBACX,OAAO;oBACP,WAAW;oBACX,GAAG,EAAE,KAAK,CAAC,CAAC,CAAC;iBACd,CAAC,CAAC;YACL,CAAC;QACH,CAAC;QAED,OAAO,OAAO,CAAC;IACjB,CAAC;IAED;;OAEG;IACH,qBAAqB,CAAC,IAAY;QAChC,MAAM,OAAO,GAAmE,EAAE,CAAC;QAEnF,KAAK,MAAM,EAAE,OAAO,EAAE,WAAW,EAAE,IAAI,wBAAwB,EAAE,CAAC;YAChE,MAAM,OAAO,GAAG,IAAI,CAAC,QAAQ,CAAC,OAAO,CAAC,CAAC;YACvC,KAAK,MAAM,KAAK,IAAI,OAAO,EAAE,CAAC;gBAC5B,+CAA+C;gBAC/C,IAAI,KAAK,CAAC,CAAC,CAAC,CAAC,MAAM,GAAG,GAAG,EAAE,CAAC;oBAC1B,OAAO,CAAC,IAAI,CAAC;wBACX,OAAO;wBACP,WAAW;wBACX,KAAK,EAAE,KAAK,CAAC,CAAC,CAAC,CAAC,SAAS,CAAC,CAAC,EAAE,EAAE,CAAC,GAAG,KAAK;qBACzC,CAAC,CAAC;gBACL,CAAC;YACH,CAAC;QACH,CAAC;QAED,OAAO,OAAO,CAAC;IACjB,CAAC;IAED;;OAEG;IACH,QAAQ;QACN,OAAO,EAAE,GAAG,IAAI,CAAC,KAAK,EAAE,CAAC;IAC3B,CAAC;IAED;;OAEG;IACH,UAAU;QACR,IAAI,CAAC,KAAK,GAAG;YACX,SAAS,EAAE,CAAC;YACZ,OAAO,EAAE,CAAC;YACV,MAAM,EAAE,CAAC;YACT,MAAM,EAAE,CAAC;SACV,CAAC;IACJ,CAAC;IAED;;OAEG;IACH,YAAY,CAAC,MAAwC;QACnD,IAAI,CAAC,MAAM,GAAG,EAAE,GAAG,IAAI,CAAC,MAAM,EAAE,GAAG,MAAM,EAAE,CAAC;IAC9C,CAAC;CACF;AAED;;GAEG;AACH,IAAI,eAAe,GAA6B,IAAI,CAAC;AAErD;;GAEG;AACH,MAAM,UAAU,oBAAoB;IAClC,IAAI,CAAC,eAAe,EAAE,CAAC;QACrB,eAAe,GAAG,IAAI,iBAAiB,EAAE,CAAC;IAC5C,CAAC;IACD,OAAO,eAAe,CAAC;AACzB,CAAC;AAED;;GAEG;AACH,MAAM,CAAC,KAAK,UAAU,gBAAgB,CAAC,QAAgB;IACrD,OAAO,oBAAoB,EAAE,CAAC,QAAQ,CAAC,QAAQ,CAAC,CAAC;AACnD,CAAC"}

package/dist/utils/secrets-scanner.d.ts

@@ -0,0 +1,126 @@
+/**
+ * Secrets Scanner for NotebookLM MCP Server
+ *
+ * Detects and prevents credential exposure:
+ * - API keys
+ * - Passwords
+ * - Tokens
+ * - Private keys
+ * - Connection strings
+ *
+ * Why this matters:
+ * - Prevents accidental credential logging
+ * - Detects leaked secrets in responses
+ * - Compliance with security best practices
+ *
+ * Patterns derived from: TruffleHog, GitLeaks, MEDUSA
+ * Added by Pantheon Security for hardened fork.
+ */
+/**
+ * Secret detection result
+ */
+export interface SecretMatch {
+    type: string;
+    pattern: string;
+    match: string;
+    redacted: string;
+    line?: number;
+    column?: number;
+    severity: "critical" | "high" | "medium" | "low";
+}
+/**
+ * Secret pattern definition
+ */
+interface SecretPattern {
+    name: string;
+    pattern: RegExp;
+    severity: "critical" | "high" | "medium" | "low";
+    description: string;
+    redactFn?: (match: string) => string;
+}
+/**
+ * Secrets Scanner Configuration
+ */
+export interface SecretsConfig {
+    /** Enable secrets scanning (default: true) */
+    enabled: boolean;
+    /** Block output containing secrets (default: false - just warn) */
+    blockOnDetection: boolean;
+    /** Auto-redact secrets in output (default: true) */
+    autoRedact: boolean;
+    /** Minimum severity to report (default: low) */
+    minSeverity: "critical" | "high" | "medium" | "low";
+    /** Custom patterns to add */
+    customPatterns: SecretPattern[];
+    /** Patterns to ignore (by name) */
+    ignoredPatterns: string[];
+}
+/**
+ * Secrets Scanner Class
+ */
+export declare class SecretsScanner {
+    private config;
+    private patterns;
+    private stats;
+    constructor(config?: Partial<SecretsConfig>);
+    /**
+     * Scan text for secrets
+     */
+    scan(text: string): SecretMatch[];
+    /**
+     * Scan and optionally redact secrets
+     */
+    scanAndRedact(text: string): Promise<{
+        clean: string;
+        secrets: SecretMatch[];
+        blocked: boolean;
+    }>;
+    /**
+     * Default redaction function
+     */
+    private defaultRedact;
+    /**
+     * Add a custom pattern
+     */
+    addPattern(pattern: SecretPattern): void;
+    /**
+     * Ignore a pattern by name
+     */
+    ignorePattern(name: string): void;
+    /**
+     * Get scanning statistics
+     */
+    getStats(): typeof this.stats & {
+        patterns: number;
+    };
+    /**
+     * Reset statistics
+     */
+    resetStats(): void;
+    /**
+     * Update configuration
+     */
+    updateConfig(config: Partial<SecretsConfig>): void;
+    /**
+     * Check if scanning is enabled
+     */
+    isEnabled(): boolean;
+}
+/**
+ * Get or create the global secrets scanner
+ */
+export declare function getSecretsScanner(): SecretsScanner;
+/**
+ * Convenience function to scan text for secrets
+ */
+export declare function scanForSecrets(text: string): SecretMatch[];
+/**
+ * Convenience function to scan and redact secrets
+ */
+export declare function scanAndRedactSecrets(text: string): Promise<{
+    clean: string;
+    secrets: SecretMatch[];
+    blocked: boolean;
+}>;
+export {};
+//# sourceMappingURL=secrets-scanner.d.ts.map

package/dist/utils/secrets-scanner.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"secrets-scanner.d.ts","sourceRoot":"","sources":["../../src/utils/secrets-scanner.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;GAiBG;AAKH;;GAEG;AACH,MAAM,WAAW,WAAW;IAC1B,IAAI,EAAE,MAAM,CAAC;IACb,OAAO,EAAE,MAAM,CAAC;IAChB,KAAK,EAAE,MAAM,CAAC;IACd,QAAQ,EAAE,MAAM,CAAC;IACjB,IAAI,CAAC,EAAE,MAAM,CAAC;IACd,MAAM,CAAC,EAAE,MAAM,CAAC;IAChB,QAAQ,EAAE,UAAU,GAAG,MAAM,GAAG,QAAQ,GAAG,KAAK,CAAC;CAClD;AAED;;GAEG;AACH,UAAU,aAAa;IACrB,IAAI,EAAE,MAAM,CAAC;IACb,OAAO,EAAE,MAAM,CAAC;IAChB,QAAQ,EAAE,UAAU,GAAG,MAAM,GAAG,QAAQ,GAAG,KAAK,CAAC;IACjD,WAAW,EAAE,MAAM,CAAC;IACpB,QAAQ,CAAC,EAAE,CAAC,KAAK,EAAE,MAAM,KAAK,MAAM,CAAC;CACtC;AAiOD;;GAEG;AACH,MAAM,WAAW,aAAa;IAC5B,8CAA8C;IAC9C,OAAO,EAAE,OAAO,CAAC;IACjB,mEAAmE;IACnE,gBAAgB,EAAE,OAAO,CAAC;IAC1B,oDAAoD;IACpD,UAAU,EAAE,OAAO,CAAC;IACpB,gDAAgD;IAChD,WAAW,EAAE,UAAU,GAAG,MAAM,GAAG,QAAQ,GAAG,KAAK,CAAC;IACpD,6BAA6B;IAC7B,cAAc,EAAE,aAAa,EAAE,CAAC;IAChC,mCAAmC;IACnC,eAAe,EAAE,MAAM,EAAE,CAAC;CAC3B;AA2BD;;GAEG;AACH,qBAAa,cAAc;IACzB,OAAO,CAAC,MAAM,CAAgB;IAC9B,OAAO,CAAC,QAAQ,CAAkB;IAClC,OAAO,CAAC,KAAK,CAKX;gBAEU,MAAM,CAAC,EAAE,OAAO,CAAC,aAAa,CAAC;IAO3C;;OAEG;IACH,IAAI,CAAC,IAAI,EAAE,MAAM,GAAG,WAAW,EAAE;IAkDjC;;OAEG;IACG,aAAa,CAAC,IAAI,EAAE,MAAM,GAAG,OAAO,CAAC;QACzC,KAAK,EAAE,MAAM,CAAC;QACd,OAAO,EAAE,WAAW,EAAE,CAAC;QACvB,OAAO,EAAE,OAAO,CAAC;KAClB,CAAC;IA2DF;;OAEG;IACH,OAAO,CAAC,aAAa;IAarB;;OAEG;IACH,UAAU,CAAC,OAAO,EAAE,aAAa,GAAG,IAAI;IAKxC;;OAEG;IACH,aAAa,CAAC,IAAI,EAAE,MAAM,GAAG,IAAI;IAKjC;;OAEG;IACH,QAAQ,IAAI,OAAO,IAAI,CAAC,KAAK,GAAG;QAAE,QAAQ,EAAE,MAAM,CAAA;KAAE;IAOpD;;OAEG;IACH,UAAU,IAAI,IAAI;IASlB;;OAEG;IACH,YAAY,CAAC,MAAM,EAAE,OAAO,CAAC,aAAa,CAAC,GAAG,IAAI;IAIlD;;OAEG;IACH,SAAS,IAAI,OAAO;CAGrB;AAOD;;GAEG;AACH,wBAAgB,iBAAiB,IAAI,cAAc,CAKlD;AAED;;GAEG;AACH,wBAAgB,cAAc,CAAC,IAAI,EAAE,MAAM,GAAG,WAAW,EAAE,CAE1D;AAED;;GAEG;AACH,wBAAsB,oBAAoB,CAAC,IAAI,EAAE,MAAM,GAAG,OAAO,CAAC;IAChE,KAAK,EAAE,MAAM,CAAC;IACd,OAAO,EAAE,WAAW,EAAE,CAAC;IACvB,OAAO,EAAE,OAAO,CAAC;CAClB,CAAC,CAED"}