npm - @polygraphso/litmus - Versions diffs - 0.8.1 → 0.9.1 - Mend

@polygraphso/litmus 0.8.1 → 0.9.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (15) hide show

package/README.md +58 -0
package/dist/{chunk-ZR6XRGMQ.js → chunk-44R4ZYOE.js} +67 -0
package/dist/{chunk-VOPISHBU.js → chunk-BUKDFSDO.js} +2 -2
package/dist/{chunk-35UOPCBW.js → chunk-RYJXVMCT.js} +482 -9
package/dist/chunk-Z66GKAQD.js +692 -0
package/dist/cli-skill.d.ts +1 -0
package/dist/cli-skill.js +98 -0
package/dist/cli.js +2 -2
package/dist/index.d.ts +437 -2
package/dist/index.js +86 -8
package/dist/mcp.js +130 -122
package/dist/src-TMJOIVGB.js +67 -0
package/package.json +4 -3
package/dist/chunk-BPS4YCDL.js +0 -250
package/dist/src-RSTPCEYU.js +0 -31

package/dist/chunk-BPS4YCDL.js DELETED Viewed

@@ -1,250 +0,0 @@
-import {
-  parseAuthFlags,
-  resolveTarget
-} from "./chunk-VOPISHBU.js";
-import {
-  runLitmus
-} from "./chunk-35UOPCBW.js";
-import {
-  CATEGORY_STATUS_UINT8,
-  METHODOLOGY_VERSION
-} from "./chunk-ZR6XRGMQ.js";
-// ../onchain/src/networks.ts
-var NETWORKS = {
-  "base-sepolia": {
-    chainId: 84532,
-    rpc: "https://sepolia.base.org",
-    eas: "0x4200000000000000000000000000000000000021",
-    schemaRegistry: "0x4200000000000000000000000000000000000020",
-    easscan: "https://base-sepolia.easscan.org"
-  },
-  base: {
-    chainId: 8453,
-    rpc: "https://mainnet.base.org",
-    eas: "0x4200000000000000000000000000000000000021",
-    schemaRegistry: "0x4200000000000000000000000000000000000020",
-    easscan: "https://base.easscan.org"
-  }
-};
-function selectedNetwork() {
-  return process.env.NEXT_PUBLIC_POLYGRAPH_NETWORK === "base" ? "base" : "base-sepolia";
-}
-function networkConfig(net = selectedNetwork()) {
-  return NETWORKS[net];
-}
-function rpcUrl(net = selectedNetwork()) {
-  const override = net === "base" ? process.env.BASE_MAINNET_RPC_URL : process.env.BASE_SEPOLIA_RPC_URL;
-  return override && override.length > 0 ? override : NETWORKS[net].rpc;
-}
-// ../onchain/src/eas.ts
-import { AbiCoder } from "ethers";
-var LITMUS_SCHEMA = "string serverRef,bytes32 toolDefsFingerprint,uint8 gradeC01,uint8 gradeC02,uint8 gradeC03,string overallGrade,string reportCID,string methodologyVersion,uint64 ranAt,string resolvedVersion";
-var LITMUS_ABI_TYPES = [
-  "string",
-  // serverRef
-  "bytes32",
-  // toolDefsFingerprint
-  "uint8",
-  // gradeC01
-  "uint8",
-  // gradeC02
-  "uint8",
-  // gradeC03
-  "string",
-  // overallGrade
-  "string",
-  // reportCID
-  "string",
-  // methodologyVersion
-  "uint64",
-  // ranAt
-  "string"
-  // resolvedVersion
-];
-var LITMUS_ABI_NAMES = [
-  "serverRef",
-  "toolDefsFingerprint",
-  "gradeC01",
-  "gradeC02",
-  "gradeC03",
-  "overallGrade",
-  "reportCID",
-  "methodologyVersion",
-  "ranAt",
-  "resolvedVersion"
-];
-function categoryUint8(bundle, code) {
-  const status = bundle.categories.find((c) => c.code === code)?.status;
-  return status ? CATEGORY_STATUS_UINT8[status] : CATEGORY_STATUS_UINT8.skipped;
-}
-function litmusFields(bundle, reportCID) {
-  return {
-    serverRef: bundle.serverRef,
-    toolDefsFingerprint: bundle.toolDefsFingerprint,
-    gradeC01: categoryUint8(bundle, "C-01"),
-    gradeC02: categoryUint8(bundle, "C-02"),
-    gradeC03: categoryUint8(bundle, "C-03"),
-    overallGrade: bundle.grade,
-    reportCID,
-    methodologyVersion: bundle.methodologyVersion || METHODOLOGY_VERSION,
-    ranAt: BigInt(Math.floor(Date.parse(bundle.ranAt) / 1e3)),
-    resolvedVersion: bundle.resolvedVersion ?? ""
-  };
-}
-function encodeLitmusAttestation(bundle, reportCID) {
-  const f = litmusFields(bundle, reportCID);
-  return AbiCoder.defaultAbiCoder().encode(
-    [...LITMUS_ABI_TYPES],
-    [
-      f.serverRef,
-      f.toolDefsFingerprint,
-      f.gradeC01,
-      f.gradeC02,
-      f.gradeC03,
-      f.overallGrade,
-      f.reportCID,
-      f.methodologyVersion,
-      f.ranAt,
-      f.resolvedVersion
-    ]
-  );
-}
-function decodeLitmusAttestation(encoded) {
-  const values = AbiCoder.defaultAbiCoder().decode([...LITMUS_ABI_TYPES], encoded);
-  const out = {};
-  LITMUS_ABI_NAMES.forEach((name, i) => {
-    out[name] = values[i];
-  });
-  return out;
-}
-// ../onchain/src/read.ts
-import { Contract, JsonRpcProvider, ZeroHash } from "ethers";
-var EAS_ABI = [
-  "function getAttestation(bytes32 uid) view returns ((bytes32 uid, bytes32 schema, uint64 time, uint64 expirationTime, uint64 revocationTime, bytes32 refUID, address recipient, address attester, bool revocable, bytes data))"
-];
-function litmusSchemaUID() {
-  const uid = process.env.NEXT_PUBLIC_EAS_SCHEMA_UID;
-  if (!uid) throw new Error("NEXT_PUBLIC_EAS_SCHEMA_UID is required \u2014 register the schema first.");
-  return uid;
-}
-async function readAttestation(uid) {
-  const cfg = networkConfig();
-  const provider = new JsonRpcProvider(rpcUrl(), cfg.chainId);
-  const eas = new Contract(cfg.eas, EAS_ABI, provider);
-  const att = await eas.getAttestation(uid);
-  if (!att || att.uid === ZeroHash) return null;
-  if (String(att.schema).toLowerCase() !== litmusSchemaUID().toLowerCase()) return null;
-  const d = decodeLitmusAttestation(att.data);
-  return {
-    uid: att.uid,
-    serverRef: String(d.serverRef),
-    toolDefsFingerprint: String(d.toolDefsFingerprint),
-    overallGrade: String(d.overallGrade),
-    reportCID: String(d.reportCID),
-    resolvedVersion: d.resolvedVersion || null,
-    revoked: att.revocationTime > 0n,
-    attester: String(att.attester),
-    expirationTime: BigInt(att.expirationTime ?? 0n)
-  };
-}
-// src/tools/run-litmus.ts
-import { z } from "zod";
-var RUN_LITMUS_TOOL_NAME = "run_litmus";
-var RUN_LITMUS_TOOL_TITLE = "Run a behavioral litmus on an MCP server";
-var RUN_LITMUS_TOOL_DESCRIPTION = [
-  `Grade an MCP server A\u2013F against the open behavioral litmus (${METHODOLOGY_VERSION}).`,
-  "The harness connects the way an agent would, fingerprints the tool surface, and",
-  "runs four checks: C-01 tool-output injection, C-02 permission/egress overreach",
-  "(egress in a hardened default-deny Docker sandbox, plus a declared-permission",
-  "honesty check), C-03 sensitive-data handling (planted canaries), and C-04",
-  "adversarial-input handling (malformed/oversized and jailbreak inputs).",
-  "",
-  "This is ACTIVE: it launches the target server's code to exercise it (egress-",
-  "sandboxed when Docker is available) and takes ~20\u201360s. It is not a lookup \u2014 for",
-  "a server's already-published grade, use `verify_attestation`. No wallet or RPC",
-  "needed.",
-  "",
-  "server_ref examples: npm/@modelcontextprotocol/server-filesystem \xB7",
-  "https://example.com/mcp \xB7 ./build/index.js. For a token-gated https:// target,",
-  "pass `bearer`. If Docker is unavailable, C-02 is skipped and the grade is capped",
-  "at B for that run."
-].join("\n");
-var runLitmusInputShape = {
-  server_ref: z.string().min(1).max(512).describe("What to grade: a registry ref (npm/@scope/server), an https:// MCP URL, or a local path to an MCP entry file."),
-  bearer: z.string().min(1).max(8192).optional().describe("Bearer token for a token-gated https:// MCP server. Sent as `Authorization: Bearer <token>` to the target origin only. Ignored for stdio/local targets."),
-  header: z.array(z.string()).max(20).optional().describe('Extra HTTP headers for a gated https:// target, each "Key: Value" (e.g. "X-Api-Key: \u2026"). Overrides the bearer-derived Authorization for the same key. Ignored for stdio/local targets.')
-};
-var PROGRESS_TOTAL = 5;
-async function handleRunLitmus({ server_ref, bearer, header }, extra) {
-  try {
-    const argv = [
-      ...bearer ? ["--bearer", bearer] : [],
-      ...(header ?? []).flatMap((h) => ["--header", h])
-    ];
-    const { headers } = parseAuthFlags(argv, {});
-    const progressToken = extra._meta?.progressToken;
-    const sendProgress = progressToken !== void 0 ? (progress, message) => void extra.sendNotification({
-      method: "notifications/progress",
-      params: { progressToken, progress, total: PROGRESS_TOTAL, message }
-    }) : void 0;
-    sendProgress?.(0, `Connecting to ${server_ref}\u2026`);
-    const bundle = await runLitmus(resolveTarget(server_ref), {
-      ...Object.keys(headers).length ? { headers } : {},
-      ...sendProgress ? { onProgress: (done, _total, label) => sendProgress(done, label) } : {}
-    });
-    const payload = summarize(bundle);
-    return { content: [{ type: "text", text: JSON.stringify(payload, null, 2) }] };
-  } catch (err) {
-    const message = err instanceof Error ? err.message : String(err);
-    return { isError: true, content: [{ type: "text", text: `run_litmus failed: ${message}` }] };
-  }
-}
-var CATEGORY_LABEL = {
-  "C-01": "tool-output injection",
-  "C-02": "permission / egress overreach",
-  "C-03": "sensitive-data handling",
-  "C-04": "adversarial-input handling"
-};
-function summarize(b) {
-  const find = (code) => b.categories.find((c) => c.code === code);
-  const categories = ["C-01", "C-02", "C-03", "C-04"].map((code) => {
-    const c = find(code);
-    const findings = c?.status === "fail" ? c.probes.flatMap((p) => p.findings).filter((f) => f.severity === "high").slice(0, 5).map((f) => ({ tool: f.tool, kind: f.kind, match: truncate(f.match, 120), host: f.host, port: f.port })) : [];
-    return { code, check: CATEGORY_LABEL[code], status: c?.status ?? "unknown", reason: c?.reason ?? null, findings };
-  });
-  return {
-    grade: b.grade,
-    summary: b.gradeRationale,
-    serverRef: b.serverRef,
-    resolvedVersion: b.resolvedVersion,
-    fingerprint: b.toolDefsFingerprint,
-    ranAt: b.ranAt,
-    methodologyVersion: b.methodologyVersion,
-    categories
-  };
-}
-function truncate(s, n) {
-  return s.length > n ? `${s.slice(0, n)}\u2026` : s;
-}
-export {
-  NETWORKS,
-  selectedNetwork,
-  networkConfig,
-  rpcUrl,
-  LITMUS_SCHEMA,
-  litmusFields,
-  encodeLitmusAttestation,
-  decodeLitmusAttestation,
-  litmusSchemaUID,
-  readAttestation,
-  RUN_LITMUS_TOOL_NAME,
-  RUN_LITMUS_TOOL_TITLE,
-  RUN_LITMUS_TOOL_DESCRIPTION,
-  runLitmusInputShape,
-  handleRunLitmus
-};

package/dist/src-RSTPCEYU.js DELETED Viewed

@@ -1,31 +0,0 @@
-import {
-  assembleBundle,
-  canaryMatch,
-  classifyTool,
-  connectTarget,
-  fingerprintToolDefs,
-  gradeFromCategories,
-  hasHighSeverity,
-  instructionMimicry,
-  internalsLeak,
-  invisibleUnicode,
-  markdownTricks,
-  runLitmus,
-  stateChangingToolNames
-} from "./chunk-35UOPCBW.js";
-import "./chunk-ZR6XRGMQ.js";
-export {
-  assembleBundle,
-  canaryMatch,
-  classifyTool,
-  connectTarget,
-  fingerprintToolDefs,
-  gradeFromCategories,
-  hasHighSeverity,
-  instructionMimicry,
-  internalsLeak,
-  invisibleUnicode,
-  markdownTricks,
-  runLitmus,
-  stateChangingToolNames
-};