@rigour-labs/mcp 5.2.7 → 5.2.9

package/dist/index.js

@@ -79,6 +79,10 @@ server.setRequestHandler(CallToolRequestSchema, async (request) => {
     const requestId = randomUUID();
     try {
         await logStudioEvent(cwd, { type: "tool_call", requestId, tool: name, arguments: args });
+        // ── Image DLP warning ──────────────────────────────
+        // MCP args may contain base64 image data. Text DLP cannot scan images.
+        const argsStr = JSON.stringify(args ?? {});
+        const hasImageContent = /data:image\/|base64,[A-Za-z0-9+/=]{100,}/.test(argsStr);
         const config = await loadConfig(cwd);
         const runner = new GateRunner(config);
         let result;
@@ -131,7 +135,7 @@ server.setRequestHandler(CallToolRequestSchema, async (request) => {
                 break;
             // Pattern intelligence
             case "rigour_check_pattern":
-                result = await handleCheckPattern(cwd, args.name, args.type, args.intent);
+                result = await handleCheckPattern(cwd, args.name, args.type, args.intent, args.file);
                 break;
             case "rigour_security_audit":
                 result = await handleSecurityAudit(cwd);
@@ -188,6 +192,13 @@ server.setRequestHandler(CallToolRequestSchema, async (request) => {
             default:
                 throw new Error(`Unknown tool: ${name}`);
         }
+        // ── Prepend image DLP warning if image content was detected ──
+        if (hasImageContent && Array.isArray(result.content)) {
+            result.content.unshift({
+                type: "text",
+                text: "⚠ DLP Notice: Image content detected in this request. Text-based credential scanning cannot analyze images. Avoid sharing screenshots containing API keys, tokens, or passwords.",
+            });
+        }
         await logStudioEvent(cwd, {
             type: "tool_response", requestId, tool: name, status: "success",
             content: result.content, _rigour_report: result._rigour_report,

package/dist/tools/definitions.d.ts

@@ -182,6 +182,10 @@ export declare const TOOL_DEFINITIONS: ({
                 type: string;
                 description: string;
             };
+            file: {
+                type: string;
+                description: string;
+            };
             cwd: {
                 type: "string";
                 description: string;

package/dist/tools/definitions.js

@@ -231,7 +231,7 @@ export const TOOL_DEFINITIONS = [
     // ─── Pattern Intelligence ─────────────────────────────
     {
         name: "rigour_check_pattern",
-        description: "CALL THIS BEFORE creating any new function, component, hook, or class. Checks if it already exists in the codebase (prevents duplication), and checks for known security vulnerabilities. Pass the name and type of what you plan to create.",
+        description: "CALL THIS BEFORE creating any new function, component, hook, or class. Checks if it already exists in the codebase (prevents duplication), checks for known security vulnerabilities, and BLOCKS writes to protected paths (.github/, CI/CD configs, rigour.yml). Always pass the target file path.",
         inputSchema: {
             type: "object",
             properties: {
@@ -239,6 +239,7 @@ export const TOOL_DEFINITIONS = [
                 name: { type: "string", description: "The name of the function, class, or component you want to create." },
                 type: { type: "string", description: "The type of pattern (e.g., 'function', 'component', 'hook', 'type')." },
                 intent: { type: "string", description: "What the code is for (e.g., 'format dates', 'user authentication')." },
+                file: { type: "string", description: "Target file path (relative to cwd) where the code will be written. Used to enforce protected path rules — writes to .github/, rigour.yml, etc. will be BLOCKED." },
             },
             required: ["cwd", "name"],
         },

package/dist/tools/pattern-handlers.d.ts

@@ -4,6 +4,6 @@ type ToolResult = {
         text: string;
     }[];
 };
-export declare function handleCheckPattern(cwd: string, patternName: string, type?: string, intent?: string): Promise<ToolResult>;
+export declare function handleCheckPattern(cwd: string, patternName: string, type?: string, intent?: string, file?: string): Promise<ToolResult>;
 export declare function handleSecurityAudit(cwd: string): Promise<ToolResult>;
 export {};

package/dist/tools/pattern-handlers.js

@@ -5,13 +5,59 @@
  *
  * @since v2.17.0 — extracted from monolithic index.ts
  */
+import path from "path";
+import yaml from "yaml";
+import fs from "fs-extra";
 import { PatternMatcher, loadPatternIndex, getDefaultIndexPath, StalenessDetector, SecurityDetector, } from "@rigour-labs/core/pattern-index";
+import { ConfigSchema } from "@rigour-labs/core";
 import { notifyProgress } from '../utils/notifications.js';
-export async function handleCheckPattern(cwd, patternName, type, intent) {
-    const indexPath = getDefaultIndexPath(cwd);
-    const index = await loadPatternIndex(indexPath);
+/**
+ * Check if a file path is protected by safety.protected_paths in rigour.yml.
+ * Returns the matched pattern or null.
+ */
+async function checkFileGuard(cwd, filePath) {
+    const configPath = path.join(cwd, 'rigour.yml');
+    let protectedPaths = [];
+    try {
+        if (await fs.pathExists(configPath)) {
+            const raw = yaml.parse(await fs.readFile(configPath, 'utf-8'));
+            const config = ConfigSchema.parse(raw);
+            protectedPaths = config.gates.safety?.protected_paths ?? [];
+        }
+    }
+    catch {
+        // Default protected paths if no config
+        protectedPaths = ['.github/**', 'rigour.yml'];
+    }
+    if (protectedPaths.length === 0)
+        return null;
+    const normalized = filePath.replace(/\\/g, '/');
+    return protectedPaths.find(pattern => {
+        const clean = pattern.replace('/**', '').replace('/*', '');
+        if (normalized === clean)
+            return true;
+        if (clean.endsWith('/'))
+            return normalized.startsWith(clean);
+        return normalized.startsWith(clean + '/');
+    }) ?? null;
+}
+export async function handleCheckPattern(cwd, patternName, type, intent, file) {
     let resultText = "";
+    // 0. File Guard — BLOCK writes to protected paths
+    if (file) {
+        const matched = await checkFileGuard(cwd, file);
+        if (matched) {
+            notifyProgress("error", `BLOCKED: Write to protected path ${file}`);
+            resultText = `🛑 BLOCKED: You CANNOT write to "${file}".\n`;
+            resultText += `This path matches protected pattern "${matched}" in rigour.yml.\n`;
+            resultText += `CI/CD pipelines, governance configs, and protected docs require human review.\n\n`;
+            resultText += `RECOMMENDED ACTION: STOP. Do not create or modify this file. Ask the human to make this change manually.`;
+            return { content: [{ type: "text", text: resultText }] };
+        }
+    }
     // 1. Check for Reinvention
+    const indexPath = getDefaultIndexPath(cwd);
+    const index = await loadPatternIndex(indexPath);
     if (index) {
         const matcher = new PatternMatcher(index);
         const matchResult = await matcher.match({ name: patternName, type, intent });

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@rigour-labs/mcp",
-  "version": "5.2.7",
+  "version": "5.2.9",
   "description": "MCP server + live dashboard for AI code governance — OWASP LLM Top 10 (10/10), real-time MCP App UI, 25+ security patterns, Bayesian learning Brain, hallucinated import detection, multi-agent governance. Works with Claude, Cursor, VS Code, ChatGPT, Goose, Windsurf. Industry presets for HIPAA, SOC2, FedRAMP.",
   "license": "MIT",
   "homepage": "https://rigour.run",
@@ -62,7 +62,7 @@
     "execa": "^8.0.1",
     "fs-extra": "^11.2.0",
     "yaml": "^2.8.2",
-    "@rigour-labs/core": "5.2.7"
+    "@rigour-labs/core": "5.2.9"
   },
   "devDependencies": {
     "@types/node": "^25.0.3",