@securityreviewai/security-review-mcp 0.2.14 → 0.2.15

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (3) hide show
  1. package/dist/api/client.js +10 -1
  2. package/dist/tools/workflowTools.js +4 -2
  3. package/package.json +1 -1
package/dist/api/client.js CHANGED
@@ -179,7 +179,16 @@ export class SraiApiClient {
179
179
  });
180
180
  }
181
181
  async getGuardrails(projectId) {
182
- return this.request("GET", `/api/projects/${projectId}/vibe-guardrails/`);
182
+ const path = `/api/projects/${projectId}/vibe-guardrails`;
183
+ try {
184
+ return await this.request("GET", path);
185
+ }
186
+ catch (error) {
187
+ if (error instanceof SraiApiError && error.statusCode === 404) {
188
+ return this.request("GET", `${path}/`);
189
+ }
190
+ throw error;
191
+ }
183
192
  }
184
193
  async listDocuments(projectId) {
185
194
  return this.request("GET", `/api/projects/${projectId}/documents`);
package/dist/tools/workflowTools.js CHANGED
@@ -26,7 +26,7 @@ export function registerWorkflowTools(server) {
26
26
  },
27
27
  }, async ({ project_id, name, description }) => runTool(async () => getApiClient().createAiIdeWorkflow(project_id, name, description)));
28
28
  server.registerTool("create_ai_ide_event", {
29
- description: "Create an AI IDE event under an existing AI IDE workflow. Include summary, developer details, mitigated threats (each threat must include severity: critical/high/medium/low), best practices, secure snippets, and optional event metadata.",
29
+ description: "Create an AI IDE event under an existing AI IDE workflow. Include summary, developer details, mitigated threats (each threat must include severity: critical/high/medium/low), best practices, secure snippets, applied guardrails, and optional event metadata.",
30
30
  inputSchema: {
31
31
  project_id: z.number().int(),
32
32
  workflow_id: z.number().int(),
@@ -44,9 +44,10 @@ export function registerWorkflowTools(server) {
44
44
  .default([]),
45
45
  best_practices_achieved: z.array(z.object({}).catchall(z.unknown())).default([]),
46
46
  secure_code_snippets: z.array(z.object({}).catchall(z.unknown())).default([]),
47
+ guardrails_applied: z.array(z.object({}).catchall(z.unknown())).default([]),
47
48
  event_metadata: z.record(z.string(), z.unknown()).default({}),
48
49
  },
49
- }, async ({ project_id, workflow_id, external_id, title, summary, developer_name, developer_email, threats_mitigated, best_practices_achieved, secure_code_snippets, event_metadata, }) => runTool(async () => getApiClient().createAiIdeEvent(project_id, workflow_id, {
50
+ }, async ({ project_id, workflow_id, external_id, title, summary, developer_name, developer_email, threats_mitigated, best_practices_achieved, secure_code_snippets, guardrails_applied, event_metadata, }) => runTool(async () => getApiClient().createAiIdeEvent(project_id, workflow_id, {
50
51
  external_id,
51
52
  title,
52
53
  summary,
@@ -55,6 +56,7 @@ export function registerWorkflowTools(server) {
55
56
  threats_mitigated,
56
57
  best_practices_achieved,
57
58
  secure_code_snippets,
59
+ guardrails_applied,
58
60
  event_metadata,
59
61
  })));
60
62
  server.registerTool("start_workflow", {
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "@securityreviewai/security-review-mcp",
3
- "version": "0.2.14",
3
+ "version": "0.2.15",
4
4
  "description": "Security Review MCP server (pure Node/TypeScript, npx-ready)",
5
5
  "license": "UNLICENSED",
6
6
  "private": false,