npm - @securityreviewai/securityreview-kit - Versions diffs - 0.1.46 → 0.1.47 - Mend

@securityreviewai/securityreview-kit 0.1.46 → 0.1.47

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (11) hide show

package/package.json +1 -1
package/src/generators/mcp/claude.js +12 -0
package/src/generators/mcp/claude.test.js +5 -0
package/src/generators/mcp/codex.js +1 -0
package/src/generators/mcp/codex.test.js +1 -0
package/src/generators/mcp/cursor.js +2 -0
package/src/generators/mcp/cursor.test.js +50 -0
package/src/generators/mcp/vscode.js +19 -0
package/src/generators/mcp/vscode.test.js +21 -0
package/src/generators/rules/cursor.js +6 -32
package/src/utils/cursor-cli-permissions.js +28 -0

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "@securityreviewai/securityreview-kit",
-  "version": "0.1.46",
+  "version": "0.1.47",
   "description": "Bootstrap security-review-mcp for AI IDEs and CLI tools",
   "author": "Debarshi Das <debarshi.das@we45.com>",
   "license": "UNLICENSED",

package/src/generators/mcp/claude.js CHANGED Viewed

@@ -2,6 +2,8 @@ import { join } from 'node:path';
 import { readJson, writeJson } from '../../utils/fs-helpers.js';
 import { MCP_SERVER_NAME, MCP_SERVER_PACKAGE } from '../../utils/constants.js';
+const CLAUDE_MCP_PERMISSION = `mcp__${MCP_SERVER_NAME}`;
 function getClaudeSessionStartHooks() {
     const prompt = [
         'MANDATORY SECURITY GATE (Claude Code Session Policy)',
@@ -59,6 +61,16 @@ export function generate(cwd, envVars) {
         existing.enabledMcpjsonServers = [...enabledServers, MCP_SERVER_NAME];
     }
+    if (!existing.permissions || typeof existing.permissions !== 'object' || Array.isArray(existing.permissions)) {
+        existing.permissions = {};
+    }
+    const allowedTools = Array.isArray(existing.permissions.allow)
+        ? existing.permissions.allow.filter((entry) => typeof entry === 'string' && entry.trim())
+        : [];
+    if (!allowedTools.includes(CLAUDE_MCP_PERMISSION)) {
+        existing.permissions.allow = [...allowedTools, CLAUDE_MCP_PERMISSION];
+    }
     const existingSessionStart = Array.isArray(existing.SessionStart) ? existing.SessionStart : [];
     const marker = 'MANDATORY SECURITY GATE (Claude Code Session Policy)';
     const ours = getClaudeSessionStartHooks();

package/src/generators/mcp/claude.test.js CHANGED Viewed

@@ -17,6 +17,7 @@ test('Claude MCP generator writes .mcp.json, enables the project MCP server, and
     const settings = JSON.parse(readFileSync(join(cwd, '.claude', 'settings.json'), 'utf8'));
     assert.equal(mcpConfig.mcpServers['security-review-mcp'].command, 'npx');
     assert.deepEqual(settings.enabledMcpjsonServers, ['security-review-mcp']);
+    assert.deepEqual(settings.permissions.allow, ['mcp__security-review-mcp']);
     assert.equal(Array.isArray(settings.SessionStart), true);
     assert.match(settings.SessionStart[0].hooks[0].prompt, /MANDATORY SECURITY GATE/);
     assert.match(settings.SessionStart[0].hooks[0].prompt, /vibereview\//);
@@ -39,6 +40,9 @@ test('Claude MCP generator preserves existing SessionStart hooks', () => {
                         hooks: [{ type: 'prompt', prompt: 'Existing hook' }],
                     },
                 ],
+                permissions: {
+                    allow: ['Bash(npm run test:*)'],
+                },
             },
             null,
             2,
@@ -56,4 +60,5 @@ test('Claude MCP generator preserves existing SessionStart hooks', () => {
     assert.match(config.SessionStart[0].hooks[0].prompt, /Existing hook/);
     assert.match(config.SessionStart[1].hooks[0].prompt, /MANDATORY SECURITY GATE/);
     assert.deepEqual(config.enabledMcpjsonServers, ['security-review-mcp']);
+    assert.deepEqual(config.permissions.allow, ['Bash(npm run test:*)', 'mcp__security-review-mcp']);
 });

package/src/generators/mcp/codex.js CHANGED Viewed

@@ -38,6 +38,7 @@ export function generate(cwd, envVars) {
 [mcp_servers.${MCP_SERVER_NAME}]
 command = "npx"
 args = ["-y", "${MCP_SERVER_PACKAGE}@latest"]
+default_tools_approval_mode = "approve"
 [mcp_servers.${MCP_SERVER_NAME}.env]
 SECURITY_REVIEW_API_URL = "${envVars.apiUrl}"

package/src/generators/mcp/codex.test.js CHANGED Viewed

@@ -16,6 +16,7 @@ test('Codex MCP generator enables hooks and writes MCP server block', () => {
     const config = readFileSync(join(cwd, '.codex/config.toml'), 'utf8');
     assert.match(config, /\[features\]\ncodex_hooks = true/);
     assert.match(config, /\[mcp_servers\.security-review-mcp\]/);
+    assert.match(config, /default_tools_approval_mode = "approve"/);
     assert.match(config, /SECURITY_REVIEW_API_URL = "https:\/\/example\.test"/);
 });

package/src/generators/mcp/cursor.js CHANGED Viewed

@@ -1,6 +1,7 @@
 import { join } from 'node:path';
 import { readJson, writeJson } from '../../utils/fs-helpers.js';
 import { MCP_SERVER_NAME, MCP_SERVER_PACKAGE } from '../../utils/constants.js';
+import { mergeCursorCliMcpAllowlist } from '../../utils/cursor-cli-permissions.js';
 /**
  * Generate Cursor MCP config at .cursor/mcp.json
@@ -23,5 +24,6 @@ export function generate(cwd, envVars) {
     };
     writeJson(filePath, existing);
+    mergeCursorCliMcpAllowlist(cwd);
     return filePath;
 }

package/src/generators/mcp/cursor.test.js ADDED Viewed

@@ -0,0 +1,50 @@
+import { mkdirSync, mkdtempSync, readFileSync, writeFileSync } from 'node:fs';
+import { tmpdir } from 'node:os';
+import { join } from 'node:path';
+import { test } from 'node:test';
+import assert from 'node:assert/strict';
+import { generate } from './cursor.js';
+test('Cursor MCP generator writes server config and CLI MCP allow rule', () => {
+    const cwd = mkdtempSync(join(tmpdir(), 'securityreview-kit-cursor-mcp-'));
+    generate(cwd, {
+        apiUrl: 'https://example.test',
+        apiToken: 'secret-token',
+    });
+    const mcpConfig = JSON.parse(readFileSync(join(cwd, '.cursor', 'mcp.json'), 'utf8'));
+    const cliConfig = JSON.parse(readFileSync(join(cwd, '.cursor', 'cli.json'), 'utf8'));
+    assert.equal(mcpConfig.mcpServers['security-review-mcp'].command, 'npx');
+    assert.deepEqual(cliConfig.permissions.allow, ['Mcp(security-review-mcp:*)']);
+    assert.deepEqual(cliConfig.permissions.deny, []);
+});
+test('Cursor MCP generator preserves existing CLI permissions', () => {
+    const cwd = mkdtempSync(join(tmpdir(), 'securityreview-kit-cursor-mcp-merge-'));
+    const cliPath = join(cwd, '.cursor', 'cli.json');
+    mkdirSync(join(cwd, '.cursor'), { recursive: true });
+    writeFileSync(
+        cliPath,
+        JSON.stringify(
+            {
+                permissions: {
+                    allow: ['Shell(git)'],
+                    deny: ['Shell(rm)'],
+                },
+            },
+            null,
+            2,
+        ),
+        'utf8',
+    );
+    generate(cwd, {
+        apiUrl: 'https://example.test',
+        apiToken: 'secret-token',
+    });
+    const cliConfig = JSON.parse(readFileSync(cliPath, 'utf8'));
+    assert.deepEqual(cliConfig.permissions.allow, ['Shell(git)', 'Mcp(security-review-mcp:*)']);
+    assert.deepEqual(cliConfig.permissions.deny, ['Shell(rm)']);
+});

package/src/generators/mcp/vscode.js CHANGED Viewed

@@ -2,6 +2,19 @@ import { join } from 'node:path';
 import { readJson, writeJson } from '../../utils/fs-helpers.js';
 import { MCP_SERVER_NAME, MCP_SERVER_PACKAGE } from '../../utils/constants.js';
+function getSandboxAllowedDomains(apiUrl) {
+    const domains = ['registry.npmjs.org'];
+    try {
+        const hostname = new URL(apiUrl).hostname;
+        if (hostname) {
+            domains.push(hostname);
+        }
+    } catch {
+        // Keep the documented sandbox shape even if the URL is supplied later through another workflow.
+    }
+    return [...new Set(domains)];
+}
 /**
  * Generate VS Code Copilot MCP config at .vscode/mcp.json
  * Uses the VS Code input variable pattern for secure credential prompting.
@@ -22,6 +35,12 @@ export function generate(cwd, envVars) {
             SECURITY_REVIEW_API_URL: envVars.apiUrl,
             SECURITY_REVIEW_API_TOKEN: envVars.apiToken,
         },
+        sandboxEnabled: true,
+        sandbox: {
+            network: {
+                allowedDomains: getSandboxAllowedDomains(envVars.apiUrl),
+            },
+        },
     };
     writeJson(filePath, existing);

package/src/generators/mcp/vscode.test.js ADDED Viewed

@@ -0,0 +1,21 @@
+import { mkdtempSync, readFileSync } from 'node:fs';
+import { tmpdir } from 'node:os';
+import { join } from 'node:path';
+import { test } from 'node:test';
+import assert from 'node:assert/strict';
+import { generate } from './vscode.js';
+test('VS Code MCP generator enables sandbox auto-approval for the SRAI server', () => {
+    const cwd = mkdtempSync(join(tmpdir(), 'securityreview-kit-vscode-mcp-'));
+    generate(cwd, {
+        apiUrl: 'https://api.example.test/v1',
+        apiToken: 'secret-token',
+    });
+    const config = JSON.parse(readFileSync(join(cwd, '.vscode', 'mcp.json'), 'utf8'));
+    const server = config.servers['security-review-mcp'];
+    assert.equal(server.type, 'stdio');
+    assert.equal(server.sandboxEnabled, true);
+    assert.deepEqual(server.sandbox.network.allowedDomains, ['registry.npmjs.org', 'api.example.test']);
+});

package/src/generators/rules/cursor.js CHANGED Viewed

@@ -3,11 +3,11 @@ import { join } from 'node:path';
 import {
     GUARDRAILS_PROFILER_SKILL_REL_DIR,
     GUARDRAILS_SELECTION_SKILL_REL_DIR,
-    MCP_SERVER_NAME,
     THREAT_MODELLING_SKILL_REL_DIR,
     VIBEREVIEW_SYNC_SKILL_REL_DIR,
 } from '../../utils/constants.js';
-import { readJson, writeJson, writeText } from '../../utils/fs-helpers.js';
+import { writeText } from '../../utils/fs-helpers.js';
+import { mergeCursorCliMcpAllowlist } from '../../utils/cursor-cli-permissions.js';
 import {
     getRuleContent,
     getProfileCommandContent,
@@ -46,34 +46,6 @@ function removeGeneratedText(filePath) {
     return null;
 }
-/**
- * Merge `.cursor/cli.json` so Cursor CLI / Agent auto-allows security-review-mcp tools (no MCP approval prompts).
- * @see https://cursor.com/docs/cli/reference/permissions
- */
-function mergeCursorCliMcpAllowlist(cwd) {
-    const cliPath = join(cwd, '.cursor', 'cli.json');
-    const existed = existsSync(cliPath);
-    const existing = readJson(cliPath) || {};
-    if (!existing.permissions || typeof existing.permissions !== 'object') {
-        existing.permissions = {};
-    }
-    if (!Array.isArray(existing.permissions.allow)) {
-        existing.permissions.allow = [];
-    }
-    const token = `Mcp(${MCP_SERVER_NAME}:*)`;
-    if (!existing.permissions.allow.includes(token)) {
-        existing.permissions.allow.push(token);
-    }
-    // Cursor CLI schema requires permissions.deny to be a string[] (may be empty).
-    // @see https://cursor.com/docs/cli/reference/configuration
-    if (!Array.isArray(existing.permissions.deny)) {
-        existing.permissions.deny = [];
-    }
-    writeJson(cliPath, existing);
-    const action = existed ? 'updated' : 'created';
-    return { filePath: cliPath, action };
-}
 /**
  * Generate Cursor workspace rules at .cursor/rules/*.mdc
  * Cursor uses .mdc format with YAML front matter.
@@ -135,7 +107,9 @@ export function generate(cwd, options = {}) {
     const hooksAction = existsSync(hooksPath) ? 'updated' : 'created';
     writeText(hooksPath, hooksContent);
-    const cliPermissions = mergeCursorCliMcpAllowlist(cwd);
+    const cursorCliPath = join(cwd, '.cursor', 'cli.json');
+    const cliPermissionsExisted = existsSync(cursorCliPath);
+    mergeCursorCliMcpAllowlist(cwd);
     return [
         { ...baseRule, kind: 'rule' },
@@ -145,7 +119,7 @@ export function generate(cwd, options = {}) {
         { filePath: skillPath, action: skillAction, kind: 'skill' },
         { filePath: vibereviewSyncSkillPath, action: vibereviewSyncSkillAction, kind: 'skill' },
         { filePath: hooksPath, action: hooksAction, kind: 'hooks' },
-        { ...cliPermissions, kind: 'config' },
+        { filePath: cursorCliPath, action: cliPermissionsExisted ? 'updated' : 'created', kind: 'config' },
         ...(deletedLegacyRule ? [{ ...deletedLegacyRule, kind: 'cleanup' }] : []),
         ...(deletedLegacyCommand ? [{ ...deletedLegacyCommand, kind: 'cleanup' }] : []),
         ...(deletedLegacyAgent ? [{ ...deletedLegacyAgent, kind: 'cleanup' }] : []),

package/src/utils/cursor-cli-permissions.js ADDED Viewed

@@ -0,0 +1,28 @@
+import { join } from 'node:path';
+import { MCP_SERVER_NAME } from './constants.js';
+import { readJson, writeJson } from './fs-helpers.js';
+/**
+ * Merge project-level Cursor CLI permissions so cursor-agent can use the SRAI MCP tools.
+ * @see https://docs.cursor.com/cli/reference/configuration
+ * @see https://docs.cursor.com/cli/reference/permissions
+ */
+export function mergeCursorCliMcpAllowlist(cwd) {
+    const cliPath = join(cwd, '.cursor', 'cli.json');
+    const existing = readJson(cliPath) || {};
+    if (!existing.permissions || typeof existing.permissions !== 'object' || Array.isArray(existing.permissions)) {
+        existing.permissions = {};
+    }
+    if (!Array.isArray(existing.permissions.allow)) {
+        existing.permissions.allow = [];
+    }
+    const token = `Mcp(${MCP_SERVER_NAME}:*)`;
+    if (!existing.permissions.allow.includes(token)) {
+        existing.permissions.allow.push(token);
+    }
+    if (!Array.isArray(existing.permissions.deny)) {
+        existing.permissions.deny = [];
+    }
+    writeJson(cliPath, existing);
+    return cliPath;
+}