@securityreviewai/securityreview-kit 0.1.46 → 0.1.48

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@securityreviewai/securityreview-kit",
-  "version": "0.1.46",
+  "version": "0.1.48",
   "description": "Bootstrap security-review-mcp for AI IDEs and CLI tools",
   "author": "Debarshi Das <debarshi.das@we45.com>",
   "license": "UNLICENSED",

package/src/generators/mcp/claude.js

@@ -2,6 +2,8 @@ import { join } from 'node:path';
 import { readJson, writeJson } from '../../utils/fs-helpers.js';
 import { MCP_SERVER_NAME, MCP_SERVER_PACKAGE } from '../../utils/constants.js';
 
+const CLAUDE_MCP_PERMISSION = `mcp__${MCP_SERVER_NAME}`;
+
 function getClaudeSessionStartHooks() {
     const prompt = [
         'MANDATORY SECURITY GATE (Claude Code Session Policy)',
@@ -59,6 +61,16 @@ export function generate(cwd, envVars) {
         existing.enabledMcpjsonServers = [...enabledServers, MCP_SERVER_NAME];
     }
 
+    if (!existing.permissions || typeof existing.permissions !== 'object' || Array.isArray(existing.permissions)) {
+        existing.permissions = {};
+    }
+    const allowedTools = Array.isArray(existing.permissions.allow)
+        ? existing.permissions.allow.filter((entry) => typeof entry === 'string' && entry.trim())
+        : [];
+    if (!allowedTools.includes(CLAUDE_MCP_PERMISSION)) {
+        existing.permissions.allow = [...allowedTools, CLAUDE_MCP_PERMISSION];
+    }
+
     const existingSessionStart = Array.isArray(existing.SessionStart) ? existing.SessionStart : [];
     const marker = 'MANDATORY SECURITY GATE (Claude Code Session Policy)';
     const ours = getClaudeSessionStartHooks();

package/src/generators/mcp/claude.test.js

@@ -17,6 +17,7 @@ test('Claude MCP generator writes .mcp.json, enables the project MCP server, and
     const settings = JSON.parse(readFileSync(join(cwd, '.claude', 'settings.json'), 'utf8'));
     assert.equal(mcpConfig.mcpServers['security-review-mcp'].command, 'npx');
     assert.deepEqual(settings.enabledMcpjsonServers, ['security-review-mcp']);
+    assert.deepEqual(settings.permissions.allow, ['mcp__security-review-mcp']);
     assert.equal(Array.isArray(settings.SessionStart), true);
     assert.match(settings.SessionStart[0].hooks[0].prompt, /MANDATORY SECURITY GATE/);
     assert.match(settings.SessionStart[0].hooks[0].prompt, /vibereview\//);
@@ -39,6 +40,9 @@ test('Claude MCP generator preserves existing SessionStart hooks', () => {
                         hooks: [{ type: 'prompt', prompt: 'Existing hook' }],
                     },
                 ],
+                permissions: {
+                    allow: ['Bash(npm run test:*)'],
+                },
             },
             null,
             2,
@@ -56,4 +60,5 @@ test('Claude MCP generator preserves existing SessionStart hooks', () => {
     assert.match(config.SessionStart[0].hooks[0].prompt, /Existing hook/);
     assert.match(config.SessionStart[1].hooks[0].prompt, /MANDATORY SECURITY GATE/);
     assert.deepEqual(config.enabledMcpjsonServers, ['security-review-mcp']);
+    assert.deepEqual(config.permissions.allow, ['Bash(npm run test:*)', 'mcp__security-review-mcp']);
 });

package/src/generators/mcp/codex.js

@@ -38,6 +38,7 @@ export function generate(cwd, envVars) {
 [mcp_servers.${MCP_SERVER_NAME}]
 command = "npx"
 args = ["-y", "${MCP_SERVER_PACKAGE}@latest"]
+default_tools_approval_mode = "approve"
 
 [mcp_servers.${MCP_SERVER_NAME}.env]
 SECURITY_REVIEW_API_URL = "${envVars.apiUrl}"

package/src/generators/mcp/codex.test.js

@@ -16,6 +16,7 @@ test('Codex MCP generator enables hooks and writes MCP server block', () => {
     const config = readFileSync(join(cwd, '.codex/config.toml'), 'utf8');
     assert.match(config, /\[features\]\ncodex_hooks = true/);
     assert.match(config, /\[mcp_servers\.security-review-mcp\]/);
+    assert.match(config, /default_tools_approval_mode = "approve"/);
     assert.match(config, /SECURITY_REVIEW_API_URL = "https:\/\/example\.test"/);
 });
 

package/src/generators/mcp/cursor.js

@@ -1,6 +1,7 @@
 import { join } from 'node:path';
 import { readJson, writeJson } from '../../utils/fs-helpers.js';
 import { MCP_SERVER_NAME, MCP_SERVER_PACKAGE } from '../../utils/constants.js';
+import { mergeCursorCliMcpAllowlist } from '../../utils/cursor-cli-permissions.js';
 
 /**
  * Generate Cursor MCP config at .cursor/mcp.json
@@ -23,5 +24,6 @@ export function generate(cwd, envVars) {
     };
 
     writeJson(filePath, existing);
+    mergeCursorCliMcpAllowlist(cwd);
     return filePath;
 }

package/src/generators/mcp/cursor.test.js

@@ -0,0 +1,50 @@
+import { mkdirSync, mkdtempSync, readFileSync, writeFileSync } from 'node:fs';
+import { tmpdir } from 'node:os';
+import { join } from 'node:path';
+import { test } from 'node:test';
+import assert from 'node:assert/strict';
+import { generate } from './cursor.js';
+
+test('Cursor MCP generator writes server config and CLI MCP allow rule', () => {
+    const cwd = mkdtempSync(join(tmpdir(), 'securityreview-kit-cursor-mcp-'));
+
+    generate(cwd, {
+        apiUrl: 'https://example.test',
+        apiToken: 'secret-token',
+    });
+
+    const mcpConfig = JSON.parse(readFileSync(join(cwd, '.cursor', 'mcp.json'), 'utf8'));
+    const cliConfig = JSON.parse(readFileSync(join(cwd, '.cursor', 'cli.json'), 'utf8'));
+    assert.equal(mcpConfig.mcpServers['security-review-mcp'].command, 'npx');
+    assert.deepEqual(cliConfig.permissions.allow, ['Mcp(security-review-mcp:*)']);
+    assert.deepEqual(cliConfig.permissions.deny, []);
+});
+
+test('Cursor MCP generator preserves existing CLI permissions', () => {
+    const cwd = mkdtempSync(join(tmpdir(), 'securityreview-kit-cursor-mcp-merge-'));
+    const cliPath = join(cwd, '.cursor', 'cli.json');
+    mkdirSync(join(cwd, '.cursor'), { recursive: true });
+    writeFileSync(
+        cliPath,
+        JSON.stringify(
+            {
+                permissions: {
+                    allow: ['Shell(git)'],
+                    deny: ['Shell(rm)'],
+                },
+            },
+            null,
+            2,
+        ),
+        'utf8',
+    );
+
+    generate(cwd, {
+        apiUrl: 'https://example.test',
+        apiToken: 'secret-token',
+    });
+
+    const cliConfig = JSON.parse(readFileSync(cliPath, 'utf8'));
+    assert.deepEqual(cliConfig.permissions.allow, ['Shell(git)', 'Mcp(security-review-mcp:*)']);
+    assert.deepEqual(cliConfig.permissions.deny, ['Shell(rm)']);
+});

package/src/generators/rules/cursor.js

@@ -3,11 +3,11 @@ import { join } from 'node:path';
 import {
     GUARDRAILS_PROFILER_SKILL_REL_DIR,
     GUARDRAILS_SELECTION_SKILL_REL_DIR,
-    MCP_SERVER_NAME,
     THREAT_MODELLING_SKILL_REL_DIR,
     VIBEREVIEW_SYNC_SKILL_REL_DIR,
 } from '../../utils/constants.js';
-import { readJson, writeJson, writeText } from '../../utils/fs-helpers.js';
+import { writeText } from '../../utils/fs-helpers.js';
+import { mergeCursorCliMcpAllowlist } from '../../utils/cursor-cli-permissions.js';
 import {
     getRuleContent,
     getProfileCommandContent,
@@ -46,34 +46,6 @@ function removeGeneratedText(filePath) {
     return null;
 }
 
-/**
- * Merge `.cursor/cli.json` so Cursor CLI / Agent auto-allows security-review-mcp tools (no MCP approval prompts).
- * @see https://cursor.com/docs/cli/reference/permissions
- */
-function mergeCursorCliMcpAllowlist(cwd) {
-    const cliPath = join(cwd, '.cursor', 'cli.json');
-    const existed = existsSync(cliPath);
-    const existing = readJson(cliPath) || {};
-    if (!existing.permissions || typeof existing.permissions !== 'object') {
-        existing.permissions = {};
-    }
-    if (!Array.isArray(existing.permissions.allow)) {
-        existing.permissions.allow = [];
-    }
-    const token = `Mcp(${MCP_SERVER_NAME}:*)`;
-    if (!existing.permissions.allow.includes(token)) {
-        existing.permissions.allow.push(token);
-    }
-    // Cursor CLI schema requires permissions.deny to be a string[] (may be empty).
-    // @see https://cursor.com/docs/cli/reference/configuration
-    if (!Array.isArray(existing.permissions.deny)) {
-        existing.permissions.deny = [];
-    }
-    writeJson(cliPath, existing);
-    const action = existed ? 'updated' : 'created';
-    return { filePath: cliPath, action };
-}
-
 /**
  * Generate Cursor workspace rules at .cursor/rules/*.mdc
  * Cursor uses .mdc format with YAML front matter.
@@ -135,7 +107,9 @@ export function generate(cwd, options = {}) {
     const hooksAction = existsSync(hooksPath) ? 'updated' : 'created';
     writeText(hooksPath, hooksContent);
 
-    const cliPermissions = mergeCursorCliMcpAllowlist(cwd);
+    const cursorCliPath = join(cwd, '.cursor', 'cli.json');
+    const cliPermissionsExisted = existsSync(cursorCliPath);
+    mergeCursorCliMcpAllowlist(cwd);
 
     return [
         { ...baseRule, kind: 'rule' },
@@ -145,7 +119,7 @@ export function generate(cwd, options = {}) {
         { filePath: skillPath, action: skillAction, kind: 'skill' },
         { filePath: vibereviewSyncSkillPath, action: vibereviewSyncSkillAction, kind: 'skill' },
         { filePath: hooksPath, action: hooksAction, kind: 'hooks' },
-        { ...cliPermissions, kind: 'config' },
+        { filePath: cursorCliPath, action: cliPermissionsExisted ? 'updated' : 'created', kind: 'config' },
         ...(deletedLegacyRule ? [{ ...deletedLegacyRule, kind: 'cleanup' }] : []),
         ...(deletedLegacyCommand ? [{ ...deletedLegacyCommand, kind: 'cleanup' }] : []),
         ...(deletedLegacyAgent ? [{ ...deletedLegacyAgent, kind: 'cleanup' }] : []),

package/src/utils/cursor-cli-permissions.js

@@ -0,0 +1,28 @@
+import { join } from 'node:path';
+import { MCP_SERVER_NAME } from './constants.js';
+import { readJson, writeJson } from './fs-helpers.js';
+
+/**
+ * Merge project-level Cursor CLI permissions so cursor-agent can use the SRAI MCP tools.
+ * @see https://docs.cursor.com/cli/reference/configuration
+ * @see https://docs.cursor.com/cli/reference/permissions
+ */
+export function mergeCursorCliMcpAllowlist(cwd) {
+    const cliPath = join(cwd, '.cursor', 'cli.json');
+    const existing = readJson(cliPath) || {};
+    if (!existing.permissions || typeof existing.permissions !== 'object' || Array.isArray(existing.permissions)) {
+        existing.permissions = {};
+    }
+    if (!Array.isArray(existing.permissions.allow)) {
+        existing.permissions.allow = [];
+    }
+    const token = `Mcp(${MCP_SERVER_NAME}:*)`;
+    if (!existing.permissions.allow.includes(token)) {
+        existing.permissions.allow.push(token);
+    }
+    if (!Array.isArray(existing.permissions.deny)) {
+        existing.permissions.deny = [];
+    }
+    writeJson(cliPath, existing);
+    return cliPath;
+}