@sigildev/sigil 0.1.0

package/dist/rules/injection.js

@@ -0,0 +1,213 @@
+// Dangerous shell execution sinks (TS/JS)
+const EXEC_PATTERNS_TS = [
+    /(?<!\.)exec\s*\(/g,
+    /(?<!\.)execSync\s*\(/g,
+    /(?<!\.)execAsync\s*\(/g,
+    /\bspawn\s*\([^)]*shell\s*:\s*true/g,
+    /\bspawnSync\s*\([^)]*shell\s*:\s*true/g,
+    /child_process\.\s*exec\s*\(/g,
+];
+// Dangerous shell execution sinks (Python)
+const EXEC_PATTERNS_PY = [
+    /\bos\.system\s*\(/g,
+    /\bos\.popen\s*\(/g,
+    /\bsubprocess\.run\s*\([^)]*shell\s*=\s*True/g,
+    /\bsubprocess\.call\s*\([^)]*shell\s*=\s*True/g,
+    /\bsubprocess\.Popen\s*\([^)]*shell\s*=\s*True/g,
+    /\bsubprocess\.check_output\s*\([^)]*shell\s*=\s*True/g,
+];
+// SQL injection patterns
+const SQL_CONCAT_TS = [
+    // Template literal with variable in SQL context
+    /(?:query|execute|prepare|raw)\s*\(\s*`[^`]*\$\{/g,
+    // String concatenation in SQL context
+    /(?:query|execute|prepare|raw)\s*\(\s*["'][^"']*["']\s*\+/g,
+    /(?:query|execute|prepare|raw)\s*\([^)]*\+\s*["']/g,
+    // f-string SQL (Python)
+    /(?:execute|cursor\.execute|\.query)\s*\(\s*f["']/g,
+];
+const SQL_CONCAT_PY = [
+    /(?:execute|cursor\.execute)\s*\(\s*f["']/g,
+    /(?:execute|cursor\.execute)\s*\(\s*["'][^"']*["']\s*%/g,
+    /(?:execute|cursor\.execute)\s*\(\s*["'][^"']*["']\s*\.\s*format/g,
+    /(?:execute|cursor\.execute)\s*\(\s*["'][^"']*["']\s*\+/g,
+];
+// File operation patterns without validation
+const PATH_TRAVERSAL_TS = [
+    /\bfs\.readFile(?:Sync)?\s*\(/g,
+    /\bfs\.writeFile(?:Sync)?\s*\(/g,
+    /\bfs\.readdir(?:Sync)?\s*\(/g,
+    /\bfs\.unlink(?:Sync)?\s*\(/g,
+    /\bfs\.mkdir(?:Sync)?\s*\(/g,
+    /\bfs\.access(?:Sync)?\s*\(/g,
+];
+const PATH_TRAVERSAL_PY = [
+    /\bopen\s*\(/g,
+    /\bos\.path\.\w+\s*\(/g,
+    /\bshutil\.\w+\s*\(/g,
+    /\bpathlib\.Path\s*\(/g,
+];
+// Path validation patterns (if present, the file op is probably safe)
+const PATH_SAFE_PATTERNS = [
+    /realpath/,
+    /resolve\s*\(/,
+    /startsWith\s*\(/,
+    /startswith\s*\(/,
+    /ALLOWED/i,
+    /allowlist/i,
+    /whitelist/i,
+    /base_dir/i,
+    /root_dir/i,
+    /prefix.*check/i,
+];
+function findLineNumber(content, index) {
+    return content.slice(0, index).split("\n").length;
+}
+function isInToolHandler(content, matchIndex, language) {
+    // Look backwards from the match for a tool registration pattern
+    const before = content.slice(Math.max(0, matchIndex - 2000), matchIndex);
+    if (language === "typescript" || language === "unknown") {
+        // Check for .tool( pattern
+        if (/\.tool\s*\(/g.test(before)) {
+            // Make sure we're not past the end of that handler
+            // Simple heuristic: count braces
+            const lastToolIndex = before.lastIndexOf(".tool(");
+            if (lastToolIndex !== -1) {
+                const afterTool = before.slice(lastToolIndex);
+                const opens = (afterTool.match(/\{/g) || []).length;
+                const closes = (afterTool.match(/\}/g) || []).length;
+                // If we haven't closed all the braces, we're still in the handler
+                if (opens > closes)
+                    return true;
+            }
+        }
+    }
+    if (language === "python" || language === "unknown") {
+        // Check for @mcp.tool() or @server.tool() decorator
+        if (/@\w+\.tool\s*\(/g.test(before))
+            return true;
+        if (/def\s+\w+.*->/.test(before))
+            return true;
+    }
+    // Fallback: if it's in a server file, consider it relevant
+    return true;
+}
+function hasPathValidation(content, matchIndex) {
+    // Check surrounding context (200 chars before and after) for validation patterns
+    const start = Math.max(0, matchIndex - 500);
+    const end = Math.min(content.length, matchIndex + 500);
+    const context = content.slice(start, end);
+    return PATH_SAFE_PATTERNS.some((p) => p.test(context));
+}
+export function detectCommandInjection(context) {
+    const findings = [];
+    const patterns = context.language === "python" ? EXEC_PATTERNS_PY :
+        context.language === "typescript" ? EXEC_PATTERNS_TS :
+            [...EXEC_PATTERNS_TS, ...EXEC_PATTERNS_PY];
+    for (const [file, content] of context.sources) {
+        for (const pattern of patterns) {
+            pattern.lastIndex = 0;
+            let match;
+            while ((match = pattern.exec(content)) !== null) {
+                const line = findLineNumber(content, match.index);
+                const lineContent = content.split("\n")[line - 1] || "";
+                // Skip if it's a comment
+                const trimmed = lineContent.trimStart();
+                if (trimmed.startsWith("//") || trimmed.startsWith("#") || trimmed.startsWith("*"))
+                    continue;
+                // Skip if using execFile (safe — no shell)
+                if (/execFile/.test(lineContent))
+                    continue;
+                // Skip if using shell: false explicitly
+                if (/shell\s*:\s*false/.test(lineContent))
+                    continue;
+                // Skip if it's just an import/require or promisify setup line
+                if (/\bimport\b/.test(lineContent) || /\brequire\b/.test(lineContent))
+                    continue;
+                if (/\bpromisify\s*\(\s*exec\s*\)/.test(lineContent))
+                    continue;
+                findings.push({
+                    ruleId: "MCS-INJ-001",
+                    severity: "critical",
+                    title: "Command Injection via Tool Input",
+                    message: `Potential shell command execution found. If tool input reaches this call, it enables arbitrary command execution.`,
+                    location: { file, startLine: line, endLine: line },
+                    fix: {
+                        description: "Use execFile() with an argument array instead of exec(). Allowlist permitted commands.",
+                        suggestion: "execFile('/usr/bin/cmd', [arg1, arg2])",
+                    },
+                });
+            }
+        }
+    }
+    return findings;
+}
+export function detectSqlInjection(context) {
+    const findings = [];
+    const patterns = context.language === "python" ? SQL_CONCAT_PY :
+        context.language === "typescript" ? SQL_CONCAT_TS :
+            [...SQL_CONCAT_TS, ...SQL_CONCAT_PY];
+    for (const [file, content] of context.sources) {
+        for (const pattern of patterns) {
+            pattern.lastIndex = 0;
+            let match;
+            while ((match = pattern.exec(content)) !== null) {
+                const line = findLineNumber(content, match.index);
+                const lineContent = content.split("\n")[line - 1] || "";
+                const trimmed = lineContent.trimStart();
+                if (trimmed.startsWith("//") || trimmed.startsWith("#") || trimmed.startsWith("*"))
+                    continue;
+                findings.push({
+                    ruleId: "MCS-INJ-002",
+                    severity: "critical",
+                    title: "SQL Injection via Tool Input",
+                    message: `SQL query constructed using string interpolation or concatenation. Use parameterized queries ($1, ?, :param) instead.`,
+                    location: { file, startLine: line, endLine: line },
+                    fix: {
+                        description: "Use parameterized queries instead of string concatenation.",
+                        suggestion: "db.query('SELECT * FROM users WHERE name = $1', [name])",
+                    },
+                });
+            }
+        }
+    }
+    return findings;
+}
+export function detectPathTraversal(context) {
+    const findings = [];
+    const patterns = context.language === "python" ? PATH_TRAVERSAL_PY :
+        context.language === "typescript" ? PATH_TRAVERSAL_TS :
+            [...PATH_TRAVERSAL_TS, ...PATH_TRAVERSAL_PY];
+    for (const [file, content] of context.sources) {
+        for (const pattern of patterns) {
+            pattern.lastIndex = 0;
+            let match;
+            while ((match = pattern.exec(content)) !== null) {
+                const line = findLineNumber(content, match.index);
+                const lineContent = content.split("\n")[line - 1] || "";
+                const trimmed = lineContent.trimStart();
+                if (trimmed.startsWith("//") || trimmed.startsWith("#") || trimmed.startsWith("*"))
+                    continue;
+                // Skip if there's path validation nearby
+                if (hasPathValidation(content, match.index))
+                    continue;
+                // Only flag if we're in a tool handler context
+                if (!isInToolHandler(content, match.index, context.language))
+                    continue;
+                findings.push({
+                    ruleId: "MCS-INJ-003",
+                    severity: "high",
+                    title: "Path Traversal in File Operations",
+                    message: `File operation without path validation. Tool input could access files outside the intended directory.`,
+                    location: { file, startLine: line, endLine: line },
+                    fix: {
+                        description: "Resolve the path with realpath() and verify it starts with an allowed directory prefix.",
+                        suggestion: "const resolved = await fs.realpath(path.join(ALLOWED_DIR, input)); if (!resolved.startsWith(ALLOWED_DIR)) throw new Error('Access denied');",
+                    },
+                });
+            }
+        }
+    }
+    return findings;
+}
+//# sourceMappingURL=injection.js.map

package/dist/rules/injection.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"injection.js","sourceRoot":"","sources":["../../src/rules/injection.ts"],"names":[],"mappings":"AAEA,0CAA0C;AAC1C,MAAM,gBAAgB,GAAG;IACvB,mBAAmB;IACnB,uBAAuB;IACvB,wBAAwB;IACxB,oCAAoC;IACpC,wCAAwC;IACxC,8BAA8B;CAC/B,CAAC;AAEF,2CAA2C;AAC3C,MAAM,gBAAgB,GAAG;IACvB,oBAAoB;IACpB,mBAAmB;IACnB,8CAA8C;IAC9C,+CAA+C;IAC/C,gDAAgD;IAChD,uDAAuD;CACxD,CAAC;AAEF,yBAAyB;AACzB,MAAM,aAAa,GAAG;IACpB,gDAAgD;IAChD,kDAAkD;IAClD,sCAAsC;IACtC,2DAA2D;IAC3D,mDAAmD;IACnD,wBAAwB;IACxB,mDAAmD;CACpD,CAAC;AAEF,MAAM,aAAa,GAAG;IACpB,2CAA2C;IAC3C,wDAAwD;IACxD,kEAAkE;IAClE,yDAAyD;CAC1D,CAAC;AAEF,6CAA6C;AAC7C,MAAM,iBAAiB,GAAG;IACxB,+BAA+B;IAC/B,gCAAgC;IAChC,8BAA8B;IAC9B,6BAA6B;IAC7B,4BAA4B;IAC5B,6BAA6B;CAC9B,CAAC;AAEF,MAAM,iBAAiB,GAAG;IACxB,cAAc;IACd,uBAAuB;IACvB,qBAAqB;IACrB,uBAAuB;CACxB,CAAC;AAEF,sEAAsE;AACtE,MAAM,kBAAkB,GAAG;IACzB,UAAU;IACV,cAAc;IACd,iBAAiB;IACjB,iBAAiB;IACjB,UAAU;IACV,YAAY;IACZ,YAAY;IACZ,WAAW;IACX,WAAW;IACX,gBAAgB;CACjB,CAAC;AAEF,SAAS,cAAc,CAAC,OAAe,EAAE,KAAa;IACpD,OAAO,OAAO,CAAC,KAAK,CAAC,CAAC,EAAE,KAAK,CAAC,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,MAAM,CAAC;AACpD,CAAC;AAED,SAAS,eAAe,CAAC,OAAe,EAAE,UAAkB,EAAE,QAAgB;IAC5E,gEAAgE;IAChE,MAAM,MAAM,GAAG,OAAO,CAAC,KAAK,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,EAAE,UAAU,GAAG,IAAI,CAAC,EAAE,UAAU,CAAC,CAAC;IAEzE,IAAI,QAAQ,KAAK,YAAY,IAAI,QAAQ,KAAK,SAAS,EAAE,CAAC;QACxD,2BAA2B;QAC3B,IAAI,cAAc,CAAC,IAAI,CAAC,MAAM,CAAC,EAAE,CAAC;YAChC,mDAAmD;YACnD,iCAAiC;YACjC,MAAM,aAAa,GAAG,MAAM,CAAC,WAAW,CAAC,QAAQ,CAAC,CAAC;YACnD,IAAI,aAAa,KAAK,CAAC,CAAC,EAAE,CAAC;gBACzB,MAAM,SAAS,GAAG,MAAM,CAAC,KAAK,CAAC,aAAa,CAAC,CAAC;gBAC9C,MAAM,KAAK,GAAG,CAAC,SAAS,CAAC,KAAK,CAAC,KAAK,CAAC,IAAI,EAAE,CAAC,CAAC,MAAM,CAAC;gBACpD,MAAM,MAAM,GAAG,CAAC,SAAS,CAAC,KAAK,CAAC,KAAK,CAAC,IAAI,EAAE,CAAC,CAAC,MAAM,CAAC;gBACrD,kEAAkE;gBAClE,IAAI,KAAK,GAAG,MAAM;oBAAE,OAAO,IAAI,CAAC;YAClC,CAAC;QACH,CAAC;IACH,CAAC;IAED,IAAI,QAAQ,KAAK,QAAQ,IAAI,QAAQ,KAAK,SAAS,EAAE,CAAC;QACpD,oDAAoD;QACpD,IAAI,kBAAkB,CAAC,IAAI,CAAC,MAAM,CAAC;YAAE,OAAO,IAAI,CAAC;QACjD,IAAI,eAAe,CAAC,IAAI,CAAC,MAAM,CAAC;YAAE,OAAO,IAAI,CAAC;IAChD,CAAC;IAED,2DAA2D;IAC3D,OAAO,IAAI,CAAC;AACd,CAAC;AAED,SAAS,iBAAiB,CAAC,OAAe,EAAE,UAAkB;IAC5D,iFAAiF;IACjF,MAAM,KAAK,GAAG,IAAI,CAAC,GAAG,CAAC,CAAC,EAAE,UAAU,GAAG,GAAG,CAAC,CAAC;IAC5C,MAAM,GAAG,GAAG,IAAI,CAAC,GAAG,CAAC,OAAO,CAAC,MAAM,EAAE,UAAU,GAAG,GAAG,CAAC,CAAC;IACvD,MAAM,OAAO,GAAG,OAAO,CAAC,KAAK,CAAC,KAAK,EAAE,GAAG,CAAC,CAAC;IAE1C,OAAO,kBAAkB,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC,CAAC;AACzD,CAAC;AAED,MAAM,UAAU,sBAAsB,CAAC,OAAwB;IAC7D,MAAM,QAAQ,GAAc,EAAE,CAAC;IAC/B,MAAM,QAAQ,GACZ,OAAO,CAAC,QAAQ,KAAK,QAAQ,CAAC,CAAC,CAAC,gBAAgB,CAAC,CAAC;QAClD,OAAO,CAAC,QAAQ,KAAK,YAAY,CAAC,CAAC,CAAC,gBAAgB,CAAC,CAAC;YACtD,CAAC,GAAG,gBAAgB,EAAE,GAAG,gBAAgB,CAAC,CAAC;IAE7C,KAAK,MAAM,CAAC,IAAI,EAAE,OAAO,CAAC,IAAI,OAAO,CAAC,OAAO,EAAE,CAAC;QAC9C,KAAK,MAAM,OAAO,IAAI,QAAQ,EAAE,CAAC;YAC/B,OAAO,CAAC,SAAS,GAAG,CAAC,CAAC;YACtB,IAAI,KAAK,CAAC;YACV,OAAO,CAAC,KAAK,GAAG,OAAO,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC,KAAK,IAAI,EAAE,CAAC;gBAChD,MAAM,IAAI,GAAG,cAAc,CAAC,OAAO,EAAE,KAAK,CAAC,KAAK,CAAC,CAAC;gBAClD,MAAM,WAAW,GAAG,OAAO,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,IAAI,GAAG,CAAC,CAAC,IAAI,EAAE,CAAC;gBAExD,yBAAyB;gBACzB,MAAM,OAAO,GAAG,WAAW,CAAC,SAAS,EAAE,CAAC;gBACxC,IAAI,OAAO,CAAC,UAAU,CAAC,IAAI,CAAC,IAAI,OAAO,CAAC,UAAU,CAAC,GAAG,CAAC,IAAI,OAAO,CAAC,UAAU,CAAC,GAAG,CAAC;oBAAE,SAAS;gBAE7F,2CAA2C;gBAC3C,IAAI,UAAU,CAAC,IAAI,CAAC,WAAW,CAAC;oBAAE,SAAS;gBAE3C,wCAAwC;gBACxC,IAAI,mBAAmB,CAAC,IAAI,CAAC,WAAW,CAAC;oBAAE,SAAS;gBAEpD,8DAA8D;gBAC9D,IAAI,YAAY,CAAC,IAAI,CAAC,WAAW,CAAC,IAAI,aAAa,CAAC,IAAI,CAAC,WAAW,CAAC;oBAAE,SAAS;gBAChF,IAAI,8BAA8B,CAAC,IAAI,CAAC,WAAW,CAAC;oBAAE,SAAS;gBAE/D,QAAQ,CAAC,IAAI,CAAC;oBACZ,MAAM,EAAE,aAAa;oBACrB,QAAQ,EAAE,UAAU;oBACpB,KAAK,EAAE,kCAAkC;oBACzC,OAAO,EAAE,mHAAmH;oBAC5H,QAAQ,EAAE,EAAE,IAAI,EAAE,SAAS,EAAE,IAAI,EAAE,OAAO,EAAE,IAAI,EAAE;oBAClD,GAAG,EAAE;wBACH,WAAW,EAAE,wFAAwF;wBACrG,UAAU,EAAE,wCAAwC;qBACrD;iBACF,CAAC,CAAC;YACL,CAAC;QACH,CAAC;IACH,CAAC;IAED,OAAO,QAAQ,CAAC;AAClB,CAAC;AAED,MAAM,UAAU,kBAAkB,CAAC,OAAwB;IACzD,MAAM,QAAQ,GAAc,EAAE,CAAC;IAC/B,MAAM,QAAQ,GACZ,OAAO,CAAC,QAAQ,KAAK,QAAQ,CAAC,CAAC,CAAC,aAAa,CAAC,CAAC;QAC/C,OAAO,CAAC,QAAQ,KAAK,YAAY,CAAC,CAAC,CAAC,aAAa,CAAC,CAAC;YACnD,CAAC,GAAG,aAAa,EAAE,GAAG,aAAa,CAAC,CAAC;IAEvC,KAAK,MAAM,CAAC,IAAI,EAAE,OAAO,CAAC,IAAI,OAAO,CAAC,OAAO,EAAE,CAAC;QAC9C,KAAK,MAAM,OAAO,IAAI,QAAQ,EAAE,CAAC;YAC/B,OAAO,CAAC,SAAS,GAAG,CAAC,CAAC;YACtB,IAAI,KAAK,CAAC;YACV,OAAO,CAAC,KAAK,GAAG,OAAO,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC,KAAK,IAAI,EAAE,CAAC;gBAChD,MAAM,IAAI,GAAG,cAAc,CAAC,OAAO,EAAE,KAAK,CAAC,KAAK,CAAC,CAAC;gBAClD,MAAM,WAAW,GAAG,OAAO,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,IAAI,GAAG,CAAC,CAAC,IAAI,EAAE,CAAC;gBAExD,MAAM,OAAO,GAAG,WAAW,CAAC,SAAS,EAAE,CAAC;gBACxC,IAAI,OAAO,CAAC,UAAU,CAAC,IAAI,CAAC,IAAI,OAAO,CAAC,UAAU,CAAC,GAAG,CAAC,IAAI,OAAO,CAAC,UAAU,CAAC,GAAG,CAAC;oBAAE,SAAS;gBAE7F,QAAQ,CAAC,IAAI,CAAC;oBACZ,MAAM,EAAE,aAAa;oBACrB,QAAQ,EAAE,UAAU;oBACpB,KAAK,EAAE,8BAA8B;oBACrC,OAAO,EAAE,uHAAuH;oBAChI,QAAQ,EAAE,EAAE,IAAI,EAAE,SAAS,EAAE,IAAI,EAAE,OAAO,EAAE,IAAI,EAAE;oBAClD,GAAG,EAAE;wBACH,WAAW,EAAE,4DAA4D;wBACzE,UAAU,EAAE,yDAAyD;qBACtE;iBACF,CAAC,CAAC;YACL,CAAC;QACH,CAAC;IACH,CAAC;IAED,OAAO,QAAQ,CAAC;AAClB,CAAC;AAED,MAAM,UAAU,mBAAmB,CAAC,OAAwB;IAC1D,MAAM,QAAQ,GAAc,EAAE,CAAC;IAC/B,MAAM,QAAQ,GACZ,OAAO,CAAC,QAAQ,KAAK,QAAQ,CAAC,CAAC,CAAC,iBAAiB,CAAC,CAAC;QACnD,OAAO,CAAC,QAAQ,KAAK,YAAY,CAAC,CAAC,CAAC,iBAAiB,CAAC,CAAC;YACvD,CAAC,GAAG,iBAAiB,EAAE,GAAG,iBAAiB,CAAC,CAAC;IAE/C,KAAK,MAAM,CAAC,IAAI,EAAE,OAAO,CAAC,IAAI,OAAO,CAAC,OAAO,EAAE,CAAC;QAC9C,KAAK,MAAM,OAAO,IAAI,QAAQ,EAAE,CAAC;YAC/B,OAAO,CAAC,SAAS,GAAG,CAAC,CAAC;YACtB,IAAI,KAAK,CAAC;YACV,OAAO,CAAC,KAAK,GAAG,OAAO,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC,KAAK,IAAI,EAAE,CAAC;gBAChD,MAAM,IAAI,GAAG,cAAc,CAAC,OAAO,EAAE,KAAK,CAAC,KAAK,CAAC,CAAC;gBAClD,MAAM,WAAW,GAAG,OAAO,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,IAAI,GAAG,CAAC,CAAC,IAAI,EAAE,CAAC;gBAExD,MAAM,OAAO,GAAG,WAAW,CAAC,SAAS,EAAE,CAAC;gBACxC,IAAI,OAAO,CAAC,UAAU,CAAC,IAAI,CAAC,IAAI,OAAO,CAAC,UAAU,CAAC,GAAG,CAAC,IAAI,OAAO,CAAC,UAAU,CAAC,GAAG,CAAC;oBAAE,SAAS;gBAE7F,yCAAyC;gBACzC,IAAI,iBAAiB,CAAC,OAAO,EAAE,KAAK,CAAC,KAAK,CAAC;oBAAE,SAAS;gBAEtD,+CAA+C;gBAC/C,IAAI,CAAC,eAAe,CAAC,OAAO,EAAE,KAAK,CAAC,KAAK,EAAE,OAAO,CAAC,QAAQ,CAAC;oBAAE,SAAS;gBAEvE,QAAQ,CAAC,IAAI,CAAC;oBACZ,MAAM,EAAE,aAAa;oBACrB,QAAQ,EAAE,MAAM;oBAChB,KAAK,EAAE,mCAAmC;oBAC1C,OAAO,EAAE,uGAAuG;oBAChH,QAAQ,EAAE,EAAE,IAAI,EAAE,SAAS,EAAE,IAAI,EAAE,OAAO,EAAE,IAAI,EAAE;oBAClD,GAAG,EAAE;wBACH,WAAW,EAAE,yFAAyF;wBACtG,UAAU,EAAE,6IAA6I;qBAC1J;iBACF,CAAC,CAAC;YACL,CAAC;QACH,CAAC;IACH,CAAC;IAED,OAAO,QAAQ,CAAC;AAClB,CAAC"}

package/dist/rules/permissions.d.ts

@@ -0,0 +1,5 @@
+import type { AnalysisContext, Finding } from "../analyzers/types.js";
+export declare function detectBroadCapabilities(context: AnalysisContext): Finding[];
+export declare function detectUnrestrictedFilesystem(context: AnalysisContext): Finding[];
+export declare function detectArbitraryCodeExecution(context: AnalysisContext): Finding[];
+//# sourceMappingURL=permissions.d.ts.map

package/dist/rules/permissions.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"permissions.d.ts","sourceRoot":"","sources":["../../src/rules/permissions.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,eAAe,EAAE,OAAO,EAAE,MAAM,uBAAuB,CAAC;AAqDtE,wBAAgB,uBAAuB,CAAC,OAAO,EAAE,eAAe,GAAG,OAAO,EAAE,CAgC3E;AAED,wBAAgB,4BAA4B,CAAC,OAAO,EAAE,eAAe,GAAG,OAAO,EAAE,CAoEhF;AAED,wBAAgB,4BAA4B,CAAC,OAAO,EAAE,eAAe,GAAG,OAAO,EAAE,CAoChF"}

package/dist/rules/permissions.js

@@ -0,0 +1,170 @@
+// Unrestricted outbound HTTP patterns
+const BROAD_HTTP_PATTERNS = [
+    // fetch with a variable URL (not a string literal)
+    /\bfetch\s*\(\s*(?!["'`])\w+/g,
+    // axios/http with variable URL
+    /\baxios\.\w+\s*\(\s*(?!["'`])\w+/g,
+    /\bhttp\.request\s*\(/g,
+    /\bhttps\.request\s*\(/g,
+    // Python requests
+    /\brequests\.\w+\s*\(\s*(?!["'`])\w+/g,
+    /\bhttpx\.\w+\s*\(\s*(?!["'`])\w+/g,
+];
+const HOST_CHECK_PATTERNS = [
+    /ALLOWED_HOSTS/i,
+    /allowedHosts/i,
+    /hostname.*includes/,
+    /host.*===?\s*["']/,
+    /url.*startsWith/,
+    /whitelist/i,
+    /allowlist/i,
+];
+// Arbitrary code execution patterns
+const CODE_EXEC_PATTERNS_TS = [
+    /\beval\s*\(/g,
+    /\bFunction\s*\(\s*["'`]/g,
+    /new\s+Function\s*\(/g,
+    /\bvm\.runInNewContext\s*\(/g,
+    /\bvm\.runInThisContext\s*\(/g,
+    /\bvm\.createScript\s*\(/g,
+];
+const CODE_EXEC_PATTERNS_PY = [
+    /(?<!\.)eval\s*\(/g,
+    /(?<!\.)exec\s*\(/g,
+    /(?<!\.)\bcompile\s*\(\s*(?!["'])/g,
+    /\b__import__\s*\(/g,
+];
+function findLineNumber(content, index) {
+    return content.slice(0, index).split("\n").length;
+}
+function hasHostValidation(content, matchIndex) {
+    const start = Math.max(0, matchIndex - 800);
+    const end = Math.min(content.length, matchIndex + 300);
+    const context = content.slice(start, end);
+    return HOST_CHECK_PATTERNS.some((p) => p.test(context));
+}
+export function detectBroadCapabilities(context) {
+    const findings = [];
+    for (const [file, content] of context.sources) {
+        for (const pattern of BROAD_HTTP_PATTERNS) {
+            pattern.lastIndex = 0;
+            let match;
+            while ((match = pattern.exec(content)) !== null) {
+                const line = findLineNumber(content, match.index);
+                const lineContent = content.split("\n")[line - 1] || "";
+                const trimmed = lineContent.trimStart();
+                if (trimmed.startsWith("//") || trimmed.startsWith("#") || trimmed.startsWith("*"))
+                    continue;
+                if (hasHostValidation(content, match.index))
+                    continue;
+                findings.push({
+                    ruleId: "MCS-PERM-001",
+                    severity: "high",
+                    title: "Overly Broad Tool Capabilities",
+                    message: `Outbound HTTP request with no apparent host restriction. A compromised tool input could exfiltrate data to any URL.`,
+                    location: { file, startLine: line, endLine: line },
+                    fix: {
+                        description: "Restrict outbound requests to an allowlist of permitted hosts.",
+                        suggestion: "if (!ALLOWED_HOSTS.includes(new URL(url).hostname)) throw new Error('Host not allowed');",
+                    },
+                });
+            }
+        }
+    }
+    return findings;
+}
+export function detectUnrestrictedFilesystem(context) {
+    const findings = [];
+    // This is handled by MCS-INJ-003 (path traversal) — they overlap.
+    // MCS-PERM-002 specifically flags file tools with no allowlist at all.
+    // We look for file read/write in tool handlers without any path restriction.
+    const FS_PATTERNS_TS = [
+        /\bfs\.readFileSync\s*\(\s*(?!["'`])\w+/g,
+        /\bfs\.readFile\s*\(\s*(?!["'`])\w+/g,
+        /\bfs\.writeFileSync\s*\(\s*(?!["'`])\w+/g,
+        /\bfs\.writeFile\s*\(\s*(?!["'`])\w+/g,
+    ];
+    const FS_PATTERNS_PY = [
+        /\bopen\s*\(\s*(?!["'`])\w+/g,
+    ];
+    const patterns = context.language === "python" ? FS_PATTERNS_PY :
+        context.language === "typescript" ? FS_PATTERNS_TS :
+            [...FS_PATTERNS_TS, ...FS_PATTERNS_PY];
+    const RESTRICT_PATTERNS = [
+        /ALLOWED_DIR/i,
+        /allowedDir/i,
+        /base_?dir/i,
+        /root_?dir/i,
+        /startsWith/,
+        /startswith/,
+        /realpath/,
+        /resolve.*startsWith/,
+        /prefix/i,
+        /whitelist/i,
+        /allowlist/i,
+    ];
+    for (const [file, content] of context.sources) {
+        for (const pattern of patterns) {
+            pattern.lastIndex = 0;
+            let match;
+            while ((match = pattern.exec(content)) !== null) {
+                const line = findLineNumber(content, match.index);
+                const lineContent = content.split("\n")[line - 1] || "";
+                const trimmed = lineContent.trimStart();
+                if (trimmed.startsWith("//") || trimmed.startsWith("#") || trimmed.startsWith("*"))
+                    continue;
+                // Check for restrictions in surrounding context
+                const start = Math.max(0, match.index - 800);
+                const end = Math.min(content.length, match.index + 300);
+                const ctx = content.slice(start, end);
+                if (RESTRICT_PATTERNS.some((p) => p.test(ctx)))
+                    continue;
+                findings.push({
+                    ruleId: "MCS-PERM-002",
+                    severity: "high",
+                    title: "Unrestricted Filesystem Access",
+                    message: `File operation accepts a variable path with no directory restriction. Can access any file on the system.`,
+                    location: { file, startLine: line, endLine: line },
+                    fix: {
+                        description: "Restrict file operations to an allowed directory. Use realpath() + prefix check.",
+                    },
+                });
+            }
+        }
+    }
+    return findings;
+}
+export function detectArbitraryCodeExecution(context) {
+    const findings = [];
+    const patterns = context.language === "python" ? CODE_EXEC_PATTERNS_PY :
+        context.language === "typescript" ? CODE_EXEC_PATTERNS_TS :
+            [...CODE_EXEC_PATTERNS_TS, ...CODE_EXEC_PATTERNS_PY];
+    for (const [file, content] of context.sources) {
+        for (const pattern of patterns) {
+            pattern.lastIndex = 0;
+            let match;
+            while ((match = pattern.exec(content)) !== null) {
+                const line = findLineNumber(content, match.index);
+                const lineContent = content.split("\n")[line - 1] || "";
+                const trimmed = lineContent.trimStart();
+                if (trimmed.startsWith("//") || trimmed.startsWith("#") || trimmed.startsWith("*"))
+                    continue;
+                // In Python, exec() with a string literal is less dangerous — skip those
+                if (context.language === "python" && /\bexec\s*\(\s*["']/.test(lineContent))
+                    continue;
+                findings.push({
+                    ruleId: "MCS-PERM-003",
+                    severity: "critical",
+                    title: "Tool Can Execute Arbitrary Code",
+                    message: `Code evaluation function (eval/exec/Function) found. If tool input reaches this, it enables arbitrary code execution.`,
+                    location: { file, startLine: line, endLine: line },
+                    fix: {
+                        description: "Remove eval/exec usage. Use an allowlist of permitted operations instead of evaluating user input as code.",
+                    },
+                });
+            }
+        }
+    }
+    return findings;
+}
+//# sourceMappingURL=permissions.js.map

package/dist/rules/permissions.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"permissions.js","sourceRoot":"","sources":["../../src/rules/permissions.ts"],"names":[],"mappings":"AAEA,sCAAsC;AACtC,MAAM,mBAAmB,GAAG;IAC1B,mDAAmD;IACnD,8BAA8B;IAC9B,+BAA+B;IAC/B,mCAAmC;IACnC,uBAAuB;IACvB,wBAAwB;IACxB,kBAAkB;IAClB,sCAAsC;IACtC,mCAAmC;CACpC,CAAC;AAEF,MAAM,mBAAmB,GAAG;IAC1B,gBAAgB;IAChB,eAAe;IACf,oBAAoB;IACpB,mBAAmB;IACnB,iBAAiB;IACjB,YAAY;IACZ,YAAY;CACb,CAAC;AAEF,oCAAoC;AACpC,MAAM,qBAAqB,GAAG;IAC5B,cAAc;IACd,0BAA0B;IAC1B,sBAAsB;IACtB,6BAA6B;IAC7B,8BAA8B;IAC9B,0BAA0B;CAC3B,CAAC;AAEF,MAAM,qBAAqB,GAAG;IAC5B,mBAAmB;IACnB,mBAAmB;IACnB,mCAAmC;IACnC,oBAAoB;CACrB,CAAC;AAEF,SAAS,cAAc,CAAC,OAAe,EAAE,KAAa;IACpD,OAAO,OAAO,CAAC,KAAK,CAAC,CAAC,EAAE,KAAK,CAAC,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,MAAM,CAAC;AACpD,CAAC;AAED,SAAS,iBAAiB,CAAC,OAAe,EAAE,UAAkB;IAC5D,MAAM,KAAK,GAAG,IAAI,CAAC,GAAG,CAAC,CAAC,EAAE,UAAU,GAAG,GAAG,CAAC,CAAC;IAC5C,MAAM,GAAG,GAAG,IAAI,CAAC,GAAG,CAAC,OAAO,CAAC,MAAM,EAAE,UAAU,GAAG,GAAG,CAAC,CAAC;IACvD,MAAM,OAAO,GAAG,OAAO,CAAC,KAAK,CAAC,KAAK,EAAE,GAAG,CAAC,CAAC;IAC1C,OAAO,mBAAmB,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC,CAAC;AAC1D,CAAC;AAED,MAAM,UAAU,uBAAuB,CAAC,OAAwB;IAC9D,MAAM,QAAQ,GAAc,EAAE,CAAC;IAE/B,KAAK,MAAM,CAAC,IAAI,EAAE,OAAO,CAAC,IAAI,OAAO,CAAC,OAAO,EAAE,CAAC;QAC9C,KAAK,MAAM,OAAO,IAAI,mBAAmB,EAAE,CAAC;YAC1C,OAAO,CAAC,SAAS,GAAG,CAAC,CAAC;YACtB,IAAI,KAAK,CAAC;YACV,OAAO,CAAC,KAAK,GAAG,OAAO,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC,KAAK,IAAI,EAAE,CAAC;gBAChD,MAAM,IAAI,GAAG,cAAc,CAAC,OAAO,EAAE,KAAK,CAAC,KAAK,CAAC,CAAC;gBAClD,MAAM,WAAW,GAAG,OAAO,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,IAAI,GAAG,CAAC,CAAC,IAAI,EAAE,CAAC;gBAExD,MAAM,OAAO,GAAG,WAAW,CAAC,SAAS,EAAE,CAAC;gBACxC,IAAI,OAAO,CAAC,UAAU,CAAC,IAAI,CAAC,IAAI,OAAO,CAAC,UAAU,CAAC,GAAG,CAAC,IAAI,OAAO,CAAC,UAAU,CAAC,GAAG,CAAC;oBAAE,SAAS;gBAE7F,IAAI,iBAAiB,CAAC,OAAO,EAAE,KAAK,CAAC,KAAK,CAAC;oBAAE,SAAS;gBAEtD,QAAQ,CAAC,IAAI,CAAC;oBACZ,MAAM,EAAE,cAAc;oBACtB,QAAQ,EAAE,MAAM;oBAChB,KAAK,EAAE,gCAAgC;oBACvC,OAAO,EAAE,qHAAqH;oBAC9H,QAAQ,EAAE,EAAE,IAAI,EAAE,SAAS,EAAE,IAAI,EAAE,OAAO,EAAE,IAAI,EAAE;oBAClD,GAAG,EAAE;wBACH,WAAW,EAAE,gEAAgE;wBAC7E,UAAU,EAAE,0FAA0F;qBACvG;iBACF,CAAC,CAAC;YACL,CAAC;QACH,CAAC;IACH,CAAC;IAED,OAAO,QAAQ,CAAC;AAClB,CAAC;AAED,MAAM,UAAU,4BAA4B,CAAC,OAAwB;IACnE,MAAM,QAAQ,GAAc,EAAE,CAAC;IAE/B,kEAAkE;IAClE,uEAAuE;IACvE,6EAA6E;IAE7E,MAAM,cAAc,GAAG;QACrB,yCAAyC;QACzC,qCAAqC;QACrC,0CAA0C;QAC1C,sCAAsC;KACvC,CAAC;IAEF,MAAM,cAAc,GAAG;QACrB,6BAA6B;KAC9B,CAAC;IAEF,MAAM,QAAQ,GAAG,OAAO,CAAC,QAAQ,KAAK,QAAQ,CAAC,CAAC,CAAC,cAAc,CAAC,CAAC;QAC/D,OAAO,CAAC,QAAQ,KAAK,YAAY,CAAC,CAAC,CAAC,cAAc,CAAC,CAAC;YACpD,CAAC,GAAG,cAAc,EAAE,GAAG,cAAc,CAAC,CAAC;IAEzC,MAAM,iBAAiB,GAAG;QACxB,cAAc;QACd,aAAa;QACb,YAAY;QACZ,YAAY;QACZ,YAAY;QACZ,YAAY;QACZ,UAAU;QACV,qBAAqB;QACrB,SAAS;QACT,YAAY;QACZ,YAAY;KACb,CAAC;IAEF,KAAK,MAAM,CAAC,IAAI,EAAE,OAAO,CAAC,IAAI,OAAO,CAAC,OAAO,EAAE,CAAC;QAC9C,KAAK,MAAM,OAAO,IAAI,QAAQ,EAAE,CAAC;YAC/B,OAAO,CAAC,SAAS,GAAG,CAAC,CAAC;YACtB,IAAI,KAAK,CAAC;YACV,OAAO,CAAC,KAAK,GAAG,OAAO,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC,KAAK,IAAI,EAAE,CAAC;gBAChD,MAAM,IAAI,GAAG,cAAc,CAAC,OAAO,EAAE,KAAK,CAAC,KAAK,CAAC,CAAC;gBAClD,MAAM,WAAW,GAAG,OAAO,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,IAAI,GAAG,CAAC,CAAC,IAAI,EAAE,CAAC;gBAExD,MAAM,OAAO,GAAG,WAAW,CAAC,SAAS,EAAE,CAAC;gBACxC,IAAI,OAAO,CAAC,UAAU,CAAC,IAAI,CAAC,IAAI,OAAO,CAAC,UAAU,CAAC,GAAG,CAAC,IAAI,OAAO,CAAC,UAAU,CAAC,GAAG,CAAC;oBAAE,SAAS;gBAE7F,gDAAgD;gBAChD,MAAM,KAAK,GAAG,IAAI,CAAC,GAAG,CAAC,CAAC,EAAE,KAAK,CAAC,KAAK,GAAG,GAAG,CAAC,CAAC;gBAC7C,MAAM,GAAG,GAAG,IAAI,CAAC,GAAG,CAAC,OAAO,CAAC,MAAM,EAAE,KAAK,CAAC,KAAK,GAAG,GAAG,CAAC,CAAC;gBACxD,MAAM,GAAG,GAAG,OAAO,CAAC,KAAK,CAAC,KAAK,EAAE,GAAG,CAAC,CAAC;gBACtC,IAAI,iBAAiB,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;oBAAE,SAAS;gBAEzD,QAAQ,CAAC,IAAI,CAAC;oBACZ,MAAM,EAAE,cAAc;oBACtB,QAAQ,EAAE,MAAM;oBAChB,KAAK,EAAE,gCAAgC;oBACvC,OAAO,EAAE,0GAA0G;oBACnH,QAAQ,EAAE,EAAE,IAAI,EAAE,SAAS,EAAE,IAAI,EAAE,OAAO,EAAE,IAAI,EAAE;oBAClD,GAAG,EAAE;wBACH,WAAW,EAAE,kFAAkF;qBAChG;iBACF,CAAC,CAAC;YACL,CAAC;QACH,CAAC;IACH,CAAC;IAED,OAAO,QAAQ,CAAC;AAClB,CAAC;AAED,MAAM,UAAU,4BAA4B,CAAC,OAAwB;IACnE,MAAM,QAAQ,GAAc,EAAE,CAAC;IAC/B,MAAM,QAAQ,GACZ,OAAO,CAAC,QAAQ,KAAK,QAAQ,CAAC,CAAC,CAAC,qBAAqB,CAAC,CAAC;QACvD,OAAO,CAAC,QAAQ,KAAK,YAAY,CAAC,CAAC,CAAC,qBAAqB,CAAC,CAAC;YAC3D,CAAC,GAAG,qBAAqB,EAAE,GAAG,qBAAqB,CAAC,CAAC;IAEvD,KAAK,MAAM,CAAC,IAAI,EAAE,OAAO,CAAC,IAAI,OAAO,CAAC,OAAO,EAAE,CAAC;QAC9C,KAAK,MAAM,OAAO,IAAI,QAAQ,EAAE,CAAC;YAC/B,OAAO,CAAC,SAAS,GAAG,CAAC,CAAC;YACtB,IAAI,KAAK,CAAC;YACV,OAAO,CAAC,KAAK,GAAG,OAAO,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC,KAAK,IAAI,EAAE,CAAC;gBAChD,MAAM,IAAI,GAAG,cAAc,CAAC,OAAO,EAAE,KAAK,CAAC,KAAK,CAAC,CAAC;gBAClD,MAAM,WAAW,GAAG,OAAO,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,IAAI,GAAG,CAAC,CAAC,IAAI,EAAE,CAAC;gBAExD,MAAM,OAAO,GAAG,WAAW,CAAC,SAAS,EAAE,CAAC;gBACxC,IAAI,OAAO,CAAC,UAAU,CAAC,IAAI,CAAC,IAAI,OAAO,CAAC,UAAU,CAAC,GAAG,CAAC,IAAI,OAAO,CAAC,UAAU,CAAC,GAAG,CAAC;oBAAE,SAAS;gBAE7F,yEAAyE;gBACzE,IAAI,OAAO,CAAC,QAAQ,KAAK,QAAQ,IAAI,oBAAoB,CAAC,IAAI,CAAC,WAAW,CAAC;oBAAE,SAAS;gBAEtF,QAAQ,CAAC,IAAI,CAAC;oBACZ,MAAM,EAAE,cAAc;oBACtB,QAAQ,EAAE,UAAU;oBACpB,KAAK,EAAE,iCAAiC;oBACxC,OAAO,EAAE,uHAAuH;oBAChI,QAAQ,EAAE,EAAE,IAAI,EAAE,SAAS,EAAE,IAAI,EAAE,OAAO,EAAE,IAAI,EAAE;oBAClD,GAAG,EAAE;wBACH,WAAW,EAAE,4GAA4G;qBAC1H;iBACF,CAAC,CAAC;YACL,CAAC;QACH,CAAC;IACH,CAAC;IAED,OAAO,QAAQ,CAAC;AAClB,CAAC"}

package/dist/rules/validation.d.ts

@@ -0,0 +1,3 @@
+import type { AnalysisContext, Finding } from "../analyzers/types.js";
+export declare function detectMissingInputSchema(context: AnalysisContext): Finding[];
+//# sourceMappingURL=validation.d.ts.map

package/dist/rules/validation.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"validation.d.ts","sourceRoot":"","sources":["../../src/rules/validation.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,eAAe,EAAE,OAAO,EAAE,MAAM,uBAAuB,CAAC;AAMtE,wBAAgB,wBAAwB,CAAC,OAAO,EAAE,eAAe,GAAG,OAAO,EAAE,CAmE5E"}

package/dist/rules/validation.js

@@ -0,0 +1,67 @@
+function findLineNumber(content, index) {
+    return content.slice(0, index).split("\n").length;
+}
+export function detectMissingInputSchema(context) {
+    const findings = [];
+    for (const [file, content] of context.sources) {
+        if (context.language === "typescript" || context.language === "unknown") {
+            // Detect z.any() or z.unknown() in tool schemas — these accept anything without validation
+            const weakTypeRegex = /z\.(?:any|unknown)\s*\(\)/g;
+            let match;
+            while ((match = weakTypeRegex.exec(content)) !== null) {
+                const line = findLineNumber(content, match.index);
+                const lineContent = content.split("\n")[line - 1] || "";
+                const trimmed = lineContent.trimStart();
+                if (trimmed.startsWith("//") || trimmed.startsWith("#"))
+                    continue;
+                // Only flag if this is within a .tool() registration context
+                const before = content.slice(Math.max(0, match.index - 500), match.index);
+                if (!/\.tool\s*\(/.test(before))
+                    continue;
+                findings.push({
+                    ruleId: "MCS-VALID-001",
+                    severity: "medium",
+                    title: "Missing Input Schema",
+                    message: `Tool registered with z.any() or z.unknown() — accepts any input without type or constraint checking.`,
+                    location: { file, startLine: line, endLine: line },
+                    fix: {
+                        description: "Define input validation using specific Zod schemas to constrain what the LLM can pass to this tool.",
+                        suggestion: "{ query: z.string().max(100), limit: z.number().int().min(1).max(50) }",
+                    },
+                });
+            }
+        }
+        if (context.language === "python" || context.language === "unknown") {
+            // Detect tool functions with untyped parameters (no type hint)
+            // Pattern: @mcp.tool() decorated function with at least one param missing a type hint
+            const pyToolFnRegex = /@\w+\.tool\s*\(\s*\)\s*\n\s*(?:async\s+)?def\s+\w+\s*\(([^)]*)\)/g;
+            let match;
+            while ((match = pyToolFnRegex.exec(content)) !== null) {
+                const params = match[1];
+                const paramList = params.split(",").map((p) => p.trim()).filter((p) => p.length > 0);
+                if (paramList.length === 0)
+                    continue; // no-arg functions are fine
+                // Skip self parameter (for class methods)
+                const realParams = paramList.filter((p) => p !== "self");
+                if (realParams.length === 0)
+                    continue;
+                const allTyped = realParams.every((p) => p.includes(":"));
+                if (allTyped)
+                    continue;
+                const line = findLineNumber(content, match.index);
+                findings.push({
+                    ruleId: "MCS-VALID-001",
+                    severity: "medium",
+                    title: "Missing Input Schema",
+                    message: `Tool function has untyped parameters. FastMCP uses type hints to generate input schemas — untyped params bypass validation.`,
+                    location: { file, startLine: line, endLine: line },
+                    fix: {
+                        description: "Add type hints to all tool function parameters.",
+                    },
+                });
+            }
+        }
+    }
+    return findings;
+}
+//# sourceMappingURL=validation.js.map

package/dist/rules/validation.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"validation.js","sourceRoot":"","sources":["../../src/rules/validation.ts"],"names":[],"mappings":"AAEA,SAAS,cAAc,CAAC,OAAe,EAAE,KAAa;IACpD,OAAO,OAAO,CAAC,KAAK,CAAC,CAAC,EAAE,KAAK,CAAC,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,MAAM,CAAC;AACpD,CAAC;AAED,MAAM,UAAU,wBAAwB,CAAC,OAAwB;IAC/D,MAAM,QAAQ,GAAc,EAAE,CAAC;IAE/B,KAAK,MAAM,CAAC,IAAI,EAAE,OAAO,CAAC,IAAI,OAAO,CAAC,OAAO,EAAE,CAAC;QAC9C,IAAI,OAAO,CAAC,QAAQ,KAAK,YAAY,IAAI,OAAO,CAAC,QAAQ,KAAK,SAAS,EAAE,CAAC;YACxE,2FAA2F;YAC3F,MAAM,aAAa,GAAG,4BAA4B,CAAC;YACnD,IAAI,KAAK,CAAC;YACV,OAAO,CAAC,KAAK,GAAG,aAAa,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC,KAAK,IAAI,EAAE,CAAC;gBACtD,MAAM,IAAI,GAAG,cAAc,CAAC,OAAO,EAAE,KAAK,CAAC,KAAK,CAAC,CAAC;gBAClD,MAAM,WAAW,GAAG,OAAO,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,IAAI,GAAG,CAAC,CAAC,IAAI,EAAE,CAAC;gBAExD,MAAM,OAAO,GAAG,WAAW,CAAC,SAAS,EAAE,CAAC;gBACxC,IAAI,OAAO,CAAC,UAAU,CAAC,IAAI,CAAC,IAAI,OAAO,CAAC,UAAU,CAAC,GAAG,CAAC;oBAAE,SAAS;gBAElE,6DAA6D;gBAC7D,MAAM,MAAM,GAAG,OAAO,CAAC,KAAK,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,EAAE,KAAK,CAAC,KAAK,GAAG,GAAG,CAAC,EAAE,KAAK,CAAC,KAAK,CAAC,CAAC;gBAC1E,IAAI,CAAC,aAAa,CAAC,IAAI,CAAC,MAAM,CAAC;oBAAE,SAAS;gBAE1C,QAAQ,CAAC,IAAI,CAAC;oBACZ,MAAM,EAAE,eAAe;oBACvB,QAAQ,EAAE,QAAQ;oBAClB,KAAK,EAAE,sBAAsB;oBAC7B,OAAO,EAAE,sGAAsG;oBAC/G,QAAQ,EAAE,EAAE,IAAI,EAAE,SAAS,EAAE,IAAI,EAAE,OAAO,EAAE,IAAI,EAAE;oBAClD,GAAG,EAAE;wBACH,WAAW,EAAE,qGAAqG;wBAClH,UAAU,EAAE,wEAAwE;qBACrF;iBACF,CAAC,CAAC;YACL,CAAC;QACH,CAAC;QAED,IAAI,OAAO,CAAC,QAAQ,KAAK,QAAQ,IAAI,OAAO,CAAC,QAAQ,KAAK,SAAS,EAAE,CAAC;YACpE,+DAA+D;YAC/D,sFAAsF;YACtF,MAAM,aAAa,GAAG,mEAAmE,CAAC;YAC1F,IAAI,KAAK,CAAC;YACV,OAAO,CAAC,KAAK,GAAG,aAAa,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC,KAAK,IAAI,EAAE,CAAC;gBACtD,MAAM,MAAM,GAAG,KAAK,CAAC,CAAC,CAAC,CAAC;gBACxB,MAAM,SAAS,GAAG,MAAM,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC;gBACrF,IAAI,SAAS,CAAC,MAAM,KAAK,CAAC;oBAAE,SAAS,CAAC,4BAA4B;gBAElE,0CAA0C;gBAC1C,MAAM,UAAU,GAAG,SAAS,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,KAAK,MAAM,CAAC,CAAC;gBACzD,IAAI,UAAU,CAAC,MAAM,KAAK,CAAC;oBAAE,SAAS;gBAEtC,MAAM,QAAQ,GAAG,UAAU,CAAC,KAAK,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,QAAQ,CAAC,GAAG,CAAC,CAAC,CAAC;gBAC1D,IAAI,QAAQ;oBAAE,SAAS;gBAEvB,MAAM,IAAI,GAAG,cAAc,CAAC,OAAO,EAAE,KAAK,CAAC,KAAK,CAAC,CAAC;gBAElD,QAAQ,CAAC,IAAI,CAAC;oBACZ,MAAM,EAAE,eAAe;oBACvB,QAAQ,EAAE,QAAQ;oBAClB,KAAK,EAAE,sBAAsB;oBAC7B,OAAO,EAAE,6HAA6H;oBACtI,QAAQ,EAAE,EAAE,IAAI,EAAE,SAAS,EAAE,IAAI,EAAE,OAAO,EAAE,IAAI,EAAE;oBAClD,GAAG,EAAE;wBACH,WAAW,EAAE,iDAAiD;qBAC/D;iBACF,CAAC,CAAC;YACL,CAAC;QACH,CAAC;IACH,CAAC;IAED,OAAO,QAAQ,CAAC;AAClB,CAAC"}

package/dist/scanner.d.ts

@@ -0,0 +1,9 @@
+import type { ScanResult, Severity } from "./analyzers/types.js";
+export interface ScanOptions {
+    minSeverity?: Severity;
+    ignoreRules?: string[];
+    configPath?: string;
+    verbose?: boolean;
+}
+export declare function scan(target: string, options?: ScanOptions): Promise<ScanResult>;
+//# sourceMappingURL=scanner.d.ts.map

package/dist/scanner.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"scanner.d.ts","sourceRoot":"","sources":["../src/scanner.ts"],"names":[],"mappings":"AAEA,OAAO,KAAK,EACV,UAAU,EAGV,QAAQ,EAET,MAAM,sBAAsB,CAAC;AAU9B,MAAM,WAAW,WAAW;IAC1B,WAAW,CAAC,EAAE,QAAQ,CAAC;IACvB,WAAW,CAAC,EAAE,MAAM,EAAE,CAAC;IACvB,UAAU,CAAC,EAAE,MAAM,CAAC;IACpB,OAAO,CAAC,EAAE,OAAO,CAAC;CACnB;AASD,wBAAsB,IAAI,CACxB,MAAM,EAAE,MAAM,EACd,OAAO,GAAE,WAAgB,GACxB,OAAO,CAAC,UAAU,CAAC,CAuGrB"}