npm - @vibekiln/cutline-mcp-cli - Versions diffs - 0.3.0 → 0.4.0 - Mend

@vibekiln/cutline-mcp-cli 0.3.0 → 0.4.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (2) hide show

package/dist/servers/cutline-server.js +47 -1
package/package.json +1 -1

package/dist/servers/cutline-server.js CHANGED Viewed

@@ -4365,6 +4365,39 @@ var UNIVERSAL_CONSTRAINTS = [
     file_patterns: ["**/api/auth/**", "**/api/login*", "**/api/callback*", "**/api/checkout*", "**/middleware/**"],
     framework: "baseline"
   },
+  {
+    id_suffix: "sensitive_tokens_not_in_urls",
+    category: "security",
+    summary: "Auth/session/API tokens MUST NOT be passed in URL query parameters during redirects. Sensitive tokens in URLs leak via logs, browser history, and referrers.",
+    keywords: ["token", "query-param", "callback", "returnUrl", "redirect", "referrer", "url-leakage"],
+    severity: "critical",
+    action: "Use Authorization headers or httpOnly cookies for token transport. Validate callback/return URLs against an allowlist and never append bearer/session tokens to redirected URLs.",
+    checklist_ref: "D11",
+    file_patterns: ["**/auth/**", "**/api/auth/**", "**/api/**/checkout*", "**/mcp-auth*", "**/session/**", "**/middleware/**"],
+    framework: "baseline"
+  },
+  {
+    id_suffix: "no_secrets_in_query_params",
+    category: "security",
+    summary: "Secrets (revalidation secrets, API secrets, webhook secrets) MUST NOT be transported via URL query parameters. Query-string secrets are leaked through logs, referrers, and browser history.",
+    keywords: ["secret", "query-param", "url", "revalidate", "webhook", "referrer", "leakage"],
+    severity: "critical",
+    action: "Accept secrets only via headers or signed request bodies. Reject secret-bearing query params in production endpoints. Rotate any secret previously sent in URLs.",
+    checklist_ref: "D12",
+    file_patterns: ["**/api/**", "**/webhooks/**", "**/revalidate/**", "**/middleware/**"],
+    framework: "baseline"
+  },
+  {
+    id_suffix: "no_state_change_get_cookie_auth",
+    category: "security",
+    summary: "State-changing operations MUST NOT be reachable via GET when cookie authentication is accepted. GET + cookie auth creates CSRF risk.",
+    keywords: ["csrf", "get", "state-change", "cookie-auth", "origin-check", "referer", "method-safety"],
+    severity: "critical",
+    action: "Use POST/PUT/DELETE for side effects. If GET fallback is unavoidable, enforce strict same-origin checks (Origin/Referer/sec-fetch-site) and avoid cookie-based auth fallback where possible.",
+    checklist_ref: "D13",
+    file_patterns: ["**/api/**", "**/auth/**", "**/checkout/**", "**/middleware/**"],
+    framework: "baseline"
+  },
   {
     id_suffix: "ai_cost_caps",
     category: "security",
@@ -5551,6 +5584,9 @@ D7. Do sensitive actions (account deletion, email change, role escalation) requi
 D8. Is payment/billing logic validated server-side? Can prices or quantities be tampered with client-side?
 D9. Are redirect URLs validated against an allowlist? Can open redirects be exploited for phishing?
 D10. Are webhook signatures verified before processing payment or event data?
+D11. Are auth/session/API tokens kept out of URL query params (including callback/returnUrl redirects) and transported via headers or httpOnly cookies instead?
+D12. Are secrets (revalidate/API/webhook/etc.) kept out of URL query params and accepted only via headers or signed bodies?
+D13. Are side-effecting endpoints using non-GET methods, and are cookie-auth GET fallbacks protected with strict same-origin checks?
 ### E. Security Rules & Infrastructure
 E1. For Firestore/database rules: do they enforce per-user data isolation?
@@ -5629,7 +5665,7 @@ Return a JSON object with exactly these fields:
 - targetUsers (string): Who uses this product, from a security perspective.
 - referenceClasses (string[]): Security frameworks or standards that apply (e.g., "OWASP Top 10 2021", "SOC 2 Type II").
 - constraints (object?): Resource constraints \u2014 team, budget_usd, deadline_days, must_ship_scope.
-- checklist_summary (object): Keys are checklist IDs (A1-A8, B1-B6, C1-C7, D1-D8, E1-E4, F1-F3, G-*, H1-H3, I1-I8, J1-J6, K1-K8), values are "pass"|"fail"|"warn"|"not_applicable". This forces systematic coverage.
+- checklist_summary (object): Keys are checklist IDs (A1-A8, B1-B6, C1-C8, D1-D13, E1-E7, F1-F4, G-*, H1-H3, I1-I8, J1-J6, K1-K8), values are "pass"|"fail"|"warn"|"not_applicable". This forces systematic coverage.
 - compliance_signals (array of {framework: "pci_dss"|"hipaa"|"fedramp"|"gdpr_ccpa"|"owasp_llm"|"glba"|"ferpa_coppa"|"csa_ccm"|"ios_app_store", signal: string, confidence: number}?): Detected compliance framework signals. Return [] if none.
 Be concrete and specific. Reference file paths and line numbers where possible. If a checklist item cannot be assessed from the provided files, mark it "not_applicable" and note why. Cover ALL sections A through K.`;
@@ -5855,6 +5891,11 @@ var SECURITY_PATH_PATTERNS = [
   /\/permissions?/i,
   /\/roles?/i,
   /\/tokens?/i,
+  /\/redirect/i,
+  /\/callback/i,
+  /returnurl/i,
+  /\/mcp-auth/i,
+  /checkout-link/i,
   /\/csrf/i,
   /\/rate-limit/i,
   /\/encrypt/i,
@@ -6538,6 +6579,11 @@ var SECURITY_PATH_PATTERNS2 = [
   /billing/i,
   /stripe/i,
   /webhook/i,
+  /redirect/i,
+  /callback/i,
+  /returnurl/i,
+  /mcp-auth/i,
+  /checkout-link/i,
   // Scalability & reliability patterns
   /\/db\//i,
   /queries?\//i,

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
     "name": "@vibekiln/cutline-mcp-cli",
-    "version": "0.3.0",
+    "version": "0.4.0",
     "description": "CLI and MCP servers for Cutline — authenticate, then run constraint-aware MCP servers in Cursor or any MCP client.",
     "type": "module",
     "main": "dist/index.js",