npm - @yawlabs/mcp-compliance - Versions diffs - 0.9.1 → 0.9.2 - Mend

@yawlabs/mcp-compliance 0.9.1 → 0.9.2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (5) hide show

package/dist/{chunk-CH2E27X5.js → chunk-FKTEFLK5.js} +40 -6
package/dist/index.js +40 -6
package/dist/mcp/server.js +1 -1
package/dist/runner.js +1 -1
package/package.json +1 -1

package/dist/{chunk-CH2E27X5.js → chunk-FKTEFLK5.js} RENAMED Viewed

@@ -1228,14 +1228,20 @@ var STDIO_INCOMPATIBLE_IDS = /* @__PURE__ */ new Set([
   "error-parse-code",
   "error-invalid-request-code",
   // Security tests that are inherently HTTP-layer (auth headers,
-  // sessions, CORS, TLS, rate limits, RFC 9728 metadata).
+  // sessions, CORS, TLS, rate limits, RFC 9728 metadata). For stdio
+  // servers these don't apply — the parent process owns the trust
+  // boundary, not the server.
   "security-tls-required",
   "security-oauth-metadata",
   "security-token-in-uri",
   "security-rate-limiting",
   "security-cors-headers",
   "security-origin-validation",
-  "security-session-not-auth"
+  "security-session-not-auth",
+  "security-auth-required",
+  "security-auth-malformed",
+  "security-www-authenticate",
+  "security-session-entropy"
 ]);
 function supportsTransport(def, kind) {
   if (!def) return true;
@@ -1299,8 +1305,11 @@ async function runComplianceSuite(target, options = {}) {
         return !options.skip.includes(category) && !options.skip.includes(id);
       }
       return true;
+    }, looksRejected2 = function(text, isErrorFlag) {
+      if (isErrorFlag) return true;
+      return REJECTION_PATTERNS.some((p) => p.test(text));
     };
-    var buildHeaders = buildHeaders2, shouldRun = shouldRun2;
+    var buildHeaders = buildHeaders2, shouldRun = shouldRun2, looksRejected = looksRejected2;
     const backendUrl = resolvedTarget.type === "http" ? resolvedTarget.url : "";
     const userHeaders = resolvedTarget.type === "http" ? resolvedTarget.headers ?? options.headers ?? {} : {};
     const displayUrl = resolvedTarget.type === "http" ? resolvedTarget.url : `stdio:${resolvedTarget.command}${resolvedTarget.args?.length ? ` ${resolvedTarget.args.join(" ")}` : ""}`;
@@ -3284,25 +3293,50 @@ async function runComplianceSuite(target, options = {}) {
         }
       }
     );
+    const REJECTION_PATTERNS = [
+      /access denied/i,
+      /permission denied/i,
+      /not allowed/i,
+      /not permitted/i,
+      /outside (allowed|permitted)/i,
+      /forbidden/i,
+      /unauthorized/i,
+      /invalid (path|input|argument|parameter|request)/i,
+      /(payload|request) (rejected|blocked|refused)/i,
+      /enoent|eacces|eperm/i,
+      /sandbox(ed)?/i,
+      /(no such file|file not found)/i,
+      /\binvalid\b.*\b(input|json|argument|parameter|character)/i
+    ];
     async function runInjectionTest(toolName, paramName, payloads, detectPattern, label) {
       const issues = [];
+      let defended = 0;
       for (const payload of payloads) {
         try {
           const res = await rpc("tools/call", { name: toolName, arguments: { [paramName]: payload } });
-          const content = res.body?.result?.content;
+          const result = res.body?.result;
+          const content = result?.content;
+          const isErrorFlag = result?.isError === true;
           if (Array.isArray(content)) {
             const text = content.map((c) => c.text || "").join(" ");
             if (detectPattern.test(text)) {
-              issues.push(`Payload "${payload}" ${label} (output: ${text.substring(0, 100)})`);
+              if (looksRejected2(text, isErrorFlag)) {
+                defended++;
+              } else {
+                issues.push(`Payload "${payload}" ${label} (output: ${text.substring(0, 100)})`);
+              }
+            } else {
+              defended++;
             }
           }
         } catch {
+          defended++;
         }
       }
       if (issues.length > 0) return { passed: false, details: issues.join("; ") };
       return {
         passed: true,
-        details: `Tested ${payloads.length} payloads against ${toolName}.${paramName} \u2014 no ${label.split(" ")[0]} detected`
+        details: defended === payloads.length ? `Tested ${payloads.length} payloads against ${toolName}.${paramName} \u2014 server defended (rejected or sanitized)` : `Tested ${payloads.length} payloads against ${toolName}.${paramName} \u2014 no ${label.split(" ")[0]} detected`
       };
     }
     if (toolNames.length > 0) {

package/dist/index.js CHANGED Viewed

@@ -1372,14 +1372,20 @@ var STDIO_INCOMPATIBLE_IDS = /* @__PURE__ */ new Set([
   "error-parse-code",
   "error-invalid-request-code",
   // Security tests that are inherently HTTP-layer (auth headers,
-  // sessions, CORS, TLS, rate limits, RFC 9728 metadata).
+  // sessions, CORS, TLS, rate limits, RFC 9728 metadata). For stdio
+  // servers these don't apply — the parent process owns the trust
+  // boundary, not the server.
   "security-tls-required",
   "security-oauth-metadata",
   "security-token-in-uri",
   "security-rate-limiting",
   "security-cors-headers",
   "security-origin-validation",
-  "security-session-not-auth"
+  "security-session-not-auth",
+  "security-auth-required",
+  "security-auth-malformed",
+  "security-www-authenticate",
+  "security-session-entropy"
 ]);
 function supportsTransport(def, kind) {
   if (!def) return true;
@@ -1443,8 +1449,11 @@ async function runComplianceSuite(target, options = {}) {
         return !options.skip.includes(category) && !options.skip.includes(id);
       }
       return true;
+    }, looksRejected2 = function(text, isErrorFlag) {
+      if (isErrorFlag) return true;
+      return REJECTION_PATTERNS.some((p) => p.test(text));
     };
-    var buildHeaders = buildHeaders2, shouldRun = shouldRun2;
+    var buildHeaders = buildHeaders2, shouldRun = shouldRun2, looksRejected = looksRejected2;
     const backendUrl = resolvedTarget.type === "http" ? resolvedTarget.url : "";
     const userHeaders = resolvedTarget.type === "http" ? resolvedTarget.headers ?? options.headers ?? {} : {};
     const displayUrl = resolvedTarget.type === "http" ? resolvedTarget.url : `stdio:${resolvedTarget.command}${resolvedTarget.args?.length ? ` ${resolvedTarget.args.join(" ")}` : ""}`;
@@ -3428,25 +3437,50 @@ async function runComplianceSuite(target, options = {}) {
         }
       }
     );
+    const REJECTION_PATTERNS = [
+      /access denied/i,
+      /permission denied/i,
+      /not allowed/i,
+      /not permitted/i,
+      /outside (allowed|permitted)/i,
+      /forbidden/i,
+      /unauthorized/i,
+      /invalid (path|input|argument|parameter|request)/i,
+      /(payload|request) (rejected|blocked|refused)/i,
+      /enoent|eacces|eperm/i,
+      /sandbox(ed)?/i,
+      /(no such file|file not found)/i,
+      /\binvalid\b.*\b(input|json|argument|parameter|character)/i
+    ];
     async function runInjectionTest(toolName, paramName, payloads, detectPattern, label) {
       const issues = [];
+      let defended = 0;
       for (const payload of payloads) {
         try {
           const res = await rpc("tools/call", { name: toolName, arguments: { [paramName]: payload } });
-          const content = res.body?.result?.content;
+          const result = res.body?.result;
+          const content = result?.content;
+          const isErrorFlag = result?.isError === true;
           if (Array.isArray(content)) {
             const text = content.map((c) => c.text || "").join(" ");
             if (detectPattern.test(text)) {
-              issues.push(`Payload "${payload}" ${label} (output: ${text.substring(0, 100)})`);
+              if (looksRejected2(text, isErrorFlag)) {
+                defended++;
+              } else {
+                issues.push(`Payload "${payload}" ${label} (output: ${text.substring(0, 100)})`);
+              }
+            } else {
+              defended++;
             }
           }
         } catch {
+          defended++;
         }
       }
       if (issues.length > 0) return { passed: false, details: issues.join("; ") };
       return {
         passed: true,
-        details: `Tested ${payloads.length} payloads against ${toolName}.${paramName} \u2014 no ${label.split(" ")[0]} detected`
+        details: defended === payloads.length ? `Tested ${payloads.length} payloads against ${toolName}.${paramName} \u2014 server defended (rejected or sanitized)` : `Tested ${payloads.length} payloads against ${toolName}.${paramName} \u2014 no ${label.split(" ")[0]} detected`
       };
     }
     if (toolNames.length > 0) {

package/dist/mcp/server.js CHANGED Viewed

@@ -2,7 +2,7 @@ import {
   SPEC_BASE,
   TEST_DEFINITIONS,
   runComplianceSuite
-} from "../chunk-CH2E27X5.js";
+} from "../chunk-FKTEFLK5.js";
 // src/mcp/server.ts
 import { existsSync, readFileSync } from "fs";

package/dist/runner.js CHANGED Viewed

@@ -8,7 +8,7 @@ import {
   parseSSEResponse,
   previewTests,
   runComplianceSuite
-} from "./chunk-CH2E27X5.js";
+} from "./chunk-FKTEFLK5.js";
 export {
   SPEC_BASE,
   SPEC_VERSION,

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "@yawlabs/mcp-compliance",
-  "version": "0.9.1",
+  "version": "0.9.2",
   "description": "CLI tool and MCP server that tests MCP servers for spec compliance",
   "license": "MIT",
   "author": "Yaw Labs <contact@yaw.sh> (https://yaw.sh)",