agent-security-scanner-mcp 1.0.2 → 1.1.0

package/README.md

@@ -2,7 +2,7 @@
 
 A powerful MCP (Model Context Protocol) server for real-time security vulnerability scanning. Integrates with Claude Desktop and Claude Code to automatically detect and fix security issues as you code.
 
-**165 Semgrep-aligned security rules | 105 auto-fix templates | 100% fix coverage**
+**165 Semgrep-aligned security rules | 105 auto-fix templates | 100% fix coverage | Package hallucination detection**
 
 ## Features
 
@@ -11,6 +11,7 @@ A powerful MCP (Model Context Protocol) server for real-time security vulnerabil
 - **Multi-language support** - JavaScript, TypeScript, Python, Java, Go, Dockerfile
 - **Semgrep-compatible** - Rules aligned with Semgrep registry format
 - **CWE & OWASP mapped** - Every rule includes CWE and OWASP references
+- **Hallucination detection** - Detect AI-invented package names (Dart, Perl, Raku)
 
 ## Installation
 
@@ -127,6 +128,115 @@ Returns:
 
 List all 105 available auto-fix templates.
 
+---
+
+## Package Hallucination Detection
+
+Detect AI-hallucinated package names that don't exist in official registries. Prevents supply chain attacks where attackers register fake package names suggested by AI.
+
+### `check_package`
+
+Check if a single package name is legitimate or potentially hallucinated.
+
+```
+Parameters:
+  package_name (string): The package name to verify
+  ecosystem (enum): "dart", "perl", "raku", "npm", "pypi"
+
+Returns:
+  - legitimate: true/false
+  - hallucinated: true/false
+  - confidence: "high"
+  - recommendation: Action to take
+```
+
+**Example:**
+```json
+{
+  "package": "flutter_animations",
+  "ecosystem": "dart",
+  "legitimate": true,
+  "hallucinated": false,
+  "confidence": "high",
+  "total_known_packages": 64721,
+  "recommendation": "Package exists in registry - safe to use"
+}
+```
+
+### `scan_packages`
+
+Scan a code file and detect all potentially hallucinated package imports.
+
+```
+Parameters:
+  file_path (string): Path to the file to scan
+  ecosystem (enum): "dart", "perl", "raku", "npm", "pypi"
+
+Returns:
+  - List of all packages found
+  - Which are legitimate vs hallucinated
+  - Recommendation
+```
+
+**Example output:**
+```json
+{
+  "file": "/path/to/main.dart",
+  "ecosystem": "dart",
+  "total_packages_found": 5,
+  "legitimate_count": 4,
+  "hallucinated_count": 1,
+  "hallucinated_packages": ["fake_flutter_pkg"],
+  "legitimate_packages": ["flutter", "http", "provider", "shared_preferences"],
+  "recommendation": "⚠️ Found 1 potentially hallucinated package(s): fake_flutter_pkg"
+}
+```
+
+### `list_package_stats`
+
+Show statistics about loaded package lists.
+
+```json
+{
+  "package_lists": [
+    { "ecosystem": "dart", "packages_loaded": 64721, "status": "ready" },
+    { "ecosystem": "perl", "packages_loaded": 1000, "status": "ready" },
+    { "ecosystem": "raku", "packages_loaded": 2626, "status": "ready" }
+  ],
+  "total_packages": 68347
+}
+```
+
+### Adding Custom Package Lists
+
+Add your own package lists to `packages/` directory:
+
+```bash
+# Format: one package name per line
+packages/
+├── dart.txt    # 64,721 packages
+├── perl.txt    # 1,000 packages
+├── raku.txt    # 2,626 packages
+├── npm.txt     # Add your own
+└── pypi.txt    # Add your own
+```
+
+### Fetching Package Lists
+
+```bash
+# Using the included script
+cd mcp-server
+pip install datasets
+python scripts/fetch-packages.py
+```
+
+Package lists are sourced from:
+- **Dart:** [dchitimalla1/dart-20250529](https://huggingface.co/datasets/dchitimalla1/dart-20250529)
+- **Perl:** [dchitimalla1/perl-20250530](https://huggingface.co/datasets/dchitimalla1/perl-20250530)
+- **Raku:** [dchitimalla1/raku-20250523](https://huggingface.co/datasets/dchitimalla1/raku-20250523)
+
+---
+
 ## Security Rules (165 total)
 
 ### By Language

package/index.js

@@ -824,6 +824,235 @@ server.tool(
   }
 );
 
+// ===========================================
+// PACKAGE HALLUCINATION DETECTION
+// ===========================================
+
+// Load legitimate package lists into memory (hash sets for O(1) lookup)
+const LEGITIMATE_PACKAGES = {
+  dart: new Set(),
+  perl: new Set(),
+  raku: new Set(),
+  npm: new Set(),
+  pypi: new Set()
+};
+
+// Package import patterns by ecosystem
+const IMPORT_PATTERNS = {
+  dart: [
+    /import\s+['"]package:([^\/'"]+)/g,
+    /dependencies:\s*\n(?:\s+(\w+):\s*[\^~]?[\d.]+\n)+/g
+  ],
+  perl: [
+    /use\s+([\w:]+)/g,
+    /require\s+([\w:]+)/g
+  ],
+  raku: [
+    /use\s+([\w:]+)/g,
+    /need\s+([\w:]+)/g
+  ],
+  npm: [
+    /require\s*\(\s*['"]([^'"]+)['"]\s*\)/g,
+    /from\s+['"]([^'"]+)['"]/g,
+    /import\s+['"]([^'"]+)['"]/g
+  ],
+  pypi: [
+    /^import\s+([\w]+)/gm,
+    /^from\s+([\w]+)/gm
+  ]
+};
+
+// Load package lists on startup
+function loadPackageLists() {
+  const packagesDir = join(__dirname, 'packages');
+
+  for (const ecosystem of Object.keys(LEGITIMATE_PACKAGES)) {
+    const filePath = join(packagesDir, `${ecosystem}.txt`);
+    try {
+      if (existsSync(filePath)) {
+        const content = readFileSync(filePath, 'utf-8');
+        const packages = content.split('\n').filter(p => p.trim());
+        LEGITIMATE_PACKAGES[ecosystem] = new Set(packages);
+        console.error(`Loaded ${packages.length} ${ecosystem} packages`);
+      }
+    } catch (error) {
+      console.error(`Warning: Could not load ${ecosystem} packages: ${error.message}`);
+    }
+  }
+}
+
+// Extract package names from code
+function extractPackages(code, ecosystem) {
+  const packages = new Set();
+  const patterns = IMPORT_PATTERNS[ecosystem] || [];
+
+  for (const pattern of patterns) {
+    const regex = new RegExp(pattern.source, pattern.flags);
+    let match;
+    while ((match = regex.exec(code)) !== null) {
+      const pkg = match[1];
+      if (pkg && !pkg.startsWith('.') && !pkg.startsWith('/')) {
+        // Normalize package name (handle scoped packages, subpaths)
+        const basePkg = pkg.split('/')[0].replace(/^@/, '');
+        packages.add(basePkg);
+      }
+    }
+  }
+
+  return Array.from(packages);
+}
+
+// Check if a package is hallucinated
+function isHallucinated(packageName, ecosystem) {
+  const legitPackages = LEGITIMATE_PACKAGES[ecosystem];
+  if (!legitPackages || legitPackages.size === 0) {
+    return { unknown: true, reason: `No package list loaded for ${ecosystem}` };
+  }
+  return { hallucinated: !legitPackages.has(packageName) };
+}
+
+// Register check_package tool
+server.tool(
+  "check_package",
+  "Check if a package name is legitimate or potentially hallucinated (AI-invented)",
+  {
+    package_name: z.string().describe("The package name to verify"),
+    ecosystem: z.enum(["dart", "perl", "raku", "npm", "pypi"]).describe("The package ecosystem")
+  },
+  async ({ package_name, ecosystem }) => {
+    const legitPackages = LEGITIMATE_PACKAGES[ecosystem];
+    const totalPackages = legitPackages?.size || 0;
+
+    if (totalPackages === 0) {
+      return {
+        content: [{
+          type: "text",
+          text: JSON.stringify({
+            package: package_name,
+            ecosystem,
+            status: "unknown",
+            reason: `No package list loaded for ${ecosystem}. Add packages/${ecosystem}.txt`,
+            suggestion: "Load package list or verify manually at the package registry"
+          }, null, 2)
+        }]
+      };
+    }
+
+    const exists = legitPackages.has(package_name);
+
+    return {
+      content: [{
+        type: "text",
+        text: JSON.stringify({
+          package: package_name,
+          ecosystem,
+          legitimate: exists,
+          hallucinated: !exists,
+          confidence: "high",
+          total_known_packages: totalPackages,
+          recommendation: exists
+            ? "Package exists in registry - safe to use"
+            : "⚠️ POTENTIAL HALLUCINATION - Package not found in registry. Verify before using!"
+        }, null, 2)
+      }]
+    };
+  }
+);
+
+// Register scan_packages tool
+server.tool(
+  "scan_packages",
+  "Scan code for package imports and check for hallucinated (AI-invented) packages",
+  {
+    file_path: z.string().describe("Path to the file to scan"),
+    ecosystem: z.enum(["dart", "perl", "raku", "npm", "pypi"]).describe("The package ecosystem")
+  },
+  async ({ file_path, ecosystem }) => {
+    if (!existsSync(file_path)) {
+      return {
+        content: [{ type: "text", text: JSON.stringify({ error: "File not found" }) }]
+      };
+    }
+
+    const code = readFileSync(file_path, 'utf-8');
+    const packages = extractPackages(code, ecosystem);
+    const legitPackages = LEGITIMATE_PACKAGES[ecosystem];
+    const totalKnown = legitPackages?.size || 0;
+
+    if (totalKnown === 0) {
+      return {
+        content: [{
+          type: "text",
+          text: JSON.stringify({
+            file: file_path,
+            ecosystem,
+            packages_found: packages,
+            status: "unknown",
+            reason: `No package list loaded for ${ecosystem}`
+          }, null, 2)
+        }]
+      };
+    }
+
+    const results = packages.map(pkg => ({
+      package: pkg,
+      legitimate: legitPackages.has(pkg),
+      hallucinated: !legitPackages.has(pkg)
+    }));
+
+    const hallucinated = results.filter(r => r.hallucinated);
+    const legitimate = results.filter(r => r.legitimate);
+
+    return {
+      content: [{
+        type: "text",
+        text: JSON.stringify({
+          file: file_path,
+          ecosystem,
+          total_packages_found: packages.length,
+          legitimate_count: legitimate.length,
+          hallucinated_count: hallucinated.length,
+          known_packages_in_registry: totalKnown,
+          hallucinated_packages: hallucinated.map(r => r.package),
+          legitimate_packages: legitimate.map(r => r.package),
+          all_results: results,
+          recommendation: hallucinated.length > 0
+            ? `⚠️ Found ${hallucinated.length} potentially hallucinated package(s): ${hallucinated.map(r => r.package).join(', ')}`
+            : "✅ All packages verified as legitimate"
+        }, null, 2)
+      }]
+    };
+  }
+);
+
+// Register list_package_stats tool
+server.tool(
+  "list_package_stats",
+  "List statistics about loaded package lists for hallucination detection",
+  {},
+  async () => {
+    const stats = Object.entries(LEGITIMATE_PACKAGES).map(([ecosystem, packages]) => ({
+      ecosystem,
+      packages_loaded: packages.size,
+      status: packages.size > 0 ? "ready" : "not loaded"
+    }));
+
+    return {
+      content: [{
+        type: "text",
+        text: JSON.stringify({
+          package_lists: stats,
+          total_packages: stats.reduce((sum, s) => sum + s.packages_loaded, 0),
+          usage: "Use check_package or scan_packages to detect hallucinated packages"
+        }, null, 2)
+      }]
+    };
+  }
+);
+
+// Load package lists on module initialization
+loadPackageLists();
+
 // Start the server with stdio transport
 async function main() {
   const transport = new StdioServerTransport();

package/package.json

@@ -1,7 +1,7 @@
 {
   "name": "agent-security-scanner-mcp",
-  "version": "1.0.2",
-  "description": "MCP server for security vulnerability scanning - detects SQL injection, XSS, command injection, hardcoded secrets, and more",
+  "version": "1.1.0",
+  "description": "MCP server for security scanning & package hallucination detection - SQL injection, XSS, secrets, and AI-invented package detection",
   "main": "index.js",
   "type": "module",
   "bin": {
@@ -21,7 +21,10 @@
     "code-analysis",
     "sql-injection",
     "xss",
-    "secrets-detection"
+    "secrets-detection",
+    "hallucination-detection",
+    "package-verification",
+    "supply-chain-security"
   ],
   "author": "",
   "license": "MIT",
@@ -43,6 +46,7 @@
   "files": [
     "index.js",
     "analyzer.py",
-    "rules/**"
+    "rules/**",
+    "packages/**"
   ]
 }