agent-security-scanner-mcp 2.0.4 → 2.0.6

package/README.md

@@ -1,5 +1,11 @@
 # agent-security-scanner-mcp
 
+[![npm version](https://img.shields.io/npm/v/agent-security-scanner-mcp.svg)](https://www.npmjs.com/package/agent-security-scanner-mcp)
+[![npm downloads](https://img.shields.io/npm/dm/agent-security-scanner-mcp.svg)](https://www.npmjs.com/package/agent-security-scanner-mcp)
+[![npm total downloads](https://img.shields.io/npm/dt/agent-security-scanner-mcp.svg)](https://www.npmjs.com/package/agent-security-scanner-mcp)
+[![License: MIT](https://img.shields.io/badge/License-MIT-yellow.svg)](https://opensource.org/licenses/MIT)
+[![GitHub stars](https://img.shields.io/github/stars/sinewaveai/agent-security-scanner-mcp.svg)](https://github.com/sinewaveai/agent-security-scanner-mcp/stargazers)
+
 A powerful MCP (Model Context Protocol) server for real-time security vulnerability scanning. Integrates with Claude Desktop, Claude Code, OpenCode.ai, Kilo Code, and any MCP-compatible client to automatically detect and fix security issues as you code.
 
 AI coding agents like **Claude Code**, **Cursor**, **Windsurf**, **Cline**, **Copilot**, and **Devin** are transforming software development. But they introduce attack surfaces that traditional security tools weren't designed to handle:
@@ -14,22 +20,35 @@ AI coding agents like **Claude Code**, **Cursor**, **Windsurf**, **Cline**, **Co
 
 **359 Semgrep-aligned security rules | 120 auto-fix templates | 6 ecosystems indexed | AI Agent prompt security**
 
-## What's New in v2.0.2
+## Installation
 
-- **Prompt injection detection overhaul** - Detection rate improved from 33% to 80%+
-- **Code block scanning** - Detects attacks hidden inside markdown code blocks
-- **Base64 decode-and-rescan** - Runtime decoding of encoded payloads
-- **Security fix** - Command injection vulnerability patched (execFileSync)
-- **Test suite** - 51 vitest tests with GitHub Actions CI
-- **Bug fixes** - Package hallucination detection now correctly uses bloom filters
+### Default Package (Lightweight - 2.7 MB)
 
-## What's New in v2.0.0
+```bash
+npm install -g agent-security-scanner-mcp
+```
 
-- **AST-based analysis** - tree-sitter powered parsing for 12 languages with higher accuracy
-- **Taint analysis** - Track data flow from sources (user input) to sinks (dangerous functions)
-- **Graceful fallback** - Works out-of-the-box with regex; enhanced detection when tree-sitter installed
-- **Metavariable patterns** - Semgrep-style `$VAR` patterns for structural matching
-- **Doctor command upgrade** - Now checks for AST engine availability
+Includes hallucination detection for: **PyPI, RubyGems, crates.io, pub.dev, CPAN, raku.land** (1M+ packages)
+
+### Full Package (With npm - 8.7 MB)
+
+If you need **npm/JavaScript hallucination detection** (3.3M packages):
+
+```bash
+npm install -g agent-security-scanner-mcp-full
+```
+
+Or run directly with npx:
+
+```bash
+npx agent-security-scanner-mcp
+```
+
+### Prerequisites
+
+- **Node.js >= 18.0.0** (required)
+- **Python 3.x** (required for the analyzer engine)
+- **PyYAML** (`pip install pyyaml`) — required for rule loading
 
 ### Enhanced Detection with tree-sitter (Optional)
 
@@ -44,6 +63,40 @@ The scanner works without tree-sitter using regex-based detection, but AST analy
 - Taint tracking across function boundaries
 - Language-aware pattern matching
 
+---
+
+## What's New in v2.0.6
+
+- **fix_security reliability overhaul** - Fixes now validated before applying to prevent malformed code output
+- **Python f-string SQL injection** - Now detects AND fixes `f"SELECT...{var}"` patterns
+- **Python .format() SQL injection** - Now fixes `"SELECT...{}".format(var)` patterns
+- **JavaScript template literal SQL injection** - Now fixes `` `SELECT...${var}` `` patterns
+- **Multi-pattern fix engine** - Each vulnerability type can have multiple language-specific fix patterns
+- **Syntax validation** - Rejects fixes with unbalanced quotes, brackets, or obvious syntax errors
+
+## What's New in v2.0.5
+
+- **Claude Code per-project fix** - `init claude-code` now uses `claude mcp add` CLI for reliable per-project configuration
+- **Doctor command upgrade** - Now correctly checks Claude Code config via `claude mcp list` instead of file-based check
+- **Documentation update** - README clarifies Claude Code's per-project MCP storage (`~/.claude.json` vs `~/.claude/settings.json`)
+
+## What's New in v2.0.2
+
+- **Prompt injection detection overhaul** - Detection rate improved from 33% to 80%+
+- **Code block scanning** - Detects attacks hidden inside markdown code blocks
+- **Base64 decode-and-rescan** - Runtime decoding of encoded payloads
+- **Security fix** - Command injection vulnerability patched (execFileSync)
+- **Test suite** - 51 vitest tests with GitHub Actions CI
+- **Bug fixes** - Package hallucination detection now correctly uses bloom filters
+
+## What's New in v2.0.0
+
+- **AST-based analysis** - tree-sitter powered parsing for 12 languages with higher accuracy
+- **Taint analysis** - Track data flow from sources (user input) to sinks (dangerous functions)
+- **Graceful fallback** - Works out-of-the-box with regex; enhanced detection when tree-sitter installed
+- **Metavariable patterns** - Semgrep-style `$VAR` patterns for structural matching
+- **Doctor command upgrade** - Now checks for AST engine availability
+
 ## What's New in v1.5.0
 
 - **92% smaller package** - Only 2.7 MB (down from 84 MB)
@@ -76,37 +129,6 @@ The scanner works without tree-sitter using regex-based detection, but AST analy
 - **CWE & OWASP mapped** - Every rule includes CWE and OWASP references
 - **Hallucination detection** - Detect AI-invented package names across 7 ecosystems via bloom filters and text lists
 
-## Installation
-
-### Default Package (Lightweight - 2.7 MB)
-
-```bash
-npm install -g agent-security-scanner-mcp
-```
-
-Includes hallucination detection for: **PyPI, RubyGems, crates.io, pub.dev, CPAN, raku.land** (1M+ packages)
-
-### Full Package (With npm - 8.7 MB)
-
-If you need **npm/JavaScript hallucination detection** (3.3M packages):
-
-```bash
-npm install -g agent-security-scanner-mcp-full
-```
-
-Or run directly with npx:
-
-```bash
-npx agent-security-scanner-mcp
-```
-
-## Prerequisites
-
-- **Node.js >= 18.0.0** (required)
-- **Python 3.x** (required for the analyzer engine)
-- **PyYAML** (`pip install pyyaml`) — required for rule loading
-- **tree-sitter** (optional, for enhanced AST-based detection): `pip install tree-sitter tree-sitter-python tree-sitter-javascript`
-
 ## Works With All Major AI Coding Tools
 
 | Tool | Integration | Status |
@@ -139,12 +161,14 @@ npx agent-security-scanner-mcp init cursor
 npx agent-security-scanner-mcp init claude-desktop
 npx agent-security-scanner-mcp init windsurf
 npx agent-security-scanner-mcp init cline
-npx agent-security-scanner-mcp init claude-code
+npx agent-security-scanner-mcp init claude-code      # Run in each project folder!
 npx agent-security-scanner-mcp init kilo-code
 npx agent-security-scanner-mcp init opencode
 npx agent-security-scanner-mcp init cody
 ```
 
+> **Claude Code users:** Run `init claude-code` in **each project folder** where you want security scanning. Claude Code uses per-project MCP configuration.
+
 **Interactive mode** — just run `init` with no client to pick from a list:
 
 ```bash
@@ -234,7 +258,17 @@ Add to your `claude_desktop_config.json`:
 
 ### Claude Code
 
-Add to your MCP settings (`~/.claude/settings.json`):
+**Important:** Claude Code stores MCP servers **per-project** in `~/.claude.json`, not in `~/.claude/settings.json`. Use the CLI to configure:
+
+```bash
+# Run this in EACH project folder where you want security scanning:
+claude mcp add security-scanner -- npx -y agent-security-scanner-mcp
+
+# Verify it's configured:
+claude mcp list
+```
+
+**Global configuration** (applies to new projects only) — add to `~/.claude/settings.json`:
 
 ```json
 {
@@ -247,6 +281,8 @@ Add to your MCP settings (`~/.claude/settings.json`):
 }
 ```
 
+> **Note:** Existing projects won't automatically inherit from the global config. You must run `claude mcp add` in each project folder, or use the automated init command which handles this for you.
+
 ### OpenCode.ai
 
 Add to your `opencode.jsonc` configuration file:

package/index.js

@@ -28,7 +28,73 @@ const FIX_TEMPLATES = {
   // ===========================================
   "sql-injection": {
     description: "Use parameterized queries instead of string concatenation",
-    fix: (line) => line.replace(/["']([^"']*)\s*["']\s*\+\s*(\w+)/, '"$1?", [$2]')
+    patterns: [
+      // Python f-strings: cursor.execute(f"SELECT * FROM users WHERE id = {user_id}")
+      {
+        match: /f["'].*(?:SELECT|INSERT|UPDATE|DELETE).*\{(\w+)\}.*["']/i,
+        fix: (line) => {
+          // Extract the query and variable
+          const match = line.match(/(\w+\.(?:execute|query|run))\s*\(\s*f(["'])(.*?)(?:SELECT|INSERT|UPDATE|DELETE)(.*?)\{(\w+)\}(.*?)\2/i);
+          if (match) {
+            const [, method, quote, prefix, queryStart, varName, suffix] = match;
+            // Reconstruct as parameterized query
+            const cleanPrefix = prefix.replace(/\{[^}]+\}/g, '?');
+            const cleanSuffix = suffix.replace(/\{[^}]+\}/g, '?');
+            return line.replace(
+              /f(["']).*\1/,
+              `"${cleanPrefix}${queryStart.trim().toUpperCase()}${cleanSuffix}?", (${varName},)`
+            );
+          }
+          // Simpler fallback for f-strings
+          return line.replace(/f(["'])(.*?)\{(\w+)\}(.*?)\1/, '"$2?$4", ($3,)');
+        },
+        languages: ['python']
+      },
+      // Python .format(): "SELECT ... WHERE id = {}".format(user_id)
+      {
+        match: /["'].*(?:SELECT|INSERT|UPDATE|DELETE).*\{\}.*["']\.format\s*\(/i,
+        fix: (line) => {
+          return line.replace(
+            /(["'])(.*?)\{\}(.*?)\1\.format\s*\(\s*(\w+)\s*\)/,
+            '"$2?$3", [$4]'
+          );
+        },
+        languages: ['python']
+      },
+      // Python % formatting: "SELECT ... WHERE id = %s" % user_id
+      {
+        match: /["'].*(?:SELECT|INSERT|UPDATE|DELETE).*%s.*["']\s*%\s*\(/i,
+        fix: (line) => {
+          return line.replace(
+            /(["'])(.*?)%s(.*?)\1\s*%\s*\(\s*(\w+)\s*,?\s*\)/,
+            '"$2?$3", [$4]'
+          );
+        },
+        languages: ['python']
+      },
+      // JS template literals: `SELECT * FROM users WHERE id = ${userId}`
+      {
+        match: /`.*(?:SELECT|INSERT|UPDATE|DELETE).*\$\{.*\}.*`/i,
+        fix: (line) => {
+          return line.replace(
+            /`(.*?)\$\{(\w+)\}(.*?)`/,
+            '"$1?$3", [$2]'
+          );
+        },
+        languages: ['javascript', 'typescript']
+      },
+      // Simple concatenation (no quotes inside): "SELECT ... WHERE id = " + userId
+      {
+        match: /["'](?:SELECT|INSERT|UPDATE|DELETE)[^"']+["']\s*\+\s*\w+(?!\s*\+\s*["'])/i,
+        fix: (line) => {
+          return line.replace(
+            /(["'])((?:SELECT|INSERT|UPDATE|DELETE)[^"']+)\1\s*\+\s*(\w+)/i,
+            '"$2?", [$3]'
+          );
+        },
+        languages: ['javascript', 'python', 'java', 'go', 'ruby', 'php']
+      }
+    ]
   },
   "nosql-injection": {
     description: "Sanitize MongoDB query inputs",
@@ -765,17 +831,96 @@ function runAnalyzer(filePath) {
   }
 }
 
+// Validate that a fix produces valid syntax
+function validateFix(original, fixed, language) {
+  // Rule 1: Fix must be different from original
+  if (fixed === original || !fixed) {
+    return { valid: false, reason: 'no_change' };
+  }
+
+  // Rule 2: Balanced quotes (ignore escaped quotes)
+  const unescaped = fixed.replace(/\\["'`]/g, '');
+  const singleQuotes = (unescaped.match(/'/g) || []).length;
+  const doubleQuotes = (unescaped.match(/"/g) || []).length;
+  const backticks = (unescaped.match(/`/g) || []).length;
+  if (singleQuotes % 2 !== 0 || doubleQuotes % 2 !== 0 || backticks % 2 !== 0) {
+    return { valid: false, reason: 'unbalanced_quotes' };
+  }
+
+  // Rule 3: Balanced brackets
+  const brackets = { '(': 0, '[': 0, '{': 0 };
+  const closers = { ')': '(', ']': '[', '}': '{' };
+  for (const char of unescaped) {
+    if (brackets[char] !== undefined) brackets[char]++;
+    if (closers[char]) brackets[closers[char]]--;
+  }
+  if (Object.values(brackets).some(v => v !== 0)) {
+    return { valid: false, reason: 'unbalanced_brackets' };
+  }
+
+  // Rule 4: No obvious syntax errors
+  const badPatterns = [
+    /""[^,\s\]);}]/, // empty string followed by unexpected char
+    /\+\s*[)\]}]/, // + followed by closing bracket
+    /,\s*\+/, // comma followed by +
+    /\(\s*\+/, // open paren followed by +
+  ];
+  for (const pattern of badPatterns) {
+    if (pattern.test(fixed)) {
+      return { valid: false, reason: 'syntax_error' };
+    }
+  }
+
+  return { valid: true };
+}
+
 // Generate fix suggestion for an issue
 function generateFix(issue, line, language) {
   const ruleId = issue.ruleId.toLowerCase();
 
-  for (const [pattern, template] of Object.entries(FIX_TEMPLATES)) {
-    if (ruleId.includes(pattern)) {
-      return {
-        description: template.description,
-        original: line,
-        fixed: template.fix(line, language)
-      };
+  for (const [templateId, template] of Object.entries(FIX_TEMPLATES)) {
+    if (!ruleId.includes(templateId)) continue;
+
+    // New: handle patterns array
+    if (template.patterns && Array.isArray(template.patterns)) {
+      for (const pattern of template.patterns) {
+        // Skip if language doesn't match
+        if (pattern.languages && !pattern.languages.includes(language)) {
+          continue;
+        }
+
+        // Skip if pattern doesn't match the line
+        if (!pattern.match.test(line)) {
+          continue;
+        }
+
+        // Try the fix
+        const candidate = pattern.fix(line, language);
+        const validation = validateFix(line, candidate, language);
+
+        if (validation.valid) {
+          return {
+            description: template.description,
+            original: line,
+            fixed: candidate
+          };
+        }
+        // If invalid, try next pattern
+      }
+    }
+
+    // Fallback: old-style single fix function (backward compatible)
+    if (template.fix && typeof template.fix === 'function') {
+      const candidate = template.fix(line, language);
+      const validation = validateFix(line, candidate, language);
+
+      if (validation.valid) {
+        return {
+          description: template.description,
+          original: line,
+          fixed: candidate
+        };
+      }
     }
   }
 
@@ -1724,7 +1869,10 @@ const CLIENT_CONFIGS = {
     name: 'Claude Code',
     configKey: 'mcpServers',
     configPath: () => join(homedir(), '.claude', 'settings.json'),
-    buildEntry: () => ({ ...MCP_SERVER_ENTRY })
+    buildEntry: () => ({ ...MCP_SERVER_ENTRY }),
+    // Claude Code stores MCP config per-project in ~/.claude.json, not in settings.json
+    // Use the 'claude mcp add' CLI for reliable per-project configuration
+    useCliCommand: true
   },
   'cursor': {
     name: 'Cursor',
@@ -1843,6 +1991,91 @@ function printInitUsage() {
   console.log('    npx agent-security-scanner-mcp init cline --force --name my-scanner\n');
 }
 
+// Special init handler for clients that use CLI commands (e.g., Claude Code)
+async function runCliInit(client, flags) {
+  const serverName = flags.name;
+  const cwd = process.cwd();
+
+  console.log(`\n  Client:  ${client.name}`);
+  console.log(`  Project: ${cwd}`);
+  console.log(`  OS:      ${platform()} (${process.arch})`);
+  console.log(`  Key:     ${serverName}\n`);
+
+  // Check if claude CLI is available
+  const claudeCheck = checkCommand('claude', ['--version']);
+  if (!claudeCheck.ok) {
+    console.log('  ERROR: Claude Code CLI not found.');
+    console.log('  Please install Claude Code first: https://claude.ai/download\n');
+    console.log('  Alternative: Use --path to write to ~/.claude/settings.json directly:\n');
+    console.log(`    npx agent-security-scanner-mcp init claude-code --path ~/.claude/settings.json\n`);
+    process.exit(1);
+  }
+
+  // Check if already configured for this project
+  const listCheck = checkCommand('claude', ['mcp', 'list']);
+  if (listCheck.ok && listCheck.output.includes(serverName)) {
+    if (!flags.force) {
+      console.log(`  ${serverName} is already configured for this project.`);
+      console.log(`  Use --force to reconfigure.\n`);
+      process.exit(0);
+    }
+    // Remove existing entry first if --force
+    console.log(`  Removing existing ${serverName} configuration...`);
+    try {
+      execFileSync('claude', ['mcp', 'remove', serverName], { encoding: 'utf-8', stdio: 'pipe' });
+    } catch {
+      // Ignore errors - might not exist
+    }
+  }
+
+  // Build the CLI command
+  const cliArgs = ['mcp', 'add', serverName, '--', 'npx', '-y', 'agent-security-scanner-mcp'];
+  const fullCommand = `claude ${cliArgs.join(' ')}`;
+
+  if (flags.dryRun) {
+    console.log(`  [dry-run] Would run: ${fullCommand}`);
+    console.log(`  [dry-run] In directory: ${cwd}`);
+    console.log(`\n  No changes made.\n`);
+    process.exit(0);
+  }
+
+  console.log(`  Running: ${fullCommand}`);
+  console.log(`  In directory: ${cwd}\n`);
+
+  try {
+    const result = execFileSync('claude', cliArgs, { encoding: 'utf-8', stdio: 'pipe', cwd });
+    console.log(`  ${result.trim()}\n`);
+  } catch (e) {
+    console.error(`  ERROR: Failed to add MCP server.`);
+    console.error(`  ${e.message}\n`);
+    console.log('  Alternative: Add manually to ~/.claude/settings.json:\n');
+    console.log(`  {
+    "mcpServers": {
+      "${serverName}": {
+        "command": "npx",
+        "args": ["-y", "agent-security-scanner-mcp"]
+      }
+    }
+  }\n`);
+    process.exit(1);
+  }
+
+  // Verify it was added
+  const verifyCheck = checkCommand('claude', ['mcp', 'list']);
+  if (verifyCheck.ok && verifyCheck.output.includes(serverName)) {
+    console.log(`  ✓ Successfully configured ${serverName} for this project!\n`);
+  } else {
+    console.log(`  ⚠ Configuration may have succeeded but verification failed.`);
+    console.log(`  Run 'claude mcp list' to check.\n`);
+  }
+
+  console.log(`  Next steps:`);
+  console.log(`    1. Restart Claude Code in this folder`);
+  console.log(`    2. Verify by asking: "What MCP tools do you have?"`);
+  console.log(`    3. Test: "Scan this file for security issues"\n`);
+  console.log(`  Note: Run this command in each project folder where you want security scanning.\n`);
+}
+
 async function runInit(flags) {
   let clientName = flags.client;
 
@@ -1863,6 +2096,12 @@ async function runInit(flags) {
     process.exit(1);
   }
 
+  // Special handling for clients that use CLI commands (like Claude Code)
+  if (client.useCliCommand && !flags.path) {
+    await runCliInit(client, flags);
+    return;
+  }
+
   const configPath = flags.path || client.configPath();
   const serverName = flags.name;
   const entry = client.buildEntry();
@@ -2067,6 +2306,53 @@ async function runDoctor(flags) {
   console.log('\n  Client Configurations');
 
   for (const [key, client] of Object.entries(CLIENT_CONFIGS)) {
+    // Special handling for Claude Code - uses per-project config via CLI
+    if (client.useCliCommand) {
+      const claudeCheck = checkCommand('claude', ['--version']);
+      if (!claudeCheck.ok) {
+        console.log(`    \u2014 ${client.name.padEnd(20)} not installed (claude CLI not found)`);
+        continue;
+      }
+
+      // Check if configured for current project using claude mcp list
+      const listCheck = checkCommand('claude', ['mcp', 'list']);
+      if (listCheck.ok && listCheck.output) {
+        const output = listCheck.output.toLowerCase();
+        const hasScanner = output.includes('security-scanner') ||
+                          output.includes('agentic-security') ||
+                          output.includes('agent-security-scanner');
+        if (hasScanner) {
+          // Extract the actual server name from output
+          let serverName = 'security-scanner';
+          if (output.includes('agentic-security')) serverName = 'agentic-security';
+          console.log(`    \u2713 ${client.name.padEnd(20)} configured (${serverName})`);
+        } else if (output.includes('no mcp servers configured')) {
+          console.log(`    \u2717 ${client.name.padEnd(20)} not configured for this project`);
+          if (fix) {
+            try {
+              execFileSync('claude', ['mcp', 'add', 'security-scanner', '--', 'npx', '-y', 'agent-security-scanner-mcp'],
+                { encoding: 'utf-8', stdio: 'pipe' });
+              console.log(`      \u2713 Fixed: added security-scanner via claude mcp add`);
+              fixed++;
+            } catch {
+              console.log(`      \u2717 Auto-fix failed. Run: npx agent-security-scanner-mcp init claude-code`);
+              issues++;
+            }
+          } else {
+            console.log(`      Fix: npx agent-security-scanner-mcp init claude-code`);
+            issues++;
+          }
+        } else {
+          console.log(`    \u2717 ${client.name.padEnd(20)} entry missing from project config`);
+          console.log(`      Fix: npx agent-security-scanner-mcp init claude-code`);
+          issues++;
+        }
+      } else {
+        console.log(`    \u26a0 ${client.name.padEnd(20)} could not check config (run 'claude mcp list' manually)`);
+      }
+      continue;
+    }
+
     let configPath;
     try { configPath = client.configPath(); } catch { continue; }
 

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "agent-security-scanner-mcp",
-  "version": "2.0.4",
+  "version": "2.0.6",
   "mcpName": "io.github.sinewaveai/agent-security-scanner-mcp",
   "description": "Security scanner MCP server for AI coding agents. Prompt injection firewall, package hallucination detection (4.3M+ packages), 359 vulnerability rules with auto-fix. For Claude Code, Cursor, Windsurf, Cline.",
   "main": "index.js",

package/packages/crates.txt

@@ -23630,7 +23630,6 @@ cinnog
 cint
 cio
 cio-api
-cioqLsBmIV3xEUGI6XQRx411QEIZwwaDh7c
 cip
 cip_rust
 cipepser-bicycle-book-wordcount