agent-security-scanner-mcp 4.0.1 → 4.1.0

package/code-review-agent/tests/context/security-summary.test.ts

@@ -0,0 +1,181 @@
+import { describe, it, expect } from 'vitest';
+import * as path from 'node:path';
+import {
+  buildRelatedFileSummaries,
+  formatRelatedFileSummaries,
+} from '../../src/context/security-summary.js';
+import type { FileContext } from '../../src/types/analysis.js';
+
+const FIXTURES_DIR = path.resolve(__dirname, '..', 'fixtures', 'guarded-agent');
+
+function makeFileContext(overrides: Partial<FileContext> = {}): FileContext {
+  return {
+    filePath: 'router.py',
+    content: 'from tools.executor import execute_tool\n',
+    language: 'python',
+    lineCount: 5,
+    imports: ['./tools/executor'],
+    importedBy: [],
+    siblingFiles: ['vuln-tool.py', 'tools'],
+    isTestFile: false,
+    isConfigFile: false,
+    isGenerated: false,
+    ...overrides,
+  };
+}
+
+describe('buildRelatedFileSummaries', () => {
+  it('extracts security-relevant lines from imported files', () => {
+    const file = makeFileContext({
+      filePath: 'router.py',
+      imports: ['./tools/executor'],
+    });
+
+    const summaries = buildRelatedFileSummaries(file, FIXTURES_DIR);
+
+    expect(summaries.length).toBeGreaterThan(0);
+    const executorSummary = summaries.find((s) => s.filePath.includes('executor'));
+    expect(executorSummary).toBeDefined();
+    expect(executorSummary!.relationship).toBe('imports');
+    // Should capture subprocess.run line
+    expect(executorSummary!.relevantLines.some((l) => l.includes('subprocess'))).toBe(true);
+  });
+
+  it('includes security-relevant sibling files', () => {
+    const file = makeFileContext({
+      filePath: 'router.py',
+      imports: [],
+      siblingFiles: ['vuln-tool.py', 'guard.py', 'readme.txt'],
+    });
+
+    // guard.py is a security-relevant sibling
+    const summaries = buildRelatedFileSummaries(file, FIXTURES_DIR);
+
+    // May or may not find guard.py depending on whether it exists at the right path
+    // The point is the function doesn't crash and returns valid summaries
+    expect(Array.isArray(summaries)).toBe(true);
+  });
+
+  it('returns empty array when no related files have security-relevant content', () => {
+    const file = makeFileContext({
+      filePath: 'empty.py',
+      imports: [],
+      importedBy: [],
+      siblingFiles: [],
+    });
+
+    const summaries = buildRelatedFileSummaries(file, FIXTURES_DIR);
+    expect(summaries).toEqual([]);
+  });
+
+  it('limits to MAX_RELATED_FILES (4)', () => {
+    const file = makeFileContext({
+      imports: [
+        './tools/executor',
+        './tools/guard',
+        './vuln-tool',
+        './router',
+        './extra1',
+        './extra2',
+      ],
+    });
+
+    const summaries = buildRelatedFileSummaries(file, FIXTURES_DIR);
+    expect(summaries.length).toBeLessThanOrEqual(4);
+  });
+
+  it('resolves Python bare module imports (tools.executor style)', () => {
+    const file = makeFileContext({
+      filePath: 'router.py',
+      imports: ['tools.executor'],  // as buildFileContext would actually produce
+    });
+
+    const summaries = buildRelatedFileSummaries(file, FIXTURES_DIR);
+
+    const executorSummary = summaries.find((s) => s.filePath.includes('executor'));
+    expect(executorSummary).toBeDefined();
+    expect(executorSummary!.relationship).toBe('imports');
+    expect(executorSummary!.relevantLines.some((l) => l.includes('subprocess'))).toBe(true);
+  });
+
+  it('resolves Python single-token imports (import guard style)', () => {
+    const file = makeFileContext({
+      filePath: 'router.py',
+      imports: ['tools.guard'],  // from tools.guard import is_allowed_command
+    });
+
+    const summaries = buildRelatedFileSummaries(file, FIXTURES_DIR);
+
+    const guardSummary = summaries.find((s) => s.filePath.includes('guard'));
+    expect(guardSummary).toBeDefined();
+    expect(guardSummary!.relevantLines.some((l) => /allow/i.test(l))).toBe(true);
+  });
+
+  it('resolves submodule import from file.ts output (from tools import executor)', () => {
+    // file.ts now emits both 'tools' and 'tools.executor' for `from tools import executor`
+    // The resolver should find tools/executor.py via the dotted form
+    const file = makeFileContext({
+      filePath: 'router.py',
+      imports: ['tools', 'tools.executor'],  // as file.ts now produces
+    });
+
+    const summaries = buildRelatedFileSummaries(file, FIXTURES_DIR);
+
+    const executorSummary = summaries.find((s) => s.filePath.includes('executor'));
+    expect(executorSummary).toBeDefined();
+    expect(executorSummary!.relevantLines.some((l) => l.includes('subprocess'))).toBe(true);
+  });
+
+  it('does not inject unrelated package children for bare import', () => {
+    // `from tools import safe_helper` should NOT pull in unrelated executor.py
+    // file.ts emits ['tools', 'tools.safe_helper'] — neither resolves to executor.py
+    const file = makeFileContext({
+      filePath: 'router.py',
+      imports: ['tools', 'tools.safe_helper'],  // safe_helper doesn't exist in fixture
+    });
+
+    const summaries = buildRelatedFileSummaries(file, FIXTURES_DIR);
+
+    // 'tools' alone resolves to nothing (no tools.py, no tools/__init__.py)
+    // 'tools.safe_helper' resolves to nothing (no tools/safe_helper.py)
+    // So no executor.py should appear from the import path
+    const executorFromImport = summaries.find((s) =>
+      s.filePath.includes('executor') && s.relationship === 'imports');
+    expect(executorFromImport).toBeUndefined();
+  });
+
+  it('does not summarize the same file twice across relationships', () => {
+    // If a file is both imported and a sibling, it should appear only once
+    const file = makeFileContext({
+      filePath: 'router.py',
+      imports: ['./tools/executor'],
+      importedBy: [],
+      siblingFiles: ['tools'],  // tools dir is a sibling
+    });
+
+    const summaries = buildRelatedFileSummaries(file, FIXTURES_DIR);
+    const paths = summaries.map((s) => s.filePath);
+    const unique = new Set(paths);
+    expect(paths.length).toBe(unique.size);
+  });
+});
+
+describe('formatRelatedFileSummaries', () => {
+  it('returns empty string for no summaries', () => {
+    expect(formatRelatedFileSummaries([])).toBe('');
+  });
+
+  it('formats summaries with file path, relationship, and lines', () => {
+    const summaries = [
+      {
+        filePath: 'tools/executor.py',
+        relationship: 'imports' as const,
+        relevantLines: ['L9: result = subprocess.run([command, *args], capture_output=True, text=True, shell=False)'],
+      },
+    ];
+
+    const formatted = formatRelatedFileSummaries(summaries);
+    expect(formatted).toContain('tools/executor.py (imports)');
+    expect(formatted).toContain('subprocess.run');
+  });
+});

package/code-review-agent/tests/fixtures/guarded-agent/router.py

@@ -0,0 +1,6 @@
+from tools.executor import execute_tool
+
+def handle_request(action: str, args: list[str]) -> str:
+    if action == "run_command":
+        return execute_tool(args[0], args[1:])
+    return "unknown action"

package/code-review-agent/tests/fixtures/guarded-agent/tools/executor.py

@@ -0,0 +1,10 @@
+import subprocess
+from .guard import is_allowed_command
+
+ALLOWED_COMMANDS = {"ls", "cat", "echo", "date", "whoami"}
+
+def execute_tool(command: str, args: list[str]) -> str:
+    if command not in ALLOWED_COMMANDS:
+        raise ValueError(f"Command not allowed: {command}")
+    result = subprocess.run([command, *args], capture_output=True, text=True, shell=False)
+    return result.stdout

package/code-review-agent/tests/fixtures/guarded-agent/tools/guard.py

@@ -0,0 +1,4 @@
+ALLOWED_COMMANDS = frozenset({"ls", "cat", "echo", "date", "whoami"})
+
+def is_allowed_command(command: str) -> bool:
+    return command in ALLOWED_COMMANDS

package/code-review-agent/tests/fixtures/guarded-agent/vuln-tool.py

@@ -0,0 +1,6 @@
+import requests
+
+def fetch_url(url: str) -> str:
+    """Fetches a URL without any validation - SSRF vulnerability."""
+    response = requests.get(url)
+    return response.text

package/code-review-agent/tests/graph/dependency.test.ts

@@ -119,6 +119,82 @@ describe('DependencyGraphBuilder', () => {
     }
   });
 
+  it('resolves Python bare module imports into the graph', () => {
+    const fixtureDir = path.resolve(__dirname, '../fixtures/guarded-agent');
+    const builder = new DependencyGraphBuilder(fixtureDir);
+    const graph = builder.build(['router.py']);
+
+    // router.py has `from tools.executor import execute_tool`
+    // which should resolve to tools/executor.py
+    const routerNode = graph.nodes.get('router.py');
+    expect(routerNode).toBeTruthy();
+
+    // Check that tools/executor.py is in the graph with a reverse edge
+    const executorKey = Array.from(graph.nodes.keys()).find((k) => k.includes('executor'));
+    expect(executorKey).toBeDefined();
+    const executorNode = graph.nodes.get(executorKey!);
+    expect(executorNode?.importedBy).toContain('router.py');
+  });
+
+  it('resolves Python bare imports from project root for nested files', () => {
+    // Simulate app/router.py importing tools.executor where tools/ is at project root
+    const tmpDir = fs.mkdtempSync(path.join(os.tmpdir(), 'cr-nested-py-'));
+    try {
+      fs.mkdirSync(path.join(tmpDir, 'app'));
+      fs.mkdirSync(path.join(tmpDir, 'tools'));
+      fs.writeFileSync(
+        path.join(tmpDir, 'app', 'router.py'),
+        'from tools.executor import run\n',
+      );
+      fs.writeFileSync(
+        path.join(tmpDir, 'tools', 'executor.py'),
+        'def run(): pass\n',
+      );
+
+      const builder = new DependencyGraphBuilder(tmpDir);
+      const graph = builder.build(['app/router.py']);
+
+      const normalizedKey = Array.from(graph.nodes.keys()).find((k) =>
+        k.replace(/\\/g, '/').includes('tools/executor'));
+      expect(normalizedKey).toBeDefined();
+      const executorNode = graph.nodes.get(normalizedKey!);
+      // Path separators vary by OS — normalize for comparison
+      const importedByNorm = executorNode?.importedBy.map((p) => p.replace(/\\/g, '/'));
+      expect(importedByNorm).toContain('app/router.py');
+    } finally {
+      fs.rmSync(tmpDir, { recursive: true });
+    }
+  });
+
+  it('resolves "from package import submodule" form into the graph', () => {
+    // `from tools import executor` — the graph resolver must emit tools.executor
+    const tmpDir = fs.mkdtempSync(path.join(os.tmpdir(), 'cr-from-import-'));
+    try {
+      fs.mkdirSync(path.join(tmpDir, 'app'));
+      fs.mkdirSync(path.join(tmpDir, 'tools'));
+      fs.writeFileSync(
+        path.join(tmpDir, 'app', 'router.py'),
+        'from tools import executor\n',
+      );
+      fs.writeFileSync(
+        path.join(tmpDir, 'tools', 'executor.py'),
+        'def run(): pass\n',
+      );
+
+      const builder = new DependencyGraphBuilder(tmpDir);
+      const graph = builder.build(['app/router.py']);
+
+      const normalizedKey = Array.from(graph.nodes.keys()).find((k) =>
+        k.replace(/\\/g, '/').includes('tools/executor'));
+      expect(normalizedKey).toBeDefined();
+      const executorNode = graph.nodes.get(normalizedKey!);
+      const importedByNorm = executorNode?.importedBy.map((p) => p.replace(/\\/g, '/'));
+      expect(importedByNorm).toContain('app/router.py');
+    } finally {
+      fs.rmSync(tmpDir, { recursive: true });
+    }
+  });
+
   it('keeps supported non-JS entry files in the graph', () => {
     const tmpDir = fs.mkdtempSync(path.join(os.tmpdir(), 'cr-java-'));
     try {

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "agent-security-scanner-mcp",
-  "version": "4.0.1",
+  "version": "4.1.0",
   "mcpName": "io.github.sinewaveai/agent-security-scanner-mcp",
   "description": "Security scanner MCP server for AI coding agents. Prompt injection firewall, package hallucination detection (4.3M+ packages), 1700+ vulnerability rules with AST & taint analysis, LLM-powered semantic code review, auto-fix. For Claude Code, Cursor, Windsurf, Cline, OpenClaw.",
   "main": "index.js",