agentaudit 3.9.39 → 3.9.41

package/cli.mjs

@@ -525,12 +525,20 @@ function extractJSON(text) {
 
 const MAX_FILE_SIZE = 50_000;
 const MAX_TOTAL_SIZE = 300_000;
+// Directories safe to skip: dependencies, caches, build artifacts, editor config.
+// SECURITY RULE: If a directory can contain source code, workflow files, or
+// prose (prompt injection), it MUST be scanned.
+// Reviewed 2026-02-17:
+//   - RESTORED: test/tests/__tests__/spec/specs/e2e (malware in test hooks)
+//   - RESTORED: .github (workflow injection, supply chain attacks)
+//   - RESTORED: examples/example (hidden backdoors in "example" code)
+//   - RESTORED: docs/doc (prompt injection in documentation)
+//   - RESTORED: fixtures (test data can contain malicious payloads)
 const SKIP_DIRS = new Set([
-  'node_modules', '.git', '__pycache__', '.venv', 'venv', 'dist', 'build',
-  '.next', '.nuxt', 'coverage', '.pytest_cache', '.mypy_cache', 'vendor',
-  'test', 'tests', '__tests__', 'spec', 'specs', 'docs', 'doc',
-  'examples', 'example', 'fixtures', '.github', '.vscode', '.idea',
-  'e2e', 'benchmark', 'benchmarks', '.tox', '.eggs', 'htmlcov',
+  'node_modules', '.git', '__pycache__', '.venv', 'venv', 'vendor',
+  'dist', 'build', '.next', '.nuxt',
+  'coverage', '.pytest_cache', '.mypy_cache', '.tox', '.eggs', 'htmlcov',
+  '.vscode', '.idea',
 ]);
 const SKIP_EXTENSIONS = new Set([
   '.lock', '.png', '.jpg', '.jpeg', '.gif', '.svg', '.ico', '.woff',
@@ -539,20 +547,15 @@ const SKIP_EXTENSIONS = new Set([
   '.dylib', '.dll', '.exe', '.bin', '.dat', '.db', '.sqlite',
   '.snap', '.patch', '.diff', '.log', '.csv', '.tsv', '.parquet',
 ]);
-// Files that are never security-relevant (config/docs/metadata)
+// Files safe to skip: ONLY inert line-based config that cannot execute code
+// and cannot contain prompt injections (no prose, no markdown, no scripts).
+// SECURITY RULE: When in doubt, SCAN IT. False positives > false negatives.
+// Reviewed 2026-02-17: All .md files removed from skip list (prompt injection vector).
+// All executable configs removed (malware vector). Only line-based dotfiles remain.
 const SKIP_FILES = new Set([
-  'license', 'license.md', 'license.txt', 'licence', 'licence.md',
-  'changelog.md', 'changelog', 'changes.md', 'history.md',
-  'contributing.md', 'contributors.md', 'authors', 'authors.md',
-  'code_of_conduct.md', 'security.md', 'funding.yml',
-  '.prettierrc', '.prettierrc.json', '.prettierrc.js', '.prettierignore',
-  '.eslintignore', '.gitignore', '.gitattributes', '.npmignore',
+  '.gitignore', '.gitattributes', '.npmignore', '.dockerignore',
   '.editorconfig', '.browserslistrc', '.nvmrc', '.node-version',
-  '.dockerignore', 'renovate.json', '.renovaterc',
-  'jest.config.js', 'jest.config.ts', 'vitest.config.ts', 'vitest.config.js',
-  '.babelrc', 'babel.config.js', 'babel.config.json',
-  'postcss.config.js', 'postcss.config.mjs', 'tailwind.config.js', 'tailwind.config.ts',
-  'prettier.config.js', 'prettier.config.mjs',
+  '.prettierignore', '.eslintignore',
 ]);
 
 function collectFiles(dir, basePath = '', collected = [], totalSize = { bytes: 0 }) {
@@ -1467,12 +1470,16 @@ async function auditRepo(url) {
   // with room for system prompt (~2k tokens) + output (4k tokens)
   const MAX_CHUNK_CHARS = 60_000;
   const chunks = []; // array of code block strings
+  const chunkFileNames = []; // track which files are in each chunk for error reporting
   let currentChunk = '';
   let currentChars = 0;
+  let currentFiles = [];
   for (const file of files) {
     const entry = `\n### FILE: ${file.path}\n\`\`\`\n${file.content}\n\`\`\`\n`;
     if (currentChars + entry.length > MAX_CHUNK_CHARS && currentChars > 0) {
       chunks.push(currentChunk);
+      chunkFileNames.push([...currentFiles]);
+      currentFiles = [];
       currentChunk = '';
       currentChars = 0;
     }
@@ -1485,8 +1492,9 @@ async function auditRepo(url) {
       currentChunk += entry;
       currentChars += entry.length;
     }
+    currentFiles.push(file.path);
   }
-  if (currentChunk) chunks.push(currentChunk);
+  if (currentChunk) { chunks.push(currentChunk); chunkFileNames.push([...currentFiles]); }
   
   const needsMultiPass = chunks.length > 1;
   if (needsMultiPass) {
@@ -1607,7 +1615,7 @@ async function auditRepo(url) {
         const modelInfo = modelData.data?.find(m => m.id === actualModel);
         if (modelInfo?.context_length) {
           const ctx = modelInfo.context_length;
-          outputTokenBudget = ctx >= 128_000 ? 8192 : ctx >= 64_000 ? 4096 : ctx >= 32_000 ? 2048 : 1024;
+          outputTokenBudget = ctx >= 128_000 ? 8192 : ctx >= 64_000 ? 4096 : ctx >= 32_000 ? 2048 : 2048;
           if (process.argv.includes('--debug')) {
             console.log(`  ${c.dim}  Model context: ${ctx.toLocaleString()} tokens → max_tokens: ${outputTokenBudget}${c.reset}`);
           }
@@ -1747,8 +1755,11 @@ async function auditRepo(url) {
       const result = await callLLM(chunks[i], `pass ${i + 1}`);
       
       if (result.error) {
+        const failedFiles = chunkFileNames[i] || [];
         console.log(` ${c.red}failed${c.reset} ${c.dim}(${result.error.slice(0, 80)})${c.reset}`);
-        // Don't abort on individual pass failures — continue with remaining chunks
+        if (failedFiles.length > 0) {
+          console.log(`  ${c.yellow}⚠  ${failedFiles.length} files NOT analyzed:${c.reset} ${c.dim}${failedFiles.slice(0, 5).join(', ')}${failedFiles.length > 5 ? ` (+${failedFiles.length - 5} more)` : ''}${c.reset}`);
+        }
         continue;
       }
       

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "agentaudit",
-  "version": "3.9.39",
+  "version": "3.9.41",
   "description": "Security scanner for AI packages — MCP server + CLI",
   "type": "module",
   "bin": {