npm - agentic-qe - Versions diffs - 1.4.4 → 1.5.1 - Mend

agentic-qe 1.4.4 → 1.5.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (390) hide show

package/dist/mcp/handlers/security/generate-report.js ADDED Viewed

@@ -0,0 +1,469 @@
+"use strict";
+/**
+ * Security Report Generation Tool
+ *
+ * Generates comprehensive security reports in multiple formats (HTML, SARIF, JSON)
+ * with remediation steps, risk scoring, and compliance mapping.
+ *
+ * @module security/generate-report
+ * @version 1.0.0
+ * @author Agentic QE Team
+ *
+ * @example
+ * ```typescript
+ * import { generateSecurityReport } from './generate-report';
+ *
+ * const result = await generateSecurityReport({
+ *   scanResults: [sarifData, dependencyData, authData],
+ *   format: 'html',
+ *   includeFixes: true
+ * });
+ * ```
+ */
+var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    var desc = Object.getOwnPropertyDescriptor(m, k);
+    if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
+      desc = { enumerable: true, get: function() { return m[k]; } };
+    }
+    Object.defineProperty(o, k2, desc);
+}) : (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    o[k2] = m[k];
+}));
+var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) {
+    Object.defineProperty(o, "default", { enumerable: true, value: v });
+}) : function(o, v) {
+    o["default"] = v;
+});
+var __importStar = (this && this.__importStar) || (function () {
+    var ownKeys = function(o) {
+        ownKeys = Object.getOwnPropertyNames || function (o) {
+            var ar = [];
+            for (var k in o) if (Object.prototype.hasOwnProperty.call(o, k)) ar[ar.length] = k;
+            return ar;
+        };
+        return ownKeys(o);
+    };
+    return function (mod) {
+        if (mod && mod.__esModule) return mod;
+        var result = {};
+        if (mod != null) for (var k = ownKeys(mod), i = 0; i < k.length; i++) if (k[i] !== "default") __createBinding(result, mod, k[i]);
+        __setModuleDefault(result, mod);
+        return result;
+    };
+})();
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.GenerateSecurityReportHandler = void 0;
+exports.generateSecurityReport = generateSecurityReport;
+const base_handler_js_1 = require("../base-handler.js");
+const fs = __importStar(require("fs/promises"));
+class GenerateSecurityReportHandler extends base_handler_js_1.BaseHandler {
+    async handle(args) {
+        return this.safeHandle(async () => {
+            const requestId = this.generateRequestId();
+            this.log('info', 'Generating security report', { requestId, format: args.format });
+            // Validate required parameters
+            this.validateRequired(args, ['scanResults', 'format']);
+            const { result, executionTime } = await this.measureExecutionTime(async () => {
+                return await generateSecurityReport(args);
+            });
+            this.log('info', `Security report generated in ${executionTime.toFixed(2)}ms`, {
+                format: result.metadata.format,
+                totalVulnerabilities: result.executiveSummary?.totalVulnerabilities || 0
+            });
+            return this.createSuccessResponse(result, requestId);
+        });
+    }
+}
+exports.GenerateSecurityReportHandler = GenerateSecurityReportHandler;
+/**
+ * Generate comprehensive security report
+ *
+ * @param params - Report generation parameters
+ * @returns Generated security report with remediation plan
+ */
+async function generateSecurityReport(params) {
+    const { scanResults, format, includeFixes = true, includeCompliance = true, complianceStandards = ['OWASP', 'CWE', 'NIST'], includeRiskScoring = true, includeExecutiveSummary = true, outputPath, title = 'Security Assessment Report', projectName = 'Project Security Scan' } = params;
+    // Aggregate all vulnerabilities
+    const allVulnerabilities = scanResults.flatMap(scan => scan.vulnerabilities);
+    // Build findings
+    const findings = buildFindings(scanResults, allVulnerabilities, includeCompliance, complianceStandards);
+    // Generate executive summary if enabled
+    let executiveSummary;
+    if (includeExecutiveSummary) {
+        executiveSummary = generateExecutiveSummary(allVulnerabilities, includeCompliance, complianceStandards);
+    }
+    // Generate risk scoring if enabled
+    let riskScoring;
+    if (includeRiskScoring) {
+        riskScoring = calculateRiskScoring(scanResults);
+    }
+    // Generate remediation plan
+    const remediationPlan = generateRemediationPlan(allVulnerabilities, includeFixes);
+    // Generate compliance mapping if enabled
+    let complianceMapping;
+    if (includeCompliance) {
+        complianceMapping = generateComplianceMapping(allVulnerabilities, complianceStandards);
+    }
+    // Generate report content based on format
+    const content = await generateReportContent(format, {
+        title,
+        projectName,
+        executiveSummary,
+        findings,
+        riskScoring,
+        remediationPlan,
+        complianceMapping
+    });
+    // Save report if output path provided
+    let savedPath;
+    if (outputPath) {
+        savedPath = await saveReport(content, outputPath, format);
+    }
+    return {
+        metadata: {
+            title,
+            projectName,
+            generatedAt: new Date().toISOString(),
+            reportVersion: '1.0.0',
+            format
+        },
+        executiveSummary,
+        findings,
+        riskScoring,
+        remediationPlan,
+        complianceMapping,
+        content,
+        outputPath: savedPath
+    };
+}
+function buildFindings(scanResults, allVulnerabilities, includeCompliance, complianceStandards) {
+    const bySeverity = {
+        critical: allVulnerabilities.filter(v => v.severity === 'critical'),
+        high: allVulnerabilities.filter(v => v.severity === 'high'),
+        medium: allVulnerabilities.filter(v => v.severity === 'medium'),
+        low: allVulnerabilities.filter(v => v.severity === 'low')
+    };
+    const byScanType = {};
+    for (const scan of scanResults) {
+        byScanType[scan.scanType] = scan.vulnerabilities;
+    }
+    let byCompliance;
+    if (includeCompliance) {
+        byCompliance = {};
+        for (const standard of complianceStandards) {
+            byCompliance[standard] = allVulnerabilities.filter(v => (standard === 'OWASP' && v.cwe) ||
+                (standard === 'CWE' && v.cwe) ||
+                (standard === 'NIST' && v.cvssScore && v.cvssScore >= 7.0));
+        }
+    }
+    return {
+        bySeverity,
+        byScanType,
+        byCompliance
+    };
+}
+function generateExecutiveSummary(vulnerabilities, includeCompliance, complianceStandards) {
+    const critical = vulnerabilities.filter(v => v.severity === 'critical').length;
+    const high = vulnerabilities.filter(v => v.severity === 'high').length;
+    const medium = vulnerabilities.filter(v => v.severity === 'medium').length;
+    const overallRiskLevel = critical > 0 ? 'critical' :
+        high > 0 ? 'high' :
+            medium > 0 ? 'medium' : 'low';
+    const recommendations = generateTopRecommendations(vulnerabilities);
+    let complianceStatus;
+    if (includeCompliance) {
+        complianceStatus = {};
+        for (const standard of complianceStandards) {
+            const violations = vulnerabilities.filter(v => (standard === 'OWASP' && v.cwe) ||
+                (standard === 'CWE' && v.cwe)).length;
+            complianceStatus[standard] = violations === 0 ? 'compliant' :
+                violations <= 3 ? 'partial' : 'non-compliant';
+        }
+    }
+    return {
+        overallRiskLevel,
+        totalVulnerabilities: vulnerabilities.length,
+        criticalVulnerabilities: critical,
+        highVulnerabilities: high,
+        recommendations,
+        complianceStatus
+    };
+}
+function generateTopRecommendations(vulnerabilities) {
+    const recommendations = [];
+    const critical = vulnerabilities.filter(v => v.severity === 'critical');
+    if (critical.length > 0) {
+        recommendations.push(`Address ${critical.length} critical vulnerabilities immediately to prevent security incidents`);
+    }
+    const sqlInjection = vulnerabilities.filter(v => v.cwe === 'CWE-89');
+    if (sqlInjection.length > 0) {
+        recommendations.push('Implement parameterized queries to prevent SQL injection attacks');
+    }
+    const xss = vulnerabilities.filter(v => v.cwe === 'CWE-79');
+    if (xss.length > 0) {
+        recommendations.push('Sanitize all user inputs to prevent Cross-Site Scripting (XSS) attacks');
+    }
+    const auth = vulnerabilities.filter(v => v.cwe === 'CWE-287' || v.cwe === 'CWE-307');
+    if (auth.length > 0) {
+        recommendations.push('Strengthen authentication mechanisms and implement rate limiting');
+    }
+    if (recommendations.length === 0) {
+        recommendations.push('Continue regular security scanning and maintain security best practices');
+    }
+    return recommendations.slice(0, 5); // Top 5 recommendations
+}
+function calculateRiskScoring(scanResults) {
+    const weights = {
+        critical: 10,
+        high: 7,
+        medium: 4,
+        low: 1
+    };
+    let totalScore = 0;
+    const categoryScores = {};
+    for (const scan of scanResults) {
+        let scanScore = 0;
+        scan.vulnerabilities.forEach(vuln => {
+            scanScore += weights[vuln.severity];
+        });
+        categoryScores[scan.scanType] = scanScore;
+        totalScore += scanScore;
+    }
+    // Normalize to 0-100 scale
+    const overallScore = Math.min(totalScore, 100);
+    return {
+        overallScore,
+        categoryScores,
+        trendAnalysis: {
+            trend: 'stable',
+            change: 0
+        }
+    };
+}
+function generateRemediationPlan(vulnerabilities, includeFixes) {
+    const immediate = [];
+    const shortTerm = [];
+    const longTerm = [];
+    vulnerabilities.forEach((vuln, index) => {
+        const action = includeFixes && vuln.fixSuggestion
+            ? vuln.fixSuggestion
+            : vuln.recommendation;
+        const item = {
+            vulnerability: vuln.title,
+            action,
+            priority: index + 1,
+            estimatedEffort: vuln.severity === 'critical' ? '1-2 days' :
+                vuln.severity === 'high' ? '3-5 days' :
+                    vuln.severity === 'medium' ? '1-2 weeks' : '2-4 weeks'
+        };
+        if (vuln.severity === 'critical') {
+            immediate.push(item);
+        }
+        else if (vuln.severity === 'high') {
+            shortTerm.push(item);
+        }
+        else {
+            longTerm.push(item);
+        }
+    });
+    return {
+        immediate: immediate.slice(0, 10),
+        shortTerm: shortTerm.slice(0, 10),
+        longTerm: longTerm.slice(0, 10)
+    };
+}
+function generateComplianceMapping(vulnerabilities, complianceStandards) {
+    const mapping = {};
+    for (const standard of complianceStandards) {
+        if (standard === 'OWASP') {
+            mapping['OWASP'] = {
+                standard: 'OWASP Top 10 2021',
+                requirements: [
+                    {
+                        requirement: 'A03:2021 – Injection',
+                        status: vulnerabilities.some(v => v.cwe === 'CWE-89') ? 'not-met' : 'met',
+                        relatedVulnerabilities: vulnerabilities.filter(v => v.cwe === 'CWE-89').map(v => v.id)
+                    },
+                    {
+                        requirement: 'A07:2021 – Identification and Authentication Failures',
+                        status: vulnerabilities.some(v => v.cwe === 'CWE-287') ? 'not-met' : 'met',
+                        relatedVulnerabilities: vulnerabilities.filter(v => v.cwe === 'CWE-287').map(v => v.id)
+                    }
+                ]
+            };
+        }
+    }
+    return mapping;
+}
+async function generateReportContent(format, data) {
+    switch (format) {
+        case 'html':
+            return generateHTMLReport(data);
+        case 'sarif':
+            return generateSARIFReport(data);
+        case 'json':
+            return JSON.stringify(data, null, 2);
+        case 'markdown':
+            return generateMarkdownReport(data);
+        default:
+            return JSON.stringify(data, null, 2);
+    }
+}
+function generateHTMLReport(data) {
+    return `<!DOCTYPE html>
+<html lang="en">
+<head>
+    <meta charset="UTF-8">
+    <meta name="viewport" content="width=device-width, initial-scale=1.0">
+    <title>${data.title}</title>
+    <style>
+        body { font-family: Arial, sans-serif; margin: 20px; background: #f5f5f5; }
+        .container { max-width: 1200px; margin: 0 auto; background: white; padding: 30px; border-radius: 8px; box-shadow: 0 2px 4px rgba(0,0,0,0.1); }
+        h1 { color: #333; border-bottom: 3px solid #007bff; padding-bottom: 10px; }
+        h2 { color: #555; margin-top: 30px; border-bottom: 2px solid #ccc; padding-bottom: 8px; }
+        .critical { color: #dc3545; font-weight: bold; }
+        .high { color: #fd7e14; font-weight: bold; }
+        .medium { color: #ffc107; font-weight: bold; }
+        .low { color: #28a745; }
+        .summary-box { background: #f8f9fa; padding: 20px; border-radius: 5px; margin: 20px 0; border-left: 4px solid #007bff; }
+        .vulnerability { background: #fff; border: 1px solid #dee2e6; border-radius: 5px; padding: 15px; margin: 10px 0; }
+        table { width: 100%; border-collapse: collapse; margin: 20px 0; }
+        th, td { padding: 12px; text-align: left; border-bottom: 1px solid #dee2e6; }
+        th { background: #007bff; color: white; }
+        .recommendation { background: #d1ecf1; border-left: 4px solid #17a2b8; padding: 10px; margin: 10px 0; }
+    </style>
+</head>
+<body>
+    <div class="container">
+        <h1>${data.title}</h1>
+        <p><strong>Project:</strong> ${data.projectName}</p>
+        <p><strong>Generated:</strong> ${new Date().toISOString()}</p>
+        ${data.executiveSummary ? `
+        <div class="summary-box">
+            <h2>Executive Summary</h2>
+            <p><strong>Overall Risk Level:</strong> <span class="${data.executiveSummary.overallRiskLevel}">${data.executiveSummary.overallRiskLevel.toUpperCase()}</span></p>
+            <p><strong>Total Vulnerabilities:</strong> ${data.executiveSummary.totalVulnerabilities}</p>
+            <p><strong>Critical:</strong> <span class="critical">${data.executiveSummary.criticalVulnerabilities}</span></p>
+            <p><strong>High:</strong> <span class="high">${data.executiveSummary.highVulnerabilities}</span></p>
+        </div>
+        ` : ''}
+        <h2>Vulnerability Summary</h2>
+        <table>
+            <tr>
+                <th>Severity</th>
+                <th>Count</th>
+            </tr>
+            <tr>
+                <td class="critical">Critical</td>
+                <td>${data.findings.bySeverity.critical.length}</td>
+            </tr>
+            <tr>
+                <td class="high">High</td>
+                <td>${data.findings.bySeverity.high.length}</td>
+            </tr>
+            <tr>
+                <td class="medium">Medium</td>
+                <td>${data.findings.bySeverity.medium.length}</td>
+            </tr>
+            <tr>
+                <td class="low">Low</td>
+                <td>${data.findings.bySeverity.low.length}</td>
+            </tr>
+        </table>
+        <h2>Recommendations</h2>
+        ${data.executiveSummary?.recommendations.map((rec) => `<div class="recommendation">${rec}</div>`).join('')}
+    </div>
+</body>
+</html>`;
+}
+function generateSARIFReport(data) {
+    const results = [];
+    for (const [severity, vulns] of Object.entries(data.findings.bySeverity)) {
+        for (const vuln of vulns) {
+            results.push({
+                ruleId: vuln.cwe || vuln.id,
+                level: severity === 'critical' || severity === 'high' ? 'error' : 'warning',
+                message: {
+                    text: vuln.description
+                },
+                locations: vuln.location ? [{
+                        physicalLocation: {
+                            artifactLocation: {
+                                uri: vuln.location.file
+                            },
+                            region: {
+                                startLine: vuln.location.line || 1
+                            }
+                        }
+                    }] : []
+            });
+        }
+    }
+    return JSON.stringify({
+        version: '2.1.0',
+        $schema: 'https://raw.githubusercontent.com/oasis-tcs/sarif-spec/master/Schemata/sarif-schema-2.1.0.json',
+        runs: [{
+                tool: {
+                    driver: {
+                        name: 'Agentic QE Security Scanner',
+                        version: '1.0.0'
+                    }
+                },
+                results
+            }]
+    }, null, 2);
+}
+function generateMarkdownReport(data) {
+    return `# ${data.title}
+**Project:** ${data.projectName}
+**Generated:** ${new Date().toISOString()}
+## Executive Summary
+${data.executiveSummary ? `
+- **Overall Risk Level:** ${data.executiveSummary.overallRiskLevel.toUpperCase()}
+- **Total Vulnerabilities:** ${data.executiveSummary.totalVulnerabilities}
+- **Critical:** ${data.executiveSummary.criticalVulnerabilities}
+- **High:** ${data.executiveSummary.highVulnerabilities}
+` : ''}
+## Vulnerability Summary
+| Severity | Count |
+|----------|-------|
+| Critical | ${data.findings.bySeverity.critical.length} |
+| High | ${data.findings.bySeverity.high.length} |
+| Medium | ${data.findings.bySeverity.medium.length} |
+| Low | ${data.findings.bySeverity.low.length} |
+## Recommendations
+${data.executiveSummary?.recommendations.map((rec) => `- ${rec}`).join('\n')}
+## Remediation Plan
+### Immediate Actions (Critical)
+${data.remediationPlan.immediate.map((item) => `
+- **${item.vulnerability}**
+  - Action: ${item.action}
+  - Effort: ${item.estimatedEffort}
+`).join('\n')}
+`;
+}
+async function saveReport(content, outputPath, format) {
+    try {
+        await fs.writeFile(outputPath, content, 'utf-8');
+        return outputPath;
+    }
+    catch (error) {
+        // Return content if file can't be saved
+        return 'report-not-saved';
+    }
+}
+//# sourceMappingURL=generate-report.js.map

package/dist/mcp/handlers/security/generate-report.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"generate-report.js","sourceRoot":"","sources":["../../../../src/mcp/handlers/security/generate-report.ts"],"names":[],"mappings":";AAAA;;;;;;;;;;;;;;;;;;;;GAoBG;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAsLH,wDA+EC;AAnQD,wDAAkE;AAElE,gDAAkC;AAqJlC,MAAa,6BAA8B,SAAQ,6BAAW;IAC5D,KAAK,CAAC,MAAM,CAAC,IAAkC;QAC7C,OAAO,IAAI,CAAC,UAAU,CAAC,KAAK,IAAI,EAAE;YAChC,MAAM,SAAS,GAAG,IAAI,CAAC,iBAAiB,EAAE,CAAC;YAC3C,IAAI,CAAC,GAAG,CAAC,MAAM,EAAE,4BAA4B,EAAE,EAAE,SAAS,EAAE,MAAM,EAAE,IAAI,CAAC,MAAM,EAAE,CAAC,CAAC;YAEnF,+BAA+B;YAC/B,IAAI,CAAC,gBAAgB,CAAC,IAAI,EAAE,CAAC,aAAa,EAAE,QAAQ,CAAC,CAAC,CAAC;YAEvD,MAAM,EAAE,MAAM,EAAE,aAAa,EAAE,GAAG,MAAM,IAAI,CAAC,oBAAoB,CAAC,KAAK,IAAI,EAAE;gBAC3E,OAAO,MAAM,sBAAsB,CAAC,IAAI,CAAC,CAAC;YAC5C,CAAC,CAAC,CAAC;YAEH,IAAI,CAAC,GAAG,CAAC,MAAM,EAAE,gCAAgC,aAAa,CAAC,OAAO,CAAC,CAAC,CAAC,IAAI,EAAE;gBAC7E,MAAM,EAAE,MAAM,CAAC,QAAQ,CAAC,MAAM;gBAC9B,oBAAoB,EAAE,MAAM,CAAC,gBAAgB,EAAE,oBAAoB,IAAI,CAAC;aACzE,CAAC,CAAC;YAEH,OAAO,IAAI,CAAC,qBAAqB,CAAC,MAAM,EAAE,SAAS,CAAC,CAAC;QACvD,CAAC,CAAC,CAAC;IACL,CAAC;CACF;AArBD,sEAqBC;AAED;;;;;GAKG;AACI,KAAK,UAAU,sBAAsB,CAC1C,MAAoC;IAEpC,MAAM,EACJ,WAAW,EACX,MAAM,EACN,YAAY,GAAG,IAAI,EACnB,iBAAiB,GAAG,IAAI,EACxB,mBAAmB,GAAG,CAAC,OAAO,EAAE,KAAK,EAAE,MAAM,CAAC,EAC9C,kBAAkB,GAAG,IAAI,EACzB,uBAAuB,GAAG,IAAI,EAC9B,UAAU,EACV,KAAK,GAAG,4BAA4B,EACpC,WAAW,GAAG,uBAAuB,EACtC,GAAG,MAAM,CAAC;IAEX,gCAAgC;IAChC,MAAM,kBAAkB,GAAG,WAAW,CAAC,OAAO,CAAC,IAAI,CAAC,EAAE,CAAC,IAAI,CAAC,eAAe,CAAC,CAAC;IAE7E,iBAAiB;IACjB,MAAM,QAAQ,GAAG,aAAa,CAAC,WAAW,EAAE,kBAAkB,EAAE,iBAAiB,EAAE,mBAAmB,CAAC,CAAC;IAExG,wCAAwC;IACxC,IAAI,gBAAgB,CAAC;IACrB,IAAI,uBAAuB,EAAE,CAAC;QAC5B,gBAAgB,GAAG,wBAAwB,CAAC,kBAAkB,EAAE,iBAAiB,EAAE,mBAAmB,CAAC,CAAC;IAC1G,CAAC;IAED,mCAAmC;IACnC,IAAI,WAAW,CAAC;IAChB,IAAI,kBAAkB,EAAE,CAAC;QACvB,WAAW,GAAG,oBAAoB,CAAC,WAAW,CAAC,CAAC;IAClD,CAAC;IAED,4BAA4B;IAC5B,MAAM,eAAe,GAAG,uBAAuB,CAAC,kBAAkB,EAAE,YAAY,CAAC,CAAC;IAElF,yCAAyC;IACzC,IAAI,iBAAiB,CAAC;IACtB,IAAI,iBAAiB,EAAE,CAAC;QACtB,iBAAiB,GAAG,yBAAyB,CAAC,kBAAkB,EAAE,mBAAmB,CAAC,CAAC;IACzF,CAAC;IAED,0CAA0C;IAC1C,MAAM,OAAO,GAAG,MAAM,qBAAqB,CACzC,MAAM,EACN;QACE,KAAK;QACL,WAAW;QACX,gBAAgB;QAChB,QAAQ;QACR,WAAW;QACX,eAAe;QACf,iBAAiB;KAClB,CACF,CAAC;IAEF,sCAAsC;IACtC,IAAI,SAAS,CAAC;IACd,IAAI,UAAU,EAAE,CAAC;QACf,SAAS,GAAG,MAAM,UAAU,CAAC,OAAO,EAAE,UAAU,EAAE,MAAM,CAAC,CAAC;IAC5D,CAAC;IAED,OAAO;QACL,QAAQ,EAAE;YACR,KAAK;YACL,WAAW;YACX,WAAW,EAAE,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE;YACrC,aAAa,EAAE,OAAO;YACtB,MAAM;SACP;QACD,gBAAgB;QAChB,QAAQ;QACR,WAAW;QACX,eAAe;QACf,iBAAiB;QACjB,OAAO;QACP,UAAU,EAAE,SAAS;KACtB,CAAC;AACJ,CAAC;AAED,SAAS,aAAa,CACpB,WAA+B,EAC/B,kBAAuD,EACvD,iBAA0B,EAC1B,mBAA6B;IAE7B,MAAM,UAAU,GAA6C;QAC3D,QAAQ,EAAE,kBAAkB,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,QAAQ,KAAK,UAAU,CAAC;QACnE,IAAI,EAAE,kBAAkB,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,QAAQ,KAAK,MAAM,CAAC;QAC3D,MAAM,EAAE,kBAAkB,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,QAAQ,KAAK,QAAQ,CAAC;QAC/D,GAAG,EAAE,kBAAkB,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,QAAQ,KAAK,KAAK,CAAC;KAC1D,CAAC;IAEF,MAAM,UAAU,GAAwD,EAAE,CAAC;IAC3E,KAAK,MAAM,IAAI,IAAI,WAAW,EAAE,CAAC;QAC/B,UAAU,CAAC,IAAI,CAAC,QAAQ,CAAC,GAAG,IAAI,CAAC,eAAe,CAAC;IACnD,CAAC;IAED,IAAI,YAA6E,CAAC;IAClF,IAAI,iBAAiB,EAAE,CAAC;QACtB,YAAY,GAAG,EAAE,CAAC;QAClB,KAAK,MAAM,QAAQ,IAAI,mBAAmB,EAAE,CAAC;YAC3C,YAAY,CAAC,QAAQ,CAAC,GAAG,kBAAkB,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CACrD,CAAC,QAAQ,KAAK,OAAO,IAAI,CAAC,CAAC,GAAG,CAAC;gBAC/B,CAAC,QAAQ,KAAK,KAAK,IAAI,CAAC,CAAC,GAAG,CAAC;gBAC7B,CAAC,QAAQ,KAAK,MAAM,IAAI,CAAC,CAAC,SAAS,IAAI,CAAC,CAAC,SAAS,IAAI,GAAG,CAAC,CAC3D,CAAC;QACJ,CAAC;IACH,CAAC;IAED,OAAO;QACL,UAAU;QACV,UAAU;QACV,YAAY;KACb,CAAC;AACJ,CAAC;AAED,SAAS,wBAAwB,CAC/B,eAAoD,EACpD,iBAA0B,EAC1B,mBAA6B;IAE7B,MAAM,QAAQ,GAAG,eAAe,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,QAAQ,KAAK,UAAU,CAAC,CAAC,MAAM,CAAC;IAC/E,MAAM,IAAI,GAAG,eAAe,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,QAAQ,KAAK,MAAM,CAAC,CAAC,MAAM,CAAC;IACvE,MAAM,MAAM,GAAG,eAAe,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,QAAQ,KAAK,QAAQ,CAAC,CAAC,MAAM,CAAC;IAE3E,MAAM,gBAAgB,GAAG,QAAQ,GAAG,CAAC,CAAC,CAAC,CAAC,UAAU,CAAC,CAAC;QAC5B,IAAI,GAAG,CAAC,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC;YACnB,MAAM,GAAG,CAAC,CAAC,CAAC,CAAC,QAAQ,CAAC,CAAC,CAAC,KAAK,CAAC;IAEtD,MAAM,eAAe,GAAG,0BAA0B,CAAC,eAAe,CAAC,CAAC;IAEpE,IAAI,gBAAuF,CAAC;IAC5F,IAAI,iBAAiB,EAAE,CAAC;QACtB,gBAAgB,GAAG,EAAE,CAAC;QACtB,KAAK,MAAM,QAAQ,IAAI,mBAAmB,EAAE,CAAC;YAC3C,MAAM,UAAU,GAAG,eAAe,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CAC5C,CAAC,QAAQ,KAAK,OAAO,IAAI,CAAC,CAAC,GAAG,CAAC;gBAC/B,CAAC,QAAQ,KAAK,KAAK,IAAI,CAAC,CAAC,GAAG,CAAC,CAC9B,CAAC,MAAM,CAAC;YAET,gBAAgB,CAAC,QAAQ,CAAC,GAAG,UAAU,KAAK,CAAC,CAAC,CAAC,CAAC,WAAW,CAAC,CAAC;gBAChC,UAAU,IAAI,CAAC,CAAC,CAAC,CAAC,SAAS,CAAC,CAAC,CAAC,eAAe,CAAC;QAC7E,CAAC;IACH,CAAC;IAED,OAAO;QACL,gBAAgB;QAChB,oBAAoB,EAAE,eAAe,CAAC,MAAM;QAC5C,uBAAuB,EAAE,QAAQ;QACjC,mBAAmB,EAAE,IAAI;QACzB,eAAe;QACf,gBAAgB;KACjB,CAAC;AACJ,CAAC;AAED,SAAS,0BAA0B,CAAC,eAAoD;IACtF,MAAM,eAAe,GAAa,EAAE,CAAC;IAErC,MAAM,QAAQ,GAAG,eAAe,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,QAAQ,KAAK,UAAU,CAAC,CAAC;IACxE,IAAI,QAAQ,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QACxB,eAAe,CAAC,IAAI,CAAC,WAAW,QAAQ,CAAC,MAAM,qEAAqE,CAAC,CAAC;IACxH,CAAC;IAED,MAAM,YAAY,GAAG,eAAe,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,GAAG,KAAK,QAAQ,CAAC,CAAC;IACrE,IAAI,YAAY,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QAC5B,eAAe,CAAC,IAAI,CAAC,kEAAkE,CAAC,CAAC;IAC3F,CAAC;IAED,MAAM,GAAG,GAAG,eAAe,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,GAAG,KAAK,QAAQ,CAAC,CAAC;IAC5D,IAAI,GAAG,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QACnB,eAAe,CAAC,IAAI,CAAC,wEAAwE,CAAC,CAAC;IACjG,CAAC;IAED,MAAM,IAAI,GAAG,eAAe,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,GAAG,KAAK,SAAS,IAAI,CAAC,CAAC,GAAG,KAAK,SAAS,CAAC,CAAC;IACrF,IAAI,IAAI,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QACpB,eAAe,CAAC,IAAI,CAAC,kEAAkE,CAAC,CAAC;IAC3F,CAAC;IAED,IAAI,eAAe,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;QACjC,eAAe,CAAC,IAAI,CAAC,yEAAyE,CAAC,CAAC;IAClG,CAAC;IAED,OAAO,eAAe,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,wBAAwB;AAC9D,CAAC;AAED,SAAS,oBAAoB,CAAC,WAA+B;IAC3D,MAAM,OAAO,GAAG;QACd,QAAQ,EAAE,EAAE;QACZ,IAAI,EAAE,CAAC;QACP,MAAM,EAAE,CAAC;QACT,GAAG,EAAE,CAAC;KACP,CAAC;IAEF,IAAI,UAAU,GAAG,CAAC,CAAC;IACnB,MAAM,cAAc,GAA2B,EAAE,CAAC;IAElD,KAAK,MAAM,IAAI,IAAI,WAAW,EAAE,CAAC;QAC/B,IAAI,SAAS,GAAG,CAAC,CAAC;QAClB,IAAI,CAAC,eAAe,CAAC,OAAO,CAAC,IAAI,CAAC,EAAE;YAClC,SAAS,IAAI,OAAO,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC;QACtC,CAAC,CAAC,CAAC;QAEH,cAAc,CAAC,IAAI,CAAC,QAAQ,CAAC,GAAG,SAAS,CAAC;QAC1C,UAAU,IAAI,SAAS,CAAC;IAC1B,CAAC;IAED,2BAA2B;IAC3B,MAAM,YAAY,GAAG,IAAI,CAAC,GAAG,CAAC,UAAU,EAAE,GAAG,CAAC,CAAC;IAE/C,OAAO;QACL,YAAY;QACZ,cAAc;QACd,aAAa,EAAE;YACb,KAAK,EAAE,QAAQ;YACf,MAAM,EAAE,CAAC;SACV;KACF,CAAC;AACJ,CAAC;AAED,SAAS,uBAAuB,CAC9B,eAAoD,EACpD,YAAqB;IAErB,MAAM,SAAS,GAAmD,EAAE,CAAC;IACrE,MAAM,SAAS,GAAmD,EAAE,CAAC;IACrE,MAAM,QAAQ,GAAkD,EAAE,CAAC;IAEnE,eAAe,CAAC,OAAO,CAAC,CAAC,IAAI,EAAE,KAAK,EAAE,EAAE;QACtC,MAAM,MAAM,GAAG,YAAY,IAAI,IAAI,CAAC,aAAa;YAC/C,CAAC,CAAC,IAAI,CAAC,aAAa;YACpB,CAAC,CAAC,IAAI,CAAC,cAAc,CAAC;QAExB,MAAM,IAAI,GAAG;YACX,aAAa,EAAE,IAAI,CAAC,KAAK;YACzB,MAAM;YACN,QAAQ,EAAE,KAAK,GAAG,CAAC;YACnB,eAAe,EAAE,IAAI,CAAC,QAAQ,KAAK,UAAU,CAAC,CAAC,CAAC,UAAU,CAAC,CAAC;gBAC3C,IAAI,CAAC,QAAQ,KAAK,MAAM,CAAC,CAAC,CAAC,UAAU,CAAC,CAAC;oBACvC,IAAI,CAAC,QAAQ,KAAK,QAAQ,CAAC,CAAC,CAAC,WAAW,CAAC,CAAC,CAAC,WAAW;SACxE,CAAC;QAEF,IAAI,IAAI,CAAC,QAAQ,KAAK,UAAU,EAAE,CAAC;YACjC,SAAS,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;QACvB,CAAC;aAAM,IAAI,IAAI,CAAC,QAAQ,KAAK,MAAM,EAAE,CAAC;YACpC,SAAS,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;QACvB,CAAC;aAAM,CAAC;YACN,QAAQ,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;QACtB,CAAC;IACH,CAAC,CAAC,CAAC;IAEH,OAAO;QACL,SAAS,EAAE,SAAS,CAAC,KAAK,CAAC,CAAC,EAAE,EAAE,CAAC;QACjC,SAAS,EAAE,SAAS,CAAC,KAAK,CAAC,CAAC,EAAE,EAAE,CAAC;QACjC,QAAQ,EAAE,QAAQ,CAAC,KAAK,CAAC,CAAC,EAAE,EAAE,CAAC;KAChC,CAAC;AACJ,CAAC;AAED,SAAS,yBAAyB,CAChC,eAAoD,EACpD,mBAA6B;IAE7B,MAAM,OAAO,GAAwC,EAAE,CAAC;IAExD,KAAK,MAAM,QAAQ,IAAI,mBAAmB,EAAE,CAAC;QAC3C,IAAI,QAAQ,KAAK,OAAO,EAAE,CAAC;YACzB,OAAO,CAAC,OAAO,CAAC,GAAG;gBACjB,QAAQ,EAAE,mBAAmB;gBAC7B,YAAY,EAAE;oBACZ;wBACE,WAAW,EAAE,sBAAsB;wBACnC,MAAM,EAAE,eAAe,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,GAAG,KAAK,QAAQ,CAAC,CAAC,CAAC,CAAC,SAAS,CAAC,CAAC,CAAC,KAAK;wBACzE,sBAAsB,EAAE,eAAe,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,GAAG,KAAK,QAAQ,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;qBACvF;oBACD;wBACE,WAAW,EAAE,uDAAuD;wBACpE,MAAM,EAAE,eAAe,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,GAAG,KAAK,SAAS,CAAC,CAAC,CAAC,CAAC,SAAS,CAAC,CAAC,CAAC,KAAK;wBAC1E,sBAAsB,EAAE,eAAe,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,GAAG,KAAK,SAAS,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;qBACxF;iBACF;aACF,CAAC;QACJ,CAAC;IACH,CAAC;IAED,OAAO,OAAO,CAAC;AACjB,CAAC;AAED,KAAK,UAAU,qBAAqB,CAClC,MAAc,EACd,IAQC;IAED,QAAQ,MAAM,EAAE,CAAC;QACf,KAAK,MAAM;YACT,OAAO,kBAAkB,CAAC,IAAI,CAAC,CAAC;QAClC,KAAK,OAAO;YACV,OAAO,mBAAmB,CAAC,IAAI,CAAC,CAAC;QACnC,KAAK,MAAM;YACT,OAAO,IAAI,CAAC,SAAS,CAAC,IAAI,EAAE,IAAI,EAAE,CAAC,CAAC,CAAC;QACvC,KAAK,UAAU;YACb,OAAO,sBAAsB,CAAC,IAAI,CAAC,CAAC;QACtC;YACE,OAAO,IAAI,CAAC,SAAS,CAAC,IAAI,EAAE,IAAI,EAAE,CAAC,CAAC,CAAC;IACzC,CAAC;AACH,CAAC;AAED,SAAS,kBAAkB,CAAC,IAAS;IACnC,OAAO;;;;;aAKI,IAAI,CAAC,KAAK;;;;;;;;;;;;;;;;;;;;cAoBT,IAAI,CAAC,KAAK;uCACe,IAAI,CAAC,WAAW;yCACd,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE;;UAEvD,IAAI,CAAC,gBAAgB,CAAC,CAAC,CAAC;;;mEAGiC,IAAI,CAAC,gBAAgB,CAAC,gBAAgB,KAAK,IAAI,CAAC,gBAAgB,CAAC,gBAAgB,CAAC,WAAW,EAAE;yDACzG,IAAI,CAAC,gBAAgB,CAAC,oBAAoB;mEAChC,IAAI,CAAC,gBAAgB,CAAC,uBAAuB;2DACrD,IAAI,CAAC,gBAAgB,CAAC,mBAAmB;;SAE3F,CAAC,CAAC,CAAC,EAAE;;;;;;;;;;sBAUQ,IAAI,CAAC,QAAQ,CAAC,UAAU,CAAC,QAAQ,CAAC,MAAM;;;;sBAIxC,IAAI,CAAC,QAAQ,CAAC,UAAU,CAAC,IAAI,CAAC,MAAM;;;;sBAIpC,IAAI,CAAC,QAAQ,CAAC,UAAU,CAAC,MAAM,CAAC,MAAM;;;;sBAItC,IAAI,CAAC,QAAQ,CAAC,UAAU,CAAC,GAAG,CAAC,MAAM;;;;;UAK/C,IAAI,CAAC,gBAAgB,EAAE,eAAe,CAAC,GAAG,CAAC,CAAC,GAAW,EAAE,EAAE,CAC3D,+BAA+B,GAAG,QAAQ,CAC3C,CAAC,IAAI,CAAC,EAAE,CAAC;;;QAGV,CAAC;AACT,CAAC;AAED,SAAS,mBAAmB,CAAC,IAAS;IACpC,MAAM,OAAO,GAAG,EAAE,CAAC;IAEnB,KAAK,MAAM,CAAC,QAAQ,EAAE,KAAK,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,IAAI,CAAC,QAAQ,CAAC,UAAU,CAAC,EAAE,CAAC;QACzE,KAAK,MAAM,IAAI,IAAI,KAAc,EAAE,CAAC;YAClC,OAAO,CAAC,IAAI,CAAC;gBACX,MAAM,EAAE,IAAI,CAAC,GAAG,IAAI,IAAI,CAAC,EAAE;gBAC3B,KAAK,EAAE,QAAQ,KAAK,UAAU,IAAI,QAAQ,KAAK,MAAM,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,SAAS;gBAC3E,OAAO,EAAE;oBACP,IAAI,EAAE,IAAI,CAAC,WAAW;iBACvB;gBACD,SAAS,EAAE,IAAI,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC;wBAC1B,gBAAgB,EAAE;4BAChB,gBAAgB,EAAE;gCAChB,GAAG,EAAE,IAAI,CAAC,QAAQ,CAAC,IAAI;6BACxB;4BACD,MAAM,EAAE;gCACN,SAAS,EAAE,IAAI,CAAC,QAAQ,CAAC,IAAI,IAAI,CAAC;6BACnC;yBACF;qBACF,CAAC,CAAC,CAAC,CAAC,EAAE;aACR,CAAC,CAAC;QACL,CAAC;IACH,CAAC;IAED,OAAO,IAAI,CAAC,SAAS,CAAC;QACpB,OAAO,EAAE,OAAO;QAChB,OAAO,EAAE,gGAAgG;QACzG,IAAI,EAAE,CAAC;gBACL,IAAI,EAAE;oBACJ,MAAM,EAAE;wBACN,IAAI,EAAE,6BAA6B;wBACnC,OAAO,EAAE,OAAO;qBACjB;iBACF;gBACD,OAAO;aACR,CAAC;KACH,EAAE,IAAI,EAAE,CAAC,CAAC,CAAC;AACd,CAAC;AAED,SAAS,sBAAsB,CAAC,IAAS;IACvC,OAAO,KAAK,IAAI,CAAC,KAAK;;eAET,IAAI,CAAC,WAAW;iBACd,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE;;;;EAIvC,IAAI,CAAC,gBAAgB,CAAC,CAAC,CAAC;4BACE,IAAI,CAAC,gBAAgB,CAAC,gBAAgB,CAAC,WAAW,EAAE;+BACjD,IAAI,CAAC,gBAAgB,CAAC,oBAAoB;kBACvD,IAAI,CAAC,gBAAgB,CAAC,uBAAuB;cACjD,IAAI,CAAC,gBAAgB,CAAC,mBAAmB;CACtD,CAAC,CAAC,CAAC,EAAE;;;;;;eAMS,IAAI,CAAC,QAAQ,CAAC,UAAU,CAAC,QAAQ,CAAC,MAAM;WAC5C,IAAI,CAAC,QAAQ,CAAC,UAAU,CAAC,IAAI,CAAC,MAAM;aAClC,IAAI,CAAC,QAAQ,CAAC,UAAU,CAAC,MAAM,CAAC,MAAM;UACzC,IAAI,CAAC,QAAQ,CAAC,UAAU,CAAC,GAAG,CAAC,MAAM;;;;EAI3C,IAAI,CAAC,gBAAgB,EAAE,eAAe,CAAC,GAAG,CAAC,CAAC,GAAW,EAAE,EAAE,CAAC,KAAK,GAAG,EAAE,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC;;;;;EAKlF,IAAI,CAAC,eAAe,CAAC,SAAS,CAAC,GAAG,CAAC,CAAC,IAAS,EAAE,EAAE,CAAC;MAC9C,IAAI,CAAC,aAAa;cACV,IAAI,CAAC,MAAM;cACX,IAAI,CAAC,eAAe;CACjC,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC;CACZ,CAAC;AACF,CAAC;AAED,KAAK,UAAU,UAAU,CAAC,OAAe,EAAE,UAAkB,EAAE,MAAc;IAC3E,IAAI,CAAC;QACH,MAAM,EAAE,CAAC,SAAS,CAAC,UAAU,EAAE,OAAO,EAAE,OAAO,CAAC,CAAC;QACjD,OAAO,UAAU,CAAC;IACpB,CAAC;IAAC,OAAO,KAAK,EAAE,CAAC;QACf,wCAAwC;QACxC,OAAO,kBAAkB,CAAC;IAC5B,CAAC;AACH,CAAC"}

package/dist/mcp/handlers/security/index.d.ts ADDED Viewed

@@ -0,0 +1,80 @@
+/**
+ * Security Domain Tools
+ *
+ * Comprehensive security testing tools for SAST, DAST, authentication,
+ * authorization, dependency scanning, and security reporting.
+ *
+ * @module security
+ * @version 1.0.0
+ * @author Agentic QE Team
+ */
+export { securityScanComprehensive, type SecurityScanComprehensiveParams, type SecurityScanComprehensiveResult, type SecurityVulnerability, type ComplianceCheck } from './scan-comprehensive';
+export { validateAuthenticationFlow, ValidateAuthenticationFlowHandler, type ValidateAuthenticationFlowParams, type AuthValidationResult, type AuthTestCase, type AuthFinding } from './validate-auth';
+export { checkAuthorizationRules, CheckAuthorizationRulesHandler, type CheckAuthorizationRulesParams, type AuthzCheckResult, type AuthorizationPolicy, type AuthzFinding } from './check-authz';
+export { scanDependenciesVulnerabilities, ScanDependenciesVulnerabilitiesHandler, type ScanDependenciesVulnerabilitiesParams, type VulnerabilityScanResult, type DependencyVulnerability, type LicenseIssue, type OutdatedPackage } from './scan-dependencies';
+export { generateSecurityReport, GenerateSecurityReportHandler, type GenerateSecurityReportParams, type SecurityReport, type SecurityScanData } from './generate-report';
+/**
+ * Security Domain Tool Registry
+ *
+ * All tools are registered and available for MCP server integration.
+ */
+export declare const SECURITY_TOOLS: {
+    readonly 'scan-comprehensive': {
+        readonly name: "scan-comprehensive";
+        readonly description: "Comprehensive security scanning with SAST, DAST, SCA, and CVE monitoring";
+        readonly handler: "securityScanComprehensive";
+    };
+    readonly 'validate-auth': {
+        readonly name: "validate-auth";
+        readonly description: "Validate authentication flows, test auth endpoints, and perform token validation";
+        readonly handler: "validateAuthenticationFlow";
+    };
+    readonly 'check-authz': {
+        readonly name: "check-authz";
+        readonly description: "Check authorization rules, policy enforcement, and RBAC/ABAC configuration";
+        readonly handler: "checkAuthorizationRules";
+    };
+    readonly 'scan-dependencies': {
+        readonly name: "scan-dependencies";
+        readonly description: "Scan dependencies for vulnerabilities with severity filtering and auto-fix suggestions";
+        readonly handler: "scanDependenciesVulnerabilities";
+    };
+    readonly 'generate-report': {
+        readonly name: "generate-report";
+        readonly description: "Generate security reports in HTML, SARIF, JSON, or Markdown formats";
+        readonly handler: "generateSecurityReport";
+    };
+};
+/**
+ * Get all security tool names
+ */
+export declare function getSecurityToolNames(): string[];
+/**
+ * Get security tool by name
+ */
+export declare function getSecurityTool(name: string): {
+    readonly name: "scan-comprehensive";
+    readonly description: "Comprehensive security scanning with SAST, DAST, SCA, and CVE monitoring";
+    readonly handler: "securityScanComprehensive";
+} | {
+    readonly name: "validate-auth";
+    readonly description: "Validate authentication flows, test auth endpoints, and perform token validation";
+    readonly handler: "validateAuthenticationFlow";
+} | {
+    readonly name: "check-authz";
+    readonly description: "Check authorization rules, policy enforcement, and RBAC/ABAC configuration";
+    readonly handler: "checkAuthorizationRules";
+} | {
+    readonly name: "scan-dependencies";
+    readonly description: "Scan dependencies for vulnerabilities with severity filtering and auto-fix suggestions";
+    readonly handler: "scanDependenciesVulnerabilities";
+} | {
+    readonly name: "generate-report";
+    readonly description: "Generate security reports in HTML, SARIF, JSON, or Markdown formats";
+    readonly handler: "generateSecurityReport";
+};
+/**
+ * Check if tool exists in security domain
+ */
+export declare function isSecurityTool(name: string): boolean;
+//# sourceMappingURL=index.d.ts.map

package/dist/mcp/handlers/security/index.d.ts.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../../../src/mcp/handlers/security/index.ts"],"names":[],"mappings":"AAAA;;;;;;;;;GASG;AAGH,OAAO,EACL,yBAAyB,EACzB,KAAK,+BAA+B,EACpC,KAAK,+BAA+B,EACpC,KAAK,qBAAqB,EAC1B,KAAK,eAAe,EACrB,MAAM,sBAAsB,CAAC;AAG9B,OAAO,EACL,0BAA0B,EAC1B,iCAAiC,EACjC,KAAK,gCAAgC,EACrC,KAAK,oBAAoB,EACzB,KAAK,YAAY,EACjB,KAAK,WAAW,EACjB,MAAM,iBAAiB,CAAC;AAGzB,OAAO,EACL,uBAAuB,EACvB,8BAA8B,EAC9B,KAAK,6BAA6B,EAClC,KAAK,gBAAgB,EACrB,KAAK,mBAAmB,EACxB,KAAK,YAAY,EAClB,MAAM,eAAe,CAAC;AAGvB,OAAO,EACL,+BAA+B,EAC/B,sCAAsC,EACtC,KAAK,qCAAqC,EAC1C,KAAK,uBAAuB,EAC5B,KAAK,uBAAuB,EAC5B,KAAK,YAAY,EACjB,KAAK,eAAe,EACrB,MAAM,qBAAqB,CAAC;AAG7B,OAAO,EACL,sBAAsB,EACtB,6BAA6B,EAC7B,KAAK,4BAA4B,EACjC,KAAK,cAAc,EACnB,KAAK,gBAAgB,EACtB,MAAM,mBAAmB,CAAC;AAE3B;;;;GAIG;AACH,eAAO,MAAM,cAAc;;;;;;;;;;;;;;;;;;;;;;;;;;CAmCjB,CAAC;AAEX;;GAEG;AACH,wBAAgB,oBAAoB,IAAI,MAAM,EAAE,CAE/C;AAED;;GAEG;AACH,wBAAgB,eAAe,CAAC,IAAI,EAAE,MAAM;;;;;;;;;;;;;;;;;;;;EAE3C;AAED;;GAEG;AACH,wBAAgB,cAAc,CAAC,IAAI,EAAE,MAAM,GAAG,OAAO,CAEpD"}

package/dist/mcp/handlers/security/index.js ADDED Viewed

@@ -0,0 +1,91 @@
+"use strict";
+/**
+ * Security Domain Tools
+ *
+ * Comprehensive security testing tools for SAST, DAST, authentication,
+ * authorization, dependency scanning, and security reporting.
+ *
+ * @module security
+ * @version 1.0.0
+ * @author Agentic QE Team
+ */
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.SECURITY_TOOLS = exports.GenerateSecurityReportHandler = exports.generateSecurityReport = exports.ScanDependenciesVulnerabilitiesHandler = exports.scanDependenciesVulnerabilities = exports.CheckAuthorizationRulesHandler = exports.checkAuthorizationRules = exports.ValidateAuthenticationFlowHandler = exports.validateAuthenticationFlow = exports.securityScanComprehensive = void 0;
+exports.getSecurityToolNames = getSecurityToolNames;
+exports.getSecurityTool = getSecurityTool;
+exports.isSecurityTool = isSecurityTool;
+// Comprehensive Security Scanning
+var scan_comprehensive_1 = require("./scan-comprehensive");
+Object.defineProperty(exports, "securityScanComprehensive", { enumerable: true, get: function () { return scan_comprehensive_1.securityScanComprehensive; } });
+// Authentication Validation
+var validate_auth_1 = require("./validate-auth");
+Object.defineProperty(exports, "validateAuthenticationFlow", { enumerable: true, get: function () { return validate_auth_1.validateAuthenticationFlow; } });
+Object.defineProperty(exports, "ValidateAuthenticationFlowHandler", { enumerable: true, get: function () { return validate_auth_1.ValidateAuthenticationFlowHandler; } });
+// Authorization Checking
+var check_authz_1 = require("./check-authz");
+Object.defineProperty(exports, "checkAuthorizationRules", { enumerable: true, get: function () { return check_authz_1.checkAuthorizationRules; } });
+Object.defineProperty(exports, "CheckAuthorizationRulesHandler", { enumerable: true, get: function () { return check_authz_1.CheckAuthorizationRulesHandler; } });
+// Dependency Vulnerability Scanning
+var scan_dependencies_1 = require("./scan-dependencies");
+Object.defineProperty(exports, "scanDependenciesVulnerabilities", { enumerable: true, get: function () { return scan_dependencies_1.scanDependenciesVulnerabilities; } });
+Object.defineProperty(exports, "ScanDependenciesVulnerabilitiesHandler", { enumerable: true, get: function () { return scan_dependencies_1.ScanDependenciesVulnerabilitiesHandler; } });
+// Security Report Generation
+var generate_report_1 = require("./generate-report");
+Object.defineProperty(exports, "generateSecurityReport", { enumerable: true, get: function () { return generate_report_1.generateSecurityReport; } });
+Object.defineProperty(exports, "GenerateSecurityReportHandler", { enumerable: true, get: function () { return generate_report_1.GenerateSecurityReportHandler; } });
+/**
+ * Security Domain Tool Registry
+ *
+ * All tools are registered and available for MCP server integration.
+ */
+exports.SECURITY_TOOLS = {
+    // Comprehensive scanning
+    'scan-comprehensive': {
+        name: 'scan-comprehensive',
+        description: 'Comprehensive security scanning with SAST, DAST, SCA, and CVE monitoring',
+        handler: 'securityScanComprehensive'
+    },
+    // Authentication validation
+    'validate-auth': {
+        name: 'validate-auth',
+        description: 'Validate authentication flows, test auth endpoints, and perform token validation',
+        handler: 'validateAuthenticationFlow'
+    },
+    // Authorization checking
+    'check-authz': {
+        name: 'check-authz',
+        description: 'Check authorization rules, policy enforcement, and RBAC/ABAC configuration',
+        handler: 'checkAuthorizationRules'
+    },
+    // Dependency scanning
+    'scan-dependencies': {
+        name: 'scan-dependencies',
+        description: 'Scan dependencies for vulnerabilities with severity filtering and auto-fix suggestions',
+        handler: 'scanDependenciesVulnerabilities'
+    },
+    // Report generation
+    'generate-report': {
+        name: 'generate-report',
+        description: 'Generate security reports in HTML, SARIF, JSON, or Markdown formats',
+        handler: 'generateSecurityReport'
+    }
+};
+/**
+ * Get all security tool names
+ */
+function getSecurityToolNames() {
+    return Object.keys(exports.SECURITY_TOOLS);
+}
+/**
+ * Get security tool by name
+ */
+function getSecurityTool(name) {
+    return exports.SECURITY_TOOLS[name];
+}
+/**
+ * Check if tool exists in security domain
+ */
+function isSecurityTool(name) {
+    return name in exports.SECURITY_TOOLS;
+}
+//# sourceMappingURL=index.js.map

package/dist/mcp/handlers/security/index.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"index.js","sourceRoot":"","sources":["../../../../src/mcp/handlers/security/index.ts"],"names":[],"mappings":";AAAA;;;;;;;;;GASG;;;AAgGH,oDAEC;AAKD,0CAEC;AAKD,wCAEC;AA9GD,kCAAkC;AAClC,2DAM8B;AAL5B,+HAAA,yBAAyB,OAAA;AAO3B,4BAA4B;AAC5B,iDAOyB;AANvB,2HAAA,0BAA0B,OAAA;AAC1B,kIAAA,iCAAiC,OAAA;AAOnC,yBAAyB;AACzB,6CAOuB;AANrB,sHAAA,uBAAuB,OAAA;AACvB,6HAAA,8BAA8B,OAAA;AAOhC,oCAAoC;AACpC,yDAQ6B;AAP3B,oIAAA,+BAA+B,OAAA;AAC/B,2IAAA,sCAAsC,OAAA;AAQxC,6BAA6B;AAC7B,qDAM2B;AALzB,yHAAA,sBAAsB,OAAA;AACtB,gIAAA,6BAA6B,OAAA;AAM/B;;;;GAIG;AACU,QAAA,cAAc,GAAG;IAC5B,yBAAyB;IACzB,oBAAoB,EAAE;QACpB,IAAI,EAAE,oBAAoB;QAC1B,WAAW,EAAE,0EAA0E;QACvF,OAAO,EAAE,2BAA2B;KACrC;IAED,4BAA4B;IAC5B,eAAe,EAAE;QACf,IAAI,EAAE,eAAe;QACrB,WAAW,EAAE,kFAAkF;QAC/F,OAAO,EAAE,4BAA4B;KACtC;IAED,yBAAyB;IACzB,aAAa,EAAE;QACb,IAAI,EAAE,aAAa;QACnB,WAAW,EAAE,4EAA4E;QACzF,OAAO,EAAE,yBAAyB;KACnC;IAED,sBAAsB;IACtB,mBAAmB,EAAE;QACnB,IAAI,EAAE,mBAAmB;QACzB,WAAW,EAAE,wFAAwF;QACrG,OAAO,EAAE,iCAAiC;KAC3C;IAED,oBAAoB;IACpB,iBAAiB,EAAE;QACjB,IAAI,EAAE,iBAAiB;QACvB,WAAW,EAAE,qEAAqE;QAClF,OAAO,EAAE,wBAAwB;KAClC;CACO,CAAC;AAEX;;GAEG;AACH,SAAgB,oBAAoB;IAClC,OAAO,MAAM,CAAC,IAAI,CAAC,sBAAc,CAAC,CAAC;AACrC,CAAC;AAED;;GAEG;AACH,SAAgB,eAAe,CAAC,IAAY;IAC1C,OAAO,sBAAc,CAAC,IAAmC,CAAC,CAAC;AAC7D,CAAC;AAED;;GAEG;AACH,SAAgB,cAAc,CAAC,IAAY;IACzC,OAAO,IAAI,IAAI,sBAAc,CAAC;AAChC,CAAC"}