npm - agentic-qe - Versions diffs - 3.7.8 → 3.7.9 - Mend

agentic-qe 3.7.8 → 3.7.9

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (285) hide show

package/assets/skills/n8n-security-testing/schemas/output.json ADDED Viewed

@@ -0,0 +1,293 @@
+{
+  "$schema": "https://json-schema.org/draft/2020-12/schema",
+  "$id": "https://agentic-qe.dev/schemas/skills/n8n-security-testing/output.json",
+  "title": "N8N Security Testing Skill Output Schema",
+  "description": "Schema for n8n-security-testing skill output. Validates credential security, data exposure, and workflow security vulnerabilities.",
+  "type": "object",
+  "required": ["skillName", "version", "timestamp", "status", "trustTier", "output"],
+  "properties": {
+    "skillName": {
+      "type": "string",
+      "const": "n8n-security-testing"
+    },
+    "version": {
+      "type": "string",
+      "pattern": "^\\d+\\.\\d+\\.\\d+(-[a-zA-Z0-9]+)?$"
+    },
+    "timestamp": {
+      "type": "string",
+      "format": "date-time"
+    },
+    "status": {
+      "type": "string",
+      "enum": ["success", "partial", "failed", "skipped"]
+    },
+    "trustTier": {
+      "type": "integer",
+      "const": 3
+    },
+    "output": {
+      "type": "object",
+      "required": ["summary", "securityFindings", "credentialAudit"],
+      "properties": {
+        "summary": {
+          "type": "string",
+          "minLength": 20,
+          "maxLength": 2000
+        },
+        "securityFindings": {
+          "type": "array",
+          "items": {
+            "$ref": "#/$defs/securityFinding"
+          },
+          "maxItems": 500
+        },
+        "credentialAudit": {
+          "$ref": "#/$defs/credentialAudit"
+        },
+        "workflowValidation": {
+          "$ref": "#/$defs/workflowValidation"
+        },
+        "dataExposureRisks": {
+          "type": "array",
+          "items": {
+            "$ref": "#/$defs/dataExposureRisk"
+          }
+        },
+        "nodeSecurityScores": {
+          "type": "array",
+          "items": {
+            "$ref": "#/$defs/nodeSecurityScore"
+          }
+        },
+        "recommendations": {
+          "type": "array",
+          "items": {
+            "$ref": "#/$defs/recommendation"
+          },
+          "maxItems": 100
+        },
+        "complianceChecks": {
+          "type": "array",
+          "items": {
+            "$ref": "#/$defs/complianceCheck"
+          }
+        },
+        "metrics": {
+          "$ref": "#/$defs/metrics"
+        }
+      }
+    },
+    "metadata": {
+      "$ref": "#/$defs/metadata"
+    },
+    "validation": {
+      "$ref": "#/$defs/validationResult"
+    },
+    "learning": {
+      "$ref": "#/$defs/learningData"
+    }
+  },
+  "$defs": {
+    "securityFinding": {
+      "type": "object",
+      "required": ["id", "title", "severity", "category"],
+      "properties": {
+        "id": {
+          "type": "string",
+          "pattern": "^SEC-N8N-\\d{3,6}$"
+        },
+        "title": {
+          "type": "string",
+          "minLength": 10,
+          "maxLength": 200
+        },
+        "description": {
+          "type": "string",
+          "maxLength": 2000
+        },
+        "severity": {
+          "type": "string",
+          "enum": ["critical", "high", "medium", "low", "info"]
+        },
+        "category": {
+          "type": "string",
+          "enum": ["credential-exposure", "data-leakage", "injection", "auth-bypass", "insecure-config", "sensitive-data", "access-control"]
+        },
+        "nodeName": {
+          "type": "string"
+        },
+        "nodeType": {
+          "type": "string"
+        },
+        "location": {
+          "type": "object",
+          "properties": {
+            "workflowId": { "type": "string" },
+            "nodeId": { "type": "string" },
+            "parameter": { "type": "string" }
+          }
+        },
+        "evidence": {
+          "type": "string",
+          "maxLength": 5000
+        },
+        "remediation": {
+          "type": "string",
+          "maxLength": 2000
+        },
+        "cwe": {
+          "type": "string",
+          "pattern": "^CWE-\\d{1,4}$"
+        },
+        "owasp": {
+          "type": "string",
+          "pattern": "^A(0[1-9]|10):20(21|25)$"
+        },
+        "falsePositive": {
+          "type": "boolean"
+        },
+        "confidence": {
+          "type": "number",
+          "minimum": 0,
+          "maximum": 1
+        }
+      }
+    },
+    "credentialAudit": {
+      "type": "object",
+      "required": ["totalCredentials", "secureCredentials", "insecureCredentials"],
+      "properties": {
+        "totalCredentials": { "type": "integer", "minimum": 0 },
+        "secureCredentials": { "type": "integer", "minimum": 0 },
+        "insecureCredentials": { "type": "integer", "minimum": 0 },
+        "expiredCredentials": { "type": "integer", "minimum": 0 },
+        "unusedCredentials": { "type": "integer", "minimum": 0 },
+        "credentialIssues": {
+          "type": "array",
+          "items": {
+            "type": "object",
+            "properties": {
+              "credentialName": { "type": "string" },
+              "issue": { "type": "string" },
+              "severity": { "type": "string", "enum": ["critical", "high", "medium", "low"] }
+            }
+          }
+        },
+        "overallScore": { "type": "number", "minimum": 0, "maximum": 100 }
+      }
+    },
+    "workflowValidation": {
+      "type": "object",
+      "required": ["workflowId", "secure"],
+      "properties": {
+        "workflowId": { "type": "string" },
+        "workflowName": { "type": "string" },
+        "secure": { "type": "boolean" },
+        "criticalFindings": { "type": "integer", "minimum": 0 },
+        "highFindings": { "type": "integer", "minimum": 0 },
+        "mediumFindings": { "type": "integer", "minimum": 0 },
+        "lowFindings": { "type": "integer", "minimum": 0 },
+        "securityScore": { "type": "number", "minimum": 0, "maximum": 100 },
+        "grade": { "type": "string", "pattern": "^[A-F][+-]?$" },
+        "riskLevel": { "type": "string", "enum": ["critical", "high", "medium", "low", "minimal"] }
+      }
+    },
+    "dataExposureRisk": {
+      "type": "object",
+      "required": ["riskType", "severity"],
+      "properties": {
+        "riskType": {
+          "type": "string",
+          "enum": ["pii-exposure", "credential-leak", "api-key-exposure", "token-exposure", "logging-sensitive-data", "external-transmission"]
+        },
+        "severity": { "type": "string", "enum": ["critical", "high", "medium", "low"] },
+        "affectedNodes": { "type": "array", "items": { "type": "string" } },
+        "dataTypes": { "type": "array", "items": { "type": "string" } },
+        "description": { "type": "string" },
+        "mitigation": { "type": "string" }
+      }
+    },
+    "nodeSecurityScore": {
+      "type": "object",
+      "required": ["nodeName", "nodeType", "score"],
+      "properties": {
+        "nodeName": { "type": "string" },
+        "nodeType": { "type": "string" },
+        "score": { "type": "number", "minimum": 0, "maximum": 100 },
+        "grade": { "type": "string", "pattern": "^[A-F][+-]?$" },
+        "vulnerabilities": { "type": "integer", "minimum": 0 },
+        "riskFactors": { "type": "array", "items": { "type": "string" } }
+      }
+    },
+    "complianceCheck": {
+      "type": "object",
+      "required": ["standard", "passed"],
+      "properties": {
+        "standard": { "type": "string", "enum": ["GDPR", "HIPAA", "PCI-DSS", "SOC2", "OWASP"] },
+        "passed": { "type": "boolean" },
+        "requirements": {
+          "type": "array",
+          "items": {
+            "type": "object",
+            "properties": {
+              "requirement": { "type": "string" },
+              "passed": { "type": "boolean" },
+              "notes": { "type": "string" }
+            }
+          }
+        }
+      }
+    },
+    "recommendation": {
+      "type": "object",
+      "required": ["id", "title", "priority"],
+      "properties": {
+        "id": { "type": "string", "pattern": "^REC-\\d{3,6}$" },
+        "title": { "type": "string", "maxLength": 200 },
+        "description": { "type": "string", "maxLength": 2000 },
+        "priority": { "type": "string", "enum": ["critical", "high", "medium", "low"] },
+        "relatedFindings": { "type": "array", "items": { "type": "string" } },
+        "effort": { "type": "string", "enum": ["trivial", "low", "medium", "high", "major"] }
+      }
+    },
+    "metrics": {
+      "type": "object",
+      "properties": {
+        "totalFindings": { "type": "integer", "minimum": 0 },
+        "criticalCount": { "type": "integer", "minimum": 0 },
+        "highCount": { "type": "integer", "minimum": 0 },
+        "mediumCount": { "type": "integer", "minimum": 0 },
+        "lowCount": { "type": "integer", "minimum": 0 },
+        "nodesScanned": { "type": "integer", "minimum": 0 },
+        "credentialsAudited": { "type": "integer", "minimum": 0 },
+        "securityScore": { "type": "number", "minimum": 0, "maximum": 100 }
+      }
+    },
+    "metadata": {
+      "type": "object",
+      "properties": {
+        "executionTimeMs": { "type": "integer", "minimum": 0 },
+        "toolsUsed": { "type": "array", "items": { "type": "string" } },
+        "agentId": { "type": "string", "pattern": "^qe-[a-z][a-z0-9-]*$" },
+        "n8nVersion": { "type": "string" },
+        "scanDepth": { "type": "string", "enum": ["quick", "standard", "deep"] }
+      }
+    },
+    "validationResult": {
+      "type": "object",
+      "properties": {
+        "schemaValid": { "type": "boolean" },
+        "contentValid": { "type": "boolean" },
+        "confidence": { "type": "number", "minimum": 0, "maximum": 1 }
+      }
+    },
+    "learningData": {
+      "type": "object",
+      "properties": {
+        "patternsDetected": { "type": "array", "items": { "type": "string" } },
+        "reward": { "type": "number", "minimum": 0, "maximum": 1 }
+      }
+    }
+  }
+}

package/assets/skills/n8n-security-testing/scripts/validate-config.json ADDED Viewed

@@ -0,0 +1,34 @@
+{
+  "skillName": "n8n-security-testing",
+  "skillVersion": "1.0.0",
+  "requiredTools": [
+    "jq"
+  ],
+  "optionalTools": [],
+  "schemaPath": "schemas/output.json",
+  "requiredFields": [
+    "skillName",
+    "status",
+    "output",
+    "output.summary",
+    "output.securityFindings",
+    "output.credentialAudit"
+  ],
+  "requiredNonEmptyFields": [],
+  "mustContainTerms": [
+    "security",
+    "credential"
+  ],
+  "mustNotContainTerms": [
+    "TODO",
+    "FIXME"
+  ],
+  "enumValidations": {
+    ".status": [
+      "success",
+      "partial",
+      "failed",
+      "skipped"
+    ]
+  }
+}

package/assets/skills/n8n-trigger-testing-strategies/SKILL.md CHANGED Viewed

@@ -11,6 +11,12 @@ last_optimized: 2025-12-15
 dependencies: []
 quick_reference_card: true
 tags: [n8n, triggers, webhook, schedule, cron, polling, testing]
+trust_tier: 3
+validation:
+  schema_path: schemas/output.json
+  validator_path: scripts/validate-config.json
+  eval_path: evals/n8n-trigger-testing-strategies.yaml
 ---
 # n8n Trigger Testing Strategies