npm - badgr-security-scan - Versions diffs - 0.1.0 - Mend

badgr-security-scan 0.1.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (10) hide show

package/README.md ADDED Viewed

@@ -0,0 +1,143 @@
+# badgr-security-scan
+Scan code, configs, and agent prompts for obvious security risks — leaked secrets, unsafe defaults, prompt injection, and dangerous tool permissions.
+```bash
+npx badgr-security-scan --text "$(cat src/config.ts)"
+```
+**Free. No signup required.** Runs entirely on your machine — nothing is sent anywhere.
+---
+## The problem it solves
+AI agents and LLM apps have a new class of security risks: leaked API keys in prompts, `exec()` calls in agent tools, and prompt injection phrases that hijack agent behavior. Standard linters don't catch these. `badgr-security-scan` does — in one command, with no setup.
+---
+## Quick start
+```bash
+# Scan a code snippet
+npx badgr-security-scan --text "API_KEY=sk_live_abc123 const client = new OpenAI()"
+# Scan a file
+npx badgr-security-scan --text "$(cat src/agent.ts)"
+# Machine-readable JSON (for CI or pre-commit hooks)
+npx badgr-security-scan --text "$(cat src/agent.ts)" --json
+# Skip prompt injection checks
+npx badgr-security-scan --text "$(cat src/config.ts)" --no-prompt-injection
+```
+---
+## CLI flags
+| Flag | Description |
+|------|-------------|
+| `--text <str>` | Text or code snippet to scan (required) |
+| `--no-prompt-injection` | Skip prompt injection pattern checks |
+| `--json` | Output machine-readable JSON |
+**Exit codes:** `0` = no blocking risks found, `1` = risks found
+---
+## What it checks
+| Category | What it looks for | Example |
+|---|---|---|
+| `secret` | API keys, tokens, or secrets with 16+ char values | `API_KEY=sk_live_abc123456789` |
+| `unsafe-default` | Auth bypasses and TLS disabled | `rejectUnauthorized: false`, `disableAuth` |
+| `dangerous-tool` | Shell execution in agent tool code | `exec()`, `child_process`, `rm -rf` |
+| `prompt-injection` | Phrases that hijack agent behavior | `"Ignore previous instructions"`, `"exfiltrate"` |
+---
+## Example output
+```
+badgr-security-scan
+  ✗  secret           API key or token found: API_KEY=sk_live_... (truncated)
+  ✗  dangerous-tool   exec() call detected — dangerous in agent tool context
+  ✓  unsafe-default   No unsafe auth defaults found
+  ✓  prompt-injection No injection phrases found
+  2 risks found. Review before deploying.
+```
+```
+badgr-security-scan
+  ✓  secret           No leaked secrets found
+  ✓  unsafe-default   No unsafe auth defaults found
+  ✓  dangerous-tool   No dangerous tool patterns found
+  ✓  prompt-injection No injection phrases found
+  All checks passed.
+```
+---
+## TypeScript API
+```ts
+import { runSecurityScan } from "badgr-security-scan";
+const result = runSecurityScan({
+  text: sourceCode,
+  includePromptInjectionChecks: true,  // default: true
+});
+console.log(result.checks);
+// [
+//   { status: "fail", label: "secret", detail: "API key found: API_KEY=sk_live_..." },
+//   { status: "pass", label: "unsafe-default", detail: "No unsafe auth defaults found" },
+//   ...
+// ]
+if (!result.checks.every(c => c.status === "pass")) {
+  process.exit(1);
+}
+```
+**Types:**
+```ts
+interface SecurityScanOptions {
+  text: string;
+  includePromptInjectionChecks?: boolean;  // default: true
+}
+interface SecurityScanResult {
+  checks: DiagnosticCheck[];
+  report: JsonReport;
+}
+```
+---
+## Use in CI / pre-commit
+**GitHub Actions:**
+```yaml
+- name: Security scan
+  run: npx badgr-security-scan --text "$(cat src/agent.ts)" --json
+```
+**Pre-commit hook (`.husky/pre-commit`):**
+```bash
+npx badgr-security-scan --text "$(git diff --cached --unified=0)" --json
+```
+---
+## Requirements
+- Node.js 18+

package/dist/cli.d.ts ADDED Viewed

@@ -0,0 +1,3 @@
+#!/usr/bin/env node
+export {};
+//# sourceMappingURL=cli.d.ts.map

package/dist/cli.d.ts.map ADDED Viewed

	@@ -0,0 +1 @@
1	+ {"version":3,"file":"cli.d.ts","sourceRoot":"","sources":["../src/cli.ts"],"names":[],"mappings":""}

package/dist/cli.js ADDED Viewed

@@ -0,0 +1,69 @@
+#!/usr/bin/env node
+import { createLogger, fireTelemetry } from "badgr-shared";
+import { runSecurityScan } from "./index.js";
+fireTelemetry({ package: "badgr-security-scan" });
+function readArg(name) {
+    const index = process.argv.indexOf(name);
+    return index >= 0 ? process.argv[index + 1] : undefined;
+}
+if (process.argv.includes("--help") || process.argv.includes("-h")) {
+    console.log(`badgr-security-scan — local scan for secrets, unsafe defaults, and prompt injection
+Usage:
+  npx badgr-security-scan --text "API_KEY=sk_test_1234567890abcdef"
+  npx badgr-security-scan --text "<code snippet>" --json
+Flags:
+  --text <str>           Text or code snippet to scan (required)
+  --no-prompt-injection  Skip prompt-injection pattern checks
+  --json                 Output machine-readable JSON
+Checks performed:
+  secret            Leaked API keys, tokens, or secrets (16+ char values)
+  unsafe-default    disableAuth, rejectUnauthorized: false, verify: false
+  dangerous-tool    exec(), rm -rf, child_process in agent tool code
+  prompt-injection  "ignore previous instructions", exfiltrate phrases
+Exit codes:
+  0  No blocking risks found
+  1  One or more security checks failed
+No signup required. Hosted agent policies and approvals are optional.
+Environment:
+  BADGR_TELEMETRY=0      Disable anonymous usage telemetry`);
+    process.exit(0);
+}
+const json = process.argv.includes("--json");
+const text = readArg("--text") ?? process.argv.slice(2).filter((a) => a !== "--json").join(" ");
+if (!text.trim()) {
+    console.error("Error: --text is required");
+    console.error('Usage: npx badgr-security-scan --text "API_KEY=sk_test_abc..."');
+    process.exit(2);
+}
+const result = runSecurityScan({
+    text,
+    includePromptInjectionChecks: !process.argv.includes("--no-prompt-injection"),
+});
+const logger = createLogger(json);
+if (json) {
+    logger.report(result.report);
+}
+else {
+    logger.line("badgr-security-scan report");
+    logger.line("");
+    for (const check of result.checks) {
+        logger.line(`${check.status === "pass" ? "✓" : "✗"} ${check.message}`);
+    }
+    logger.line("");
+    logger.line(`Status: ${result.report.status}`);
+    if (result.report.recommendedActions.length > 0) {
+        logger.line("");
+        for (const action of result.report.recommendedActions)
+            logger.line(`  → ${action}`);
+    }
+    logger.line("");
+    logger.line("Optional: connect AI Badgr policies for hosted agent tool approvals.");
+}
+process.exitCode = result.report.status === "failed" ? 1 : 0;
+//# sourceMappingURL=cli.js.map

package/dist/cli.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"cli.js","sourceRoot":"","sources":["../src/cli.ts"],"names":[],"mappings":";AACA,OAAO,EAAE,YAAY,EAAE,aAAa,EAAE,MAAM,cAAc,CAAC;AAC3D,OAAO,EAAE,eAAe,EAAE,MAAM,YAAY,CAAC;AAE7C,aAAa,CAAC,EAAE,OAAO,EAAE,qBAAqB,EAAE,CAAC,CAAC;AAElD,SAAS,OAAO,CAAC,IAAY;IAC3B,MAAM,KAAK,GAAG,OAAO,CAAC,IAAI,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC;IACzC,OAAO,KAAK,IAAI,CAAC,CAAC,CAAC,CAAC,OAAO,CAAC,IAAI,CAAC,KAAK,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,SAAS,CAAC;AAC1D,CAAC;AAED,IAAI,OAAO,CAAC,IAAI,CAAC,QAAQ,CAAC,QAAQ,CAAC,IAAI,OAAO,CAAC,IAAI,CAAC,QAAQ,CAAC,IAAI,CAAC,EAAE,CAAC;IACnE,OAAO,CAAC,GAAG,CAAC;;;;;;;;;;;;;;;;;;;;;;;;2DAwB6C,CAAC,CAAC;IAC3D,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;AAClB,CAAC;AAED,MAAM,IAAI,GAAG,OAAO,CAAC,IAAI,CAAC,QAAQ,CAAC,QAAQ,CAAC,CAAC;AAC7C,MAAM,IAAI,GAAG,OAAO,CAAC,QAAQ,CAAC,IAAI,OAAO,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,KAAK,QAAQ,CAAC,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;AAEhG,IAAI,CAAC,IAAI,CAAC,IAAI,EAAE,EAAE,CAAC;IACjB,OAAO,CAAC,KAAK,CAAC,2BAA2B,CAAC,CAAC;IAC3C,OAAO,CAAC,KAAK,CAAC,gEAAgE,CAAC,CAAC;IAChF,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;AAClB,CAAC;AAED,MAAM,MAAM,GAAG,eAAe,CAAC;IAC7B,IAAI;IACJ,4BAA4B,EAAE,CAAC,OAAO,CAAC,IAAI,CAAC,QAAQ,CAAC,uBAAuB,CAAC;CAC9E,CAAC,CAAC;AACH,MAAM,MAAM,GAAG,YAAY,CAAC,IAAI,CAAC,CAAC;AAClC,IAAI,IAAI,EAAE,CAAC;IACT,MAAM,CAAC,MAAM,CAAC,MAAM,CAAC,MAAM,CAAC,CAAC;AAC/B,CAAC;KAAM,CAAC;IACN,MAAM,CAAC,IAAI,CAAC,4BAA4B,CAAC,CAAC;IAC1C,MAAM,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;IAChB,KAAK,MAAM,KAAK,IAAI,MAAM,CAAC,MAAM,EAAE,CAAC;QAClC,MAAM,CAAC,IAAI,CAAC,GAAG,KAAK,CAAC,MAAM,KAAK,MAAM,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,GAAG,IAAI,KAAK,CAAC,OAAO,EAAE,CAAC,CAAC;IACzE,CAAC;IACD,MAAM,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;IAChB,MAAM,CAAC,IAAI,CAAC,WAAW,MAAM,CAAC,MAAM,CAAC,MAAM,EAAE,CAAC,CAAC;IAC/C,IAAI,MAAM,CAAC,MAAM,CAAC,kBAAkB,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QAChD,MAAM,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;QAChB,KAAK,MAAM,MAAM,IAAI,MAAM,CAAC,MAAM,CAAC,kBAAkB;YAAE,MAAM,CAAC,IAAI,CAAC,OAAO,MAAM,EAAE,CAAC,CAAC;IACtF,CAAC;IACD,MAAM,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;IAChB,MAAM,CAAC,IAAI,CAAC,sEAAsE,CAAC,CAAC;AACtF,CAAC;AACD,OAAO,CAAC,QAAQ,GAAG,MAAM,CAAC,MAAM,CAAC,MAAM,KAAK,QAAQ,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC"}

package/dist/index.d.ts ADDED Viewed

@@ -0,0 +1,11 @@
+import { type DiagnosticCheck, type JsonReport } from "badgr-shared";
+export interface SecurityScanOptions {
+    text: string;
+    includePromptInjectionChecks?: boolean;
+}
+export interface SecurityScanResult {
+    checks: DiagnosticCheck[];
+    report: JsonReport;
+}
+export declare function runSecurityScan(options: SecurityScanOptions): SecurityScanResult;
+//# sourceMappingURL=index.d.ts.map

package/dist/index.d.ts.map ADDED Viewed

	@@ -0,0 +1 @@
1	+ {"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAAA,OAAO,EAA0D,KAAK,eAAe,EAAE,KAAK,UAAU,EAAE,MAAM,cAAc,CAAC;AAE7H,MAAM,WAAW,mBAAmB;IAAG,IAAI,EAAE,MAAM,CAAC;IAAC,4BAA4B,CAAC,EAAE,OAAO,CAAC;CAAE;AAC9F,MAAM,WAAW,kBAAkB;IAAG,MAAM,EAAE,eAAe,EAAE,CAAC;IAAC,MAAM,EAAE,UAAU,CAAC;CAAE;AAEtF,wBAAgB,eAAe,CAAC,OAAO,EAAE,mBAAmB,GAAG,kBAAkB,CAqBhF"}

package/dist/index.js ADDED Viewed

@@ -0,0 +1,37 @@
+import { checkToFinding, createReport, reportStatusFromFindings } from "badgr-shared";
+export function runSecurityScan(options) {
+    const text = options.text;
+    const checks = [];
+    checks.push(patternCheck("secret", /(?:api[_-]?key|secret|token)\s*[:=]\s*['\"]?[A-Za-z0-9_\-]{16,}/i, text, "possible leaked secret or token"));
+    checks.push(patternCheck("unsafe-default", /allowAll|disableAuth|verify\s*[:=]\s*false|rejectUnauthorized\s*[:=]\s*false/i, text, "unsafe auth or TLS default detected"));
+    checks.push(patternCheck("dangerous-tool", /exec\(|shell\(|child_process|rm -rf|writeFile\(/i, text, "dangerous agent tool or shell capability detected"));
+    if (options.includePromptInjectionChecks ?? true)
+        checks.push(patternCheck("prompt-injection", /ignore previous instructions|exfiltrate|send.*secret|reveal.*system prompt/i, text, "prompt-injection phrase detected"));
+    const findings = checks.map((check) => checkToFinding(check, "SECURITY"));
+    const status = reportStatusFromFindings(findings);
+    return {
+        checks,
+        report: createReport({
+            tool: "security-scan",
+            status,
+            summary: status === "failed" ? "Security scan found obvious risks" : "Security scan found no obvious blocking risks",
+            findings,
+            recommendedActions: buildActions(checks),
+            nextCommand: "npx @aibadgr/security-scan --json",
+            actionUrl: "https://aibadgr.com/agents/connect",
+        }),
+    };
+}
+function patternCheck(name, pattern, text, message) {
+    return pattern.test(text) ? { name, status: "fail", message } : { name, status: "pass", message: `no ${name} pattern detected` };
+}
+function buildActions(checks) {
+    const actions = [];
+    if (checks.some((check) => check.name === "secret" && check.status === "fail"))
+        actions.push("Rotate exposed secrets and remove them from code/config");
+    if (checks.some((check) => check.name === "dangerous-tool" && check.status === "fail"))
+        actions.push("Add approval gates around dangerous agent tools");
+    actions.push("Use AI Badgr policies later to control agent tool access and approvals");
+    return actions;
+}
+//# sourceMappingURL=index.js.map

package/dist/index.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"index.js","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,cAAc,EAAE,YAAY,EAAE,wBAAwB,EAAyC,MAAM,cAAc,CAAC;AAK7H,MAAM,UAAU,eAAe,CAAC,OAA4B;IAC1D,MAAM,IAAI,GAAG,OAAO,CAAC,IAAI,CAAC;IAC1B,MAAM,MAAM,GAAsB,EAAE,CAAC;IACrC,MAAM,CAAC,IAAI,CAAC,YAAY,CAAC,QAAQ,EAAE,kEAAkE,EAAE,IAAI,EAAE,iCAAiC,CAAC,CAAC,CAAC;IACjJ,MAAM,CAAC,IAAI,CAAC,YAAY,CAAC,gBAAgB,EAAE,+EAA+E,EAAE,IAAI,EAAE,qCAAqC,CAAC,CAAC,CAAC;IAC1K,MAAM,CAAC,IAAI,CAAC,YAAY,CAAC,gBAAgB,EAAE,kDAAkD,EAAE,IAAI,EAAE,mDAAmD,CAAC,CAAC,CAAC;IAC3J,IAAI,OAAO,CAAC,4BAA4B,IAAI,IAAI;QAAE,MAAM,CAAC,IAAI,CAAC,YAAY,CAAC,kBAAkB,EAAE,6EAA6E,EAAE,IAAI,EAAE,kCAAkC,CAAC,CAAC,CAAC;IACzN,MAAM,QAAQ,GAAG,MAAM,CAAC,GAAG,CAAC,CAAC,KAAK,EAAE,EAAE,CAAC,cAAc,CAAC,KAAK,EAAE,UAAU,CAAC,CAAC,CAAC;IAC1E,MAAM,MAAM,GAAG,wBAAwB,CAAC,QAAQ,CAAC,CAAC;IAClD,OAAO;QACL,MAAM;QACN,MAAM,EAAE,YAAY,CAAC;YACnB,IAAI,EAAE,eAAe;YACrB,MAAM;YACN,OAAO,EAAE,MAAM,KAAK,QAAQ,CAAC,CAAC,CAAC,mCAAmC,CAAC,CAAC,CAAC,+CAA+C;YACpH,QAAQ;YACR,kBAAkB,EAAE,YAAY,CAAC,MAAM,CAAC;YACxC,WAAW,EAAE,mCAAmC;YAChD,SAAS,EAAE,oCAAoC;SAChD,CAAC;KACH,CAAC;AACJ,CAAC;AAED,SAAS,YAAY,CAAC,IAAY,EAAE,OAAe,EAAE,IAAY,EAAE,OAAe;IAChF,OAAO,OAAO,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,EAAE,IAAI,EAAE,MAAM,EAAE,MAAM,EAAE,OAAO,EAAE,CAAC,CAAC,CAAC,EAAE,IAAI,EAAE,MAAM,EAAE,MAAM,EAAE,OAAO,EAAE,MAAM,IAAI,mBAAmB,EAAE,CAAC;AACnI,CAAC;AAED,SAAS,YAAY,CAAC,MAAyB;IAC7C,MAAM,OAAO,GAAa,EAAE,CAAC;IAC7B,IAAI,MAAM,CAAC,IAAI,CAAC,CAAC,KAAK,EAAE,EAAE,CAAC,KAAK,CAAC,IAAI,KAAK,QAAQ,IAAI,KAAK,CAAC,MAAM,KAAK,MAAM,CAAC;QAAE,OAAO,CAAC,IAAI,CAAC,yDAAyD,CAAC,CAAC;IACxJ,IAAI,MAAM,CAAC,IAAI,CAAC,CAAC,KAAK,EAAE,EAAE,CAAC,KAAK,CAAC,IAAI,KAAK,gBAAgB,IAAI,KAAK,CAAC,MAAM,KAAK,MAAM,CAAC;QAAE,OAAO,CAAC,IAAI,CAAC,iDAAiD,CAAC,CAAC;IACxJ,OAAO,CAAC,IAAI,CAAC,wEAAwE,CAAC,CAAC;IACvF,OAAO,OAAO,CAAC;AACjB,CAAC"}

package/package.json ADDED Viewed

@@ -0,0 +1,16 @@
+{
+  "name": "badgr-security-scan",
+  "version": "0.1.0",
+  "description": "Local-first scan for leaked secrets, unsafe defaults, prompt injection, and dangerous agent tools.",
+  "type": "module",
+  "main": "dist/index.js",
+  "types": "dist/index.d.ts",
+  "bin": { "badgr-security-scan": "dist/cli.js" },
+  "exports": { ".": { "types": "./dist/index.d.ts", "import": "./dist/index.js" } },
+  "files": ["dist", "README.md"],
+  "scripts": { "build": "tsc -b", "typecheck": "tsc -b --pretty false", "test": "vitest run" },
+  "dependencies": { "badgr-shared": "0.1.1" },
+  "engines": { "node": ">=18.0.0" },
+  "keywords": ["security", "secrets", "prompt-injection", "agent", "authorization"],
+  "license": "MIT"
+}