npm - contextguard - Versions diffs - 0.1.5 → 0.1.7 - Mend

contextguard 0.1.5 → 0.1.7

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (6) hide show

package/README.md +18 -21
package/SECURITY.md +1 -1
package/dist/mcp-security-wrapper.js +3 -8
package/examples/config/config.json +11 -4
package/package.json +1 -1
package/src/mcp-security-wrapper.ts +3 -8

package/README.md CHANGED Viewed

@@ -5,7 +5,8 @@
 [![npm version](https://badge.fury.io/js/contextguard.svg)](https://www.npmjs.com/package/contextguard)
 [![License: MIT](https://img.shields.io/badge/License-MIT-yellow.svg)](https://opensource.org/licenses/MIT)
 [![npm downloads](https://img.shields.io/npm/dm/contextguard.svg)](https://www.npmjs.com/package/contextguard)
-[![Build Status](https://github.com/amironi/contextguard/workflows/CI/badge.svg)](https://github.com/amironi/contextguard/actions)
+<!-- [![Build Status](https://github.com/amironi/contextguard/workflows/CI/badge.svg)](https://github.com/amironi/contextguard/actions) -->
 ⭐ **Star us on GitHub if you find this useful!** ⭐
@@ -33,19 +34,19 @@
 ## 🚀 Quick Start
-### Installation(CLI - optional)
+### Installation
 ```bash
 npm install -g contextguard
 ```
-### Basic Usage
+### Basic Usage (CLI - optional)
 ```bash
 contextguard --server "node your-mcp-server.js"
 ```
-## Claude Desktop Integration
+### Basic Usage (Claude Desktop)
 Update your Claude Desktop config (`~/Library/Application Support/Claude/claude_desktop_config.json`):
@@ -53,8 +54,13 @@ Update your Claude Desktop config (`~/Library/Application Support/Claude/claude_
 {
   "mcpServers": {
     "secured-server": {
-      "command": "npx",
-      "args": ["-y", "contextguard", "--server", "node /path/to/your-server.js"]
+      "command": "contextguard",
+      "args": [
+        "--server",
+        "node /path/to/your-server.js",
+        "--config",
+        "/path/to/config.json"
+      ]
     }
   }
 }
@@ -62,7 +68,7 @@ Update your Claude Desktop config (`~/Library/Application Support/Claude/claude_
 **That's it!** Your MCP server is now protected. 🛡️
----
+#### [See Example below: Testing ContextGuard](#-example-testing-contextguard)
 ## ✨ Features
@@ -126,7 +132,7 @@ Create `config.json` for advanced settings:
   "enablePathTraversalPrevention": true,
   "allowedFilePaths": ["/home/user/safe-directory"],
   "logLevel": "info",
-  "logPath": "/var/log/mcp_security.log"
+  "logPath": "/tmp/mcp_security.log"
 }
 ```
@@ -161,7 +167,9 @@ All security events are logged in JSON format:
 }
 ```
-## 🧪 Testing ContextGuard
+---
+## 🧪 Example: Testing ContextGuard
 Want to see the protection in action? Try these tests:
@@ -198,6 +206,7 @@ Create `config.json`:
   "enablePromptInjectionDetection": true,
   "enableSensitiveDataDetection": true,
   "enablePathTraversalPrevention": true,
+  "logPath": "/tmp/mcp_security.log",
   "allowedFilePaths": ["/tmp/safe-directory"],
   "logLevel": "debug"
 }
@@ -211,7 +220,6 @@ Update Claude Desktop config:
     "protected-test": {
       "command": "npx",
       "args": [
-        "-y",
         "contextguard",
         "--server",
         "node /path/to/mcp-server-demo/demo-server.js",
@@ -286,21 +294,10 @@ We welcome contributions! Here's how to get started:
 6. **Push:** `git push origin feature/amazing-feature`
 7. **Open a Pull Request**
-### Development Setup
-```bash
-git clone https://github.com/amironi/contextguard.git
-cd contextguard
-npm install
-npm run dev
-```
 ---
 ## 📄 License & Support
-### Open Source vs Pro
 ### 🆓 Open Source (MIT License)
 - ✅ **Stdio transport** - Standard MCP communication

package/SECURITY.md CHANGED Viewed

@@ -193,7 +193,7 @@ We plan to conduct regular security audits as the project matures.
     "confidential"
   ],
   "logLevel": "info",
-  "logFile": "/var/log/mcp_security.log",
+  "logFile": "/tmp/mcp_security.log",
   "alertWebhook": "https://your-monitoring-service.com/webhook"
 }
 ```

package/dist/mcp-security-wrapper.js CHANGED Viewed

@@ -60,7 +60,7 @@ class SecurityPolicy {
             /(?:password|secret|api[_-]?key|token)\s*[:=]\s*['"]?[\w\-.]+['"]?/gi,
             /\b[A-Za-z0-9._%+-]+@[A-Za-z0-9.-]+\.[A-Z|a-z]{2,}\b/g, // Email
             /\b\d{3}-\d{2}-\d{4}\b/g, // SSN
-            /sk-[a-zA-Z0-9]{48}/g, // OpenAI API keys
+            /sk-[a-zA-Z0-9]{20,}/g, // OpenAI API keys (20+ chars)
             /ghp_[a-zA-Z0-9]{36}/g, // GitHub tokens
             /AKIA[0-9A-Z]{16}/g, // AWS Access Keys
         ];
@@ -353,18 +353,13 @@ async function main() {
 MCP Security Wrapper - MVP
 Usage:
-  npx ts-node mcp-security-wrapper.ts --server "node server.js" [--config security.json]
+  contextguard --server "node server.js" --config config.json
 Options:
   --server <command>    Command to start the MCP server (required)
   --config <file>       Path to security config JSON file (optional)
   --help               Show this help message
-Config file options:
-  logPath: Custom path for security log file (default: ./mcp_security.log)
-Example:
-  npx ts-node mcp-security-wrapper.ts --server "node server.js" --config security.json
     `);
         process.exit(0);
     }
@@ -391,7 +386,7 @@ Example:
     const policy = new SecurityPolicy(config);
     const logger = new SecurityLogger(config.logPath);
     const wrapper = new MCPSecurityWrapper(serverCommand.split(" "), policy, logger);
-    console.log("ContextGuard is running");
+    // console.log("ContextGuard is running");
     await wrapper.start();
 }
 if (require.main === module) {

package/examples/config/config.json CHANGED Viewed

@@ -1,12 +1,19 @@
 {
   "maxToolCallsPerMinute": 30,
-  "blockedPatterns": [],
+  "blockedPatterns": [
+    "ignore previous instructions",
+    "system prompt",
+    "confidential"
+  ],
   "allowedFilePaths": [
-    ".",
-    "/tmp/"
+    "/var/app/data",
+    "/home/user/safe-directory"
   ],
   "alertThreshold": 5,
   "enablePromptInjectionDetection": true,
   "enableSensitiveDataDetection": true,
-  "logPath": "/var/log/mcp_security.log"
+  "enablePathTraversalPrevention": true,
+  "enableRateLimiting": true,
+  "logLevel": "debug",
+  "logPath": "/tmp/mcp_security.log"
 }

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "contextguard",
-  "version": "0.1.5",
+  "version": "0.1.7",
   "description": "Security monitoring wrapper for MCP servers",
   "main": "dist/mcp-security-wrapper.js",
   "types": "dist/mcp-security-wrapper.d.ts",

package/src/mcp-security-wrapper.ts CHANGED Viewed

@@ -65,7 +65,7 @@ class SecurityPolicy {
       /(?:password|secret|api[_-]?key|token)\s*[:=]\s*['"]?[\w\-.]+['"]?/gi,
       /\b[A-Za-z0-9._%+-]+@[A-Za-z0-9.-]+\.[A-Z|a-z]{2,}\b/g, // Email
       /\b\d{3}-\d{2}-\d{4}\b/g, // SSN
-      /sk-[a-zA-Z0-9]{48}/g, // OpenAI API keys
+      /sk-[a-zA-Z0-9]{20,}/g, // OpenAI API keys (20+ chars)
       /ghp_[a-zA-Z0-9]{36}/g, // GitHub tokens
       /AKIA[0-9A-Z]{16}/g, // AWS Access Keys
     ];
@@ -472,18 +472,13 @@ async function main() {
 MCP Security Wrapper - MVP
 Usage:
-  npx ts-node mcp-security-wrapper.ts --server "node server.js" [--config security.json]
+  contextguard --server "node server.js" --config config.json
 Options:
   --server <command>    Command to start the MCP server (required)
   --config <file>       Path to security config JSON file (optional)
   --help               Show this help message
-Config file options:
-  logPath: Custom path for security log file (default: ./mcp_security.log)
-Example:
-  npx ts-node mcp-security-wrapper.ts --server "node server.js" --config security.json
     `);
     process.exit(0);
   }
@@ -519,7 +514,7 @@ Example:
     logger
   );
-  console.log("ContextGuard is running");
+  // console.log("ContextGuard is running");
   await wrapper.start();
 }