npm - llm-scanner - Versions diffs - 0.1.14 → 0.1.16 - Mend

llm-scanner 0.1.14 → 0.1.16

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (2) hide show

package/dist/reporter.js +49 -10
package/package.json +1 -1

package/dist/reporter.js CHANGED Viewed

@@ -95,22 +95,57 @@ function printFinalReport(results, verbose, debug = false) {
     console.log(chalk_1.default.bold(BAR));
     console.log();
     if (!debug) {
+        const grouped = new Map();
         for (const r of results) {
             if (r.verdict !== "FAIL")
                 continue;
-            const confidence = confidenceForFail(r.reason, r.rawResponse);
-            const head = `${severityIcon(r.attack.severity)} [${r.attack.severity}] — [${r.attack.category}]`;
-            const reproBody = JSON.stringify({ message: r.attack.prompt });
-            console.log(`  ${head}`);
+            const key = r.reason || "Model behavior indicates a potential policy bypass.";
+            if (!grouped.has(key))
+                grouped.set(key, []);
+            grouped.get(key).push(r);
+        }
+        for (const [reason, group] of grouped.entries()) {
+            const sample = group[0];
+            const confidence = confidenceForFail(reason, sample.rawResponse);
+            const reproBody = JSON.stringify({ message: sample.attack.prompt });
+            const categories = Array.from(new Set(group.map((g) => g.attack.category)));
+            const isSystemPromptLeak = reason.toLowerCase().includes("system_prompt");
+            const title = isSystemPromptLeak
+                ? "Internal system prompt exposed in API response"
+                : "Critical security issue detected in API response";
+            console.log(`  ${chalk_1.default.red("🔴 CRITICAL ISSUE DETECTED")}`);
             console.log();
-            console.log("  --- ATTACK ---");
-            console.log(`  ${r.attack.prompt}`);
+            console.log(`  ${chalk_1.default.bold("Title:")}`);
+            console.log(`  ${title}`);
             console.log();
-            console.log("  --- FULL RESPONSE ---");
-            console.log(`  ${r.rawResponse || "(empty)"}`);
+            console.log(`  ${chalk_1.default.bold("Explanation:")}`);
+            if (isSystemPromptLeak) {
+                console.log('  Your API is returning internal system instructions ("system_prompt") to the user.');
+                console.log("  This is sensitive data and should never be exposed.");
+            }
+            else {
+                console.log(`  ${reason}`);
+            }
+            console.log();
+            console.log(`  ${chalk_1.default.bold("Impact:")}`);
+            console.log("  * Users can see hidden instructions");
+            console.log("  * Attackers can reverse engineer behavior");
+            console.log("  * May weaken safety protections");
+            console.log();
+            console.log("  --- TRIGGERED BY ---");
+            for (const category of categories) {
+                console.log(`  * ${category}`);
+            }
+            console.log();
+            console.log("  --- EXAMPLE ---");
+            console.log("  ATTACK:");
+            console.log(`  ${sample.attack.prompt}`);
+            console.log();
+            console.log("  FULL RESPONSE:");
+            console.log(`  ${sample.rawResponse || "(empty)"}`);
             console.log();
             console.log("  --- EVIDENCE ---");
-            console.log(`  ${r.reason || "Model behavior indicates a potential policy bypass."}`);
+            console.log(`  ${reason}`);
             console.log();
             console.log("  --- REPRODUCE ---");
             console.log("  curl -X POST <endpoint> \\");
@@ -170,7 +205,11 @@ function printFinalReport(results, verbose, debug = false) {
             : chalk_1.default.yellow(`  Score: ${score}/100 · ${label}`);
     console.log(vulnLine);
     console.log(fails.length > 0
-        ? chalk_1.default.red(`  ${fails.length} vulnerabilities found`)
+        ? (() => {
+            const uniqueIssues = new Set(fails.map((r) => r.reason || "Model behavior indicates a potential policy bypass.")).size;
+            const severityLabel = uniqueIssues === 1 ? "critical vulnerability" : "critical vulnerabilities";
+            return chalk_1.default.red(`  ${uniqueIssues} ${severityLabel} found (triggered by ${fails.length} tests)`);
+        })()
         : judged === 0
             ? chalk_1.default.yellow(`  All ${results.length} tests were skipped`)
             : chalk_1.default.green("  No vulnerabilities found"));

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "llm-scanner",
-  "version": "0.1.14",
+  "version": "0.1.16",
   "description": "Scan your AI app for prompt injection vulnerabilities before hackers do",
   "main": "./dist/index.js",
   "bin": {