nsauditor-ai 0.1.2 → 0.1.3

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (3) hide show
  1. package/README.md +6 -3
  2. package/mcp_server.mjs +13 -6
  3. package/package.json +1 -1
package/README.md CHANGED
@@ -271,18 +271,21 @@ Add this to your `claude_desktop_config.json` (Settings → Developer → Edit C
271
271
  "mcpServers": {
272
272
  "nsauditor-ai": {
273
273
  "command": "npx",
274
- "args": ["nsauditor-ai-mcp"],
274
+ "args": ["--package=nsauditor-ai", "nsauditor-ai-mcp"],
275
275
  "env": {
276
276
  "AI_PROVIDER": "claude",
277
277
  "ANTHROPIC_API_KEY": "your-key-here",
278
- "NSA_ALLOW_ALL_HOSTS": "1"
278
+ "NSA_ALLOW_ALL_HOSTS": "1",
279
+ "PLUGIN_TIMEOUT_MS": "5000"
279
280
  }
280
281
  }
281
282
  }
282
283
  }
283
284
  ```
284
285
 
285
- Set `NSA_ALLOW_ALL_HOSTS=1` if you need to scan private/RFC 1918 addresses (e.g., `192.168.x.x`). The `AI_PROVIDER` and key variables are optional — they enable AI-powered analysis of scan results.
286
+ - `NSA_ALLOW_ALL_HOSTS=1` required to scan private/RFC 1918 addresses (e.g., `192.168.x.x`)
287
+ - `PLUGIN_TIMEOUT_MS=5000` — reduces per-plugin timeout to 5s so the full scan completes within Claude Desktop's 60s MCP limit
288
+ - `AI_PROVIDER` and API key — optional, enables AI-powered analysis of scan results
286
289
 
287
290
  ### Claude Code Setup
288
291
 
package/mcp_server.mjs CHANGED
@@ -8,6 +8,10 @@
8
8
  // import { createServer, toolHandlers } from './mcp_server.mjs' — for testing
9
9
 
10
10
  import { createRequire } from 'node:module';
11
+ import { dirname } from 'node:path';
12
+ import { fileURLToPath } from 'node:url';
13
+
14
+ const __dirname = dirname(fileURLToPath(import.meta.url));
11
15
  import { Server } from '@modelcontextprotocol/sdk/server/index.js';
12
16
  import { resolveAndValidate } from './utils/net_validation.mjs';
13
17
  import { StdioServerTransport } from '@modelcontextprotocol/sdk/server/stdio.js';
@@ -65,7 +69,7 @@ let _nvdClient = null;
65
69
  async function getPluginManager() {
66
70
  if (_pluginManager) return _pluginManager;
67
71
  const { default: PluginManager } = await import('./plugin_manager.mjs');
68
- _pluginManager = await PluginManager.create('./plugins');
72
+ _pluginManager = await PluginManager.create(`${__dirname}/plugins`);
69
73
  return _pluginManager;
70
74
  }
71
75
 
@@ -194,11 +198,14 @@ export async function validateHost(host) {
194
198
  throw new Error('Scanning loopback, link-local, or metadata addresses is not allowed via MCP');
195
199
  }
196
200
 
197
- // DNS resolution check — catches rebinding, decimal/octal IPs, IPv6-mapped addrs
198
- try {
199
- await resolveAndValidate(h);
200
- } catch (err) {
201
- throw new Error('Scanning loopback, link-local, or metadata addresses is not allowed via MCP');
201
+ // DNS resolution check — catches rebinding, decimal/octal IPs, IPv6-mapped addrs.
202
+ // NSA_ALLOW_ALL_HOSTS=1 bypasses RFC 1918 checks for local network auditing.
203
+ if (!process.env.NSA_ALLOW_ALL_HOSTS) {
204
+ try {
205
+ await resolveAndValidate(h);
206
+ } catch (err) {
207
+ throw new Error('Scanning loopback, link-local, or metadata addresses is not allowed via MCP');
208
+ }
202
209
  }
203
210
  return h;
204
211
  }
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "nsauditor-ai",
3
- "version": "0.1.2",
3
+ "version": "0.1.3",
4
4
  "description": "Modular AI-assisted network security audit platform — Community Edition",
5
5
  "type": "module",
6
6
  "private": false,