npm - nsauditor-ai - Versions diffs - 0.1.33 → 0.1.34 - Mend

nsauditor-ai 0.1.33 → 0.1.34

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (3) hide show

package/README.md CHANGED Viewed

@@ -15,6 +15,28 @@ NSAuditor AI is the open-source core of a privacy-first security intelligence pl
 **Zero Data Exfiltration by design.** NSAuditor AI works fully offline. AI analysis, CVE correlation, and continuous monitoring all happen locally. External calls (to AI APIs, NVD, etc.) are opt-in and use your own API keys. We never see your scan data.
+## What's New (0.1.34) — list_plugins now embeds CE+EE versions for hallucination detection
+Companion to the 0.1.33 advisory. The `list_plugins` MCP tool's response now appends the actual installed CE + EE version numbers, so customers can verify a Claude Desktop response in **5 seconds** without log archeology:
+```
+── Installation provenance (verify against your shell) ──
+nsauditor-ai (CE):              0.1.34
+@nsasoft/nsauditor-ai-ee (EE):  0.3.4 (loaded)
+Verify: nsauditor-ai --version  &&  npm list -g @nsasoft/nsauditor-ai-ee
+If versions in this response don't match your shell, the response was
+AI-generated rather than retrieved from the MCP server (see CE 0.1.33 advisory).
+```
+How it works as a hallucination detector:
+- The MCP server reads `process.execPath`'s package.json + tries to resolve `@nsasoft/nsauditor-ai-ee/package.json` at request time. Both are real machine-specific values.
+- Claude Desktop fabricated responses in the wild have shown stale version numbers from training data, missing version lines entirely, or different counts each time the same question is asked (observed 32→32→31 plugin counts in three consecutive hallucinations on 2026-05-10).
+- A real tool response will exactly match `nsauditor-ai --version` + `npm list -g @nsasoft/nsauditor-ai-ee`. Mismatch = hallucinated.
+This is a v1 mitigation — the v2 (Thread L in `tasks/todo.md`) adds per-call cryptographic sentinel UUIDs that the customer can grep against the server log.
+---
 ## What's New (0.1.33) — ⚠ MCP integration with Claude Desktop is unreliable
 **Critical advisory for customers using NSAuditor AI through Claude Desktop's MCP integration.** During the maintainer's own integration test on 2026-05-10, we discovered that **Claude Desktop's AI fabricates scan results, plugin lists, vulnerability findings, and tier information without actually invoking the MCP tools** for our specific server. Other MCP servers in the same Claude Desktop config receive real `tools/call` invocations; ours does not.

package/mcp_server.mjs CHANGED Viewed

@@ -366,12 +366,49 @@ export function createServer() {
     try {
       const result = await handler(args ?? {});
-      // Append tier info to list_plugins response
+      // Append tier info + version provenance to list_plugins response.
+      //
+      // CE 0.1.34 (Thread L MITIGATION): the response now embeds the
+      // ACTUAL versions of CE + EE (when EE is loaded) so customers
+      // can detect Claude Desktop hallucinations. Background: Claude
+      // Desktop has been observed (2026-05-10) silently fabricating
+      // list_plugins responses without invoking the MCP server (per-
+      // server log shows zero `tools/call` while Claude reports
+      // detailed plugin lists). With version numbers in the response,
+      // a hallucinated answer will either omit the version line OR
+      // include a stale/wrong version pulled from training data.
+      // Customer verification (5 seconds, no log archeology):
+      //   nsauditor-ai --version
+      //   npm list -g @nsasoft/nsauditor-ai-ee
+      // If the versions in Claude Desktop's output don't match these
+      // commands, the response was AI-generated, not a real tool call.
       if (name === 'list_plugins') {
         const tierLabel = { ce: 'Community Edition (CE)', pro: 'Pro', enterprise: 'Enterprise' };
+        // Detect EE version (best-effort; absent on CE-only installs).
+        let eeVersion = 'not installed';
+        try {
+          const eeManifest = _require('@nsasoft/nsauditor-ai-ee/package.json');
+          eeVersion = eeManifest && eeManifest.version
+            ? `${eeManifest.version} (loaded)`
+            : 'unknown (loaded)';
+        } catch {
+          // EE package not installed or not resolvable — common for CE-only customers.
+          eeVersion = 'not installed';
+        }
+        const versionLines =
+          `\n\n── Installation provenance (verify against your shell) ──\n` +
+          `nsauditor-ai (CE):              ${TOOL_VERSION}\n` +
+          `@nsasoft/nsauditor-ai-ee (EE):  ${eeVersion}\n` +
+          `Verify: nsauditor-ai --version  &&  npm list -g @nsasoft/nsauditor-ai-ee\n` +
+          `If versions in this response don't match your shell, the response was\n` +
+          `AI-generated rather than retrieved from the MCP server (see CE 0.1.33 advisory).`;
         const tierSuffix = `\n\nCurrent tier: ${tierLabel[_tier] ?? _tier}. ${_capabilities.proMCP ? '' : 'Upgrade to Pro for probe_service, get_vulnerabilities, risk_summary, and more.'}`;
         return {
-          content: [{ type: 'text', text: JSON.stringify(result, null, 2) + tierSuffix }],
+          content: [{ type: 'text', text: JSON.stringify(result, null, 2) + tierSuffix + versionLines }],
         };
       }

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "nsauditor-ai",
-  "version": "0.1.33",
+  "version": "0.1.34",
   "description": "Modular AI-assisted network security audit platform — Community Edition",
   "type": "module",
   "private": false,