opencode-api-security-testing 5.0.0 → 5.2.0

package/src/src/index.ts

@@ -1,535 +0,0 @@
-import type { Plugin } from "@opencode-ai/plugin";
-import { tool } from "@opencode-ai/plugin";
-import { join } from "path";
-import { existsSync, readFileSync } from "fs";
-
-const SKILL_DIR = "skills/api-security-testing";
-const CORE_DIR = `${SKILL_DIR}/core`;
-const AGENTS_DIR = ".config/opencode/agents";
-const CONFIG_FILE = "api-security-testing.config.json";
-
-// 默认配置
-const DEFAULT_CONFIG = {
-  agents: {
-    "api-cyber-supervisor": { model: "anthropic/claude-sonnet-4-20250514", temperature: 0.3 },
-    "api-probing-miner": { model: "anthropic/claude-haiku-4-20250514", temperature: 0.5 },
-    "api-resource-specialist": { model: "anthropic/claude-haiku-4-20250514", temperature: 0.4 },
-    "api-vuln-verifier": { model: "anthropic/claude-haiku-4-20250514", temperature: 0.2 }
-  },
-  model_fallback: {
-    supervisor: [
-      "anthropic/claude-sonnet-4-20250514",
-      "openai/gpt-4o",
-      "google/gemini-2.0-flash",
-      "anthropic/claude-haiku-4-20250514"
-    ],
-    subagent: [
-      "anthropic/claude-haiku-4-20250514",
-      "openai/gpt-4o-mini",
-      "google/gemini-2.0-flash-lite"
-    ]
-  },
-  cyber_supervisor: {
-    enabled: true,
-    auto_trigger: true,
-    max_retries: 5,
-    give_up_patterns: [
-      "无法解决", "不能", "需要手动", "环境问题",
-      "超出范围", "建议用户", "I cannot", "I'm unable",
-      "out of scope", "manual"
-    ]
-  },
-  collection_mode: "auto" // auto | static | dynamic
-};
-
-// 赛博监工配置
-const CYBER_SUPERVISOR = DEFAULT_CONFIG.cyber_supervisor;
-
-// 模型回退状态追踪
-const modelFailureCounts = new Map<string, Map<string, number>>();
-const sessionFailures = new Map<string, number>();
-
-function getConfigPath(ctx: { directory: string }): string {
-  return join(ctx.directory, SKILL_DIR, "assets", CONFIG_FILE);
-}
-
-function loadConfig(ctx: { directory: string }): typeof DEFAULT_CONFIG {
-  const configPath = getConfigPath(ctx);
-  if (existsSync(configPath)) {
-    try {
-      const content = readFileSync(configPath, "utf-8");
-      const loaded = JSON.parse(content);
-      return { ...DEFAULT_CONFIG, ...loaded };
-    } catch (e) {
-      console.log(`[api-security-testing] Failed to load config: ${e}`);
-    }
-  }
-  return DEFAULT_CONFIG;
-}
-
-function getModelFailureCount(sessionID: string, modelID: string): number {
-  const sessionMap = modelFailureCounts.get(sessionID);
-  if (!sessionMap) return 0;
-  return sessionMap.get(modelID) || 0;
-}
-
-function incrementModelFailure(sessionID: string, modelID: string): void {
-  if (!modelFailureCounts.has(sessionID)) {
-    modelFailureCounts.set(sessionID, new Map());
-  }
-  const sessionMap = modelFailureCounts.get(sessionID)!;
-  sessionMap.set(modelID, (sessionMap.get(modelID) || 0) + 1);
-}
-
-function resetModelFailures(sessionID: string): void {
-  modelFailureCounts.delete(sessionID);
-}
-
-function getNextFallbackModel(
-  config: typeof DEFAULT_CONFIG,
-  sessionID: string,
-  currentModel: string,
-  isSupervisor: boolean
-): string | null {
-  const chain = isSupervisor 
-    ? config.model_fallback.supervisor 
-    : config.model_fallback.subagent;
-  
-  const currentIndex = chain.indexOf(currentModel);
-  if (currentIndex === -1 || currentIndex >= chain.length - 1) {
-    return null; // No fallback available
-  }
-  
-  // 检查下一个模型是否也已失败过多
-  const nextModel = chain[currentIndex + 1];
-  const failures = getModelFailureCount(sessionID, nextModel);
-  if (failures >= 3) {
-    // 递归查找下一个可用模型
-    return getNextFallbackModel(config, sessionID, nextModel, isSupervisor);
-  }
-  
-  return nextModel;
-}
-
-function detectModelError(output: string): { isModelError: boolean; modelID?: string } {
-  const errorPatterns = [
-    /model (.+?) (is overloaded|is not available|rate limit|timeout|failed)/i,
-    /(.+?) (rate limit exceeded|context length exceeded)/i,
-    /API error.*model[:\s]*(.+)/i,
-  ];
-  
-  for (const pattern of errorPatterns) {
-    const match = output.match(pattern);
-    if (match) {
-      return { isModelError: true, modelID: match[1]?.trim() };
-    }
-  }
-  
-  return { isModelError: false };
-}
-
-// 压力升级提示词
-const LEVEL_PROMPTS = [
-  "L0 信任 ▎冲刺开始。信任很简单——别让人失望。",
-  "L1 失望 ▎隔壁 agent 一次就搞定了。换完全不同的方法。",
-  "L2 灵魂拷问 ▎你的底层逻辑是什么？发力点在哪？搜索 + 读源码 + 3 个假设。",
-  "L3 绩效审查 ▎3.25。这是为了激励你。执行 7 项检查清单。",
-  "L4 毕业 ▎其他模型都能搞定。你快毕业了。绝望模式，穷举所有可能。"
-];
-
-function getSkillPath(ctx: { directory: string }): string {
-  return join(ctx.directory, SKILL_DIR);
-}
-
-function getCorePath(ctx: { directory: string }): string {
-  return join(ctx.directory, CORE_DIR);
-}
-
-function checkDeps(ctx: { directory: string }): string {
-  const reqFile = join(getSkillPath(ctx), "requirements.txt");
-  if (existsSync(reqFile)) {
-    return `pip install -q -r "${reqFile}" 2>/dev/null; `;
-  }
-  return "";
-}
-
-function getAgentsDir(): string {
-  const home = process.env.HOME || process.env.USERPROFILE || "/root";
-  return join(home, AGENTS_DIR);
-}
-
-function getInjectedAgentsPrompt(): string {
-  const agentsDir = getAgentsDir();
-  const agentsPath = join(agentsDir, "api-cyber-supervisor.md");
-  
-  if (!existsSync(agentsPath)) {
-    return "";
-  }
-
-  try {
-    const content = readFileSync(agentsPath, "utf-8");
-    return `
-
-[API Security Testing Agents Available]
-When performing security testing tasks, you can use the following specialized agents:
-
-${content}
-
-To activate these agents, simply mention their name in your response (e.g., "@api-cyber-supervisor" to coordinate security testing).
-`;
-  } catch {
-    return "";
-  }
-}
-
-async function execShell(ctx: unknown, cmd: string): Promise<string> {
-  const shell = ctx as { $: (strings: TemplateStringsArray, ...expr: unknown[]) => Promise<{ toString(): string }> };
-  const result = await shell.$`${cmd}`;
-  return result.toString();
-}
-
-function getFailureCount(sessionID: string): number {
-  return sessionFailures.get(sessionID) || 0;
-}
-
-function incrementFailureCount(sessionID: string): void {
-  sessionFailures.set(sessionID, getFailureCount(sessionID) + 1);
-}
-
-function resetFailureCount(sessionID: string): void {
-  sessionFailures.delete(sessionID);
-}
-
-function detectGiveUpPattern(text: string): boolean {
-  return CYBER_SUPERVISOR.give_up_patterns.some(p => 
-    text.toLowerCase().includes(p.toLowerCase())
-  );
-}
-
-const ApiSecurityTestingPlugin: Plugin = async (ctx) => {
-  const config = loadConfig(ctx);
-  console.log(`[api-security-testing] Plugin loaded v4.0.2 - collection_mode: ${config.collection_mode}`);
-
-  return {
-    tool: {
-      api_security_scan: tool({
-        description: "完整 API 安全扫描。参数: target(目标URL), scan_type(full/quick/targeted)",
-        args: {
-          target: tool.schema.string(),
-          scan_type: tool.schema.enum(["full", "quick", "targeted"]).optional(),
-        },
-        async execute(args, ctx) {
-          const deps = checkDeps(ctx);
-          const corePath = getCorePath(ctx);
-          const cmd = `${deps}python3 -c "
-import sys
-sys.path.insert(0, '${corePath}')
-from deep_api_tester_v55 import DeepAPITesterV55
-tester = DeepAPITesterV55(target='${args.target}', headless=True)
-results = tester.run_test()
-print(results)
-"`;
-          return await execShell(ctx, cmd);
-        },
-      }),
-
-      api_fuzz_test: tool({
-        description: "API 模糊测试。参数: endpoint(端点URL), method(HTTP方法)",
-        args: {
-          endpoint: tool.schema.string(),
-          method: tool.schema.enum(["GET", "POST", "PUT", "DELETE", "PATCH"]).optional(),
-        },
-        async execute(args, ctx) {
-          const deps = checkDeps(ctx);
-          const corePath = getCorePath(ctx);
-          const cmd = `${deps}python3 -c "
-import sys
-sys.path.insert(0, '${corePath}')
-from api_fuzzer import APIFuzzer
-fuzzer = APIFuzzer('${args.endpoint}')
-results = fuzzer.fuzz(method='${args.method || 'GET'}')
-print(results)
-"`;
-          return await execShell(ctx, cmd);
-        },
-      }),
-
-      vuln_verify: tool({
-        description: "漏洞验证。参数: vuln_type(漏洞类型), endpoint(端点)",
-        args: {
-          vuln_type: tool.schema.string(),
-          endpoint: tool.schema.string(),
-        },
-        async execute(args, ctx) {
-          const deps = checkDeps(ctx);
-          const corePath = getCorePath(ctx);
-          const cmd = `${deps}python3 -c "
-import sys
-sys.path.insert(0, '${corePath}')
-from verifiers.vuln_verifier import VulnVerifier
-verifier = VulnVerifier()
-result = verifier.verify('${args.vuln_type}', '${args.endpoint}')
-print(result)
-"`;
-          return await execShell(ctx, cmd);
-        },
-      }),
-
-      browser_collect: tool({
-        description: "浏览器采集动态内容。参数: url(目标URL), mode(auto/static/dynamic)",
-        args: {
-          url: tool.schema.string(),
-          mode: tool.schema.enum(["auto", "static", "dynamic"]).optional(),
-        },
-        async execute(args, ctx) {
-          const deps = checkDeps(ctx);
-          const corePath = getCorePath(ctx);
-          const collectionMode = args.mode || config.collection_mode;
-          const cmd = `${deps}python3 -c "
-import sys
-sys.path.insert(0, '${corePath}')
-from collectors.browser_collector import BrowserCollectorFacade
-facade = BrowserCollectorFacade(headless=True)
-result = facade.collect_all('${args.url}', {'mode': '${collectionMode}'})
-import json
-print(json.dumps(result, indent=2))
-"`;
-          return await execShell(ctx, cmd);
-        },
-      }),
-
-      js_parse: tool({
-        description: "解析 JavaScript 文件。参数: file_path(文件路径)",
-        args: {
-          file_path: tool.schema.string(),
-        },
-        async execute(args, ctx) {
-          const deps = checkDeps(ctx);
-          const corePath = getCorePath(ctx);
-          const cmd = `${deps}python3 -c "
-import sys
-sys.path.insert(0, '${corePath}')
-from collectors.js_parser import JSParser
-parser = JSParser()
-endpoints = parser.parse_file('${args.file_path}')
-print(f'从 JS 发现 {len(endpoints)} 个端点')
-"`;
-          return await execShell(ctx, cmd);
-        },
-      }),
-
-      graphql_test: tool({
-        description: "GraphQL 安全测试。参数: endpoint(GraphQL端点)",
-        args: {
-          endpoint: tool.schema.string(),
-        },
-        async execute(args, ctx) {
-          const deps = checkDeps(ctx);
-          const corePath = getCorePath(ctx);
-          const cmd = `${deps}python3 -c "
-import sys
-sys.path.insert(0, '${corePath}')
-from smart_analyzer import SmartAnalyzer
-analyzer = SmartAnalyzer()
-result = analyzer.graphql_test('${args.endpoint}')
-print(result)
-"`;
-          return await execShell(ctx, cmd);
-        },
-      }),
-
-      cloud_storage_test: tool({
-        description: "云存储安全测试。参数: bucket_url(存储桶URL)",
-        args: {
-          bucket_url: tool.schema.string(),
-        },
-        async execute(args, ctx) {
-          const deps = checkDeps(ctx);
-          const corePath = getCorePath(ctx);
-          const cmd = `${deps}python3 -c "
-import sys
-sys.path.insert(0, '${corePath}')
-from cloud_storage_tester import CloudStorageTester
-tester = CloudStorageTester()
-result = tester.full_test('${args.bucket_url}')
-print(result)
-"`;
-          return await execShell(ctx, cmd);
-        },
-      }),
-
-      idor_test: tool({
-        description: "IDOR 越权测试。参数: endpoint, resource_id",
-        args: {
-          endpoint: tool.schema.string(),
-          resource_id: tool.schema.string(),
-        },
-        async execute(args, ctx) {
-          const deps = checkDeps(ctx);
-          const corePath = getCorePath(ctx);
-          const cmd = `${deps}python3 -c "
-import sys
-sys.path.insert(0, '${corePath}')
-from testers.idor_tester import IDORTester
-tester = IDORTester()
-result = tester.test('${args.endpoint}', '${args.resource_id}')
-print(result)
-"`;
-          return await execShell(ctx, cmd);
-        },
-      }),
-
-      sqli_test: tool({
-        description: "SQL 注入测试。参数: endpoint, param",
-        args: {
-          endpoint: tool.schema.string(),
-          param: tool.schema.string(),
-        },
-        async execute(args, ctx) {
-          const deps = checkDeps(ctx);
-          const corePath = getCorePath(ctx);
-          const cmd = `${deps}python3 -c "
-import sys
-sys.path.insert(0, '${corePath}')
-from testers.sqli_tester import SQLiTester
-tester = SQLiTester()
-result = tester.test('${args.endpoint}', '${args.param}')
-print(result)
-"`;
-          return await execShell(ctx, cmd);
-        },
-      }),
-
-      auth_test: tool({
-        description: "认证安全测试。参数: endpoint",
-        args: {
-          endpoint: tool.schema.string(),
-        },
-        async execute(args, ctx) {
-          const deps = checkDeps(ctx);
-          const corePath = getCorePath(ctx);
-          const cmd = `${deps}python3 -c "
-import sys
-sys.path.insert(0, '${corePath}')
-from testers.auth_tester import AuthTester
-tester = AuthTester()
-result = tester.test('${args.endpoint}')
-print(result)
-"`;
-          return await execShell(ctx, cmd);
-        },
-      }),
-    },
-
-    // 赛博监工 Hook - chat.message
-    "chat.message": async (input, output) => {
-      const sessionID = input.sessionID;
-      
-      // 注入 agents prompt（首次）
-      const agentsPrompt = getInjectedAgentsPrompt();
-      if (agentsPrompt) {
-        const parts = output.parts as Array<{ type: string; text?: string }>;
-        const textPart = parts.find(p => p.type === "text");
-        if (textPart && textPart.text) {
-          textPart.text += agentsPrompt;
-        }
-      }
-      
-      // 赛博监工压力注入
-      if (config.cyber_supervisor.enabled && config.cyber_supervisor.auto_trigger) {
-        const failures = getFailureCount(sessionID);
-        if (failures > 0 && failures <= config.cyber_supervisor.max_retries) {
-          const level = Math.min(failures - 1, 4);
-          const supervisorPrompt = `
-
-[赛博监工 P9 - 压力等级 L${level}]
-当前失败次数: ${failures}/${config.cyber_supervisor.max_retries}
-${LEVEL_PROMPTS[level]}
-
-记住三条红线：
-1. 闭环：说"完成"必须出示测试证据
-2. 事实驱动：任何"可能是..."的论断必须先验证
-3. 穷尽：10 个工具全部尝试过才能说"搞不定"
-`;
-          const parts = output.parts as Array<{ type: string; text?: string }>;
-          const textPart = parts.find(p => p.type === "text");
-          if (textPart && textPart.text) {
-            textPart.text += supervisorPrompt;
-          }
-        }
-      }
-    },
-
-    // 赛博监工 Hook - tool.execute.after
-    "tool.execute.after": async (input, output) => {
-      const sessionID = input.sessionID;
-      const outputText = output.output || "";
-      
-      // 检测模型错误并触发回退
-      const modelError = detectModelError(outputText);
-      if (modelError.isModelError && modelError.modelID) {
-        incrementModelFailure(sessionID, modelError.modelID);
-        
-        // 获取下一个可用模型
-        const isSupervisor = input.toolName?.includes("supervisor") || 
-                            input.toolName?.includes("scan");
-        const nextModel = getNextFallbackModel(config, sessionID, modelError.modelID, isSupervisor);
-        
-        if (nextModel) {
-          return {
-            ...output,
-            output: outputText + `\n\n[模型回退] ${modelError.modelID} 失败，已切换到 ${nextModel}`,
-            _fallbackModel: nextModel
-          };
-        }
-      }
-      
-      // 检测工具失败
-      if (output.error) {
-        incrementFailureCount(sessionID);
-      }
-      
-      // 检测放弃模式
-      if (detectGiveUpPattern(outputText)) {
-        incrementFailureCount(sessionID);
-        const failures = getFailureCount(sessionID);
-        const level = Math.min(failures, 4);
-        
-        return {
-          ...output,
-          output: outputText + `\n\n[赛博监工] 失败 ${failures} 次 - ${LEVEL_PROMPTS[level]}`
-        };
-      }
-      
-      // 成功则重置计数器
-      if (!output.error && !detectGiveUpPattern(outputText)) {
-        resetFailureCount(sessionID);
-      }
-      
-      return output;
-    },
-
-    // 会话清理
-    event: async (input) => {
-      const { event } = input;
-
-      if (event.type === "session.deleted" || event.type === "session.compacted") {
-        const props = event.properties as Record<string, unknown> | undefined;
-        let sessionID: string | undefined;
-
-        if (event.type === "session.deleted") {
-          sessionID = (props?.info as { id?: string })?.id;
-        } else {
-          sessionID = (props?.sessionID ?? (props?.info as { id?: string })?.id) as string | undefined;
-        }
-
-        if (sessionID) {
-          resetFailureCount(sessionID);
-          resetModelFailures(sessionID);
-        }
-      }
-    },
-  };
-};
-
-export default ApiSecurityTestingPlugin;