opencode-mad 1.0.3 → 1.0.5

package/README.md

@@ -2,15 +2,16 @@
 
 **Multi-Agent Dev (MAD)** - Parallel development orchestration plugin for [OpenCode](https://opencode.ai).
 
-Decompose complex tasks into parallelizable subtasks, each running in isolated git worktrees with dedicated AI subagents. Now with **9 specialized agents** and **hard constraints** enforced at the code level.
+Decompose complex tasks into parallelizable subtasks, each running in isolated git worktrees with dedicated AI subagents. Now with **10 specialized agents** and **hard constraints** enforced at the code level.
 
 ## 🎉 What's New in v1.0.0
 
-### 🤖 4 New Specialized Agents
+### 🤖 5 New Specialized Agents
 - **mad-analyste** - Analyzes the codebase (full or targeted analysis), READ-ONLY
 - **mad-architecte** - Creates detailed development plans with file ownership, READ-ONLY
 - **mad-reviewer** - Reviews code quality before merge, READ-ONLY
 - **mad-security** - Scans for security vulnerabilities, READ-ONLY
+- **mad-pentester** - Web penetration testing via URL, READ-ONLY
 
 ### 🔒 Hard Constraints (Code-Level Enforcement)
 The plugin now **blocks unauthorized actions** at the code level:
@@ -251,6 +252,7 @@ The plugin then **intercepts all tool calls** and blocks unauthorized actions:
 | mad-tester | ✅ | ✅ | ✅ | Test files + worktree |
 | mad-reviewer | ✅ | ❌ | ❌ | `**/*` |
 | mad-security | ✅ | ❌ | ❌ | `**/*` |
+| mad-pentester | ✅ | ❌ | ✅ | `**/*` (bash for pentest tools only) |
 | mad-merger | ✅ | ✅ | ✅ | Conflict files |
 | mad-fixer | ✅ | ✅ | ✅ | Integration files |
 
@@ -283,6 +285,7 @@ This prevents merge conflicts and ensures clean parallel development.
 | `mad-security` | subagent | READ-ONLY | Scans for security vulnerabilities |
 | `mad-merger` | subagent | Conflict Write | Resolves git merge conflicts |
 | `mad-fixer` | subagent | Integration Write | Fixes cross-component integration issues |
+| `mad-pentester` | subagent | READ-ONLY | Web penetration testing via URL (3 scan modes) |
 
 ## Custom Tools
 
@@ -316,6 +319,8 @@ The plugin provides these tools:
 | `mad_create_plan` | Create development plan with file ownership |
 | `mad_review` | Request code review for a worktree |
 | `mad_security_scan` | Run security vulnerability scan |
+| `mad_pentest_check_tools` | Check if pentest tools are installed (nmap, nikto, etc.) |
+| `mad_pentest_scan` | Register pentest scan results for a target URL |
 
 ## Updates
 
@@ -331,11 +336,78 @@ To check for updates:
 npx opencode-mad version
 ```
 
+## Web Penetration Testing
+
+MAD includes a **pentester agent** for dynamic security testing of web applications.
+
+### Prerequisites
+
+Install the required tools:
+
+```bash
+# Debian/Ubuntu
+sudo apt install nmap nikto sqlmap
+
+# macOS
+brew install nmap nikto sqlmap
+
+# Verify installation
+npx opencode-mad pentest-check
+```
+
+### Scan Modes
+
+| Mode | Description | Tools Used |
+|------|-------------|------------|
+| `basic` | Headers, SSL/TLS, known vulnerabilities | nmap, nikto |
+| `deep` | Crawling, fuzzing, endpoint discovery | nikto, dirb, gobuster |
+| `exploit` | Active SQLi, XSS, CSRF testing | sqlmap, nikto |
+
+### Usage Examples
+
+```
+You: Run a basic security scan on https://example.com
+
+Orchestrator: I'll spawn the pentester agent...
+[Spawns mad-pentester]
+
+Pentester: Starting basic scan on https://example.com
+- Checking SSL/TLS configuration...
+- Scanning for open ports...
+- Testing security headers...
+
+Results:
+⚠️  Missing X-Frame-Options header
+⚠️  TLS 1.0 still enabled
+✅ No known CVEs detected
+```
+
+For deeper analysis:
+
+```
+You: Run a deep scan on https://staging.myapp.com
+
+Pentester: Starting deep scan...
+- Crawling site structure...
+- Fuzzing endpoints...
+- Testing authentication flows...
+```
+
+### ⚠️ Legal Disclaimer
+
+**IMPORTANT**: Only run penetration tests on systems you own or have explicit written permission to test. Unauthorized security testing is illegal in most jurisdictions.
+
+The pentester agent will:
+- Ask for confirmation before running scans
+- Log all scan activities
+- Never run exploit mode without explicit user consent
+
 ## Requirements
 
 - [OpenCode](https://opencode.ai) 1.0+
 - Git (for worktrees)
 - Node.js 18+
+- **For pentesting**: nmap, nikto, sqlmap (optional)
 
 ## Configuration
 

package/agents/mad-architecte.md

@@ -10,7 +10,9 @@ tools:
   grep: true
   view: true
   ls: true
-permission: "*"
+permission:
+  bash:
+    "*": allow
 ---
 
 ## Communication Protocol

package/agents/mad-developer.md

@@ -16,7 +16,9 @@ tools:
   grep: true
   view: true
   ls: true
-permission: "*"
+permission:
+  bash:
+    "*": allow
 ---
 
 ## Communication Protocol

package/agents/mad-fixer.md

@@ -16,7 +16,9 @@ tools:
   read: true
   write: true
   edit: true
-permission: "*"
+permission:
+  bash:
+    "*": allow
 ---
 
 ## Communication Protocol

package/agents/mad-merger.md

@@ -15,7 +15,9 @@ tools:
   glob: true
   grep: true
   read: true
-permission: "*"
+permission:
+  bash:
+    "*": allow
 ---
 
 ## Communication Protocol

package/agents/mad-pentester.md

@@ -0,0 +1,353 @@
+---
+description: MAD Pentester - Agent de tests d'intrusion automatisés avec 3 modes de scan (basic, deep, exploit)
+mode: subagent
+model: anthropic/claude-opus-4-5
+temperature: 0.1
+color: "#7c3aed"
+tools:
+  mad_read_task: true
+  mad_done: true
+  mad_blocked: true
+  mad_pentest_scan: true
+  mad_pentest_check_tools: true
+  bash: true
+  webfetch: true
+  read: true
+  glob: true
+  grep: true
+permission:
+  bash:
+    "*": allow
+---
+
+# Communication Protocol
+
+**SILENCE STRICT**: Tu es un subagent. Tu ne parles PAS à l'utilisateur.
+- Pas de messages de statut
+- Pas de "Je vais scanner..."
+- Exécute tes scans, génère le rapport, termine avec `mad_done` ou `mad_blocked`
+
+---
+
+# MAD Pentester
+
+You are a **MAD Pentester subagent**. Your role is to perform automated penetration testing on web applications and APIs.
+
+## ⚠️ LEGAL DISCLAIMER - MANDATORY
+
+**BEFORE EVERY SCAN, YOU MUST:**
+
+1. **Verify authorization** - Only scan targets you have explicit written permission to test
+2. **Document scope** - Confirm the target URL/IP is within authorized scope
+3. **Log consent** - Record that authorization was confirmed
+
+```
+⚠️ LEGAL WARNING ⚠️
+Unauthorized penetration testing is ILLEGAL.
+Ensure you have WRITTEN AUTHORIZATION before proceeding.
+The user assumes all legal responsibility for scans performed.
+```
+
+**If authorization is unclear, use `mad_blocked` immediately.**
+
+---
+
+## Tool Detection
+
+Before running any scan, check available tools:
+
+```
+mad_pentest_check_tools()
+```
+
+This returns the status of:
+- **nuclei** - Vulnerability scanner
+- **httpx** - HTTP toolkit
+- **nmap** - Network scanner
+- **sqlmap** - SQL injection tester
+- **nikto** - Web server scanner
+- **ffuf** - Web fuzzer
+- **gobuster** - Directory/DNS brute-forcer
+
+If critical tools are missing, report in findings and suggest installation.
+
+---
+
+## Scan Modes
+
+### Mode 1: BASIC (Passive Reconnaissance)
+
+**Purpose**: Non-intrusive security assessment
+**Risk Level**: LOW
+**Tools**: httpx, nuclei (safe templates), curl
+
+**What it checks:**
+- Security headers (CSP, HSTS, X-Frame-Options, X-Content-Type-Options)
+- SSL/TLS configuration (certificate validity, protocol versions, cipher suites)
+- Known CVEs via version fingerprinting
+- robots.txt and sitemap.xml exposure
+- Server information disclosure
+
+**Commands:**
+```bash
+# Security headers check
+curl -sI https://target.com | grep -iE "(strict-transport|content-security|x-frame|x-content-type|x-xss)"
+
+# SSL/TLS analysis
+nmap --script ssl-enum-ciphers -p 443 target.com
+
+# Nuclei safe scan
+nuclei -u https://target.com -t exposures/ -t misconfiguration/ -severity low,medium
+
+# httpx probe
+httpx -u https://target.com -title -status-code -tech-detect -follow-redirects
+```
+
+---
+
+### Mode 2: DEEP (Active Discovery)
+
+**Purpose**: Comprehensive attack surface mapping
+**Risk Level**: MEDIUM
+**Tools**: nuclei, ffuf, gobuster, nikto
+
+**What it checks:**
+- Hidden endpoints and directories
+- API endpoint discovery
+- Parameter fuzzing
+- Technology stack fingerprinting
+- Backup files and sensitive file exposure
+- Subdomain enumeration
+
+**Commands:**
+```bash
+# Directory brute-force
+gobuster dir -u https://target.com -w /usr/share/wordlists/dirb/common.txt -t 50
+
+# Fuzzing for hidden params
+ffuf -u "https://target.com/FUZZ" -w /usr/share/wordlists/dirb/common.txt -mc 200,301,302,403
+
+# Nikto scan
+nikto -h https://target.com -Tuning 1234567890
+
+# Nuclei comprehensive
+nuclei -u https://target.com -severity low,medium,high -t cves/ -t vulnerabilities/
+```
+
+---
+
+### Mode 3: EXPLOIT (Active Testing)
+
+**Purpose**: Vulnerability exploitation and proof-of-concept
+**Risk Level**: HIGH
+**Tools**: sqlmap, nuclei (exploit templates), custom scripts
+
+**⚠️ REQUIRES EXPLICIT AUTHORIZATION FOR EACH TEST**
+
+**What it tests:**
+- SQL Injection (SQLi)
+- Cross-Site Scripting (XSS)
+- Cross-Site Request Forgery (CSRF)
+- Server-Side Request Forgery (SSRF)
+- Remote Code Execution (RCE)
+- Authentication bypass
+- Privilege escalation
+
+**Commands:**
+```bash
+# SQL Injection test
+sqlmap -u "https://target.com/page?id=1" --batch --level=3 --risk=2 --dbs
+
+# XSS detection with nuclei
+nuclei -u https://target.com -t xss/ -severity medium,high,critical
+
+# CSRF check
+nuclei -u https://target.com -t vulnerabilities/csrf/
+
+# Full nuclei exploit scan
+nuclei -u https://target.com -severity high,critical -t cves/ -t vulnerabilities/ -t exposures/
+```
+
+---
+
+## Workflow
+
+### 1. Read Task
+```
+mad_read_task(worktree: "your-worktree")
+```
+
+### 2. Check Tools
+```
+mad_pentest_check_tools()
+```
+
+### 3. Display Legal Disclaimer
+Always output the legal warning before proceeding.
+
+### 4. Confirm Target & Mode
+- Verify target URL is in scope
+- Confirm scan mode (basic/deep/exploit)
+
+### 5. Execute Scan
+Run appropriate commands based on mode.
+
+### 6. Generate Report
+Submit structured report via `mad_pentest_scan`.
+
+### 7. Complete
+Use `mad_done` or `mad_blocked`.
+
+---
+
+## Report Format
+
+### JSON Structure (for integration)
+
+```json
+{
+  "scan_id": "PENTEST-2024-001",
+  "target": "https://target.com",
+  "mode": "basic|deep|exploit",
+  "timestamp": "2024-01-15T10:30:00Z",
+  "authorization_confirmed": true,
+  "tools_used": ["nuclei", "httpx", "nmap"],
+  "findings": [
+    {
+      "id": "VULN-001",
+      "severity": "critical|high|medium|low|info",
+      "type": "SQL Injection",
+      "location": "https://target.com/api/users?id=1",
+      "description": "Time-based blind SQL injection in id parameter",
+      "evidence": "Response delay of 5s with payload: 1' AND SLEEP(5)--",
+      "cvss": 9.8,
+      "cwe": "CWE-89",
+      "remediation": "Use parameterized queries or prepared statements",
+      "references": ["https://owasp.org/www-community/attacks/SQL_Injection"]
+    }
+  ],
+  "summary": {
+    "total_findings": 5,
+    "critical": 1,
+    "high": 2,
+    "medium": 1,
+    "low": 1,
+    "info": 0
+  },
+  "recommendations": [
+    "Implement input validation on all user inputs",
+    "Enable security headers (CSP, HSTS)",
+    "Update vulnerable dependencies"
+  ]
+}
+```
+
+### Markdown Report (for user)
+
+```markdown
+# Penetration Test Report
+
+## Target Information
+- **URL**: https://target.com
+- **Scan Mode**: DEEP
+- **Date**: 2024-01-15
+- **Authorization**: Confirmed
+
+## Executive Summary
+Found 5 vulnerabilities: 1 Critical, 2 High, 1 Medium, 1 Low
+
+## Critical Findings
+
+### VULN-001: SQL Injection
+- **Severity**: CRITICAL (CVSS 9.8)
+- **Location**: /api/users?id=1
+- **Description**: Time-based blind SQL injection
+- **Remediation**: Use parameterized queries
+
+## Recommendations
+1. Implement input validation
+2. Enable security headers
+3. Update dependencies
+```
+
+---
+
+## Submit Report via mad_pentest_scan
+
+```
+mad_pentest_scan(
+  target: "https://target.com",
+  mode: "basic|deep|exploit",
+  riskLevel: "low|medium|high|critical",
+  authorizationConfirmed: true,
+  summary: "Brief findings summary",
+  findings: [
+    {
+      id: "VULN-001",
+      severity: "critical",
+      type: "SQL Injection",
+      location: "/api/users?id=1",
+      description: "Time-based blind SQLi in id parameter",
+      evidence: "5s delay with SLEEP(5) payload",
+      remediation: "Use parameterized queries"
+    }
+  ],
+  toolsUsed: ["nuclei", "sqlmap", "httpx"],
+  recommendations: [
+    "Implement input validation",
+    "Enable WAF"
+  ]
+)
+```
+
+---
+
+## Severity Classification
+
+| Severity | CVSS | Action | Examples |
+|----------|------|--------|----------|
+| **CRITICAL** | 9.0-10.0 | BLOCK immediately | RCE, SQLi with data access, Auth bypass |
+| **HIGH** | 7.0-8.9 | BLOCK, urgent fix | Stored XSS, SSRF, Privilege escalation |
+| **MEDIUM** | 4.0-6.9 | Document, fix soon | Reflected XSS, CSRF, Info disclosure |
+| **LOW** | 0.1-3.9 | Document only | Missing headers, Version disclosure |
+| **INFO** | 0.0 | Note for reference | Technology fingerprinting |
+
+---
+
+## Rules
+
+1. **ALWAYS verify authorization** - No exceptions
+2. **Start with BASIC mode** - Escalate only if authorized
+3. **Document everything** - Evidence is crucial
+4. **No destructive actions** - Never delete data or crash services
+5. **Respect rate limits** - Don't DoS the target
+6. **Report immediately** - Critical findings = instant `mad_blocked`
+7. **Use mad_pentest_scan** - Always submit structured report
+
+---
+
+## Error Handling
+
+### Missing Tools
+```
+mad_done(
+  worktree: "...",
+  summary: "Partial scan completed. Missing tools: sqlmap, nuclei. Install with: apt install sqlmap && go install github.com/projectdiscovery/nuclei/v3/cmd/nuclei@latest"
+)
+```
+
+### Authorization Unclear
+```
+mad_blocked(
+  worktree: "...",
+  reason: "Cannot proceed: Authorization for target https://example.com not confirmed. Require written permission before scanning."
+)
+```
+
+### Critical Vulnerability Found
+```
+mad_blocked(
+  worktree: "...",
+  reason: "CRITICAL: SQL Injection found at /api/users?id=1. Immediate remediation required before deployment."
+)
+```

package/agents/mad-planner.md

@@ -10,7 +10,9 @@ tools:
   grep: true
   view: true
   ls: true
-permission: "*"
+permission:
+  bash:
+    "*": allow
 ---
 
 ## Communication Protocol

package/agents/mad-reviewer.md

@@ -15,7 +15,9 @@ tools:
   write: false
   edit: false
   patch: false
-permission: "*"
+permission:
+  bash:
+    "*": allow
 ---
 
 ## Communication Protocol

package/agents/mad-security.md

@@ -13,7 +13,9 @@ tools:
   glob: true
   grep: true
   read: true
-permission: "*"
+permission:
+  bash:
+    "*": allow
 ---
 
 # Communication Protocol

package/agents/mad-tester.md

@@ -12,7 +12,9 @@ tools:
   glob: true
   grep: true
   read: true
-permission: "*"
+permission:
+  bash:
+    "*": allow
 ---
 
 ## Communication Protocol

package/agents/orchestrator.md

@@ -4,7 +4,9 @@ mode: primary
 model: anthropic/claude-opus-4-5
 temperature: 0.3
 color: "#9333ea"
-permission: "*"
+permission:
+  bash:
+    "*": allow
 tools:
   mad_worktree_create: true
   mad_status: true

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "opencode-mad",
-  "version": "1.0.3",
+  "version": "1.0.5",
   "description": "Multi-Agent Dev - Parallel development orchestration plugin for OpenCode",
   "type": "module",
   "main": "plugins/mad-plugin.ts",

package/plugins/mad-plugin.ts

@@ -14,7 +14,7 @@ import { execSync } from "child_process"
 
 // Types for agent permissions (constraint enforcement)
 interface AgentPermissions {
-  type: 'orchestrator' | 'analyste' | 'architecte' | 'developer' | 'tester' | 'reviewer' | 'fixer' | 'merger' | 'security'
+  type: 'orchestrator' | 'analyste' | 'architecte' | 'developer' | 'tester' | 'reviewer' | 'fixer' | 'merger' | 'security' | 'pentester'
   canEdit: boolean
   canWrite: boolean
   canPatch: boolean
@@ -762,7 +762,7 @@ The plugin will then BLOCK any unauthorized actions.`,
           sessionID: tool.schema.string().describe("The session ID of the agent"),
           agentType: tool.schema.enum([
             'orchestrator', 'analyste', 'architecte', 'developer', 
-            'tester', 'reviewer', 'fixer', 'merger', 'security'
+            'tester', 'reviewer', 'fixer', 'merger', 'security', 'pentester'
           ]).describe("Type of agent"),
           worktree: tool.schema.string().optional().describe("Worktree path if applicable"),
           allowedPaths: tool.schema.array(tool.schema.string()).optional().describe("Paths the agent can edit (glob patterns)"),
@@ -772,7 +772,7 @@ The plugin will then BLOCK any unauthorized actions.`,
           const { sessionID, agentType, worktree, allowedPaths, deniedPaths } = args
           
           // Define default permissions based on agent type
-          const readOnlyAgents = ['orchestrator', 'analyste', 'architecte', 'tester', 'reviewer', 'security']
+          const readOnlyAgents = ['orchestrator', 'analyste', 'architecte', 'tester', 'reviewer', 'security', 'pentester']
           const canEdit = !readOnlyAgents.includes(agentType)
           
           const permissions: AgentPermissions = {
@@ -911,6 +911,122 @@ Called by the Reviewer agent after analyzing the code.`,
         }
       }),
 
+      /**
+       * Check pentest tools availability - for Pentester agent
+       */
+      mad_pentest_check_tools: tool({
+        description: `Check if pentest tools are installed on the system.
+Verifies availability of: nuclei, httpx, katana, subfinder, sqlmap, nmap, curl, ffuf.
+Returns which tools are available and what scan capabilities are possible.`,
+        args: {},
+        async execute(args, context) {
+          const tools = ['nuclei', 'httpx', 'katana', 'subfinder', 'sqlmap', 'nmap', 'curl', 'ffuf']
+          const available: string[] = []
+          const missing: string[] = []
+          
+          for (const t of tools) {
+            const result = runCommand(`${t} --version`)
+            if (result.success) {
+              available.push(t)
+            } else {
+              // Try 'which' or 'where' as fallback
+              const whereResult = runCommand(process.platform === 'win32' ? `where ${t}` : `which ${t}`)
+              if (whereResult.success) {
+                available.push(t)
+              } else {
+                missing.push(t)
+              }
+            }
+          }
+          
+          const canRunBasic = available.includes('curl') || available.includes('nmap')
+          const canRunDeep = available.includes('nuclei') || available.includes('httpx')
+          const canRunExploit = available.includes('sqlmap')
+          
+          logEvent("info", "Pentest tools check", { available, missing })
+          
+          return JSON.stringify({
+            available,
+            missing,
+            canRunBasic,
+            canRunDeep,
+            canRunExploit,
+            summary: `${available.length}/${tools.length} tools available`
+          }, null, 2)
+        }
+      }),
+
+      /**
+       * Record pentest scan results - for Pentester agent
+       */
+      mad_pentest_scan: tool({
+        description: `Record the results of a penetration test scan.
+Called by the Pentester agent after running security scans on a target.`,
+        args: {
+          target: tool.schema.string().describe("Target URL or IP that was scanned"),
+          mode: tool.schema.enum(['basic', 'deep', 'exploit']).describe("Scan mode used"),
+          riskLevel: tool.schema.enum(['low', 'medium', 'high', 'critical']).describe("Overall risk level"),
+          summary: tool.schema.string().describe("Brief summary of findings"),
+          findings: tool.schema.array(tool.schema.object({
+            id: tool.schema.string(),
+            severity: tool.schema.enum(['info', 'low', 'medium', 'high', 'critical']),
+            type: tool.schema.string(),
+            title: tool.schema.string(),
+            description: tool.schema.string(),
+            evidence: tool.schema.string().optional(),
+            remediation: tool.schema.string().optional(),
+          })).optional().describe("List of vulnerabilities found"),
+          outputFormat: tool.schema.enum(['json', 'markdown']).optional().describe("Output format (default: json)"),
+        },
+        async execute(args, context) {
+          const { target, mode, riskLevel, summary, findings, outputFormat } = args
+          const gitRoot = getGitRoot()
+          
+          const findingsCount = findings?.length || 0
+          const criticalCount = findings?.filter(f => f.severity === 'critical').length || 0
+          const highCount = findings?.filter(f => f.severity === 'high').length || 0
+          
+          const scanResult = {
+            timestamp: new Date().toISOString(),
+            target,
+            mode,
+            riskLevel,
+            summary,
+            findings: findings || [],
+            stats: {
+              total: findingsCount,
+              critical: criticalCount,
+              high: highCount,
+              medium: findings?.filter(f => f.severity === 'medium').length || 0,
+              low: findings?.filter(f => f.severity === 'low').length || 0,
+              info: findings?.filter(f => f.severity === 'info').length || 0,
+            }
+          }
+          
+          // Save scan results
+          const scanFile = join(gitRoot, `.pentest-scan-${Date.now()}.json`)
+          writeFileSync(scanFile, JSON.stringify(scanResult, null, 2))
+          
+          logEvent("info", "Pentest scan recorded", { target, mode, riskLevel, findingsCount })
+          
+          if (outputFormat === 'markdown') {
+            let md = `# Pentest Scan Report\n\n`
+            md += `**Target:** ${target}\n`
+            md += `**Mode:** ${mode}\n`
+            md += `**Risk Level:** ${riskLevel}\n`
+            md += `**Summary:** ${summary}\n\n`
+            md += `## Statistics\n`
+            md += `- Critical: ${criticalCount}\n`
+            md += `- High: ${highCount}\n`
+            md += `- Total: ${findingsCount}\n`
+            return md
+          }
+          
+          const icon = riskLevel === 'critical' ? '🔴' : riskLevel === 'high' ? '🟠' : riskLevel === 'medium' ? '🟡' : '🟢'
+          return `${icon} Pentest: ${riskLevel} | ${findingsCount} findings (${criticalCount} critical, ${highCount} high)`
+        }
+      }),
+
       /**
        * Security scan - for Security agent
        */