visus-mcp 0.6.2 → 0.9.0

package/src/sanitizer/threat-reporter.ts

@@ -9,7 +9,10 @@
  * Aligned with:
  * - OWASP LLM Top 10 (2025)
  * - NIST AI 600-1 (Generative AI Profile)
+ * - NIST AI RMF (AI Risk Management Framework)
+ * - NIST CSF 2.0 (Cybersecurity Framework 2.0)
  * - MITRE ATLAS (Adversarial Threat Landscape)
+ * - ISO/IEC 42001:2023 (AI Management System)
  */
 
 import {
@@ -34,6 +37,8 @@ export interface ThreatFinding {
   confidence: number;
   owasp_llm: string;
   nist_ai_600_1: string;
+  nist_ai_rmf: string;
+  nist_csf_2_0: string;
   mitre_atlas: string;
   iso_42001: string;
   remediation: string;
@@ -103,6 +108,8 @@ function buildFindings(patternsDetected: string[]): ThreatFinding[] {
       confidence: 0.95, // Default confidence; can be enhanced later
       owasp_llm: frameworks.owasp_llm,
       nist_ai_600_1: frameworks.nist_ai_600_1,
+      nist_ai_rmf: frameworks.nist_ai_rmf,
+      nist_csf_2_0: frameworks.nist_csf_2_0,
       mitre_atlas: frameworks.mitre_atlas,
       iso_42001: frameworks.iso_42001,
       remediation: `Content sanitized. ${category.replace(/_/g, ' ')} removed.`
@@ -126,9 +133,9 @@ function generateToonFindings(findings: ThreatFinding[]): string {
  * Fallback manual TOON format generation
  */
 function generateManualToonFormat(findings: ThreatFinding[]): string {
-  const header = `findings[${findings.length}]{id,pattern_id,category,severity,confidence,owasp_llm,nist_ai_600_1,mitre_atlas,iso_42001,remediation}:`;
+  const header = `findings[${findings.length}]{id,pattern_id,category,severity,confidence,owasp_llm,nist_ai_600_1,nist_ai_rmf,nist_csf_2_0,mitre_atlas,iso_42001,remediation}:`;
   const rows = findings.map(f =>
-    `${f.id},${f.pattern_id},${f.category},${f.severity},${f.confidence},${f.owasp_llm},${f.nist_ai_600_1},${f.mitre_atlas},${f.iso_42001},${f.remediation}`
+    `${f.id},${f.pattern_id},${f.category},${f.severity},${f.confidence},${f.owasp_llm},${f.nist_ai_600_1},${f.nist_ai_rmf},${f.nist_csf_2_0},${f.mitre_atlas},${f.iso_42001},${f.remediation}`
   );
   return `${header}\n${rows.join('\n')}`;
 }
@@ -151,7 +158,7 @@ function generateMarkdownReport(
   markdown += `**Generated:** ${timestamp}\n`;
   markdown += `**Source:** ${sourceUrl}\n`;
   markdown += `**Overall Severity:** ${overallSeverity}\n`;
-  markdown += `**Framework:** OWASP LLM Top 10 | NIST AI 600-1 | MITRE ATLAS | ISO/IEC 42001\n\n`;
+  markdown += `**Framework:** OWASP LLM Top 10 | NIST AI 600-1 | NIST AI RMF | NIST CSF 2.0 | MITRE ATLAS | ISO/IEC 42001\n\n`;
 
   // Findings Summary
   markdown += '### Findings Summary\n';
@@ -165,16 +172,18 @@ function generateMarkdownReport(
   // Findings Detail (only if we have findings)
   if (findings.length > 0) {
     markdown += '### Findings Detail\n';
-    markdown += '| # | Category | Severity | Confidence | OWASP | MITRE | ISO 42001 |\n';
-    markdown += '|---|---|---|---|---|---|---|\n';
+    markdown += '| # | Category | Severity | Conf | OWASP | AI-RMF | CSF 2.0 | MITRE | ISO |\n';
+    markdown += '|---|---|---|---|---|---|---|---|---|\n';
 
     for (const finding of findings.slice(0, 10)) { // Limit to first 10 for readability
       const confidencePct = Math.round(finding.confidence * 100);
       const owaspShort = finding.owasp_llm.split(' - ')[0]; // e.g., "LLM01:2025"
+      const nistRmfShort = finding.nist_ai_rmf.split(' - ')[0]; // e.g., "MEASURE-2.7"
+      const nistCsfShort = finding.nist_csf_2_0.split(' - ')[0]; // e.g., "DE.CM-01"
       const mitreShort = finding.mitre_atlas.split(' - ')[0]; // e.g., "AML.T0051.000"
       const isoShort = finding.iso_42001.split(' - ')[0]; // e.g., "A.6.1.5"
 
-      markdown += `| ${finding.id} | ${finding.category} | ${finding.severity} | ${confidencePct}% | ${owaspShort} | ${mitreShort} | ${isoShort} |\n`;
+      markdown += `| ${finding.id} | ${finding.category} | ${finding.severity} | ${confidencePct}% | ${owaspShort} | ${nistRmfShort} | ${nistCsfShort} | ${mitreShort} | ${isoShort} |\n`;
     }
 
     if (findings.length > 10) {
@@ -256,6 +265,8 @@ export function generateThreatReport(input: ThreatReportInput): ThreatReport | n
     frameworks: [
       'OWASP LLM Top 10',
       'NIST AI 600-1',
+      'NIST AI RMF',
+      'NIST CSF 2.0',
       'MITRE ATLAS',
       'ISO/IEC 42001'
     ],

package/src/tools/fetch-structured.ts

@@ -119,6 +119,11 @@ export async function visusFetchStructured(
 
     const { title, html } = renderResult.value;
 
+    // Type guard: fetch-structured only works with HTML (string), not binary content
+    if (Buffer.isBuffer(html)) {
+      return Err(new Error('fetch-structured does not support binary content types (PDFs, images). Use visus_fetch instead.'));
+    }
+
     // Step 2: Extract structured data from HTML using cheerio
     const extractedData = extractStructuredData(html, schema);
 

package/src/tools/fetch.ts

@@ -10,6 +10,7 @@ import { renderPage } from '../browser/playwright-renderer.js';
 import { sanitize } from '../sanitizer/index.js';
 import { truncateContent } from '../utils/truncate.js';
 import { detectFormat, convertJson, convertXml, convertRss } from '../utils/format-converter.js';
+import { routeContentHandler, normalizeMimeType } from '../content-handlers/index.js';
 import type { VisusFetchInput, VisusFetchOutput, Result } from '../types.js';
 import { Err } from '../types.js';
 
@@ -39,10 +40,81 @@ export async function visusFetch(input: VisusFetchInput): Promise<Result<VisusFe
     }
 
     const { html, title, contentType } = renderResult.value;
+    // rawContent can be string (HTML/JSON/SVG) or Buffer (PDF, binary)
     const rawContent = html || '';
 
-    // Step 2: Detect format and apply format-appropriate conversion
+    // Step 2: Detect content type and route to specialized handlers if applicable
     const detectedContentType = contentType || 'text/html';
+    const normalizedMime = normalizeMimeType(detectedContentType);
+
+    // Check if content requires specialized handler (PDF, JSON, SVG)
+    if (normalizedMime === 'application/pdf' ||
+        normalizedMime === 'application/json' ||
+        normalizedMime === 'text/json' ||
+        normalizedMime === 'image/svg+xml') {
+
+      // Route to specialized content handler
+      // Note: rawContent may be Buffer for PDFs, string for JSON/SVG
+      const handlerResult = await routeContentHandler(rawContent, detectedContentType);
+
+      // Handle unsupported or error cases
+      if (handlerResult.status === 'rejected' || handlerResult.status === 'error') {
+        return Err(new Error(handlerResult.message));
+      }
+
+      // Type guard: ensure we have a success result
+      if (handlerResult.status !== 'sanitized') {
+        return Err(new Error('Unexpected handler result status'));
+      }
+
+      // Handler success - use the already-sanitized content
+      const sanitizedContent = handlerResult.sanitized_content;
+      const sanitization = handlerResult.sanitization;
+      const truncationResult = truncateContent(sanitizedContent);
+
+      // Determine format_detected based on MIME type
+      let formatDetected: 'html' | 'json' | 'xml' | 'rss' = 'html';
+      if (normalizedMime === 'application/json' || normalizedMime === 'text/json') {
+        formatDetected = 'json';
+      } else if (normalizedMime === 'image/svg+xml') {
+        formatDetected = 'xml'; // SVG is XML-based
+      } else if (normalizedMime === 'application/pdf') {
+        // PDF doesn't have a format_detected value in the current schema
+        // Leaving as 'html' for now
+      }
+
+      const output: VisusFetchOutput = {
+        url,
+        content: truncationResult.content,
+        sanitization: {
+          patterns_detected: sanitization.patterns_detected,
+          pii_types_redacted: sanitization.pii_types_redacted,
+          pii_allowlisted: sanitization.pii_allowlisted,
+          content_modified: sanitization.sanitized_fields > 0
+        },
+        metadata: {
+          title: title || 'Untitled',
+          fetched_at: new Date().toISOString(),
+          content_length_original: rawContent.length,
+          content_length_sanitized: sanitizedContent.length,
+          format_detected: formatDetected,
+          content_type: detectedContentType,
+          ...(truncationResult.truncated && {
+            truncated: true,
+            truncated_at_chars: truncationResult.truncated_at_chars
+          })
+        }
+      };
+
+      return { ok: true, value: output };
+    }
+
+    // Step 3: For HTML/XML/RSS - use existing format conversion flow
+    // Type guard: rawContent should be string for non-binary types
+    if (Buffer.isBuffer(rawContent)) {
+      return Err(new Error('Unexpected binary content in HTML/XML/RSS path'));
+    }
+
     const formatType = detectFormat(detectedContentType);
 
     let processedContent = rawContent;
@@ -57,15 +129,15 @@ export async function visusFetch(input: VisusFetchInput): Promise<Result<VisusFe
     }
     // For 'html' format, processedContent remains as rawContent
 
-    // Step 3: CRITICAL - Sanitize content (injection detection + PII redaction with allowlisting)
+    // Step 4: CRITICAL - Sanitize content (injection detection + PII redaction with allowlisting)
     // This step CANNOT be skipped or bypassed
     const sanitizationResult = sanitize(processedContent, url);
 
-    // Step 3: Apply token ceiling truncation (AFTER sanitization)
+    // Step 5: Apply token ceiling truncation (AFTER sanitization)
     // Anthropic MCP Directory enforces 25,000 token response limit
     const truncationResult = truncateContent(sanitizationResult.content);
 
-    // Step 4: Build output
+    // Step 6: Build output
     const output: VisusFetchOutput = {
       url,
       content: truncationResult.content,

package/src/tools/read.ts

@@ -48,6 +48,11 @@ export async function visusRead(input: VisusReadInput): Promise<Result<VisusRead
 
     const { html, title: pageTitle } = renderResult.value;
 
+    // Type guard: visus_read only works with HTML (string), not binary content
+    if (Buffer.isBuffer(html)) {
+      return Err(new Error('visus_read does not support binary content types (PDFs, images). Use visus_fetch instead.'));
+    }
+
     // Step 2: Extract article content using Readability
     const readerResult = extractArticle(html, url);
 

package/src/types.ts

@@ -130,9 +130,17 @@ export interface VisusSearchOutput {
 
 /**
  * Result from browser rendering
+ *
+ * @property html - Response content as string (for text) or Buffer (for binary like PDFs)
+ *                  Use Buffer for application/pdf, image/*, and other binary types
+ * @property title - Page title extracted from response
+ * @property url - Final URL after redirects
+ * @property contentType - Content-Type header value (e.g., "application/pdf", "text/html")
+ * @property text - Optional text content (when available)
+ * @property error - Error message if rendering failed
  */
 export interface BrowserRenderResult {
-  html: string;
+  html: string | Buffer;
   title: string;
   url: string;
   contentType?: string;

package/.github/ISSUE_TEMPLATE/bug_report.md

@@ -1,47 +0,0 @@
----
-name: Bug Report
-about: Something isn't working correctly
-title: '[BUG] '
-labels: bug
-assignees: ''
----
-
-## Describe the bug
-
-A clear description of what went wrong.
-
-## Tool used
-
-- [ ] visus_fetch
-- [ ] visus_read
-- [ ] visus_search
-- [ ] visus_fetch_structured
-
-## To Reproduce
-
-1. Tool call (URL and parameters — remove any sensitive URLs)
-2. Expected output
-3. Actual output
-
-## Sanitization metadata
-
-Paste the `sanitization` block from the tool response if relevant.
-
-```json
-{
-  "patterns_detected": [],
-  "pii_types_redacted": [],
-  "content_modified": false
-}
-```
-
-## Environment
-
-- visus-mcp version: (run `npx visus-mcp --version`)
-- Node.js version: (run `node --version`)
-- OS: (macOS / Windows / Linux)
-- Claude Desktop version (if applicable):
-
-## Additional context
-
-Any other relevant information.

package/.github/ISSUE_TEMPLATE/false_positive.md

@@ -1,43 +0,0 @@
----
-name: False Positive Report
-about: visus incorrectly flagged or redacted legitimate content
-title: '[FALSE POSITIVE] '
-labels: false-positive, sanitizer
-assignees: ''
----
-
-## What was incorrectly flagged?
-
-Describe the legitimate content that was redacted or blocked.
-Do NOT include sensitive URLs or private content.
-
-## Pattern category that fired
-
-Which pattern triggered? (visible in the `patterns_detected` field of the sanitization metadata)
-
-Pattern name: `pattern_name_here`
-
-## Example of the content
-
-A minimal example of the text that triggered the false positive.
-Keep it short — just enough to reproduce the pattern match.
-
-```
-Example content here
-```
-
-## Expected behavior
-
-What should visus have done with this content?
-
-## Domain context
-
-What type of site was this? (news, documentation, health info, government, etc.) — helps assess if a domain-scoped allowlist is appropriate.
-
-Domain type: ___
-
-## visus-mcp version
-
-Run `npx visus-mcp --version`:
-
-Version: ___

package/.github/ISSUE_TEMPLATE/new_pattern.md

@@ -1,49 +0,0 @@
----
-name: New Injection Pattern Request
-about: Suggest a new prompt injection pattern category
-title: '[PATTERN] '
-labels: enhancement, sanitizer
-assignees: ''
----
-
-## Pattern description
-
-What type of injection attack does this detect?
-
-## Example of malicious content
-
-A concrete example of what this pattern should catch.
-(These examples are for security research — they will be added to the test corpus.)
-
-**Example 1 (should be caught):**
-```
-[paste example here]
-```
-
-**Example 2 (should NOT be caught — negative case):**
-```
-[paste legitimate content that looks similar but is safe]
-```
-
-## Proposed severity level
-
-- [ ] CRITICAL — Immediate threat, direct instruction manipulation
-- [ ] HIGH — Significant obfuscation or context manipulation
-- [ ] MEDIUM — Moderate risk, indirect attack vectors
-- [ ] LOW — Low risk, informational flag
-
-## Framework mapping (if known)
-
-- OWASP LLM Top 10: (e.g. LLM01:2025)
-- NIST AI 600-1: (e.g. MS-2.5)
-- MITRE ATLAS: (e.g. AML.T0051)
-- ISO/IEC 42001: (e.g. A.6.1.5)
-
-## Real-world context
-
-Where have you seen this pattern used? (CVE, research paper, red team exercise, etc.)
-
-## Are you willing to submit a PR?
-
-- [ ] Yes, I'll implement and test this pattern
-- [ ] No, but I can provide more examples if needed

package/.github/ISSUE_TEMPLATE/security_report.md

@@ -1,31 +0,0 @@
----
-name: Security Vulnerability
-about: Report a security vulnerability in visus-mcp
-title: '[SECURITY] '
-labels: security
-assignees: ''
----
-
-# ⚠️ STOP — Do not file public security issues.
-
-If you have found a security vulnerability in visus-mcp, please report it **privately**:
-
-📧 **Email:** security@lateos.ai
-
-🔒 **GitHub Security Advisories:**
-   https://github.com/visus-mcp/visus-mcp/security/advisories/new
-
-## Include in your report:
-
-- Description of the vulnerability
-- Steps to reproduce
-- Potential impact
-- Suggested fix (optional)
-
-We aim to respond within **48 hours** and will credit you in SECURITY.md once the issue is resolved.
-
-Thank you for helping keep visus-mcp secure.
-
----
-
-**Do not proceed with this public issue template for security vulnerabilities.**

package/.github/PULL_REQUEST_TEMPLATE.md

@@ -1,39 +0,0 @@
-## What does this PR do?
-
-Brief description of the change.
-
-## Type of change
-
-- [ ] New injection pattern
-- [ ] False positive fix
-- [ ] Bug fix
-- [ ] Feature addition
-- [ ] Documentation update
-- [ ] Performance improvement
-
-## Test results
-
-- [ ] npm test passes (all tests)
-- [ ] npm run build compiles cleanly
-- [ ] New tests added for new functionality
-- [ ] Test count did not decrease
-
-**Before:** X/X tests passing
-**After:** X/X tests passing
-
-## Security checklist
-
-- [ ] All new content passes through the sanitizer pipeline
-- [ ] No new `any` types introduced
-- [ ] No console.log (use structured stderr logging)
-- [ ] No hardcoded secrets or API keys
-- [ ] CLAUDE.md security rules not violated
-
-## Does this change affect sanitization coverage?
-
-- [ ] No
-- [ ] Yes — explain: ___
-
-## Related issues
-
-Closes #___

package/.mcpregistry_github_token

@@ -1 +0,0 @@
-ghu_9xbQ1SXXZ8bh3BmoTNB21qUfmu31cJ0ly3mc

package/.mcpregistry_registry_token

@@ -1 +0,0 @@
-{"token":"eyJhbGciOiJFZERTQSIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJtY3AtcmVnaXN0cnkiLCJleHAiOjE3NzQzMDc2MzIsIm5iZiI6MTc3NDMwNzMzMiwiaWF0IjoxNzc0MzA3MzMyLCJhdXRoX21ldGhvZCI6ImdpdGh1Yi1hdCIsImF1dGhfbWV0aG9kX3N1YiI6Imxlb2Nob25nIiwicGVybWlzc2lvbnMiOlt7ImFjdGlvbiI6InB1Ymxpc2giLCJyZXNvdXJjZSI6ImlvLmdpdGh1Yi5sZW9jaG9uZy8qIn0seyJhY3Rpb24iOiJwdWJsaXNoIiwicmVzb3VyY2UiOiJpby5naXRodWIudmlzdXMtbWNwLyoifV19.qXNypXv1OF_l3ob4Kju46rvn-vs4s5x3JIU2ZH7jJiaBV5gy0sX60NJSKM9ybJvcXggnW9_Mp1L-JeZDPVd5BQ","expires_at":1774307632}