Documentation
¶
Overview ¶
Package analyzer provides the scanning engine that runs a set of checkers over a UnifiedTool and produces a RiskScore.
Package analyzer provides the scanning engine that runs a set of checkers over a UnifiedTool and produces a RiskScore.
Index ¶
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type ArbitraryCodeChecker ¶ added in v0.1.4
type ArbitraryCodeChecker struct{}
ArbitraryCodeChecker detects tools that can execute arbitrary script or code (e.g. evaluate_script, execute JavaScript, browser injection). These are AS-006 with CRITICAL severity — equivalent risk to exec.
func NewArbitraryCodeChecker ¶ added in v0.1.4
func NewArbitraryCodeChecker() *ArbitraryCodeChecker
NewArbitraryCodeChecker returns a new ArbitraryCodeChecker.
func (*ArbitraryCodeChecker) Check ¶ added in v0.1.4
func (c *ArbitraryCodeChecker) Check(tool model.UnifiedTool) ([]model.Issue, error)
Check produces an AS-006 finding when name or description signals arbitrary code/script execution capability.
type Dependency ¶
type Dependency struct {
Name string `json:"name"`
Version string `json:"version"`
Ecosystem string `json:"ecosystem"` // e.g. "npm", "Go", "PyPI"
}
Dependency describes a package that a tool depends on. Adapters should populate UnifiedTool.Metadata["dependencies"] with []Dependency when the source protocol exposes package information.
type DoSResilienceChecker ¶
type DoSResilienceChecker struct{}
DoSResilienceChecker detects tools that perform network or resource-heavy operations without any visible rate-limit or retry configuration, creating potential for denial-of-service or runaway resource consumption.
Rule ID: AS-011.
func NewDoSResilienceChecker ¶
func NewDoSResilienceChecker() *DoSResilienceChecker
NewDoSResilienceChecker returns a new DoSResilienceChecker.
func (*DoSResilienceChecker) Check ¶
func (c *DoSResilienceChecker) Check(tool model.UnifiedTool) ([]model.Issue, error)
Check raises a LOW finding when a tool holds a risky permission but declares no rate-limit metadata and has no rate-limit-related schema properties.
type Engine ¶
type Engine struct {
// contains filtered or unexported fields
}
Engine is the public-facing scanner. It wraps the lower-level Scanner and exposes a context-free Scan method suitable for direct use in tests and CLI one-shot invocations.
func NewEngine ¶
func NewEngine() *Engine
NewEngine returns an Engine pre-wired with all default checkers:
- AS-001 Tool Poisoning (PoisoningChecker)
- AS-002 Permission Surface (PermissionChecker)
- AS-003 Scope Mismatch (ScopeChecker)
- AS-004 Supply Chain CVE (SupplyChainChecker)
- AS-005 Privilege Escalation (PrivilegeEscalationChecker)
- AS-006 Arbitrary Code Execution (ArbitraryCodeChecker)
- AS-010 Secret Handling (SecretHandlingChecker)
- AS-011 DoS Resilience (DoSResilienceChecker)
func (*Engine) Scan ¶
func (e *Engine) Scan(tool model.UnifiedTool) ScanReport
Scan analyses tool and returns a ScanReport. It uses a background context. context.Background() never cancels, so the only error path is an internal checker failure — which the built-in checkers never trigger. In the unlikely event of a failure, a zero ScanReport is returned.
type MockVuln ¶
type MockVuln struct {
ID string
Summary string
CVSSScore string // CVSS v3 base score string, e.g. "9.8". Empty = no severity.
}
MockVuln describes a fake vulnerability returned by the mock OSV client.
type PermissionChecker ¶
type PermissionChecker struct{}
PermissionChecker analyses the declared permissions of a tool.
func NewPermissionChecker ¶
func NewPermissionChecker() *PermissionChecker
NewPermissionChecker returns a new PermissionChecker.
func (*PermissionChecker) Check ¶
func (c *PermissionChecker) Check(tool model.UnifiedTool) ([]model.Issue, error)
Check produces issues for each risky permission and for over-broad input schemas.
type PoisoningChecker ¶
type PoisoningChecker struct{}
PoisoningChecker inspects a tool's description for prompt injection signals.
func NewPoisoningChecker ¶
func NewPoisoningChecker() *PoisoningChecker
NewPoisoningChecker returns a new PoisoningChecker.
func (*PoisoningChecker) Check ¶
func (c *PoisoningChecker) Check(tool model.UnifiedTool) ([]model.Issue, error)
Check runs all injection pattern rules against the tool description.
type PrivilegeEscalationChecker ¶
type PrivilegeEscalationChecker struct{}
PrivilegeEscalationChecker detects OAuth/token scopes that are broader than necessary, and description-level signals of privilege escalation at runtime.
Rule ID: AS-005.
func NewPrivilegeEscalationChecker ¶
func NewPrivilegeEscalationChecker() *PrivilegeEscalationChecker
NewPrivilegeEscalationChecker returns a new PrivilegeEscalationChecker.
func (*PrivilegeEscalationChecker) Check ¶
func (c *PrivilegeEscalationChecker) Check(tool model.UnifiedTool) ([]model.Issue, error)
Check inspects:
- tool.Metadata["oauth_scopes"] ([]string) for over-broad OAuth scopes.
- tool.Description for privilege-escalation language.
type ScanReport ¶
ScanReport is the high-level result returned by Engine.Scan. It exposes the numeric RiskScore and the full slice of Findings so callers can filter by RuleID (e.g. "AS-001") without unpacking a model.RiskScore.
func (ScanReport) HasFinding ¶
func (r ScanReport) HasFinding(ruleID string) bool
HasFinding reports whether the report contains at least one finding with the given RuleID.
type Scanner ¶
type Scanner struct {
// contains filtered or unexported fields
}
Scanner orchestrates all registered checkers and aggregates their output into a single RiskScore.
func NewScanner ¶
func NewScanner() *Scanner
NewScanner returns a Scanner wired with all default checkers. Supply chain (AS-004) uses the live OSV API; for tests inject a mock via NewScannerWithCheckers or use Engine.Scan which calls the real checker.
type ScopeChecker ¶
type ScopeChecker struct{}
ScopeChecker detects mismatches between a tool's name semantics and its declared permissions.
func NewScopeChecker ¶
func NewScopeChecker() *ScopeChecker
NewScopeChecker returns a new ScopeChecker.
func (*ScopeChecker) Check ¶
func (c *ScopeChecker) Check(tool model.UnifiedTool) ([]model.Issue, error)
Check raises SCOPE_MISMATCH issues when a "read-only" named tool holds write-class permissions, or when a "write" named tool lacks write permissions.
type SecretHandlingChecker ¶
type SecretHandlingChecker struct{}
SecretHandlingChecker flags tools that accept credentials as input parameters (high leakage risk in agent traces) and descriptions that suggest secrets are logged or stored insecurely.
Rule ID: AS-010.
func NewSecretHandlingChecker ¶
func NewSecretHandlingChecker() *SecretHandlingChecker
NewSecretHandlingChecker returns a new SecretHandlingChecker.
func (*SecretHandlingChecker) Check ¶
func (c *SecretHandlingChecker) Check(tool model.UnifiedTool) ([]model.Issue, error)
Check scans input schema properties and the tool description for credential exposure patterns.
type SupplyChainChecker ¶
type SupplyChainChecker struct {
// contains filtered or unexported fields
}
SupplyChainChecker queries the OSV API for known CVEs in a tool's declared dependencies. Dependencies are read from UnifiedTool.Metadata["dependencies"] which adapters populate when the source protocol exposes package info.
Rule ID: AS-004.
func NewSupplyChainChecker ¶
func NewSupplyChainChecker() *SupplyChainChecker
NewSupplyChainChecker returns a SupplyChainChecker using the live OSV API.
func NewSupplyChainCheckerWithMock ¶
func NewSupplyChainCheckerWithMock(vulns []MockVuln, queryErr error) *SupplyChainChecker
NewSupplyChainCheckerWithMock returns a SupplyChainChecker backed by an in-memory mock OSV client. Intended for unit tests only.
func (*SupplyChainChecker) Check ¶
func (c *SupplyChainChecker) Check(tool model.UnifiedTool) ([]model.Issue, error)
Check reads dependencies from tool.Metadata["dependencies"] and queries OSV for each one. Missing or empty metadata results in no findings.
Source Files