1c4c034483
- Layer 4 EntropyScanner: Shannon entropy, Base32/Base64 detection, CVE-2025-55284 ping/nslookup exfil, EchoLeak markdown pattern, DNS tunneling (iodine/dnscat) - Layer 5 UnicodeScanner: ASCII Smuggling (U+E0000 Tags Block), Variant Selectors, Zero-Width steganography, CamoLeak image-ordering (CVE-2025-53773), homoglyphs, BiDi override, high-entropy URL params - 30 DNS covert channel rules (dns-001 to dns-030) - ATLASMapper: 29 techniques (ATLAS v5.4.0 Feb 2026), added AML.T0062 (Agent Tool Invocation), AML.TA0015 (C2 tactic), memory poisoning, multi-agent trust, CamoLeak, Unicode steganography mappings - Rule count: 72 → 102 - Build: tsup 316ms, zero TypeScript errors
75 lines
1.6 KiB
TypeScript
75 lines
1.6 KiB
TypeScript
/**
|
|
* MCP Guard & Tool Security — Layer 7 of the ShieldX defense pipeline.
|
|
*
|
|
* Provides comprehensive protection for MCP tool ecosystems:
|
|
* - Tool definition inspection and poison detection
|
|
* - Least-privilege enforcement for tool calls
|
|
* - Pre/post hook interception system
|
|
* - Ollama-specific request validation
|
|
* - Decision dependency graph analysis (MindGuard-inspired)
|
|
* - RSA-signed manifest verification
|
|
* - Tool chain sequence monitoring
|
|
* - Resource governance and DoS/DoW prevention
|
|
*/
|
|
|
|
export {
|
|
inspectTool,
|
|
inspectAllTools,
|
|
validateCall,
|
|
} from './MCPInspector.js'
|
|
|
|
export {
|
|
detect as detectToolPoison,
|
|
checkParameterName,
|
|
checkSchemaParameters,
|
|
} from './ToolPoisonDetector.js'
|
|
|
|
export {
|
|
setAllowedTools,
|
|
setSensitiveResources,
|
|
checkPrivilege,
|
|
clearSession as clearPrivilegeSession,
|
|
getSessionPrivileges,
|
|
} from './PrivilegeChecker.js'
|
|
|
|
export {
|
|
registerPreHook,
|
|
registerPostHook,
|
|
intercept,
|
|
clearHooks,
|
|
hookCount,
|
|
} from './ToolCallInterceptor.js'
|
|
|
|
export {
|
|
validateRequest as validateOllamaRequest,
|
|
} from './OllamaGuard.js'
|
|
|
|
export {
|
|
buildGraph as buildDecisionGraph,
|
|
analyzeGraph as analyzeDecisionGraph,
|
|
} from './DecisionGraphAnalyzer.js'
|
|
|
|
export {
|
|
generateManifest,
|
|
signManifest,
|
|
verifyManifest,
|
|
compareManifest,
|
|
hashManifest,
|
|
} from './ManifestVerifier.js'
|
|
|
|
export {
|
|
recordCall as recordToolCall,
|
|
analyzeSequence as analyzeToolSequence,
|
|
clearSession as clearToolChainSession,
|
|
getWindowSize as getToolChainWindowSize,
|
|
} from './ToolChainGuard.js'
|
|
|
|
export {
|
|
checkBudget,
|
|
recordUsage,
|
|
getUsage,
|
|
setLimits,
|
|
setPricing,
|
|
clearSession as clearResourceSession,
|
|
} from './ResourceGovernor.js'
|