open/ktg-plugin-marketplace
1
0
Fork 0
Code Issues Pull requests Releases Wiki Activity Actions

feat(llm-security): playground Fase 3 — v7.5.0 med 18 parsere/renderere

Browse source 
Single-file SPA playground har nå parser + renderer for alle 18
produces_report=true-kommandoer (Fase 2: 10 høy-prio + Fase 3: 8
gjenstående: mcp-inspect, supply-check, pre-deploy, diff, watch,
registry, clean, threat-model). 18 markdown test-fixtures fungerer
som kontrakt-anker for parser-utvikling.

Komplett demo-prosjekt `dft-komplett-demo` har alle 18 rapporter
ferdig parsed inline — klikk-gjennom uten "parser ikke implementert"-
paneler. 2 nye archetypes i KEY_STATS_CONFIG: kanban-buckets (clean)
og matrix-risk (threat-model).

Bug-fix: normalizeVerdictText sjekker nå GO-WITH-CONDITIONS /
CONDITIONAL / BETINGET FØR plain GO så betinget verdict (pre-deploy
med åpne vilkår) ikke kollapser til ALLOW.

Eksponert 11 window-globaler for testing/automasjon (__store,
__navigate, __loadDemoState, __PARSERS, __RENDERERS, __CATALOG,
__inferVerdict, __inferKeyStats, __renderPageShell,
__handlePasteImport, __scheduleRender). 12 Playwright-genererte
screenshots i playground/screenshots/v7.5.0/.

A11Y-rapport (WCAG 2.1 AA): 0 blokkerende, 3 mindre forbedringer
flagget for v7.5.x patch (skip-link, heading-hierarki på project,
aria-live toast).

Versjonsbump 7.4.0 -> 7.5.0 i 10 filer (package.json, plugin.json,
CLAUDE.md header, README badge, CHANGELOG-entry, 3 scanner VERSION-
konstanter, ROADMAP, marketplace-rot README).

Ingen scanner- eller hook-behavior-changes — purely additive surface.

Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
This commit is contained in:
Kjell Tore Guttormsen 2026-05-05 22:15:47 +02:00
commit ce3891bdd0
41 changed files with 9949 additions and 20 deletions
Download patch file Download diff file Expand all files Collapse all files

141
plugins/llm-security/playground/test-fixtures/audit.md Normal file
View file

@ -0,0 +1,141 @@
# Full Security Audit — DFT marketplace
---
## Header
| Field | Value |
|-------|-------|
| **Report type** | audit |
| **Target** | ~/repos/dft-marketplace |
| **Date** | 2026-05-05 |
| **Version** | llm-security v7.4.0 |
| **Scope** | 7 audit dimensions, 10 OWASP categories |
| **Frameworks** | OWASP LLM Top 10, OWASP Agentic |
| **Triggered by** | /security audit |
---
## Risk Dashboard
| Metric | Value |
|--------|-------|
| **Risk Score** | 31/100 |
| **Risk Band** | Medium |
| **Grade** | C |
| **Verdict** | WARNING |
| Severity | Count |
|----------|------:|
| Critical | 0 |
| High | 4 |
| Medium | 8 |
| Low | 7 |
| Info | 9 |
| **Total** | **28** |
**Verdict rationale:** Posture base grade B downgraded to C after agent-level findings (4 high). No critical, but `Logging & Audit` and `Permission Hygiene` need attention.
---
## Executive Summary
Full audit combined posture-scanner output with skill-scanner-agent and mcp-scanner-agent narratives. 28 findings across 14 files. Most concentrated in agent definitions (over-permissioned tool lists) and `.claude/settings.json` (missing audit log + wildcard Bash). Recommendation: address top 3 actions to reach Grade B; six more to reach Grade A.
---
## Radar Axes
| Axis | Score |
|------|------:|
| Deny-First Configuration | 4 |
| Hook Coverage | 5 |
| MCP Trust | 3 |
| Secrets Management | 5 |
| Permission Hygiene | 2 |
| Supply-Chain Defense | 4 |
| Logging & Audit | 1 |
---
## Category Assessment
### Category 1 — Deny-First Configuration
| Status | PASS |
**Evidence:** `.claude/settings.json` has `permissions.defaultMode: "deny"`. Explicit allow-list in place.
**Recommendations:** None — Grade A on this axis.
### Category 2 — Hook Coverage
| Status | PASS |
**Evidence:** 9 hooks active (PreToolUse: 4, PostToolUse: 2, UserPromptSubmit: 1, PreCompact: 1, others: 1).
**Recommendations:** Consider adding PreCompact-poisoning detection if not already covered.
### Category 5 — Permission Hygiene
| Status | PARTIAL |
**Evidence:** 3 agents have `Write` in tool list. 1 has `Bash` without sub-command restriction.
**Recommendations:** Tighten tool lists to minimum-necessary set. Use `Bash(git:*)` instead of `Bash(*)`.
### Category 11 — Logging & Audit
| Status | FAIL |
**Evidence:** No `audit.log_path` configured. No SIEM integration. No JSONL audit-trail.
**Recommendations:** Enable `audit.log_path` immediately — closes 1 high + 3 medium findings.
(Categories 3, 4, 6-10, 12-13 follow same format — see envelope JSON for full breakdown)
---
## Risk Matrix (Likelihood × Impact)
| Category | Likelihood | Impact | Score |
|----------|-----------:|-------:|------:|
| Logging gap (PST-001) | 4 | 4 | 16 |
| Permission sprawl | 3 | 4 | 12 |
| MCP drift (airbnb-mcp) | 3 | 3 | 9 |
| AI Act classification missing | 2 | 3 | 6 |
---
## Action Plan
### IMMEDIATE (this week)
1. Enable audit-trail: set `audit.log_path` in `.llm-security/policy.json`
2. Tighten 3 over-permissioned agents (drop `Write` where unused)
3. Investigate airbnb-mcp drift — reset baseline only after review
### HIGH (this month)
4. Document AI Act risk classification in `CLAUDE.md`
5. Replace `Bash(*)` with `Bash(git:*, npm:*)` in `.claude/settings.json`
6. Bump 2 dependencies to clear OSV advisories
### MEDIUM (next quarter)
7. Add SECURITY.md disclosure policy
8. Trim verbose skill descriptions (3 files)
9. Document hook rationale in plugin CLAUDE.md
---
## Positive Findings
- All hooks active and non-bypassed
- No critical findings
- Posture scanner runtime < 2s (well-tuned)
- Memory hygiene clean
---
*Audit complete. 28 findings, Grade C, 14.7 seconds.*