feat(knowledge): add MITRE ATLAS IDs to OWASP files + Norwegian regulatory context

2026-04-10 12:49:10 +02:00 · 2026-04-10 12:49:10 +02:00 · e2c8924074
commit e2c8924074
parent 5bb9d5bd11
8 changed files with 301 additions and 30 deletions
--- a/plugins/llm-security/tests/scanners/knowledge-atlas.test.mjs
+++ b/plugins/llm-security/tests/scanners/knowledge-atlas.test.mjs
@ -0,0 +1,82 @@
+// knowledge-atlas.test.mjs — Tests for MITRE ATLAS IDs in knowledge files + Norwegian context
+// Verifies: each knowledge file contains AML.T references; norwegian-context.md exists and has content
+
+import { describe, it } from 'node:test';
+import assert from 'node:assert/strict';
+import { readFileSync } from 'node:fs';
+import { resolve } from 'node:path';
+import { fileURLToPath } from 'node:url';
+
+const __dirname = fileURLToPath(new URL('.', import.meta.url));
+const ROOT = resolve(__dirname, '../..');
+const KNOWLEDGE = resolve(ROOT, 'knowledge');
+
+function readKnowledge(filename) {
+  try { return readFileSync(resolve(KNOWLEDGE, filename), 'utf-8'); }
+  catch { return null; }
+}
+
+// ---------------------------------------------------------------------------
+// ATLAS IDs in OWASP and threat pattern files
+// ---------------------------------------------------------------------------
+
+const atlasFiles = [
+  { file: 'owasp-llm-top10.md', minRefs: 10 },
+  { file: 'owasp-agentic-top10.md', minRefs: 10 },
+  { file: 'owasp-skills-top10.md', minRefs: 10 },
+  { file: 'mcp-threat-patterns.md', minRefs: 5 },
+  { file: 'deepmind-agent-traps.md', minRefs: 5 },
+  { file: 'mitigation-matrix.md', minRefs: 5 },
+];
+
+describe('MITRE ATLAS IDs in knowledge files', () => {
+  for (const { file, minRefs } of atlasFiles) {
+    describe(file, () => {
+      const content = readKnowledge(file);
+
+      it('file exists', () => {
+        assert.ok(content !== null, `${file} should exist`);
+      });
+
+      it(`contains at least ${minRefs} AML.T references`, () => {
+        const matches = content.match(/AML\.T\d{4}/g) || [];
+        assert.ok(
+          matches.length >= minRefs,
+          `Expected >= ${minRefs} AML.T refs, found ${matches.length}`
+        );
+      });
+
+      it('contains AML.T0051 (LLM Prompt Injection)', () => {
+        assert.ok(content.includes('AML.T0051'), `${file} should reference AML.T0051`);
+      });
+    });
+  }
+});
+
+// ---------------------------------------------------------------------------
+// Norwegian regulatory context
+// ---------------------------------------------------------------------------
+
+describe('knowledge/norwegian-context.md', () => {
+  const content = readKnowledge('norwegian-context.md');
+
+  it('file exists', () => {
+    assert.ok(content !== null, 'norwegian-context.md should exist');
+  });
+
+  it('references Datatilsynet', () => {
+    assert.ok(content.includes('Datatilsynet'), 'Should reference Datatilsynet');
+  });
+
+  it('references NSM', () => {
+    assert.ok(content.includes('NSM'), 'Should reference NSM');
+  });
+
+  it('references Digdir', () => {
+    assert.ok(content.includes('Digdir'), 'Should reference Digdir');
+  });
+
+  it('contains verification URLs', () => {
+    assert.ok(/https?:\/\//.test(content), 'Should contain verification URLs');
+  });
+});