feat: initial open marketplace with llm-security, config-audit, ultraplan-local
This commit is contained in:
Kjell Tore Guttormsen
commit
f93d6abdae
380 changed files with 65935 additions and 0 deletions
67
plugins/llm-security/.llm-security-ignore
Normal file
67
plugins/llm-security/.llm-security-ignore
Normal file
|
|
@ -0,0 +1,67 @@
|
|||
# .llm-security-ignore — Suppress expected findings when scanning this plugin
|
||||
#
|
||||
# Why 150 suppressed findings? A security plugin that documents attack patterns,
|
||||
# ships a malicious demo fixture, and tests against deliberately evil code will
|
||||
# trigger its own scanners. This is the "scanning the scanner" paradox:
|
||||
#
|
||||
# - examples/ contains an intentionally malicious plugin (the demo)
|
||||
# - knowledge/ documents real attack regex patterns and example URLs
|
||||
# - tests/ contain deliberate taint flows and suspicious URLs as test input
|
||||
# - hooks/ and scanners/ contain high-entropy regex for secret detection
|
||||
#
|
||||
# Every suppression below is explained. Run without this file to see all 150.
|
||||
#
|
||||
# Format: SCANNER:glob or just glob (applies to all scanners)
|
||||
# Scanners: UNI, ENT, PRM, DEP, TNT, GIT, NET, TFA
|
||||
|
||||
# Demo fixture: intentionally malicious (the whole point of the demo)
|
||||
examples/**
|
||||
|
||||
# Test files contain deliberate malicious patterns as test input
|
||||
TNT:tests/**
|
||||
NET:tests/**
|
||||
|
||||
# Knowledge base documents attack patterns with example URLs and regex
|
||||
ENT:knowledge/**
|
||||
NET:knowledge/**
|
||||
|
||||
# Hook scripts contain high-entropy regex patterns and log strings
|
||||
ENT:hooks/**
|
||||
|
||||
# Scanner code contains regex patterns that trigger entropy detection
|
||||
ENT:scanners/**
|
||||
|
||||
# Injection patterns module contains injection keywords (by design)
|
||||
TNT:scanners/lib/injection-patterns.mjs
|
||||
|
||||
# Command files contain long prompt strings
|
||||
ENT:commands/**
|
||||
|
||||
# Permission findings: clean needs write tools (by design), deep-scan uses Bash
|
||||
PRM:commands/**
|
||||
PRM:agents/**
|
||||
|
||||
# Git findings: subtree split artifacts and commit message heuristics
|
||||
GIT:**
|
||||
|
||||
# Network: README references to OWASP, Anthropic, research papers
|
||||
NET:README.md
|
||||
|
||||
# Network: agent docs reference example domains for documentation
|
||||
NET:agents/**
|
||||
|
||||
# Network: supply-chain hook legitimately contacts osv.dev and socket.dev
|
||||
NET:hooks/**
|
||||
|
||||
# Orchestrator legitimately writes log file from argv path
|
||||
TNT:scanners/scan-orchestrator.mjs
|
||||
|
||||
# Toxic flow: plugin commands/agents have Read+Bash access by design (it's a security scanner)
|
||||
TFA:commands/**
|
||||
TFA:agents/**
|
||||
|
||||
# Network: CLAUDE.md references public repo URL
|
||||
NET:CLAUDE.md
|
||||
|
||||
# Baseline files: generated JSON with scan results (high entropy expected)
|
||||
reports/baselines/**
|
||||
Loading…
Add table
Add a link
Reference in a new issue