open/ktg-plugin-marketplace
1
0
Fork 0
Code Issues Pull requests Releases Wiki Activity Actions
ktg-plugin-marketplace/plugins/llm-security/playground/test-fixtures/audit.md
Kjell Tore Guttormsen ce3891bdd0 feat(llm-security): playground Fase 3 — v7.5.0 med 18 parsere/renderere 
Single-file SPA playground har nå parser + renderer for alle 18
produces_report=true-kommandoer (Fase 2: 10 høy-prio + Fase 3: 8
gjenstående: mcp-inspect, supply-check, pre-deploy, diff, watch,
registry, clean, threat-model). 18 markdown test-fixtures fungerer
som kontrakt-anker for parser-utvikling.

Komplett demo-prosjekt `dft-komplett-demo` har alle 18 rapporter
ferdig parsed inline — klikk-gjennom uten "parser ikke implementert"-
paneler. 2 nye archetypes i KEY_STATS_CONFIG: kanban-buckets (clean)
og matrix-risk (threat-model).

Bug-fix: normalizeVerdictText sjekker nå GO-WITH-CONDITIONS /
CONDITIONAL / BETINGET FØR plain GO så betinget verdict (pre-deploy
med åpne vilkår) ikke kollapser til ALLOW.

Eksponert 11 window-globaler for testing/automasjon (__store,
__navigate, __loadDemoState, __PARSERS, __RENDERERS, __CATALOG,
__inferVerdict, __inferKeyStats, __renderPageShell,
__handlePasteImport, __scheduleRender). 12 Playwright-genererte
screenshots i playground/screenshots/v7.5.0/.

A11Y-rapport (WCAG 2.1 AA): 0 blokkerende, 3 mindre forbedringer
flagget for v7.5.x patch (skip-link, heading-hierarki på project,
aria-live toast).

Versjonsbump 7.4.0 -> 7.5.0 i 10 filer (package.json, plugin.json,
CLAUDE.md header, README badge, CHANGELOG-entry, 3 scanner VERSION-
konstanter, ROADMAP, marketplace-rot README).

Ingen scanner- eller hook-behavior-changes — purely additive surface.

Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
2026-05-05 22:15:47 +02:00

3.6 KiB
Raw Blame History

Full Security Audit — DFT marketplace

Header

Field Value
Report type audit
Target ~/repos/dft-marketplace
Date 2026-05-05
Version llm-security v7.4.0
Scope 7 audit dimensions, 10 OWASP categories
Frameworks OWASP LLM Top 10, OWASP Agentic
Triggered by /security audit

Risk Dashboard

Metric Value
Risk Score 31/100
Risk Band Medium
Grade C
Verdict WARNING
Severity Count
Critical 0
High 4
Medium 8
Low 7
Info 9
Total 28

Verdict rationale: Posture base grade B downgraded to C after agent-level findings (4 high). No critical, but Logging & Audit and Permission Hygiene need attention.

Executive Summary

Full audit combined posture-scanner output with skill-scanner-agent and mcp-scanner-agent narratives. 28 findings across 14 files. Most concentrated in agent definitions (over-permissioned tool lists) and .claude/settings.json (missing audit log + wildcard Bash). Recommendation: address top 3 actions to reach Grade B; six more to reach Grade A.

Radar Axes

Axis Score
Deny-First Configuration 4
Hook Coverage 5
MCP Trust 3
Secrets Management 5
Permission Hygiene 2
Supply-Chain Defense 4
Logging & Audit 1

Category Assessment

Category 1 — Deny-First Configuration

| Status | PASS |

Evidence: .claude/settings.json has permissions.defaultMode: "deny". Explicit allow-list in place.

Recommendations: None — Grade A on this axis.

Category 2 — Hook Coverage

| Status | PASS |

Evidence: 9 hooks active (PreToolUse: 4, PostToolUse: 2, UserPromptSubmit: 1, PreCompact: 1, others: 1).

Recommendations: Consider adding PreCompact-poisoning detection if not already covered.

Category 5 — Permission Hygiene

| Status | PARTIAL |

Evidence: 3 agents have Write in tool list. 1 has Bash without sub-command restriction.

Recommendations: Tighten tool lists to minimum-necessary set. Use Bash(git:*) instead of Bash(*).

Category 11 — Logging & Audit

| Status | FAIL |

Evidence: No audit.log_path configured. No SIEM integration. No JSONL audit-trail.

Recommendations: Enable audit.log_path immediately — closes 1 high + 3 medium findings.

(Categories 3, 4, 6-10, 12-13 follow same format — see envelope JSON for full breakdown)

Risk Matrix (Likelihood × Impact)

Category Likelihood Impact Score
Logging gap (PST-001) 4 4 16
Permission sprawl 3 4 12
MCP drift (airbnb-mcp) 3 3 9
AI Act classification missing 2 3 6

Action Plan

IMMEDIATE (this week)

  1. Enable audit-trail: set audit.log_path in .llm-security/policy.json
  2. Tighten 3 over-permissioned agents (drop Write where unused)
  3. Investigate airbnb-mcp drift — reset baseline only after review

HIGH (this month)

  1. Document AI Act risk classification in CLAUDE.md
  2. Replace Bash(*) with Bash(git:*, npm:*) in .claude/settings.json
  3. Bump 2 dependencies to clear OSV advisories

MEDIUM (next quarter)

  1. Add SECURITY.md disclosure policy
  2. Trim verbose skill descriptions (3 files)
  3. Document hook rationale in plugin CLAUDE.md

Positive Findings

  • All hooks active and non-bypassed
  • No critical findings
  • Posture scanner runtime < 2s (well-tuned)
  • Memory hygiene clean

Audit complete. 28 findings, Grade C, 14.7 seconds.