Kjell Tore Guttormsen
ce3891bdd0
Single-file SPA playground har nå parser + renderer for alle 18 produces_report=true-kommandoer (Fase 2: 10 høy-prio + Fase 3: 8 gjenstående: mcp-inspect, supply-check, pre-deploy, diff, watch, registry, clean, threat-model). 18 markdown test-fixtures fungerer som kontrakt-anker for parser-utvikling. Komplett demo-prosjekt `dft-komplett-demo` har alle 18 rapporter ferdig parsed inline — klikk-gjennom uten "parser ikke implementert"- paneler. 2 nye archetypes i KEY_STATS_CONFIG: kanban-buckets (clean) og matrix-risk (threat-model). Bug-fix: normalizeVerdictText sjekker nå GO-WITH-CONDITIONS / CONDITIONAL / BETINGET FØR plain GO så betinget verdict (pre-deploy med åpne vilkår) ikke kollapser til ALLOW. Eksponert 11 window-globaler for testing/automasjon (__store, __navigate, __loadDemoState, __PARSERS, __RENDERERS, __CATALOG, __inferVerdict, __inferKeyStats, __renderPageShell, __handlePasteImport, __scheduleRender). 12 Playwright-genererte screenshots i playground/screenshots/v7.5.0/. A11Y-rapport (WCAG 2.1 AA): 0 blokkerende, 3 mindre forbedringer flagget for v7.5.x patch (skip-link, heading-hierarki på project, aria-live toast). Versjonsbump 7.4.0 -> 7.5.0 i 10 filer (package.json, plugin.json, CLAUDE.md header, README badge, CHANGELOG-entry, 3 scanner VERSION- konstanter, ROADMAP, marketplace-rot README). Ingen scanner- eller hook-behavior-changes — purely additive surface. Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
145 lines
4.8 KiB
Markdown
145 lines
4.8 KiB
Markdown
# Clean — Auto + Semi-Auto + Manual Remediation
|
|
|
|
---
|
|
|
|
## Header
|
|
|
|
| Field | Value |
|
|
|-------|-------|
|
|
| **Report type** | clean |
|
|
| **Target** | ~/repos/dft-marketplace |
|
|
| **Date** | 2026-05-05 |
|
|
| **Mode** | dry-run |
|
|
| **Version** | llm-security v7.4.0 |
|
|
| **Scope** | scan + remediation buckets |
|
|
| **Triggered by** | /security clean . --dry-run |
|
|
|
|
---
|
|
|
|
## Risk Dashboard
|
|
|
|
| Metric | Value |
|
|
|--------|-------|
|
|
| **Risk Score** | 45/100 |
|
|
| **Risk Band** | High |
|
|
| **Grade** | C |
|
|
| **Verdict** | WARNING |
|
|
|
|
| Severity | Count |
|
|
|----------|------:|
|
|
| Critical | 1 |
|
|
| High | 3 |
|
|
| Medium | 4 |
|
|
| Low | 2 |
|
|
| Info | 3 |
|
|
| **Total** | **13** |
|
|
|
|
**Verdict rationale:** 13 findings classified by remediation tier. 4 auto-fixable, 5 semi-auto (require user confirmation), 3 manual (architecture-level), 1 suppressed (waiver registered).
|
|
|
|
---
|
|
|
|
## Remediation Summary
|
|
|
|
| Bucket | Count | Action |
|
|
|--------|------:|--------|
|
|
| Auto | 4 | Apply deterministic fixes (no user input) |
|
|
| Semi-auto | 5 | Generate proposals, confirm with user |
|
|
| Manual | 3 | Architecture-level — human decision required |
|
|
| Suppressed | 1 | Waiver registered in `.llm-security-ignore` |
|
|
| **Total** | **13** | |
|
|
|
|
---
|
|
|
|
## Findings
|
|
|
|
### Critical
|
|
|
|
| ID | Category | File | Line | Description | OWASP |
|
|
|----|----------|------|------|-------------|-------|
|
|
| CLN-001 | Secrets | agents/data-analyst.md | 47 | Hardcoded API key | LLM02 |
|
|
|
|
### High
|
|
|
|
| ID | Category | File | Line | Description | OWASP |
|
|
|----|----------|------|------|-------------|-------|
|
|
| CLN-002 | Excessive Agency | agents/web-helper.md | 3 | Lethal trifecta tool combination | ASI01 |
|
|
| CLN-003 | Permissions | .claude/settings.json | 5 | Wildcard `Bash(*)` permission | ASI04 |
|
|
| CLN-004 | Injection | commands/research.md | 22 | Indirect-injection vector | LLM01 |
|
|
|
|
### Medium
|
|
|
|
| ID | Category | File | Line | Description | OWASP |
|
|
|----|----------|------|------|-------------|-------|
|
|
| CLN-005 | MCP Trust | .mcp.json | 12 | Hidden imperative in MCP description | MCP05 |
|
|
| CLN-006 | Documentation | LICENSE | — | License file missing | — |
|
|
| CLN-007 | Documentation | SECURITY.md | — | Disclosure policy missing | — |
|
|
| CLN-008 | Output Handling | agents/notes.md | 89 | Markdown link-title injection sink | LLM01 |
|
|
|
|
### Low
|
|
|
|
| ID | Category | File | Line | Description | OWASP |
|
|
|----|----------|------|------|-------------|-------|
|
|
| CLN-009 | Documentation | README.md | 88 | Suspicious URL in example | — |
|
|
| CLN-010 | Documentation | CHANGELOG.md | — | Missing changelog file | — |
|
|
|
|
### Info
|
|
|
|
| ID | Category | File | Line | Description | OWASP |
|
|
|----|----------|------|------|-------------|-------|
|
|
| CLN-011 | Documentation | CONTRIBUTING.md | — | Missing contributing guidelines | — |
|
|
| CLN-012 | Documentation | .gitignore | — | Missing `.env*` exclusion | — |
|
|
| CLN-013 | Documentation | LICENSE | — | License header in source files | — |
|
|
|
|
---
|
|
|
|
## Auto
|
|
|
|
| ID | Action | Description |
|
|
|----|--------|-------------|
|
|
| CLN-001 | replace-with-env-var | Replace hardcoded `sk-prod-...` with `${API_KEY}`, log replacement to .llm-security-audit.jsonl |
|
|
| CLN-006 | create-file | Create `LICENSE` file (MIT, default) |
|
|
| CLN-012 | append-line | Append `.env*` to `.gitignore` |
|
|
| CLN-013 | add-license-header | Add MIT license header to top of source files |
|
|
|
|
---
|
|
|
|
## Semi-auto
|
|
|
|
| ID | Action | Description |
|
|
|----|--------|-------------|
|
|
| CLN-003 | propose-allowlist | Propose explicit Bash allow-list based on actual usage patterns |
|
|
| CLN-004 | propose-trust-bus | Propose Trust-Bus wrapper around indirect-injection vector |
|
|
| CLN-005 | propose-rewrite | Propose rewritten MCP description without imperative pattern |
|
|
| CLN-007 | scaffold-template | Generate SECURITY.md template; user confirms ownership/SLA terms |
|
|
| CLN-008 | propose-sanitizer | Propose sanitizer for Markdown link-title sink |
|
|
|
|
---
|
|
|
|
## Manual
|
|
|
|
| ID | Action | Description |
|
|
|----|--------|-------------|
|
|
| CLN-002 | architectural-review | Lethal trifecta requires architecture-level decision: split agent OR add hook policy |
|
|
| CLN-009 | manual-edit | Suspicious URL in README example — requires editorial judgment |
|
|
| CLN-010 | manual-write | CHANGELOG.md content requires reviewing git history |
|
|
|
|
---
|
|
|
|
## Suppressed
|
|
|
|
| ID | Reason | Waiver |
|
|
|----|--------|--------|
|
|
| CLN-011 | Repo policy: solo project, no external contributions | `.llm-security-ignore` rule `category:documentation/contributing` |
|
|
|
|
---
|
|
|
|
## Recommendations
|
|
|
|
1. **Immediate:** Run with `--apply` to execute the 4 auto-fixes.
|
|
2. **High:** Walk through 5 semi-auto proposals interactively (`--interactive`).
|
|
3. **Medium:** Schedule architecture review for the 3 manual items (CLN-002, CLN-009, CLN-010).
|
|
4. **Low:** Review the suppressed item (CLN-011) annually to confirm policy still applies.
|
|
|
|
---
|
|
|
|
*Clean dry-run complete. 13 findings: 4 auto, 5 semi-auto, 3 manual, 1 suppressed.*
|