open/ktg-plugin-marketplace
1
0
Fork 0
Code Issues Pull requests Releases Wiki Activity Actions
ktg-plugin-marketplace/plugins/llm-security/playground/test-fixtures/diff.md
Kjell Tore Guttormsen ce3891bdd0 feat(llm-security): playground Fase 3 — v7.5.0 med 18 parsere/renderere 
Single-file SPA playground har nå parser + renderer for alle 18
produces_report=true-kommandoer (Fase 2: 10 høy-prio + Fase 3: 8
gjenstående: mcp-inspect, supply-check, pre-deploy, diff, watch,
registry, clean, threat-model). 18 markdown test-fixtures fungerer
som kontrakt-anker for parser-utvikling.

Komplett demo-prosjekt `dft-komplett-demo` har alle 18 rapporter
ferdig parsed inline — klikk-gjennom uten "parser ikke implementert"-
paneler. 2 nye archetypes i KEY_STATS_CONFIG: kanban-buckets (clean)
og matrix-risk (threat-model).

Bug-fix: normalizeVerdictText sjekker nå GO-WITH-CONDITIONS /
CONDITIONAL / BETINGET FØR plain GO så betinget verdict (pre-deploy
med åpne vilkår) ikke kollapser til ALLOW.

Eksponert 11 window-globaler for testing/automasjon (__store,
__navigate, __loadDemoState, __PARSERS, __RENDERERS, __CATALOG,
__inferVerdict, __inferKeyStats, __renderPageShell,
__handlePasteImport, __scheduleRender). 12 Playwright-genererte
screenshots i playground/screenshots/v7.5.0/.

A11Y-rapport (WCAG 2.1 AA): 0 blokkerende, 3 mindre forbedringer
flagget for v7.5.x patch (skip-link, heading-hierarki på project,
aria-live toast).

Versjonsbump 7.4.0 -> 7.5.0 i 10 filer (package.json, plugin.json,
CLAUDE.md header, README badge, CHANGELOG-entry, 3 scanner VERSION-
konstanter, ROADMAP, marketplace-rot README).

Ingen scanner- eller hook-behavior-changes — purely additive surface.

Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
2026-05-05 22:15:47 +02:00

3.9 KiB
Raw Blame History

Scan Diff Against Baseline

Header

Field Value
Report type diff
Target ~/repos/dft-marketplace
Date 2026-05-05
Baseline 2026-04-29
Version llm-security v7.4.0
Scope scan + posture diff
Triggered by /security diff .

Risk Dashboard

Metric Value
Current Grade B
Baseline Grade C
Risk Score 28/100
Risk Band Medium
Verdict WARNING
Severity New Resolved Unchanged
Critical 0 1 0
High 1 2 1
Medium 2 3 4
Low 0 1 2
Info 1 0 5
Total 4 7 12

Verdict rationale: Net improvement (7 resolved, 4 new). Baseline had 1 CRITICAL (resolved), 2 HIGH (resolved). Grade C → B. One new HIGH on permission scope warrants review before celebrating.

New (4)

ID Severity Category File Description OWASP
DIF-001 high Permissions .claude/settings.json New Edit(*) wildcard added in commit 4a8c1f ASI04
DIF-002 medium Injection commands/research-v2.md New command introduced indirect-injection vector LLM01
DIF-003 medium Supply Chain package-lock.json New dependency husky@9.0.11 (no prior baseline) LLM03
DIF-004 info Documentation docs/CHANGELOG.md Changelog gained sensitive path reference (not exploitable)

Resolved (7)

ID Severity Category File Resolution
BAS-001 critical Secrets agents/data-analyst.md API key removed, env-var reference added
BAS-002 high Excessive Agency agents/web-helper.md Hook policy added blocking [Bash, Read, WebFetch] trifecta
BAS-003 high MCP Trust .mcp.json airbnb-mcp removed
BAS-004 medium Output Handling agents/notes.md Markdown link-title sink sanitized
BAS-005 medium Memory CLAUDE.md Encoded base64 imperative removed
BAS-006 medium Injection commands/summarize.md Indirect-injection wrapped in Trust-Bus
BAS-007 low Documentation README.md Suspicious URL pattern in example removed

Unchanged (12)

ID Severity Category File Notes
BAS-008 high Permissions .claude/settings.json Bash wildcard remains — pending grant-narrowing
BAS-009 medium Permissions agents/test-runner.md Tool list still includes Edit
BAS-010 medium MCP Trust .mcp.json Per-update drift on postgres-readonly (12.3% > 10%)
BAS-011 medium Other scripts/setup.sh curl
BAS-012 medium Other tests/fixtures/poisoned.md Test fixture flagged (intentional)
BAS-013 low Documentation docs/setup.md Outdated security-advisory link
BAS-014 low Documentation LICENSE License file present but old SPDX format
BAS-015 info Other .gitignore Still missing .env* exclusion rule
BAS-016 info Other LICENSE (info-level note)
BAS-017 info Other CHANGELOG.md Format compliance note
BAS-018 info Other SECURITY.md Still missing
BAS-019 info Other CONTRIBUTING.md Still missing

Moved (0)

No findings shifted file-locations between baseline and current.

Recommendations

  1. High: Audit DIF-001 — Edit(*) wildcard adds Edit-to-anywhere capability. Replace with explicit allow-list.
  2. Medium: Review DIF-002 (commands/research-v2.md) and DIF-003 (husky pin) before merge.
  3. Medium: Continue working on the 12 unchanged findings — BAS-008 (Bash wildcard) is the highest-impact remaining item.

Diff complete. Net improvement: -3 findings (4 new, 7 resolved). Grade C → B.