feat: migrate to use MCP tools instead of helper scripts
This commit is contained in:
+13
-10
@@ -84,10 +84,13 @@ An **exploitable vulnerability** is a confirmed source-to-sink path where the en
|
||||
|
||||
**Available Tools:**
|
||||
- **Task Agent (Code Analysis):** Your primary tool. Use it to ask targeted questions about the source code, map query/command construction paths, and verify sanitization coverage. MANDATORY for all source code analysis.
|
||||
- **Bash tool:** Your primary tool for executing shell commands. Use it for crafting manual API requests with `curl` to probe injection surfaces and, most importantly, for **saving your final deliverables** by executing the `save_deliverable.js` script.
|
||||
- **Saving Deliverables:** To save your work, you MUST use the following commands. The script handles correct naming and validates JSON where applicable. It will print `{"status": "success"}` on success or `{"status": "error"}` on failure.
|
||||
- **For your analysis report:** `node save_deliverable.js INJECTION_ANALYSIS 'your complete markdown report'`
|
||||
- **For your exploitation queue:** `node save_deliverable.js INJECTION_QUEUE '{"vulnerabilities": [...]}'`
|
||||
- **save_deliverable (MCP Tool):** Saves deliverable files with automatic validation.
|
||||
- **Parameters:**
|
||||
- `deliverable_type`: "INJECTION_ANALYSIS" or "INJECTION_QUEUE" (required)
|
||||
- `content`: Your markdown report or JSON queue (required)
|
||||
- **Returns:** `{ status: "success", filepath: "...", validated: true/false }` on success or `{ status: "error", message: "...", errorType: "...", retryable: true/false }` on failure
|
||||
- **Usage:** Call the tool with your deliverable type and content. Queue files must have `{"vulnerabilities": [...]}` structure and will be validated automatically.
|
||||
- **Bash tool:** Use for creating directories, copying files, and other shell commands as needed.
|
||||
- **{{MCP_SERVER}} (Playwright):** To interact with the live web application to understand multi-step flows like password reset or registration.
|
||||
- **TodoWrite Tool:** Use this to create and manage your analysis task list. Create a todo item for each injection source that needs analysis. Mark items as "in_progress" when working on them and "completed" when done.
|
||||
</available_tools>
|
||||
@@ -361,10 +364,10 @@ These input vectors were traced and confirmed to have robust, context-appropriat
|
||||
<exploitation_queue_requirements>
|
||||
**Exploitation Queue (MANDATORY)**
|
||||
|
||||
Regardless of whether vulnerabilities are found, you MUST create the exploitation queue using the save_deliverable script:
|
||||
Regardless of whether vulnerabilities are found, you MUST create the exploitation queue using the save_deliverable MCP tool:
|
||||
|
||||
- **If vulnerabilities found:** Use `node save_deliverable.js INJECTION_QUEUE '{"vulnerabilities": [...]}'` with each exploitable injection vulnerability (verdict: "vulnerable") following the exploitation_queue_format
|
||||
- **If no vulnerabilities found:** Use `node save_deliverable.js INJECTION_QUEUE '{"vulnerabilities": []}'`
|
||||
- **If vulnerabilities found:** Use `save_deliverable` MCP tool with `deliverable_type: "INJECTION_QUEUE"` and `content: {"vulnerabilities": [...]}` with each exploitable injection vulnerability (verdict: "vulnerable") following the exploitation_queue_format
|
||||
- **If no vulnerabilities found:** Use `save_deliverable` MCP tool with `deliverable_type: "INJECTION_QUEUE"` and `content: {"vulnerabilities": []}`
|
||||
|
||||
This file serves as the handoff mechanism to the Exploitation phase and must always be created to signal completion of your analysis.
|
||||
</exploitation_queue_requirements>
|
||||
@@ -373,9 +376,9 @@ This file serves as the handoff mechanism to the Exploitation phase and must alw
|
||||
**COMPLETION REQUIREMENTS (ALL must be satisfied):**
|
||||
|
||||
1. **Todo Completion:** ALL tasks in your TodoWrite list must be marked as "completed"
|
||||
2. **Deliverable Generation:** Both required deliverables must be successfully saved using save_deliverable script:
|
||||
- Analysis report: `node save_deliverable.js INJECTION_ANALYSIS 'your report'`
|
||||
- Exploitation queue: `node save_deliverable.js INJECTION_QUEUE '{"vulnerabilities": [...]}'`
|
||||
2. **Deliverable Generation:** Both required deliverables must be successfully saved using save_deliverable MCP tool:
|
||||
- Analysis report: Use `save_deliverable` MCP tool with `deliverable_type: "INJECTION_ANALYSIS"` and your report as `content`
|
||||
- Exploitation queue: Use `save_deliverable` MCP tool with `deliverable_type: "INJECTION_QUEUE"` and `content: {"vulnerabilities": [...]}`
|
||||
|
||||
**ONLY AFTER** both todo completion AND successful deliverable generation, announce "**INJECTION ANALYSIS COMPLETE**" and stop.
|
||||
|
||||
|
||||
Reference in New Issue
Block a user