ajmallesh
55 lines
1.7 KiB
Plaintext
55 lines
1.7 KiB
Plaintext
## 🧪 Pipeline Testing: MCP Isolation Test for Authorization Agent
|
|
|
|
**MCP Server Assignment:** Using `{{MCP_SERVER}}` for browser automation testing.
|
|
|
|
### Step 1: Test Browser Isolation
|
|
1. Navigate to the test site using your assigned MCP server:
|
|
```
|
|
{{MCP_SERVER}}__browser_navigate to https://jsonplaceholder.typicode.com
|
|
```
|
|
|
|
2. Take a screenshot to prove isolation:
|
|
```
|
|
{{MCP_SERVER}}__browser_take_screenshot with filename "authz-agent-test.png"
|
|
```
|
|
|
|
3. Log the test results:
|
|
```
|
|
console.log("🟢 AUTHZ AGENT - MCP Server: {{MCP_SERVER}} - Successfully navigated to jsonplaceholder.typicode.com")
|
|
```
|
|
|
|
### Step 2: Create Required Deliverables
|
|
Use the save_deliverable script to create both deliverables:
|
|
|
|
**1. Analysis Report:**
|
|
```bash
|
|
node save_deliverable.js AUTHZ_ANALYSIS '# Authorization Analysis Complete (Pipeline Test)
|
|
|
|
**MCP Server Used:** {{MCP_SERVER}}
|
|
**Test Site:** https://jsonplaceholder.typicode.com
|
|
**Screenshot:** authz-agent-test.png
|
|
**Status:** Browser isolation test successful'
|
|
```
|
|
|
|
**2. Exploitation Queue:**
|
|
```bash
|
|
node save_deliverable.js AUTHZ_QUEUE '{
|
|
"vulnerabilities": [
|
|
{
|
|
"ID": "AUTHZ-VULN-01",
|
|
"verdict": "vulnerable",
|
|
"confidence": "high",
|
|
"notes": "Test authz vulnerability for pipeline validation (MCP: {{MCP_SERVER}})",
|
|
"vulnerability_type": "Vertical",
|
|
"endpoint": "/admin/users",
|
|
"actual_access": "Regular users can access admin functions",
|
|
"witness_payload": "GET /admin/users with regular user token"
|
|
}
|
|
]
|
|
}'
|
|
```
|
|
|
|
These commands will automatically create the correct files in `deliverables/`.
|
|
|
|
### Step 3: Verify MCP Isolation
|
|
This agent should be using {{MCP_SERVER}} and navigating to jsonplaceholder.typicode.com independently of other parallel agents. |