@dollhousemcp/mcp-server
Version:
DollhouseMCP - A Model Context Protocol (MCP) server that enables dynamic AI persona management from markdown files, allowing Claude and other compatible AI assistants to activate and switch between different behavioral personas.
1,075 lines (1,074 loc) • 173 kB
JavaScript
/**
* Security Audit Suppression Configuration
*
* This file contains suppression rules for false positives in the security audit.
* Each suppression should be well-documented with a clear reason.
*/
import { logger } from '../../../utils/logger.js';
/**
* Suppression cache for performance optimization
*/
class SuppressionCache {
cache = new Map();
regexCache = new Map();
clear() {
this.cache.clear();
this.regexCache.clear();
}
getCacheKey(ruleId, filePath) {
return `${ruleId}::${filePath}`;
}
get(ruleId, filePath) {
return this.cache.get(this.getCacheKey(ruleId, filePath));
}
set(ruleId, filePath, value) {
this.cache.set(this.getCacheKey(ruleId, filePath), value);
}
getRegex(pattern) {
return this.regexCache.get(pattern);
}
setRegex(pattern, regex) {
this.regexCache.set(pattern, regex);
}
}
const cache = new SuppressionCache();
export const suppressions = [
// ========================================
// SQL Injection False Positives
// ========================================
{
rule: 'CWE-89-001',
file: 'src/update/UpdateManager.ts',
reason: 'False positive - "Update Failed" is a UI message, not SQL. The codebase does not use SQL.'
},
{
rule: 'CWE-89-001',
file: 'src/elements/memories/MemoryManager.ts',
reason: 'FALSE POSITIVE: Line 1024 is a logger.error() call formatting an error message with string concatenation. This is not a SQL query - the codebase does not use SQL. The string concatenation builds a user-facing error message for deletion failures. PR #7'
},
{
rule: 'CWE-89-001',
file: 'src/web/public/metrics.js',
reason: 'FALSE POSITIVE: Browser-side Date.toLocaleTimeString() concatenation for display label. Not SQL — the codebase does not use SQL.'
},
{
rule: 'CWE-89-001',
file: 'src/web/public/security.js',
reason: 'FALSE POSITIVE: HTML string concatenation building DOM markup for the Auth tab. All values HTML-escaped via esc() helper. Not SQL — the codebase does not use SQL. PR #1791'
},
// ========================================
// Metrics & Web Console False Positives
// ========================================
{
rule: 'DMCP-SEC-004',
file: 'src/metrics/sinks/MemoryMetricsSink.ts',
reason: 'FALSE POSITIVE: Internal metrics storage — does not process user input directly. Metric names and sources are server-generated constants. Input normalization is handled at the route handler boundary.'
},
{
rule: 'DMCP-SEC-004',
file: 'src/metrics/collectors/PerformanceMonitorCollector.ts',
reason: 'FALSE POSITIVE: Metric collector with hardcoded constant strings only. No user input enters this component. All metric names, sources, and descriptions are compile-time constants.'
},
{
rule: 'DMCP-SEC-004',
file: 'src/web/public/metrics.js',
reason: 'FALSE POSITIVE: Client-side browser JavaScript. UnicodeValidator is a Node.js module unavailable in browser context. Dashboard renders server-generated metric data only — no user text input.'
},
{
rule: 'DMCP-SEC-004',
file: 'src/web/public/logs.js',
reason: 'FALSE POSITIVE: Client-side browser JavaScript. Filter inputs are used for local JS array filtering only — never sent to server. UnicodeValidator is a Node.js module unavailable in browser context.'
},
{
rule: 'DMCP-SEC-004',
file: 'src/web/public/setup.js',
reason: 'FALSE POSITIVE: Client-side browser JavaScript. User inputs (platform tab clicks, method toggle) are matched against hardcoded DOM element IDs only — no free-text processing. Server-side handlers in setupRoutes.ts use UnicodeValidator.normalize() on all API input. UnicodeValidator is a Node.js module unavailable in browser context.'
},
{
rule: 'DMCP-SEC-004',
file: 'src/web/public/security.js',
reason: 'FALSE POSITIVE: Client-side browser JavaScript for the Auth tab. All user input (TOTP codes) is sent to server-side endpoints (totpRoutes.ts, tokenRoutes.ts) which normalize via consoleRouteHelpers.ts getNormalizedStringField(). The esc() helper applies NFC normalization for display. UnicodeValidator is a Node.js module unavailable in browser context. PR #1791'
},
{
rule: 'DMCP-SEC-004',
file: 'src/web/routes/totpRoutes.ts',
reason: 'FALSE POSITIVE: All user input fields (code, pendingId, label) are extracted via getNormalizedStringField() from consoleRouteHelpers.ts which calls UnicodeValidator.normalize(). Normalization is centralized in the shared helper, not duplicated per-router. PR #1795'
},
{
rule: 'DMCP-SEC-004',
file: 'src/web/routes/tokenRoutes.ts',
reason: 'FALSE POSITIVE: All user input fields (confirmationCode) are extracted via getNormalizedStringField() from consoleRouteHelpers.ts which calls UnicodeValidator.normalize(). Normalization is centralized in the shared helper, not duplicated per-router. PR #1795'
},
// ========================================
// Test File Suppressions
// ========================================
{
rule: '*',
file: '__tests__/**/*',
reason: 'Test files may contain intentional security patterns for testing'
},
{
rule: '*',
file: '**/*.test.ts',
reason: 'Test files may contain intentional security patterns for testing'
},
{
rule: '*',
file: '**/*.spec.ts',
reason: 'Test files may contain intentional security patterns for testing'
},
{
rule: 'DMCP-SEC-004',
file: 'tests/**/*',
reason: 'Test utilities and E2E tests do not process untrusted user input'
},
{
rule: 'DMCP-SEC-006',
file: 'tests/**/*',
reason: 'Audit logging not required for test utilities and E2E tests'
},
{
rule: 'OWASP-A03-003',
file: 'tests/e2e/cleanup-test-data.ts',
reason: 'False positive - console.log message string literal, not a path operation'
},
{
rule: 'OWASP-A01-001',
file: '__tests__/**/*',
reason: 'Test files use fake tokens and secrets for testing security features'
},
{
rule: 'OWASP-A01-001',
file: 'tests/fixtures/**/*',
reason: 'Test fixtures contain intentional mock credentials clearly marked as FAKE/TEST/NOT_REAL'
},
{
rule: 'OWASP-A01-001',
file: 'tests/security/framework/RapidSecurityTesting.ts',
reason: 'FALSE POSITIVE: Line 202 contains an intentional fake token (ghp_1234567890...) for security testing. Clearly marked with NOSONAR comment. Used to verify tokens are not exposed in error messages. PR #1'
},
{
rule: '*',
file: 'tests/fixtures/testCredentials.ts',
reason: 'Centralized test credentials file with intentionally fake values for testing'
},
{
rule: 'CWE-89-001',
file: '__tests__/**/*',
reason: 'Test files contain SQL injection patterns for security testing'
},
{
rule: 'OWASP-A03-002',
file: '__tests__/**/*',
reason: 'Test files contain command injection patterns for security testing'
},
{
rule: 'OWASP-A03-003',
file: '__tests__/**/*',
reason: 'Test files contain path traversal patterns for security testing'
},
// ========================================
// YAML Parsing False Positives
// ========================================
{
rule: 'DMCP-SEC-005',
file: 'src/security/yamlValidator.ts',
reason: 'YamlValidator is the security validation layer itself - it needs direct yaml.load access'
},
{
rule: 'DMCP-SEC-005',
file: 'src/security/secureYamlParser.ts',
reason: 'SecureYamlParser is the security wrapper that validates YAML before parsing'
},
{
rule: 'DMCP-SEC-005',
file: 'src/elements/skills/SkillManager.ts',
reason: 'Uses yaml.load with FAILSAFE_SCHEMA and size validation - equivalent security to SecureYamlParser for raw YAML import'
},
{
rule: 'DMCP-SEC-005',
file: 'src/tools/portfolio/submitToPortfolioTool.ts',
reason: 'False positive - Uses SecureYamlParser.parse() which is the secure implementation designed to prevent YAML vulnerabilities'
},
{
rule: 'DMCP-SEC-005',
file: 'src/config/ConfigManager.ts',
reason: 'INTENTIONAL: Uses js-yaml with FAILSAFE_SCHEMA for pure YAML config files. This prevents code execution and is the appropriate security measure for config files that are NOT markdown with frontmatter. Regression test ensures we do not use SecureYamlParser here which would reset config values.'
},
{
rule: 'DMCP-SEC-005',
file: 'src/portfolio/PortfolioIndexManager.ts',
reason: 'INTENTIONAL: Memory files are pure YAML (not Markdown with frontmatter), so SecureYamlParser cannot be used. Uses yaml.load with FAILSAFE_SCHEMA + size validation + type checking for security. These are trusted local user files. Fix for issue #1196.'
},
{
rule: 'DMCP-SEC-005',
file: 'src/server/resources/CapabilityIndexResource.ts',
reason: 'INTENTIONAL: capability-index.yaml is a pure YAML file (not Markdown with frontmatter), so SecureYamlParser cannot be used. Uses yaml.load with FAILSAFE_SCHEMA which prevents code execution. This is a trusted local system-generated file (created by EnhancedIndexManager). Same security pattern as ConfigManager and PortfolioIndexManager for pure YAML files.'
},
{
rule: 'DMCP-SEC-005',
file: 'src/converters/DollhouseToAnthropicConverter.ts',
reason: 'INTENTIONAL: Format transformer, not security boundary. Uses yaml.load with CORE_SCHEMA to prevent deserialization attacks. Cannot use SecureYamlParser (expects full Markdown with frontmatter, not extracted YAML strings). Preserves content fidelity - no modification. Input skills already validated (from DollhouseMCP system). PR #1400'
},
{
rule: 'DMCP-SEC-005',
file: 'src/converters/AnthropicToDollhouseConverter.ts',
reason: 'INTENTIONAL: Format transformer, not security boundary. Uses yaml.load with CORE_SCHEMA to prevent deserialization attacks. Cannot use SecureYamlParser (processes extracted YAML strings). Preserves content fidelity - no modification. Output validated when loaded via SkillManager.load() which applies SecureYamlParser. PR #1400'
},
{
rule: 'DMCP-SEC-005',
file: 'src/security/audit/scanners/ConfigurationScanner.ts',
reason: 'INTENTIONAL: Security scanner for pure YAML configuration files (not Markdown with frontmatter). Uses yaml.load with FAILSAFE_SCHEMA which prevents code execution and arbitrary object instantiation. SecureYamlParser is designed for element files (Markdown with YAML frontmatter), not raw config files. PR #1'
},
{
rule: 'DMCP-SEC-005',
file: 'src/services/SerializationService.ts',
reason: 'FALSE POSITIVE: Uses safe YAML schema (FAILSAFE_SCHEMA or JSON_SCHEMA) selected by getYamlSchema(). SecureYamlParser is designed for Markdown files with frontmatter, not pure YAML parsing. Lines 307 and 812 use safe schemas that prevent code execution.'
},
{
rule: 'DMCP-SEC-005',
file: 'src/handlers/mcp-aql/MCPAQLHandler.ts',
reason: 'INTENTIONAL: Import operation parses pure YAML data from export packages (not Markdown with frontmatter). Uses yaml.load with JSON_SCHEMA which prevents code execution and is appropriate for structured element data. SecureYamlParser cannot be used as it expects Markdown frontmatter format. PR #193'
},
// ========================================
// Service Layer False Positives (Refactor PR)
// ========================================
{
rule: 'DMCP-SEC-004',
file: 'src/services/SerializationService.ts',
reason: 'FALSE POSITIVE: SerializationService handles data serialization/deserialization. Unicode normalization is applied at the validation layer (ValidationService.validateAndSanitizeInput calls UnicodeValidator.normalize) before data reaches serialization.'
},
{
rule: 'DMCP-SEC-004',
file: 'src/services/FileOperationsService.ts',
reason: 'FALSE POSITIVE: FileOperationsService handles file I/O operations. Paths are validated by PathValidator. Content validation including Unicode normalization happens at the element manager layer before file operations.'
},
{
rule: 'DMCP-SEC-004',
file: 'src/services/validation/ElementValidator.ts',
reason: 'FALSE POSITIVE: Interface/type definition file only. Concrete implementations use ValidationService which performs Unicode normalization via UnicodeValidator.normalize().'
},
{
rule: 'DMCP-SEC-004',
file: 'src/services/validation/GenericElementValidator.ts',
reason: 'FALSE POSITIVE: Calls InputNormalizer.normalize() at the validation boundary (line 64) which recursively normalizes all strings via UnicodeValidator.normalize(). This is the centralized normalization point for all element validators.'
},
{
rule: 'DMCP-SEC-004',
file: 'src/services/validation/PersonaElementValidator.ts',
reason: 'FALSE POSITIVE: Extends GenericElementValidator which normalizes all input via InputNormalizer.normalize() at the boundary. Custom fields additionally normalized by ValidationService.validateAndSanitizeInput().'
},
{
rule: 'DMCP-SEC-004',
file: 'src/services/validation/MemoryElementValidator.ts',
reason: 'FALSE POSITIVE: Extends GenericElementValidator which normalizes all input via InputNormalizer.normalize() at the boundary. Custom fields additionally normalized by ValidationService.validateAndSanitizeInput().'
},
{
rule: 'DMCP-SEC-004',
file: 'src/services/validation/TemplateElementValidator.ts',
reason: 'FALSE POSITIVE: Extends GenericElementValidator which normalizes all input via InputNormalizer.normalize() at the boundary. Custom fields additionally normalized by ValidationService.validateAndSanitizeInput().'
},
{
rule: 'DMCP-SEC-004',
file: 'src/services/validation/EnsembleElementValidator.ts',
reason: 'FALSE POSITIVE: Extends GenericElementValidator which normalizes all input via InputNormalizer.normalize() at the boundary. Custom fields additionally normalized by ValidationService.validateAndSanitizeInput().'
},
{
rule: 'DMCP-SEC-004',
file: 'src/services/validation/SkillElementValidator.ts',
reason: 'FALSE POSITIVE: Extends GenericElementValidator which normalizes all input via InputNormalizer.normalize() at the boundary. validateMetadata() receives pre-normalized element.metadata from Skill constructor (UnicodeValidator.normalize + sanitizeInput). PR #457'
},
{
rule: 'DMCP-SEC-004',
file: 'src/services/validation/AgentElementValidator.ts',
reason: 'FALSE POSITIVE: Extends GenericElementValidator which normalizes all input via InputNormalizer.normalize() at the boundary. Agent-specific fields (goal, systemPrompt, activates, tools, autonomy) additionally normalized by ValidationService.validateContent(). PR #134'
},
{
rule: 'DMCP-SEC-004',
file: 'src/converters/DollhouseToAnthropicConverter.ts',
reason: 'INTENTIONAL: Format transformer, not security boundary. Preserves content fidelity without Unicode normalization. Input skills already validated (from DollhouseMCP system). One-to-one mechanical transformation - no content modification. Security boundary is SkillManager.load(), not converters. PR #1400'
},
{
rule: 'DMCP-SEC-004',
file: 'src/converters/AnthropicToDollhouseConverter.ts',
reason: 'INTENTIONAL: Format transformer, not security boundary. Preserves content fidelity without Unicode normalization. Output validated when loaded via SkillManager.load() which applies full security validation (SecureYamlParser + UnicodeValidator). One-to-one mechanical transformation. PR #1400'
},
{
rule: 'DMCP-SEC-004',
file: 'src/converters/ContentExtractor.ts',
reason: 'INTENTIONAL: Format analysis tool for converters, not security boundary. Preserves content fidelity without modification. Used by format transformers which preserve one-to-one correspondence. No user input processing - internal utility for mechanical conversion. PR #1400'
},
{
rule: 'DMCP-SEC-006',
file: 'src/converters/DollhouseToAnthropicConverter.ts',
reason: 'FALSE POSITIVE: Converters are format transformers, not security operations. Audit logging happens at CLI level (cli/convert.ts line 251) where conversion operations are logged. Converters are internal utilities, not user-facing security boundaries. PR #1400'
},
{
rule: 'DMCP-SEC-006',
file: 'src/converters/AnthropicToDollhouseConverter.ts',
reason: 'FALSE POSITIVE: Converters are format transformers, not security operations. Audit logging happens at CLI level (cli/convert.ts line 251) where conversion operations are logged. Converters are internal utilities, not user-facing security boundaries. PR #1400'
},
{
rule: 'DMCP-SEC-004',
file: 'src/server/resources/CapabilityIndexResource.ts',
reason: 'FALSE POSITIVE: File path is constructed from os.homedir() (system-provided) with hardcoded path segments. No user input flows through this code. The capability-index.yaml file is system-generated by EnhancedIndexManager, not user-provided.'
},
// ========================================
// Clear-text Logging False Positives
// ========================================
{
rule: 'DMCP-SEC-010',
file: 'src/utils/logger.ts',
reason: 'FALSE POSITIVE: The logger already sanitizes all sensitive data through sanitizeMessage() and sanitizeObject() methods. All sensitive fields (tokens, keys, passwords, etc.) are replaced with [REDACTED] before any console output. Lines 288, 291, and 295 only log pre-sanitized safe messages.'
},
// ========================================
// Security Rule Definition Files
// ========================================
{
rule: 'OWASP-A03-004',
file: 'src/security/audit/rules/SecurityRules.ts',
reason: 'This is a regex pattern definition for detecting innerHTML usage, not actual usage'
},
// ========================================
// Persona Loading False Positives
// ========================================
{
rule: 'DMCP-SEC-001',
file: 'src/persona/PersonaLoader.ts',
reason: 'PersonaLoader validates personas through SecureYamlParser and ContentValidator'
},
{
rule: 'DMCP-SEC-001',
file: 'src/persona/PersonaManager.ts',
reason: 'FALSE POSITIVE: PersonaManager validates all loaded personas using PersonaValidator.validatePersona() immediately after loading at line 325. Invalid personas are rejected and removed from cache. PR #1'
},
// ========================================
// Unicode Normalization False Positives
// ========================================
{
rule: 'DMCP-SEC-004',
file: 'src/types/*.ts',
reason: 'Type definition files do not process user input'
},
{
rule: 'DMCP-SEC-004',
file: 'src/telemetry/types.ts',
reason: 'Telemetry type definition file - contains only TypeScript interfaces, no runtime code or user input processing'
},
{
rule: 'DMCP-SEC-004',
file: '**/telemetry/types.ts',
reason: 'Telemetry type definition file - CI path variant, contains only TypeScript interfaces'
},
{
rule: 'DMCP-SEC-004',
file: 'src/types/elements/*.ts',
reason: 'Element interface files are type definitions that do not process user input'
},
{
rule: 'DMCP-SEC-004',
file: 'src/errors/*.ts',
reason: 'Error classes do not process user input'
},
{
rule: 'DMCP-SEC-004',
file: 'src/config/*.ts',
reason: 'Configuration files do not process user input directly'
},
{
rule: 'DMCP-SEC-004',
file: 'src/constants/*.ts',
reason: 'Constant definition files do not process user input'
},
{
rule: 'DMCP-SEC-004',
file: 'src/elements/memories/constants.ts',
reason: 'Constants file - contains only type definitions and constants, no user input processing'
},
{
rule: 'DMCP-SEC-004',
file: '**/src/elements/memories/constants.ts',
reason: 'Constants file - contains only type definitions and constants, no user input processing'
},
{
rule: 'DMCP-SEC-004',
file: '**/elements/memories/constants.ts',
reason: 'Constants file - CI environments may have different path structures, no user input processing'
},
{
rule: 'DMCP-SEC-004',
file: 'elements/memories/constants.ts',
reason: 'Constants file - handles case where src/ prefix is stripped, no user input processing'
},
{
rule: 'DMCP-SEC-004',
file: 'src/services/retention/types.ts',
reason: 'Type definition file for retention policy interfaces - contains only TypeScript interfaces and type definitions, no runtime code or user input processing. Actual Unicode normalization is implemented in RetentionPolicyService and MemoryRetentionStrategy. PR #52'
},
{
rule: 'DMCP-SEC-004',
file: 'src/elements/memories/utils.ts',
reason: 'Memory utilities - all external input is normalized via UnicodeValidator in the functions themselves'
},
{
rule: 'DMCP-SEC-004',
file: '**/src/elements/memories/utils.ts',
reason: 'Memory utilities - all external input is normalized via UnicodeValidator in the functions themselves'
},
{
rule: 'DMCP-SEC-004',
file: '**/elements/memories/utils.ts',
reason: 'Memory utilities - CI path variant, all external input is normalized via UnicodeValidator'
},
{
rule: 'DMCP-SEC-004',
file: 'elements/memories/utils.ts',
reason: 'Memory utilities - src-stripped path variant, all external input is normalized via UnicodeValidator'
},
{
rule: 'DMCP-SEC-004',
file: '**/memories/*.ts',
reason: 'Memory element files - all user input is properly normalized in Memory.ts and MemoryManager.ts'
},
{
rule: 'DMCP-SEC-004',
file: 'src/elements/memories/*.ts',
reason: 'Memory element files - all user input is properly normalized in Memory.ts and MemoryManager.ts'
},
{
rule: 'DMCP-SEC-004',
file: 'src/utils/version.ts',
reason: 'Version utility only handles internal version strings, not user input'
},
{
rule: 'DMCP-SEC-004',
file: 'src/cache/*.ts',
reason: 'Cache layer receives already-normalized input'
},
{
rule: 'DMCP-SEC-004',
file: 'src/security/**/*.ts',
reason: 'Security modules handle validation and normalization themselves'
},
{
rule: 'DMCP-SEC-004',
file: 'src/index.ts',
reason: 'Main entry point delegates to ServerSetup which normalizes all inputs'
},
{
rule: 'DMCP-SEC-004',
file: 'src/server/ServerSetup.ts',
reason: 'CENTRALIZED UNICODE NORMALIZATION: This is where Unicode normalization is implemented for ALL tool inputs. ServerSetup.normalizeArgumentsUnicode() (lines 113-146) recursively normalizes all string arguments before they reach any handler. This is the correct architectural pattern (single entry point). PR #1'
},
// ========================================
// Centralized Unicode Normalization - PR #1
// ========================================
// All handlers receive pre-normalized input from ServerSetup.ts
// ServerSetup.setupCallToolHandler() calls normalizeArgumentsUnicode()
// on line 89 BEFORE dispatching to any handler. This recursively
// normalizes all strings in the arguments object.
// See src/server/ServerSetup.ts lines 113-146 for implementation.
// ========================================
{
rule: 'DMCP-SEC-004',
file: 'test-archive/**/*',
reason: 'CENTRALIZED NORMALIZATION: Test archive files are archived experiments, not production code. All production user input is normalized in ServerSetup.ts before reaching handlers. PR #1'
},
{
rule: 'DMCP-SEC-004',
file: 'src/handlers/*.ts',
reason: 'CENTRALIZED NORMALIZATION: All handlers receive pre-normalized input from ServerSetup.normalizeArgumentsUnicode() (lines 89, 113-146). Unicode normalization happens at the entry point before handlers are invoked. PR #1'
},
{
rule: 'DMCP-SEC-004',
file: 'src/handlers/**/*.ts',
reason: 'CENTRALIZED NORMALIZATION: All handler strategies and modules receive pre-normalized input from ServerSetup.normalizeArgumentsUnicode(). Input is sanitized at the MCP request layer. PR #1'
},
{
rule: 'DMCP-SEC-004',
file: 'src/elements/**/*.ts',
reason: 'CENTRALIZED NORMALIZATION: Element managers receive pre-normalized input from handlers, which receive pre-normalized input from ServerSetup. Defense in depth with centralized entry point normalization. PR #1'
},
{
rule: 'DMCP-SEC-004',
file: 'src/di/Container.ts',
reason: 'FALSE POSITIVE: DI Container only wires dependencies, does not process user input. All user input is normalized in ServerSetup before reaching any injected service. PR #1'
},
{
rule: 'DMCP-SEC-004',
file: 'src/collection/*.ts',
reason: 'Marketplace modules receive normalized input from tool handlers'
},
{
rule: 'DMCP-SEC-004',
file: 'src/collection/**/*.ts',
reason: 'Marketplace modules receive normalized input from tool handlers'
},
{
rule: 'DMCP-SEC-004',
file: 'src/persona/*.ts',
reason: 'Persona modules receive normalized input from tool handlers'
},
{
rule: 'DMCP-SEC-004',
file: 'src/persona/**/*.ts',
reason: 'Persona modules receive normalized input from tool handlers'
},
{
rule: 'DMCP-SEC-004',
file: 'src/update/*.ts',
reason: 'Update modules receive normalized input from tool handlers'
},
{
rule: 'DMCP-SEC-004',
file: 'src/tools/*.ts',
reason: 'Tool files receive normalized input from ServerSetup'
},
{
rule: 'DMCP-SEC-004',
file: 'src/server/types.ts',
reason: 'Type definition file does not process user input'
},
{
rule: 'DMCP-SEC-004',
file: 'src/server/tools/*.ts',
reason: 'Server tools receive normalized input from ServerSetup'
},
{
rule: 'DMCP-SEC-004',
file: 'scripts/**/*',
reason: 'Build and utility scripts do not process user input'
},
{
rule: 'DMCP-SEC-004',
file: 'src/tools/portfolio/types.ts',
reason: 'Type definition file containing only TypeScript interfaces - no runtime code or user input processing'
},
{
rule: 'DMCP-SEC-004',
file: 'src/tools/**/types.ts',
reason: 'Type definition files do not process user input - compile-time only'
},
{
rule: 'DMCP-SEC-004',
file: 'src/services/BuildInfoService.ts',
reason: 'BuildInfoService only processes system information (package.json, git commands, Docker runtime) - the MCP tool takes no parameters and no user input flows through this service'
},
{
rule: 'DMCP-SEC-004',
file: 'src/handlers/SyncHandlerV2.ts',
reason: 'SyncHandlerV2 receives already-normalized input from the MCP request layer. All user input is normalized in ServerSetup before reaching handlers.'
},
{
rule: 'DMCP-SEC-004',
file: 'src/handlers/ConfigHandler.ts',
reason: 'ConfigHandler receives already-normalized input from the MCP request layer. All user input is normalized in ServerSetup before reaching handlers.'
},
{
rule: 'DMCP-SEC-004',
file: 'test-sync-operations.js',
reason: 'Test utility file for development testing. Does not process production user input.'
},
{
rule: 'DMCP-SEC-004',
file: '**/test-sync-operations.js',
reason: 'Test utility file for development testing. Does not process production user input.'
},
{
rule: 'DMCP-SEC-004',
file: 'test-*.js',
reason: 'Test utility files in root directory for development testing. Do not process production user input.'
},
{
rule: 'DMCP-SEC-006',
file: 'test-*.js',
reason: 'Test utility files in root directory. Audit logging not required for development test scripts.'
},
{
rule: 'OWASP-A03-002',
file: 'test-*.js',
reason: 'Test utility files using spawn with array arguments which is safe from injection.'
},
{
rule: 'OWASP-A03-002',
file: '**/test-element-lifecycle.js',
reason: 'FALSE POSITIVE: spawn with array arguments is safe (no shell invocation). GitHub token passed as array element, not concatenated into command string.'
},
{
rule: 'DMCP-SEC-004',
file: '**/test-element-lifecycle.js',
reason: 'FALSE POSITIVE: Test harness with no user input mechanisms. All data is hardcoded test scenarios or environment variables.'
},
{
rule: 'OWASP-A03-002',
file: 'test-full-validation.js',
reason: 'FALSE POSITIVE: spawn with array arguments is safe. Docker command uses array args preventing shell injection. Line 372.'
},
{
rule: 'OWASP-A03-002',
file: '**/test-full-validation.js',
reason: 'FALSE POSITIVE: spawn with array arguments is safe. Docker command uses array args preventing shell injection.'
},
{
rule: 'DMCP-SEC-004',
file: 'test-full-validation.js',
reason: 'Test validation script - not production code. No user input processing, only test scenarios.'
},
{
rule: 'DMCP-SEC-004',
file: '**/test-full-validation.js',
reason: 'Test validation script - not production code. No user input processing, only test scenarios.'
},
{
rule: 'DMCP-SEC-006',
file: 'test-version-validation.js',
reason: 'Test utility script - not production code. Audit logging not required for test utilities.'
},
{
rule: 'DMCP-SEC-006',
file: '**/test-version-validation.js',
reason: 'Test utility script - not production code. Audit logging not required for test utilities.'
},
{
rule: 'DMCP-SEC-004',
file: 'test-memory-deletion.js',
reason: 'Test file - No user input processed, all test data is internally generated'
},
{
rule: 'DMCP-SEC-004',
file: '**/test-memory-deletion.js',
reason: 'Test file - No user input processed, all test data is internally generated'
},
{
rule: 'DMCP-SEC-006',
file: 'test-memory-deletion.js',
reason: 'Test file - Audit logging happens in the server deleteElement method, not in test'
},
{
rule: 'DMCP-SEC-006',
file: '**/test-memory-deletion.js',
reason: 'Test file - Audit logging happens in the server deleteElement method, not in test'
},
{
rule: 'CWE-89-001',
file: 'test-memory-deletion.js',
reason: 'False positive - Template literals in error messages are not SQL queries'
},
{
rule: 'CWE-89-001',
file: '**/test-memory-deletion.js',
reason: 'False positive - Template literals in error messages are not SQL queries'
},
// ========================================
// Audit Logging False Positives
// ========================================
{
rule: 'DMCP-SEC-006',
file: 'src/types/*.ts',
reason: 'Type definition files do not perform security operations'
},
{
rule: 'DMCP-SEC-006',
file: 'src/types/elements/*.ts',
reason: 'Element interface files are type definitions that do not perform security operations'
},
{
rule: 'DMCP-SEC-006',
file: 'src/constants/*.ts',
reason: 'Constant files do not perform security operations'
},
{
rule: 'DMCP-SEC-006',
file: 'src/config/*.ts',
reason: 'Configuration files do not perform security operations'
},
{
rule: 'DMCP-SEC-006',
file: 'src/elements/memories/constants.ts',
reason: 'Constants file - contains only type definitions and constants, no security operations'
},
{
rule: 'DMCP-SEC-006',
file: '**/src/elements/memories/constants.ts',
reason: 'Constants file - contains only type definitions and constants, no security operations'
},
{
rule: 'DMCP-SEC-006',
file: '**/elements/memories/constants.ts',
reason: 'Constants file - CI path variant, contains only type definitions and constants'
},
{
rule: 'DMCP-SEC-006',
file: 'elements/memories/constants.ts',
reason: 'Constants file - src-stripped path variant, contains only type definitions and constants'
},
{
rule: 'DMCP-SEC-006',
file: 'src/errors/*.ts',
reason: 'Error classes are not security operations requiring audit'
},
{
rule: 'DMCP-SEC-006',
file: '**/*.json',
reason: 'JSON files cannot contain executable code'
},
{
rule: 'DMCP-SEC-006',
file: 'src/security/**/*.ts',
reason: 'Security modules are infrastructure, not operations requiring audit'
},
{
rule: 'DMCP-SEC-006',
file: 'src/collection/*.ts',
reason: 'Marketplace operations are not security-sensitive requiring audit'
},
{
rule: 'DMCP-SEC-006',
file: 'src/collection/**/*.ts',
reason: 'Marketplace operations are not security-sensitive requiring audit'
},
{
rule: 'DMCP-SEC-006',
file: 'src/persona/*.ts',
reason: 'Persona operations are validated at entry point, not security operations'
},
{
rule: 'DMCP-SEC-006',
file: 'src/persona/**/*.ts',
reason: 'Persona operations are validated at entry point, not security operations'
},
{
rule: 'DMCP-SEC-006',
file: 'src/server/tools/**/*.ts',
reason: 'Tool implementations delegate to services that handle security'
},
{
rule: 'DMCP-SEC-006',
file: 'src/index.ts',
reason: 'Main entry point delegates security operations to specialized modules'
},
{
rule: 'DMCP-SEC-004',
file: 'src/utils/EvictingQueue.ts',
reason: 'Generic data structure — does not process user input. All callers (Agent, SecurityTelemetry, SecurityMonitor, Logger) sanitize input before pushing to the queue'
},
{
rule: 'DMCP-SEC-006',
file: 'src/utils/*.ts',
reason: 'Utility functions are not security operations requiring audit'
},
{
rule: 'DMCP-SEC-006',
file: 'src/update/**/*.ts',
reason: 'Update system has its own logging and is not a direct security operation'
},
{
rule: 'DMCP-SEC-006',
file: 'src/server/types.ts',
reason: 'Type definition file does not perform operations'
},
{
rule: 'DMCP-SEC-006',
file: 'scripts/**/*',
reason: 'Build scripts do not perform runtime security operations'
},
{
rule: 'DMCP-SEC-006',
file: 'scripts/lib/gh-command.js',
reason: 'CLI utility - SecurityMonitor not available in standalone scripts. Security ensured via input validation and secure command execution patterns (DMCP-SEC-001, DMCP-SEC-002)'
},
{
rule: 'DMCP-SEC-006',
file: '**/scripts/lib/gh-command.js',
reason: 'CLI utility - SecurityMonitor not available in standalone scripts. Security ensured via input validation and secure command execution patterns (DMCP-SEC-001, DMCP-SEC-002)'
},
{
rule: 'DMCP-SEC-006',
file: 'src/portfolio/PortfolioSyncManager.ts',
reason: 'Portfolio sync operations are file management tasks, not security operations. Security validation happens at the MCP request layer.'
},
{
rule: 'DMCP-SEC-006',
file: 'src/handlers/SyncHandlerV2.ts',
reason: 'Sync handler delegates to PortfolioSyncManager which handles its own logging. Security validation happens at the MCP request layer.'
},
{
rule: 'DMCP-SEC-006',
file: 'src/handlers/ConfigHandler.ts',
reason: 'Config handler operations are configuration management, not security operations. ConfigManager handles its own logging.'
},
// ========================================
// Query Services - Issue #38 (PR #46)
// ========================================
// Query services receive pre-normalized input via two layers:
// 1. ServerSetup.normalizeArgumentsUnicode() normalizes all MCP tool arguments
// 2. FilterService uses normalizeSearchTerm() which calls UnicodeValidator.normalize()
// See src/utils/searchUtils.ts lines 17-30 for secondary normalization
{
rule: 'DMCP-SEC-004',
file: 'src/services/query/types.ts',
reason: 'Type definition file containing only TypeScript interfaces - no runtime code or user input processing. PR #46'
},
{
rule: 'DMCP-SEC-004',
file: 'src/services/query/index.ts',
reason: 'Re-export module - no user input processing, only TypeScript re-exports. PR #46'
},
{
rule: 'DMCP-SEC-004',
file: 'src/services/query/PaginationService.ts',
reason: 'PaginationService processes numeric parameters (page, pageSize) - no string input requiring Unicode normalization. Input pre-validated at MCP request layer. PR #46'
},
{
rule: 'DMCP-SEC-004',
file: 'src/services/query/FilterService.ts',
reason: 'DUAL PROTECTION: (1) Input pre-normalized by ServerSetup.normalizeArgumentsUnicode() at MCP layer, (2) FilterService uses normalizeSearchTerm() which calls UnicodeValidator.normalize(). See searchUtils.ts:17-30. PR #46'
},
{
rule: 'DMCP-SEC-004',
file: 'src/services/query/ElementQueryService.ts',
reason: 'Orchestrator service - delegates to FilterService which performs Unicode normalization via normalizeSearchTerm(). Input pre-normalized at MCP layer. PR #46'
},
{
rule: 'DMCP-SEC-004',
file: 'src/services/query/SortService.ts',
reason: 'SortService validates sortBy against enum whitelist (SortableField) - no arbitrary string input. sortOrder is enum-validated. No Unicode normalization needed. PR #46'
},
{
rule: 'DMCP-SEC-004',
file: 'src/services/query/*.ts',
reason: 'Query services receive pre-normalized input from MCP layer and use normalizeSearchTerm() for additional protection. PR #46'
},
// ========================================
// Coverage Report Files
// ========================================
{
rule: '*',
file: 'test/coverage/**/*',
reason: 'Coverage report files are auto-generated and not part of the application code'
},
{
rule: '*',
file: 'tests/coverage/**/*',
reason: 'Coverage report files are auto-generated and not part of the application code'
},
{
rule: '*',
file: '**/lcov-report/**/*',
reason: 'LCOV coverage report files are auto-generated and not part of the application code'
},
// ========================================
// Documentation and Non-Code Files
// ========================================
{
rule: '*',
file: 'docs/**/*',
reason: 'Documentation files including QA metrics and reports'
},
{
rule: '*',
file: '**/*.md',
reason: 'Markdown documentation files'
},
{
rule: '*',
file: '**/*.json',
reason: 'JSON configuration and data files do not execute code'
},
{
rule: '*',
file: 'LICENSE',
reason: 'License file'
},
{
rule: '*',
file: '.gitignore',
reason: 'Git configuration file'
},
{
rule: '*',
file: 'package-lock.json',
reason: 'NPM lock file - auto-generated, no user input processing'
},
{
rule: '*',
file: '**/*.yml',
reason: 'YAML configuration files are data, not code'
},
{
rule: '*',
file: '**/*.yaml',
reason: 'YAML configuration files are data, not code'
},
// ========================================
// September 22 Session Docs Restoration - PR #1082
// ========================================
{
rule: 'OWASP-A03-002',
file: 'scripts/test-capability-index.js',
reason: 'Test script using spawn with hardcoded array arguments - no user input'
},
{
rule: 'OWASP-A03-002',
file: '**/scripts/test-capability-index.js',
reason: 'Test script using spawn with hardcoded array arguments - no user input'
},
{
rule: 'OWASP-A03-002',
file: 'tests/experiments/capability-index-comprehensive-test.js',
reason: 'Test file using spawn with hardcoded array arguments - no user input'
},
{
rule: 'OWASP-A03-002',
file: '**/tests/experiments/capability-index-comprehensive-test.js',
reason: 'Test file using spawn with hardcoded array arguments - no user input'
},
{
rule: 'DMCP-SEC-003',
file: 'scripts/test-capability-index.js',
reason: 'Test script with hardcoded test persona paths - not production code'
},
{
rule: 'DMCP-SEC-003',
file: '**/scripts/test-capability-index.js',
reason: 'Test script with hardcoded test persona paths - not production code'
},
{
rule: 'CWE-22-001',
file: 'tests/experiments/capability-index-docker-test.js',
reason: 'Test file using hardcoded test paths - no user input'
},
{
rule: 'CWE-22-001',
file: '**/tests/experiments/capability-index-docker-test.js',
reason: 'Test file using hardcoded test paths - no user input'
},
{
rule: 'DMCP-SEC-004',
file: 'test-memory-edit.js',
reason: 'Test file for memory editing - no user input processing'
},
{
rule: 'DMCP-SEC-004',
file: '**/test-memory-edit.js',
reason: 'Test file for memory editing - no user input processing'
},
// Additional suppressions for remaining issues
{
rule: 'OWASP-A03-002',
file: 'tests/experiments/capability-index-docker-test.js',
reason: 'Test file using spawn with hardcoded array arguments at line 279 - no user input'
},
{
rule: 'OWASP-A03-002',
file: '**/tests/experiments/capability-index-docker-test.js',
reason: 'Test file using spawn with hardcoded array arguments at line 279 - no user input'
},
{
rule: 'DMCP-SEC-001',
file: 'scripts/test-capability-index.js',
reason: 'Test script loading test personas with hardcoded paths - not production code'
},
{
rule: 'DMCP-SEC-001',
file: '**/scripts/test-capability-index.js',
reason: 'Test script loading test personas with hardcoded paths - not production code'
},
// ========================================
// packages/safety Suppressions
// ========================================
{
rule: 'OWASP-A03-002',
file: 'packages/safety/src/DisplayService.ts',
reason: 'Intentional execSync for cross-platform OS dialogs. All user input is properly escaped using escapeShellArg (Unix) or Base64 encoding (PowerShell)'
},
{
rule: 'OWASP-A03-002',
file: '**/packages/safety/src/DisplayService.ts',
reason: 'Intentional execSync for cross-platform OS dialogs. All user input is properly escaped using escapeShellArg (Unix) or Base64 encoding (PowerShell)'
},
{
rule: 'DMCP-SEC-004',
file: 'packages/safety/src/DisplayService.ts',
reason: 'DisplayService receives sanitized input from TieredSafetyService. Unicode normalization happens at validation boundaries, not in display layer'
},
{
rule: 'DMCP-SEC-004',
file: '**/packages/safety/src/DisplayService.ts',
reason: 'DisplayService receives sanitized input from TieredSafetyService. Unicode normalization happens at validation boundaries, not in display layer'
},
{
rule: 'DMCP-SEC-004',
file: 'packages/safety/src/TieredSafetyService.ts',
reason: 'TieredSafetyService validates operation safety levels, not user input. Input validation with Unicode normalization is handled by upstream validators'
},
{
rule: 'DMCP-SEC-004',
file: '**/packages/safety/src/TieredSafetyService.ts',
reason: 'TieredSafetyService validates operation safety levels, not user input. Input validation with Unicode normalization is handled by upstream validators'
},
// ========================================
// Docker Token Measurement Script - PR #292
// ========================================
{
rule: 'OWASP-A03-002',
file: 'scripts/measure-docker-tokens.ts',
reason: 'Command injection mitigated: interfaceMode and endpointMode are validated against VALID_INTERFACE_MODES and VALID_ENDPOINT_MODES allowlists before use in spawn(). TypeScript types also constrain parameters at compile time. PR #292'
},
{
rule: 'OWASP-A03-002',
file: '**/scripts/measure-docker-tokens.ts',
reason: 'Command injection mitigated: interfaceMode and endpointMode are validated against VALID_INTERFACE_MODES and VALID_ENDPOINT_MODES allowlists before use in spawn(). TypeScript types also constrain parameters at compile time. PR #292'
},
// ========================================
// Unified Logging System — PR #471
// ========================================
// Sinks receive pre-constructed UnifiedLogEntry objects from LogManager.
// Data enters the pipeline through LogHooks which creates entries from
// internal system events. MCPLogger sanitizes via sanitizeMessage() and
// sanitizeData() before emitting. Other sources (SecurityMonitor,
// PerformanceMonitor, etc.) emit internal system data, not user input.
// The SSE viewer HTML-escapes all dynamic content via escHtml()/
// document.createTextNode().
{
rule: 'DMCP-SEC-004',
file: 'src/logging/types.ts',
reason: 'Pure type definitions and interfaces — no data processing or user input handling. PR #471'
},
{
rule: 'DMCP-SEC-004',
file: 'src/logging/sinks/MemoryLogSink.ts',
reason: 'Receives pre-constructed UnifiedLogEntry objects from LogManager. Query parameters are used as read-only substring filters, not written to output. PR #471'
},
{
rule: 'DMCP-SEC-004',
file: 'src/logging/sinks/FileLogSink.ts',
reason: 'Receives pre-formatted entries via ILogFormatter. File paths built from hardcoded category names + dates. MCPLogger sanitizes upstream via sanitizeMessage/sanitizeData; other sources emit internal system data. PR #471'
},
{
rule: 'DMCP-SEC-004',
file: 'src/web/routes/logRoutes.ts',
reason: 'JSON-serializes pre-constructed UnifiedLogEntry objects over SSE. All query parameters are validated strings passed to MemoryLogSink.query(). No HTML rendering.'
},
{
rule: 'DMCP-SEC-004',
file: 'src/storage/types.ts',
reason: 'FALSE POSITIVE: Type-only interface declarations (StorageItemMetadata, ElementIndexEntry, ManifestDiffResult). No executable input-processing code; Unicode normalization is enforced in concrete storage parsers/layers.'
},
{
rule: 'DMCP-SEC-004',
file: 'src/storage/IStorageBackend.ts',
reason: 'FALSE POSITIVE: Interface contract only for backend abstraction. No runtime user-input handling in this file; normalization is enforced by implementing storage layers and validators.'
},
// ========================================
// VerificationNotifier False Positives — Issue #537
// ========================================
{
rule: 'OWASP-A03-002',
file: 'src/services/VerificationNotifier.ts',
reason: 'FALSE POSITIVE: Lines 117, 132, 145 use spawn() with array arguments (no shell invocation). zenity/kdialog/xmessage are display-only tools that render text in GUI dialogs without interpreting content as code. agentName (from MCP params) and code (cryptographic alphanumeric) flow into display text only. See Issue #537 evidence trace.'
},
// ========================================
// Web UI Client-Side False Positives — RC1 Security Audit
// ========================================
{