mcp-siber-security-audit/src/fixers/secret-fixer.js

MCP server for security code audit with auto-fix capabilities

class SecretFixer {
  applyFix(content, issue) {
    let fixedContent = content;
    let isFixed = false;

    if (issue.type === 'HARDCODED_API_KEY') {
      const lines = content.split('\n');
      const lineIndex = issue.line - 1;
      lines[lineIndex] = 'const API_KEY = process.env.API_KEY; // Loaded from environment variable';
      fixedContent = lines.join('\n');
      isFixed = true;
    } else if (issue.type === 'INSECURE_URL') {
      // Replace http:// with https://
      fixedContent = content.replace('http://', 'https://');
      isFixed = true;
    }

    return {
      fixedContent,
      isFixed,
    };
  }
}

module.exports = SecretFixer;