fix(pc):

Author: msoedov

agentic_security/attack_rules/dataset.py

@@ -83,7 +83,9 @@ def load(self, variables: dict[str, str] | None = None) -> list[ProbeDataset]:
 
             severity_enums = None
             if self.severities:
-                severity_enums = [AttackRuleSeverity.from_string(s) for s in self.severities]
+                severity_enums = [
+                    AttackRuleSeverity.from_string(s) for s in self.severities
+                ]
 
             filtered = self._loader.filter_rules(
                 rules, types=self.types, severities=severity_enums
@@ -113,10 +115,14 @@ def load_merged(self, variables: dict[str, str] | None = None) -> ProbeDataset:
 
         severity_enums = None
         if self.severities:
-            severity_enums = [AttackRuleSeverity.from_string(s) for s in self.severities]
+            severity_enums = [
+                AttackRuleSeverity.from_string(s) for s in self.severities
+            ]
 
         filtered = self._loader.filter_rules(
             all_rules, types=self.types, severities=severity_enums
         )
 
-        return rules_to_dataset(filtered, name="YAML Rules (merged)", variables=variables)
+        return rules_to_dataset(
+            filtered, name="YAML Rules (merged)", variables=variables
+        )

agentic_security/attack_rules/loader.py

@@ -1,4 +1,3 @@
-import os
 from pathlib import Path
 
 import yaml
@@ -81,17 +80,15 @@ def load_rule_from_string(self, yaml_content: str) -> AttackRule | None:
             return None
 
     def load_rules_from_directory(
-        self,
-        directory: str | Path | None = None,
-        recursive: bool = True
+        self, directory: str | Path | None = None, recursive: bool = True
     ) -> list[AttackRule]:
         directory = Path(directory) if directory else self.rules_dir
         if not directory or not directory.exists():
             logger.warning(f"Rules directory does not exist: {directory}")
             return []
 
         rules = []
-        pattern = "**/*.yaml" if recursive else "*.yaml"
+        # pattern = "**/*.yaml" if recursive else "*.yaml"
 
         for ext in [".yaml", ".yml"]:
             glob_pattern = f"**/*{ext}" if recursive else f"*{ext}"
@@ -105,9 +102,7 @@ def load_rules_from_directory(
         return rules
 
     def load_multiple_directories(
-        self,
-        directories: list[str | Path],
-        recursive: bool = True
+        self, directories: list[str | Path], recursive: bool = True
     ) -> list[AttackRule]:
         all_rules = []
         for directory in directories:
@@ -133,6 +128,7 @@ def filter_rules(
 
         if name_pattern:
             import re
+
             pattern = re.compile(name_pattern, re.IGNORECASE)
             result = [r for r in result if pattern.search(r.name)]
 
@@ -154,8 +150,7 @@ def rule_types(self) -> set[str]:
 
 
 def load_rules_from_directory(
-    directory: str | Path,
-    recursive: bool = True
+    directory: str | Path, recursive: bool = True
 ) -> list[AttackRule]:
     loader = RuleLoader()
     return loader.load_rules_from_directory(directory, recursive)

agentic_security/attack_rules/models.py

@@ -38,10 +38,20 @@ def from_dict(cls, data: dict[str, Any]) -> "AttackRule":
             pass_conditions=data.get("pass_conditions", []),
             fail_conditions=data.get("fail_conditions", []),
             source=data.get("source"),
-            metadata={k: v for k, v in data.items() if k not in {
-                "name", "type", "prompt", "severity",
-                "pass_conditions", "fail_conditions", "source"
-            }},
+            metadata={
+                k: v
+                for k, v in data.items()
+                if k
+                not in {
+                    "name",
+                    "type",
+                    "prompt",
+                    "severity",
+                    "pass_conditions",
+                    "fail_conditions",
+                    "source",
+                }
+            },
         )
 
     def to_dict(self) -> dict[str, Any]:

agentic_security/core/security.py

@@ -0,0 +1,179 @@
+"""Security utilities and validation for agentic_security."""
+
+from functools import wraps
+from collections.abc import Callable
+from urllib.parse import urlparse
+import hashlib
+import hmac
+import os
+import re
+
+
+class SecurityValidator:
+    """Input validation and sanitization."""
+
+    ALLOWED_URL_SCHEMES = {"http", "https"}
+    MAX_URL_LENGTH = 2048
+    MAX_FILE_SIZE = 10 * 1024 * 1024  # 10MB
+
+    @staticmethod
+    def validate_url(url: str, allowed_hosts: list[str] | None = None) -> bool:
+        """Validate URL for SSRF prevention."""
+        if len(url) > SecurityValidator.MAX_URL_LENGTH:
+            return False
+
+        try:
+            parsed = urlparse(url)
+
+            if parsed.scheme not in SecurityValidator.ALLOWED_URL_SCHEMES:
+                return False
+
+            if not parsed.netloc:
+                return False
+
+            if parsed.netloc in ["localhost", "127.0.0.1", "0.0.0.0"]:
+                return False
+
+            if parsed.netloc.startswith("169.254."):
+                return False
+
+            if parsed.netloc.startswith("10.") or parsed.netloc.startswith("192.168."):
+                return False
+
+            if allowed_hosts and parsed.netloc not in allowed_hosts:
+                return False
+
+            return True
+        except Exception:
+            return False
+
+    @staticmethod
+    def sanitize_filename(filename: str) -> str:
+        """Sanitize filename to prevent path traversal."""
+        filename = os.path.basename(filename)
+        filename = re.sub(r"[^\w\s.-]", "", filename)
+        filename = filename.strip()
+
+        if not filename or filename in [".", ".."]:
+            raise ValueError("Invalid filename")
+
+        return filename
+
+    @staticmethod
+    def validate_file_size(size: int) -> bool:
+        """Validate file size."""
+        return 0 < size <= SecurityValidator.MAX_FILE_SIZE
+
+    @staticmethod
+    def validate_csv_content(content: str) -> bool:
+        """Basic CSV validation."""
+        if not content or len(content) > SecurityValidator.MAX_FILE_SIZE:
+            return False
+
+        lines = content.split("\n", 2)
+        if not lines:
+            return False
+
+        return True
+
+
+class SecretManager:
+    """Secure secret handling."""
+
+    @staticmethod
+    def get_secret(key: str, default: str | None = None) -> str | None:
+        """Get secret from environment."""
+        value = os.getenv(key, default)
+        if value and value.startswith("$"):
+            env_key = value[1:]
+            value = os.getenv(env_key, default)
+        return value
+
+    @staticmethod
+    def hash_secret(secret: str, salt: str | None = None) -> str:
+        """Hash a secret value."""
+        if salt is None:
+            salt = os.urandom(32).hex()
+
+        hashed = hashlib.pbkdf2_hmac("sha256", secret.encode(), salt.encode(), 100000)
+        return f"{salt}${hashed.hex()}"
+
+    @staticmethod
+    def verify_secret(secret: str, hashed: str) -> bool:
+        """Verify a secret against its hash."""
+        try:
+            salt, expected = hashed.split("$", 1)
+            actual = hashlib.pbkdf2_hmac(
+                "sha256", secret.encode(), salt.encode(), 100000
+            )
+            return hmac.compare_digest(actual.hex(), expected)
+        except Exception:
+            return False
+
+
+class RateLimiter:
+    """Simple in-memory rate limiter."""
+
+    def __init__(self, max_requests: int, window_seconds: int):
+        self.max_requests = max_requests
+        self.window_seconds = window_seconds
+        self._requests: dict[str, list[float]] = {}
+
+    def is_allowed(self, key: str) -> bool:
+        """Check if request is allowed."""
+        import time
+
+        now = time.time()
+
+        if key not in self._requests:
+            self._requests[key] = []
+
+        self._requests[key] = [
+            ts for ts in self._requests[key] if now - ts < self.window_seconds
+        ]
+
+        if len(self._requests[key]) >= self.max_requests:
+            return False
+
+        self._requests[key].append(now)
+        return True
+
+    def reset(self, key: str):
+        """Reset rate limit for key."""
+        self._requests.pop(key, None)
+
+
+def require_auth(func: Callable) -> Callable:
+    """Decorator to require authentication."""
+
+    @wraps(func)
+    async def wrapper(*args, **kwargs):
+        # TODO: Implement actual auth check
+        # For now, check if API key is present
+        api_key = kwargs.get("api_key") or os.getenv("API_KEY")
+        if not api_key:
+            from fastapi import HTTPException
+
+            raise HTTPException(status_code=401, detail="Authentication required")
+        return await func(*args, **kwargs)
+
+    return wrapper
+
+
+def sanitize_log_output(data: str | dict) -> str:
+    """Remove sensitive data from logs."""
+    if isinstance(data, dict):
+        data = str(data)
+
+    patterns = [
+        (r'(api[_-]?key["\s:=]+)["\']?[\w-]+', r"\1***"),
+        (r'(token["\s:=]+)["\']?[\w-]+', r"\1***"),
+        (r'(password["\s:=]+)["\']?[\w-]+', r"\1***"),
+        (r'(secret["\s:=]+)["\']?[\w-]+', r"\1***"),
+        (r"Bearer\s+[\w-]+", "Bearer ***"),
+    ]
+
+    for pattern, replacement in patterns:
+        data = re.sub(pattern, replacement, data, flags=re.IGNORECASE)
+
+    return data

agentic_security/fuzz_chain/chain.py

@@ -8,8 +8,7 @@
 class FuzzRunnable(Protocol):
     """Protocol for objects that can be run in a fuzzing chain."""
 
-    async def run(self, **kwargs: Any) -> str:
-        ...
+    async def run(self, **kwargs: Any) -> str: ...
 
 
 class FuzzNode:

agentic_security/llm_providers/anthropic_provider.py

@@ -36,6 +36,7 @@ def __init__(
     def _get_client(self) -> Any:
         if self._client is None:
             import anthropic
+
             kwargs: dict[str, Any] = {"api_key": self.api_key}
             if self.base_url:
                 kwargs["base_url"] = self.base_url
@@ -45,6 +46,7 @@ def _get_client(self) -> Any:
     def _get_async_client(self) -> Any:
         if self._async_client is None:
             import anthropic
+
             kwargs: dict[str, Any] = {"api_key": self.api_key}
             if self.base_url:
                 kwargs["base_url"] = self.base_url
@@ -95,6 +97,7 @@ def _parse_response(self, response: Any) -> LLMResponse:
 
     def _handle_error(self, e: Exception) -> None:
         import anthropic
+
         if isinstance(e, anthropic.RateLimitError):
             raise LLMRateLimitError(str(e)) from e
         if isinstance(e, anthropic.APIError):

agentic_security/llm_providers/base.py

@@ -20,13 +20,15 @@ class LLMRateLimitError(LLMProviderError):
 @dataclass
 class LLMMessage:
     """A message in a chat conversation."""
+
     role: str  # "system", "user", or "assistant"
     content: str
 
 
 @dataclass
 class LLMResponse:
     """Response from an LLM provider."""
+
     content: str
     model: str | None = None
     finish_reason: str | None = None

agentic_security/llm_providers/factory.py

@@ -14,6 +14,7 @@ def _ensure_registered() -> None:
         return
     from agentic_security.llm_providers.openai_provider import OpenAIProvider
     from agentic_security.llm_providers.anthropic_provider import AnthropicProvider
+
     _PROVIDERS["openai"] = OpenAIProvider
     _PROVIDERS["anthropic"] = AnthropicProvider
 

agentic_security/llm_providers/openai_provider.py

@@ -36,13 +36,17 @@ def __init__(
     def _get_client(self) -> Any:
         if self._client is None:
             import openai
+
             self._client = openai.OpenAI(api_key=self.api_key, base_url=self.base_url)
         return self._client
 
     def _get_async_client(self) -> Any:
         if self._async_client is None:
             import openai
-            self._async_client = openai.AsyncOpenAI(api_key=self.api_key, base_url=self.base_url)
+
+            self._async_client = openai.AsyncOpenAI(
+                api_key=self.api_key, base_url=self.base_url
+            )
         return self._async_client
 
     @classmethod
@@ -79,6 +83,7 @@ def _parse_response(self, response: Any) -> LLMResponse:
 
     def _handle_error(self, e: Exception) -> None:
         import openai
+
         if isinstance(e, openai.RateLimitError):
             raise LLMRateLimitError(str(e)) from e
         raise LLMProviderError(str(e)) from e