Skip to content

feat(security): add sensitive data detection for tool calls (Spec 026) #289

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
Dumbris merged 6 commits into from
Feb 1, 2026
Merged

feat(security): add sensitive data detection for tool calls (Spec 026) #289

Dumbris merged 6 commits into from
Feb 1, 2026

Conversation

@Dumbris
Copy link
Contributor

@Dumbris Dumbris commented Feb 1, 2026

Summary

  • Implement automatic scanning of tool call arguments and responses for secrets, credentials, and sensitive data
  • Support detection of cloud credentials (AWS, GCP, Azure), private keys, API tokens, database credentials, credit cards, and high-entropy strings
  • Add REST API filtering by sensitive_data, detection_type, and severity parameters
  • Add CLI flags: --sensitive-data, --detection-type, --severity
  • Add Web UI support: detection badges, severity indicators, and detailed drawer view
  • Fix CLI socket path detection bug causing 401 errors

Test plan

  • Unit tests for all detection patterns
  • Integration tests for ActivityService with detector
  • E2E tests for sensitive data detection flow
  • Manual testing via curl, CLI, and Web UI

🤖 Generated with Claude Code

@cloudflare-workers-and-pages
Copy link

cloudflare-workers-and-pages bot commented Feb 1, 2026
edited
Loading

Deploying mcpproxy-docs with  Cloudflare Pages  Cloudflare Pages

Latest commit: ab96555
Status: ✅  Deploy successful!
Preview URL: https://b57cdbac.mcpproxy-docs.pages.dev
Branch Preview URL: https://026-pii-detection.mcpproxy-docs.pages.dev

View logs

@Dumbris @claude
feat(security): add sensitive data detection for tool calls (Spec 026)
13c5122 
Implement automatic scanning of tool call arguments and responses for
secrets, credentials, and sensitive data patterns including:

- Cloud credentials (AWS, GCP, Azure)
- Private keys (RSA, EC, DSA, OpenSSH, PGP)
- API tokens (GitHub, GitLab, Stripe, Slack, OpenAI)
- Database connection strings (MySQL, PostgreSQL, MongoDB)
- Credit card numbers (with Luhn validation)
- Sensitive file paths (.ssh/, .aws/, .env files)
- High-entropy strings (potential secrets)

Key features:
- Async detection integrated with ActivityService
- REST API filtering (sensitive_data, detection_type, severity params)
- CLI flags: --sensitive-data, --detection-type, --severity
- Web UI: detection badges, severity indicators, detail drawer
- Configurable categories and custom patterns support
- Event bus integration for real-time notifications

Also fixes CLI socket path detection bug where os.Stat was called
with unix:// prefix, causing fallback to HTTP with wrong port.

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
@github-actions
Copy link

github-actions bot commented Feb 1, 2026
edited
Loading

📦 Build Artifacts

Workflow Run: View Run
Branch: 026-pii-detection

Available Artifacts

  • archive-darwin-amd64 (23 MB)
  • archive-darwin-arm64 (21 MB)
  • archive-linux-amd64 (12 MB)
  • archive-linux-arm64 (11 MB)
  • archive-windows-amd64 (23 MB)
  • archive-windows-arm64 (21 MB)
  • frontend-dist-pr (0 MB)
  • installer-dmg-darwin-amd64 (26 MB)
  • installer-dmg-darwin-arm64 (23 MB)

How to Download

Option 1: GitHub Web UI (easiest)

  1. Go to the workflow run page linked above
  2. Scroll to the bottom "Artifacts" section
  3. Click on the artifact you want to download

Option 2: GitHub CLI

gh run download 21560952747 --repo smart-mcp-proxy/mcpproxy-go

Note: Artifacts expire in 14 days.

Dumbris and others added 5 commits February 1, 2026 08:19
@Dumbris @claude
feat(security): add LLM provider API keys and doctor status
33b7f97 
- Add sensitive data detection status to `mcpproxy doctor` output
- Include SensitiveDataDetection in DefaultConfig() for new installs
- Add detection patterns for 14 LLM/AI providers:
  - Google AI/Gemini (AIzaSy prefix)
  - xAI/Grok (xai- prefix)
  - Groq (gsk_ prefix)
  - Hugging Face (hf_, api_org_ prefixes)
  - Replicate (r8_ prefix)
  - Perplexity (pplx- prefix)
  - Fireworks AI (fw_ prefix)
  - Anyscale (esecret_ prefix)
  - Mistral AI (keyword context)
  - Cohere (keyword context)
  - DeepSeek (sk- with keyword)
  - Together AI (keyword context)
- Improve OpenAI pattern (sk-proj-, sk-svcacct-, sk-admin-)
- Improve Anthropic pattern (sk-ant-api03-, sk-ant-admin01-)
- Add comprehensive tests with dynamic key construction
- Update documentation with new provider patterns

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
@Dumbris @claude
test(security): add comprehensive tests for LLM API key detection
18a9b52 
Add extensive test coverage for all 15 LLM provider API key patterns:

- TestLLMKeysInJSONContext: Keys in JSON configuration files
- TestLLMKeysInYAMLContext: Keys in YAML configuration files
- TestLLMKeysInCodeSnippets: Keys in Python/JS/Shell code examples
- TestLLMKeysFalsePositivePrevention: Ensures patterns don't over-match
- TestLLMKeysWithMixedAlphanumeric: Realistic mixed-case key patterns
- TestLLMKeysInLogOutput: Keys exposed in error messages and logs
- TestOpenAIAnthropicImprovedPatterns: All OpenAI/Anthropic variants
- TestAllLLMPatternsExist: Validates all expected patterns are registered

Tests cover:
- OpenAI (sk-, sk-proj-, sk-svcacct-, sk-admin-)
- Anthropic (sk-ant-api03-, sk-ant-admin01-)
- Google AI/Gemini (AIzaSy)
- xAI/Grok (xai-)
- Groq (gsk_)
- HuggingFace (hf_, api_org_)
- Replicate (r8_)
- Perplexity (pplx-)
- Fireworks AI (fw_)
- Anyscale (esecret_)
- Mistral, Cohere, DeepSeek, Together AI (keyword context)

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
@Dumbris @claude
fix(security): reduce false positives and deduplicate detections
8116024 
- Add deduplication to AddDetection() to prevent duplicate type+location
- AWS secret key pattern now requires keyword context (aws_secret_access_key=,
  AWS_SECRET_KEY:, secretAccessKey:) to avoid matching random base64 in RSA keys
- Azure client secret pattern now requires keyword context (AZURE_CLIENT_SECRET=,
  client_secret:, clientSecret:) to avoid false positives
- Update tests to reflect context-required behavior
- Add TestResult_AddDetection_Deduplication test

Before: id_rsa showed 9 detections (including aws_secret_key false positives)
After: id_rsa shows 3 detections (rsa_private_key, private_key, high_entropy)

Before: .env showed 29 detections (many duplicates)
After: .env shows 9 unique detections

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
@Dumbris @claude
docs: add sensitive data detection to activity log documentation
0dc70e6 
- Add sensitive data detection section to activity-log.md
- Document detection metadata structure and filtering options
- Add cross-reference to sensitive-data-detection.md
- Update sidebars.js with sensitive data detection page
- Update intro.md and AGENTS.md references

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
@Dumbris @claude
docs(spec): add specification for sensitive data detection (Spec 026)
ab96555 
- spec.md: Feature specification and requirements
- plan.md: Implementation plan
- tasks.md: Task breakdown
- data-model.md: Data model design
- research.md: Research notes
- quickstart.md: Quick start guide
- contracts/: API contracts
- checklists/: Implementation checklists
- MANUAL_TESTING_PLAN.md: Manual testing guide

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
@Dumbris Dumbris merged commit dfe3cbb into main Feb 1, 2026
41 checks passed
@Dumbris Dumbris deleted the 026-pii-detection branch February 1, 2026 10:25
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@Dumbris