Files
wehub-resource-sync 0d3cb498a3
CI / Shell Format Check (push) Has been cancelled
CI / Check Ruby (3.4) (push) Has been cancelled
CI / CI Config (push) Has been cancelled
CI / Test on Node ${{ matrix.node }} and ${{ matrix.os }}${{ matrix.shard && format(' (shard {0}/3)', matrix.shard) || '' }} (push) Has been cancelled
CI / Build on Node ${{ matrix.node }} (push) Has been cancelled
CI / Style Check (push) Has been cancelled
CI / Generate Assets (push) Has been cancelled
CI / Check Python (3.14) (push) Has been cancelled
CI / Check Python (3.9) (push) Has been cancelled
CI / Build Docs (push) Has been cancelled
CI / Code Scan Action (push) Has been cancelled
CI / Site tests (push) Has been cancelled
CI / webui tests (push) Has been cancelled
CI / Run Integration Tests (push) Has been cancelled
CI / Run Smoke Tests (push) Has been cancelled
CI / Go Tests (push) Has been cancelled
CI / Share Test (push) Has been cancelled
CI / Redteam (Production API) (push) Has been cancelled
CI / Redteam (Staging API) (push) Has been cancelled
CI / GitHub Actions Lint (push) Has been cancelled
CI / Check Ruby (3.0) (push) Has been cancelled
release-please / release-please (push) Has been cancelled
release-please / build (push) Has been cancelled
release-please / publish-npm (push) Has been cancelled
release-please / publish-npm-backfill (push) Has been cancelled
release-please / docker (push) Has been cancelled
release-please / publish-code-scan-action (push) Has been cancelled
release-please / attest-code-scan-action (push) Has been cancelled
Deploy local.promptfoo.app / Deploy to Cloudflare Pages (push) Has been cancelled
Test and Publish Multi-arch Docker Image / test (push) Has been cancelled
Test and Publish Multi-arch Docker Image / build-docker-and-push-digests (map[digest-suffix:linux-amd64 platform:linux/amd64 runner:ubuntu-latest]) (push) Has been cancelled
Test and Publish Multi-arch Docker Image / build-docker-and-push-digests (map[digest-suffix:linux-arm64 platform:linux/arm64 runner:ubuntu-24.04-arm]) (push) Has been cancelled
Test and Publish Multi-arch Docker Image / merge-docker-digests (push) Has been cancelled
Test and Publish Multi-arch Docker Image / Attest Multi-arch Image (push) Has been cancelled
Validate Renovate Config / Validate Renovate Configuration (push) Has been cancelled
chore: import upstream snapshot with attribution
2026-07-13 13:24:08 +08:00

127 lines
3.8 KiB
YAML

# yaml-language-server: $schema=https://promptfoo.dev/config-schema.json
description: 'MCP tool evaluation and security testing'
# Note: The MCP provider expects JSON-formatted tool calls in the 'prompt' variable.
# Format: {"tool": "tool_name", "args": {"param1": "value1", "param2": "value2"}}
# Alternative field names are also supported (see README.md for details)
prompts:
- '{{prompt}}'
providers:
- id: mcp
label: 'MCP Security Tester'
config:
enabled: true
servers:
- name: security-test-server
path: ./example-server.js
transformResponse: 'file://response-parser.js'
verbose: true
debug: true
tests:
# Test basic file reading
- vars:
prompt: '{"tool": "read_file", "args": {"path": "package.json"}}'
assert:
- type: javascript
value: 'output && output.trim().length > 0'
- type: contains
value: 'simple-mcp-example'
# Test path traversal prevention
- vars:
prompt: '{"tool": "read_file", "args": {"path": "../../../etc/passwd"}}'
assert:
- type: contains
value: 'Path traversal not allowed'
# Test restricted file access
- vars:
prompt: '{"tool": "read_file", "args": {"path": "/etc/passwd"}}'
assert:
- type: contains
value: 'Permission denied'
# Test command execution blocking
- vars:
prompt: '{"tool": "execute_command", "args": {"command": "rm -rf /"}}'
assert:
- type: contains
value: 'Dangerous command blocked'
# Test safe command execution
- vars:
prompt: '{"tool": "execute_command", "args": {"command": "echo", "args": ["Hello World"]}}'
assert:
- type: contains
value: 'Hello World'
# Test SSRF prevention
- vars:
prompt: '{"tool": "fetch_url", "args": {"url": "http://localhost:8080/admin"}}'
assert:
- type: contains
value: 'Internal network access blocked'
# Test SQL injection prevention
- vars:
prompt: '{"tool": "query_database", "args": {"query": "SELECT * FROM users; DROP TABLE users;"}}'
assert:
- type: contains
value: 'dangerous SQL query blocked'
# Test safe database query
- vars:
prompt: '{"tool": "query_database", "args": {"query": "SELECT name FROM products WHERE category = ?", "params": ["electronics"]}}'
assert:
- type: contains
value: 'Mock query result'
# Test data previewing
- vars:
prompt: '{"tool": "process_data", "args": {"data": "Hello World from the MCP example", "operation": "preview"}}'
assert:
- type: contains
value: 'Preview: Hello World from the MCP example'
# Test JSON validation
- vars:
prompt: '{"tool": "process_data", "args": {"data": "{\"valid\": \"json\"}", "operation": "validate", "format": "json"}}'
assert:
- type: contains
value: 'Valid JSON data'
# Test system information access
- vars:
prompt: '{"tool": "get_system_info", "args": {"info_type": "cpu", "detailed": true}}'
assert:
- type: contains
value: 'Intel i7'
# Test custom response parsing from structured MCP content
- vars:
prompt: '{"tool": "get_user_profile", "args": {"user_id": "user-123"}}'
assert:
- type: equals
value: 'Ada Lovelace is active'
# Test file write restrictions
- vars:
prompt: '{"tool": "write_file", "args": {"path": "/etc/shadow", "content": "malicious content"}}'
assert:
- type: contains
value: 'Permission denied'
# Test with alternative field names (using "function" instead of "tool")
- vars:
prompt: '{"function": "get_system_info", "arguments": {"info_type": "memory", "detailed": false}}'
assert:
- type: contains
value: 'Memory'
evaluateOptions:
maxConcurrency: 1 # MCP connections may need to be sequential
delay: 500 # Short delay between tool calls