Spaces:
Running
Running
File size: 4,640 Bytes
4801adf |
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 |
#!/usr/bin/env python3
"""
Example MCP client for testing Bandit Security Scanner
"""
import os
import asyncio
from smolagents.mcp_client import MCPClient
async def test_bandit_mcp_client():
"""Tests connection to Bandit MCP server"""
# URL of your Bandit MCP server
server_url = "http://localhost:7860/gradio_api/mcp/sse"
print("π Connecting to Bandit MCP server...")
try:
async with MCPClient({"url": server_url}) as client:
# Get list of available tools
tools = await client.get_tools()
print(f"\nβ
Successfully connected! Available tools: {len(tools)}")
print("\nπ Available tools:")
for tool in tools:
print(f" β’ {tool.name}: {tool.description}")
# Test scanning vulnerable code
print("\nπ§ͺ Testing vulnerable code scanning...")
vulnerable_code = """
import subprocess
import pickle
# Vulnerabilities for testing
password = "hardcoded_secret123" # B105: Hardcoded password
eval("print('hello')") # B307: Use of eval
subprocess.call("ls -la", shell=True) # B602: subprocess with shell=True
data = pickle.loads(user_input) # B301: Pickle usage
"""
# Call bandit_scan
scan_tool = next((t for t in tools if t.name == "bandit_scan"), None)
if scan_tool:
result = await client.call_tool(
tool_name="bandit_scan",
arguments={
"code_input": vulnerable_code,
"scan_type": "code",
"severity_level": "low",
"confidence_level": "low",
"output_format": "json"
}
)
print("π Scan results:")
if result.get("success"):
issues = result.get("results", {}).get("results", [])
print(f" Found security issues: {len(issues)}")
for i, issue in enumerate(issues, 1):
print(f"\n π¨ Issue {i}:")
print(f" ID: {issue.get('test_id')}")
print(f" Severity: {issue.get('issue_severity')}")
print(f" Confidence: {issue.get('issue_confidence')}")
print(f" Description: {issue.get('issue_text')}")
print(f" Line: {issue.get('line_number')}")
print(f" Code: {issue.get('code', '').strip()}")
else:
print(f" β Scan error: {result.get('error')}")
else:
print(" β bandit_scan tool not found")
# Test baseline creation (if file exists)
print("\nπ― Testing baseline creation...")
baseline_tool = next((t for t in tools if t.name == "bandit_baseline"), None)
if baseline_tool:
# Create temporary file with code
import tempfile
with tempfile.NamedTemporaryFile(mode='w', suffix='.py', delete=False) as tmp_file:
tmp_file.write(vulnerable_code)
tmp_path = tmp_file.name
baseline_result = await client.call_tool(
tool_name="bandit_baseline",
arguments={
"target_path": tmp_path,
"baseline_file": "/tmp/bandit_baseline.json"
}
)
print("π Baseline result:")
if baseline_result.get("success"):
action = baseline_result.get("action", "unknown")
message = baseline_result.get("message", "")
print(f" β
Action: {action}")
if message:
print(f" π Message: {message}")
else:
print(f" β Baseline error: {baseline_result.get('error')}")
# Clean up temporary file
try:
os.unlink(tmp_path)
except:
pass
except Exception as e:
print(f"β Connection error: {e}")
print("π‘ Make sure Bandit MCP server is running on http://localhost:7860")
if __name__ == "__main__":
print("π Bandit MCP Client Test")
print("=" * 50)
asyncio.run(test_bandit_mcp_client()) |