PL j= dZddlZddlZddlZddlZddlZddlmZm Z ej e Z ej ddZdZdeded eefd Zded eefd Zded ed e eeeeffd Zded e eeeeffdZded e eeeeffdZ dded edeed efdZdS)uOSV malware check for MCP extension packages. Before launching an MCP server via npx/uvx, queries the OSV (Open Source Vulnerabilities) API to check if the package has any known malware advisories (MAL-* IDs). Regular CVEs are ignored — only confirmed malware is blocked. The API is free, public, and maintained by Google. Typical latency is ~300ms. Fail-open: network errors allow the package to proceed. Inspired by Block/goose's extension malware check. N)OptionalTuple OSV_ENDPOINTzhttps://api.osv.dev/v1/query commandargsreturnct|}|sdSt||\}}|sdS t|||}n5#t$r(}td|||Yd}~dSd}~wwxYw|r\dd|ddD}dd|ddD}d|d |d |d |SdS) a~Check if an MCP server package has known malware advisories. Inspects the *command* (e.g. ``npx``, ``uvx``) and *args* to infer the package name and ecosystem. Queries the OSV API for MAL-* advisories. Returns: An error message string if malware is found, or None if clean/unknown. Returns None (allow) on network errors or unrecognized commands. Nz)OSV check failed for %s/%s (allowing): %sz, c3&K|] }|dV dS)idN.0ms 3/home/kuhnn/.hermes/hermes-agent/tools/osv_check.py z,check_package_for_malware..6s&55A$555555z; c3^K|](}|d|dddV)dS)summaryr Nd)getrs rrz,check_package_for_malware..7sN  01AEE)QtW % %dsd +      rzBLOCKED: Package 'z' (z ) has known malware advisories: z . Details: )_infer_ecosystem_parse_package_from_args _query_osv Exceptionloggerdebugjoin) rr ecosystempackageversionmalwareexcids summariess rcheck_package_for_malwarer'sI!))I t/i@@GW tWi99  @)WVYZZZttttt  ii55!55555II  5 A0A++A0ctj|}|dvrdS|dvrdSdS)z.Infer package ecosystem from the command name.>npx.cmdnpxnpm>uvx.cmduvxpipxPyPIN)ospathbasenamelower)rbases rrrAsJ 7  G $ $ * * , ,D !!!u )))v 4rr c|sdSd}|D]0}t|ts|dr.|}|sdS|dkrt|S|dkrt |S|dfS)zExtract package name and optional version from command args. Returns (package_name, version) or (None, None) if not parseable. )NNN-r+r/) isinstancestr startswith_parse_npm_package_parse_pypi_package)rr package_tokenargs rrrKs zM#s##   >>#      zE!-000 f  "=111 $ rtokenc\|drEtjd|}|r*|d|dfS|dfSd|vrK|dd}|d}t |dkr|ddkr|dnd}||fS|dfS)z7Parse npm package: @scope/name@version or name@version.@z^(@[^/]+/[^@]+)(?:@(.+))?$Nrlatest)r9rematchgrouprsplitlen)r>rEpartsnamer"s rr:r:is 6>>  2;;q>>5;;q>>1 1d{ e|| S!$$Qx!%jj1nnqX1E1E%((4W} $;rctjd|}|r*|d|dfS|dfS)z;Parse PyPI package: name==version or name[extras]==version.z-^([a-zA-Z0-9._-]+)(?:\[[^\]]*\])?(?:==(.+))?$rArBN)rDrErF)r>rEs rr;r;zsG HEu M ME .{{1~~u{{1~~-- $;rr!r"cd||di}|r||d<tj|d}tjt |dddd }tj|t 5}tj | }d d d n #1swxYwY| d g}d |DS)zFQuery the OSV API for MAL-* advisories. Returns list of malware vulns.r!)rJr r"zutf-8zapplication/jsonzhermes-agent-osv-check/1.0)z Content-Typez User-AgentPOST)dataheadersmethod)timeoutNvulnscdg|]-}|ddd+|.S)r zMAL-)rr9)rvs r z_query_osv..s7 C C C!dB : :6 B B CA C C Cr) jsondumpsencodeurllibrequestRequest _OSV_ENDPOINTurlopen_TIMEOUTloadsreadr) r!r r"payloadrNreqrespresultrRs rrrs+7CCDG%$  :g   % %g . .D .  .6   !  C   X  6 6)$DIIKK(())))))))))))))) JJw # #E C Cu C C CCs'B::B>B>)N)__doc__rWloggingr0rDurllib.requestrZtypingrr getLogger__name__rgetenvr]r_r8listr'rrr:r;rr rrrns    """"""""  8 $ $ .*HII $ $$ c]$$$$Nchsm  8C=(3- '(<ceHSM8C=,H&I"suXc]HSM-I'J<@DD D D+3C=D DDDDDDr