ExMCP.Content.SecurityScanner (ex_mcp v0.10.0)

View Source

Security scanning utilities for MCP content.

This module handles all security-related content analysis including malware detection, sensitive data scanning, and threat analysis. Extracted from the original Content.Validation module.

Summary

Types

scan_result()

Security scan result

scan_type()

Security scan type

threat()

Detected threat

threat_level()

Security threat level

Functions

analyze_suspicious_patterns(arg1)

Analyzes content for suspicious patterns.

detect_sensitive_data(arg1)

Detects sensitive data in content.

scan_injection_attacks(arg1)

Scans for injection attack patterns.

scan_malware(arg1)

Scans for malware signatures.

scan_security(content, scan_types)

Scans content for security threats.

Types

scan_result()

@type scan_result() :: %{
  threat_level: threat_level(),
  threats: [threat()],
  metadata: map()
}

Security scan result

scan_type()

@type scan_type() ::
  :malware
  | :sensitive_data
  | :injection_attacks
  | :suspicious_patterns
  | :file_signatures
  | atom()

Security scan type

threat()

@type threat() :: %{
  type: atom(),
  severity: threat_level(),
  description: String.t(),
  location: String.t() | nil,
  confidence: float()
}

Detected threat

threat_level()

@type threat_level() :: :safe | :low | :medium | :high | :critical

Security threat level

Functions

analyze_suspicious_patterns(arg1)

@spec analyze_suspicious_patterns(ExMCP.Content.Protocol.content()) :: [threat()]

Analyzes content for suspicious patterns.

detect_sensitive_data(arg1)

@spec detect_sensitive_data(ExMCP.Content.Protocol.content()) :: [threat()]

Detects sensitive data in content.

scan_injection_attacks(arg1)

@spec scan_injection_attacks(ExMCP.Content.Protocol.content()) :: [threat()]

Scans for injection attack patterns.

scan_malware(arg1)

@spec scan_malware(ExMCP.Content.Protocol.content()) :: [threat()]

Scans for malware signatures.

scan_security(content, scan_types)

@spec scan_security(ExMCP.Content.Protocol.content(), [scan_type()]) ::
  {:ok, scan_result()} | {:error, String.t()}

Scans content for security threats.

Examples

case SecurityScanner.scan_security(content, [:malware, :sensitive_data]) do
  {:ok, %{threat_level: :safe}} -> 
    process_content(content)
  {:ok, %{threat_level: level, threats: threats}} -> 
    handle_security_threats(level, threats)
  {:error, reason} -> 
    handle_scan_error(reason)
end