Skip to content
Open
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension


Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
9,129 changes: 4,116 additions & 5,013 deletions package-lock.json

Large diffs are not rendered by default.

324 changes: 166 additions & 158 deletions package.json

Large diffs are not rendered by default.

10 changes: 5 additions & 5 deletions packages/argos-erm/package.json
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
{
"name": "@chkp/argos-erm-mcp",
"version": "0.5.3",
"version": "0.5.4",
"description": "Argos ERM MCP Server - Check Point Argos External Risk Management",
"type": "module",
"main": "dist/index.js",
Expand Down Expand Up @@ -31,15 +31,15 @@
},
"dependencies": {
"@chkp/mcp-utils": "*",
"@modelcontextprotocol/sdk": "^1.26.0",
"commander": "^13.1.0",
"@modelcontextprotocol/sdk": "^1.29.0",
"commander": "^14.0.3",
"node-machine-id": "^1.1.12",
"zod": "^3.24.4"
},
"devDependencies": {
"@jest/globals": "^29.7.0",
"@types/jest": "^29.5.14",
"@types/node": "^20.0.0",
"@types/jest": "^30.0.0",
"@types/node": "^26.0.0",
"jest": "^30.2.0",
"ts-jest": "^29.3.4",
"typescript": "^5.0.4"
Expand Down
14 changes: 14 additions & 0 deletions packages/argos-erm/src/tools/alerts.ts
Original file line number Diff line number Diff line change
Expand Up @@ -541,6 +541,20 @@ WHEN TO USE:
],
};
} catch (error) {
const httpErr = error as { response?: { status?: number } };
// A missing alert is an expected outcome, not an error: honor
// the documented contract and return an empty object instead of
// surfacing a raw 404 to the caller.
if (httpErr.response?.status === 404) {
return {
content: [
{
type: 'text',
text: JSON.stringify({}),
},
],
};
}
const msg =
error instanceof Error ? error.message : String(error);
return {
Expand Down
29 changes: 27 additions & 2 deletions packages/argos-erm/src/tools/assets.ts
Original file line number Diff line number Diff line change
Expand Up @@ -57,7 +57,9 @@ MULTI-TENANT:
asset_name: z
.string()
.optional()
.describe('Filter by asset name (partial matching).'),
.describe(
'Filter by exact asset name (e.g. "example.com"). The API matches the full name only; partial names return no results.'
),
discovery_precision: z
.number()
.default(0)
Expand Down Expand Up @@ -133,7 +135,30 @@ MULTI-TENANT:
`${ASSET_CONFIG_API_BASE}/assets/`,
requestPayload
);
const assetsData = await response.json();

// The assets endpoint returns an empty body (HTTP 200, no JSON)
// when an asset_name filter matches nothing. Parsing that as
// JSON throws, so treat an empty body as an empty result set.
const rawBody = await response.text();
if (!rawBody || !rawBody.trim()) {
return {
content: [
{
type: 'text',
text: JSON.stringify(
{
total_assets: 0,
page_number,
assets: [],
},
null,
2
),
},
],
};
}
const assetsData = JSON.parse(rawBody);

if (typeof assetsData !== 'object' || assetsData === null) {
return {
Expand Down
62 changes: 55 additions & 7 deletions packages/argos-erm/src/tools/threat-intel.ts
Original file line number Diff line number Diff line change
Expand Up @@ -5,6 +5,29 @@ import { KNOWLEDGEBASE_API_BASE } from '../constants.js';
import { parseListParam, isValidUuid4 } from '../schemas.js';
import type { ServerModule } from './types.js';

// Default look-back window (in days) used when a caller needs a date range but
// does not supply one. The news endpoint rejects requests that omit a complete
// date range (HTTP 422), so we default it client-side for a smooth experience.
const DEFAULT_DATE_RANGE_DAYS = 30;
const MS_PER_DAY = 24 * 60 * 60 * 1000;

function toDateOnly(date: Date): string {
return date.toISOString().slice(0, 10);
}

// Normalize a YYYY-MM-DD (or full ISO) string to ISO 8601 with a Z suffix,
// assuming UTC when no time/zone is present. Falls back to the original string
// if it cannot be parsed (legacy behavior).
function ensureIso(dateStr: string): string {
const parsed = new Date(
dateStr.includes('T') ? dateStr : `${dateStr}T00:00:00Z`
);
if (Number.isNaN(parsed.getTime())) {
return dateStr;
}
return parsed.toISOString().replace(/\.\d{3}Z$/, 'Z');
}

export function registerThreatIntelTools(
server: McpServer,
serverModule: ServerModule
Expand Down Expand Up @@ -123,19 +146,44 @@ WHEN TO USE:
const sectorsList = parseListParam(sectors);
const labelsList = parseListParam(labels);

let dateRange: Record<string, string> | undefined;
if (from_date && to_date) {
dateRange = {
from: from_date,
to: to_date,
};
// The news endpoint rejects requests without a complete date
// range (HTTP 422), so always send both bounds: fill in any
// missing side with a sensible default rather than dropping the
// filter or relying on server defaults.
let fromDate = from_date;
let toDate = to_date;
if (!fromDate && !toDate) {
// No range supplied: default to the most recent window.
const now = new Date();
toDate = toDateOnly(now);
fromDate = toDateOnly(
new Date(
now.getTime() - DEFAULT_DATE_RANGE_DAYS * MS_PER_DAY
)
);
} else if (fromDate && !toDate) {
// Open-ended start: cap at now.
toDate = toDateOnly(new Date());
} else if (toDate && !fromDate) {
// Open-ended end: anchor the window relative to the end date.
const anchor = new Date(ensureIso(toDate));
fromDate = toDateOnly(
new Date(
anchor.getTime() -
DEFAULT_DATE_RANGE_DAYS * MS_PER_DAY
)
);
}
const dateRange: Record<string, string> = {
from: ensureIso(fromDate as string),
to: ensureIso(toDate as string),
};

const fields: Record<string, unknown> = {};
if (regionsList) fields.regions = regionsList;
if (sectorsList) fields.sectors = sectorsList;
if (labelsList) fields.labels = labelsList;
if (dateRange) fields.date_range = dateRange;
fields.date_range = dateRange;

const response = await apiManager.post(
`${KNOWLEDGEBASE_API_BASE}/news`,
Expand Down
51 changes: 49 additions & 2 deletions packages/argos-erm/src/tools/vulnerabilities.ts
Original file line number Diff line number Diff line change
Expand Up @@ -5,6 +5,43 @@ import { CVE_INTEL_API_BASE } from '../constants.js';
import { parseListParam } from '../schemas.js';
import type { ServerModule } from './types.js';

// Return the numeric dotted core of a version string, if different.
//
// Asset technology versions often carry vendor-specific suffixes that the
// vulnerability database does not index (e.g. OpenSSH's portable suffix in
// "9.6p1", or pre-release/build tags like "1.2.3-beta"). The CVE DB matches on
// the numeric core ("9.6", "1.2.3"), so we derive that core to broaden the
// search. Returns null when there is nothing to strip (the core equals the
// input) or no leading numeric component exists.
function normalizeVersion(version: string): string | null {
const match = version.trim().match(/^\d+(?:\.\d+)*/);
if (!match) {
return null;
}
const core = match[0];
return core !== version.trim() ? core : null;
}

// Augment versions with their normalized numeric cores, preserving order.
//
// The original versions are kept (so exact matches still work) and the
// normalized variants are appended, de-duplicated. This prevents the
// asset-to-CVE workflow from silently under-reporting when an asset's reported
// version format differs from the vulnerability DB's.
function expandVersions(versions: string[]): string[] {
const expanded: string[] = [];
for (const version of versions) {
if (!expanded.includes(version)) {
expanded.push(version);
}
const normalized = normalizeVersion(version);
if (normalized && !expanded.includes(normalized)) {
expanded.push(normalized);
}
}
return expanded;
}

export function registerVulnerabilityTools(
server: McpServer,
serverModule: ServerModule
Expand Down Expand Up @@ -67,7 +104,12 @@ WHEN TO USE:

WHEN TO USE:
- User asks about vulnerabilities in specific software
- User wants to assess risk for particular technology versions`,
- User wants to assess risk for particular technology versions

TECHNOLOGY MATCHING:
- Product names should match common software names (case-insensitive)
- Version strings work best as they appear in CVE databases; vendor suffixes
(e.g. OpenSSH "9.6p1") are also searched by their numeric core ("9.6")`,
inputSchema: {
technology_name: z
.string()
Expand Down Expand Up @@ -121,9 +163,14 @@ WHEN TO USE:
);
}

// Broaden matching by also searching the normalized numeric
// core of each version (e.g. "9.6p1" -> also "9.6"), which is
// what the CVE DB indexes.
const expandedVersions = expandVersions(techVersionsList);

const filters: Record<string, unknown> = {
technology_name,
technology_versions: techVersionsList,
technology_versions: expandedVersions,
};

if (cvss_min !== undefined) {
Expand Down
10 changes: 5 additions & 5 deletions packages/cloudguard-waf/package.json
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
{
"name": "@chkp/cloudguard-waf-mcp",
"version": "0.1.0",
"version": "0.1.3",
"description": "CloudGuard WAF MCP server for Check Point WAF management",
"type": "module",
"main": "dist/index.js",
Expand Down Expand Up @@ -30,14 +30,14 @@
"dependencies": {
"@chkp/mcp-utils": "*",
"@chkp/quantum-infra": "*",
"@modelcontextprotocol/sdk": "^1.26.0",
"axios": "^1.13.5",
"commander": "^13.1.0",
"@modelcontextprotocol/sdk": "^1.29.0",
"axios": "^1.16.0",
"commander": "^14.0.3",
"node-machine-id": "^1.1.12",
"zod": "^3.24.4"
},
"devDependencies": {
"@types/node": "^20.0.0",
"@types/node": "^26.0.0",
"typescript": "^5.0.4"
}
}
10 changes: 5 additions & 5 deletions packages/cpinfo-analysis/package.json
Original file line number Diff line number Diff line change
Expand Up @@ -32,15 +32,15 @@
},
"dependencies": {
"@chkp/mcp-utils": "*",
"@modelcontextprotocol/sdk": "^1.26.0",
"commander": "^13.1.0",
"@modelcontextprotocol/sdk": "^1.29.0",
"commander": "^14.0.3",
"node-machine-id": "^1.1.12",
"zod": "^3.24.4"
},
"devDependencies": {
"@types/node": "^20.0.0",
"@vitest/coverage-v8": "^3.1.0",
"@types/node": "^26.0.0",
"@vitest/coverage-v8": "^4.1.9",
"typescript": "^5.0.4",
"vitest": "^3.1.0"
"vitest": "^4.1.9"
}
}
10 changes: 5 additions & 5 deletions packages/cpview-history-mcp/package.json
Original file line number Diff line number Diff line change
Expand Up @@ -33,15 +33,15 @@
},
"dependencies": {
"@chkp/mcp-utils": "*",
"@modelcontextprotocol/sdk": "^1.26.0",
"commander": "^13.1.0",
"@modelcontextprotocol/sdk": "^1.29.0",
"commander": "^14.0.3",
"node-machine-id": "^1.1.12",
"zod": "^3.24.4"
},
"devDependencies": {
"@types/node": "^22.0.0",
"@vitest/coverage-v8": "^3.1.0",
"@types/node": "^26.0.0",
"@vitest/coverage-v8": "^4.1.9",
"typescript": "^5.0.4",
"vitest": "^3.1.0"
"vitest": "^4.1.9"
}
}
12 changes: 6 additions & 6 deletions packages/documentation-tool/package.json
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
{
"name": "@chkp/documentation-mcp",
"version": "1.4.6",
"version": "1.4.9",
"description": "Check Point Documentation Tool Service - API integration with Check Point Documentation Tool",
"type": "module",
"main": "dist/index.js",
Expand Down Expand Up @@ -30,16 +30,16 @@
"dependencies": {
"@chkp/mcp-utils": "*",
"@chkp/quantum-infra": "*",
"@modelcontextprotocol/sdk": "^1.26.0",
"commander": "^13.1.0",
"axios": "^1.13.5",
"@modelcontextprotocol/sdk": "^1.29.0",
"commander": "^14.0.3",
"axios": "^1.16.0",
"node-machine-id": "^1.1.12",
"zod": "^3.24.4"
},
"devDependencies": {
"@types/node": "^20.0.0",
"@types/node": "^26.0.0",
"dotenv": "^17.2.2",
"tsx": "^4.20.5",
"tsx": "^4.22.4",
"typescript": "^5.0.4"
}
}
10 changes: 5 additions & 5 deletions packages/gaia/package.json
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
{
"name": "@chkp/quantum-gaia-mcp",
"version": "1.3.5",
"version": "1.3.8",
"bin": {
"quantum-gaia-mcp": "dist/index.js"
},
Expand All @@ -26,15 +26,15 @@
"dependencies": {
"@chkp/mcp-utils": "*",
"@chkp/quantum-infra": "*",
"@modelcontextprotocol/sdk": "^1.26.0",
"axios": "^1.13.5",
"commander": "^11.1.0",
"@modelcontextprotocol/sdk": "^1.29.0",
"axios": "^1.16.0",
"commander": "^14.0.3",
"node-machine-id": "^1.1.12",
"zod": "^3.24.4"
},
"devDependencies": {
"@types/commander": "^2.12.0",
"@types/node": "^20.0.0",
"@types/node": "^26.0.0",
"rimraf": "^6.0.1",
"shx": "^0.3.4",
"ts-node": "^10.9.1",
Expand Down
6 changes: 3 additions & 3 deletions packages/gw-cli-base/package.json
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
{
"name": "@chkp/quantum-gw-cli-base",
"version": "1.1.6",
"version": "1.1.9",
"description": "Base classes and utilities for Check Point Gateway CLI MCP servers",
"type": "module",
"main": "dist/index.js",
Expand All @@ -11,14 +11,14 @@
"start": "node dist/index.js"
},
"dependencies": {
"@modelcontextprotocol/sdk": "^1.26.0",
"@modelcontextprotocol/sdk": "^1.29.0",
"@chkp/quantum-infra": "*"
},
"devDependencies": {
"typescript": "^5.6.3",
"jest": "^30.2.0",
"ts-jest": "^29.0.0",
"@types/jest": "^29.0.0"
"@types/jest": "^30.0.0"
},
"repository": {
"type": "git",
Expand Down
Loading