From 75b40ff693f4b6e22efb22ce62c1a3ff30d575e2 Mon Sep 17 00:00:00 2001 From: BlackSnufkin Date: Tue, 28 Apr 2026 06:33:31 -0700 Subject: [PATCH] Update CHANGELOG.md --- CHANGELOG.md | 12 ++++++++++++ 1 file changed, 12 insertions(+) diff --git a/CHANGELOG.md b/CHANGELOG.md index 948fc24..9bd90fe 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -7,6 +7,9 @@ All notable changes to this project will be documented in this file. - Tailored downloadable report for driver samples: HolyGrail BYOVD section promoted above File Information - Driver reports swap the hero "Risk Assessment" for "BYOVD Potential" using a Python port of `holygrail/core.js`'s `calculateScore` - Driver reports swap the YARA/PE-Sieve/Moneta/Patriot/HSB chip row for LOLDrivers / Win10 / Win11 / Critical Imports +- `/api/results//risk` endpoint returning `{risk_score, risk_level, risk_factors}` +- `grumpycat.get_risk_assessment(target)` client method for the new endpoint +- `GrumpyCats/install_mcp.py` — installer for six MCP clients (Claude Code project + global, Claude Desktop, Cursor, Windsurf, VS Code project) with auto-detected venv Python and idempotent JSON merge ### Changed - Backend split into 6 Flask blueprints + services + helpers under `app/blueprints/`, `app/services/`, `app/helpers.py` @@ -25,6 +28,11 @@ All notable changes to this project will be documented in this file. - `helpers._load_file_data` now also loads `byovd_results.json` and threads it through to the report template - Switched to Tailwind v4 via the standalone CLI binary — committed `tailwind.min.css` shrinks ~2.8 MB → ~280 KB - `CLAUDE.md` primer with an end-to-end "Adding a new scanner tool" recipe (backend + frontend) +- `grumpycat.py`: `main()` if/elif chain replaced with a `COMMAND_HANDLERS` dispatch table; `get_comprehensive_results` now fans the four GETs across a `ThreadPoolExecutor` +- `LitterBoxMCP.py`: full rewrite onto modern FastMCP — `@mcp.tool()` with docstrings, `Annotated[..., Field(...)]` parameter docs, async tools via `asyncio.to_thread`, stderr logging, `mcp.run(transport=...)` API, default bind to 127.0.0.1, four focused 15-25-line OPSEC prompts replacing the previous five 150-200-line ones +- Stringnalyzer block in the downloadable report renders every non-empty IOC bucket (URLs, IPs, domains, paths, …) as a full code block instead of a 3-item / 140-char sample, with 16 categories and a 100-item cap per category +- Process Telemetry summary panel on `/results//dynamic` uses `lb-hash-row` label/value pattern and surfaces `image_path` + `commandline` when RedEdr provides them +- `GrumpyCats/README.md` rewritten to match — three-component framing, accurate `pip install mcp requests`, full installer reference, current 22 MCP tools and 4 prompts ### Fixed - XSS hardening at user-data interpolation sites in results-page renderers @@ -39,6 +47,8 @@ All notable changes to this project will be documented in this file. - Latent `utils` parameter bugs in `/files` and `/results//info` helper chains - `.gitignore` `Results/` pattern was unanchored and shadowed `app/static/js/results/` and `app/blueprints/results.py` - Duplicate `.logo-wrapper` definition in `style.css` merged +- Upload of `.xls` / `.docx` / Office macro samples no longer throws "can't access property 'innerHTML', elements.macroDetectionNotes is undefined" — the missing element was added to the JS lookup table (upstream issue) +- `LitterBoxMCP.py` startup crash — `from optimized_litterbox_client import …` (module never existed) replaced with `from grumpycat import …`, `mcp.serve(host=..., port=...)` (removed API) replaced with `mcp.run(transport=...)`, and logging routed to stderr so it doesn't corrupt stdio JSON-RPC ### Removed - Pre-redesign Tailwind utility chains across all templates @@ -46,6 +56,8 @@ All notable changes to this project will be documented in this file. - `_design_previews/` iteration HTML files - Tailwind CDN runtime dependency from `report.html` - Bottom IDE-style statusbar (it duplicated the sidebar-foot status indicator) +- `grumpycat.py`: dead `_file_cache` (read by nothing), unused `hashlib` / `Tuple` / `Any` imports, unreliable `__del__` +- `LitterBoxMCP.py`: `handle_api_operation` try/except envelope (FastMCP converts exceptions to MCP errors automatically), `LitterBoxMCPClient` lazy wrapper, redundant `name=` / `description=` decorator args, `shutdown_client` exposed as a tool ### Notes - No new dependencies; setup unchanged: `pip install -r requirements.txt && py litterbox.py --debug` (admin)