advanced-security · data-douser · Mar 25, 2026
@@ -0,0 +1,12 @@
+{
+  "toolName": "annotation_create",
+  "parameters": {
+    "category": "note",
+    "entityKey": "file:test/Example1.ql:L10",
+    "content": "Potential SQL injection via string concatenation",
+    "label": "sql-injection-candidate",
+    "metadata": "{\"severity\":\"high\",\"cwe\":\"CWE-89\"}"
+  },
+  "success": true,
+  "description": "Successfully created a note annotation with content, label, and structured metadata"
+}
@@ -0,0 +1,12 @@
+{
+  "toolName": "annotation_create",
+  "parameters": {
+    "category": "note",
+    "entityKey": "file:test/Example1.ql:L10",
+    "content": "Potential SQL injection via string concatenation",
+    "label": "sql-injection-candidate",
+    "metadata": "{\"severity\":\"high\",\"cwe\":\"CWE-89\"}"
+  },
+  "expectedSuccess": true,
+  "description": "Test annotation_create tool creates a note annotation with content, label, and metadata"
+}
@@ -0,0 +1,10 @@
+{
+  "toolName": "annotation_create",
+  "arguments": {
+    "category": "note",
+    "entityKey": "file:test/Example1.ql:L10",
+    "content": "Potential SQL injection via string concatenation",
+    "label": "sql-injection-candidate",
+    "metadata": "{\"severity\":\"high\",\"cwe\":\"CWE-89\"}"
+  }
+}
@@ -0,0 +1,8 @@
+{
+  "toolName": "annotation_delete",
+  "parameters": {
+    "entityKeyPrefix": "file:test/"
+  },
+  "success": true,
+  "description": "Successfully deleted annotations matching the entity key prefix"
+}
@@ -0,0 +1,8 @@
+{
+  "toolName": "annotation_delete",
+  "parameters": {
+    "entityKeyPrefix": "file:test/"
+  },
+  "expectedSuccess": true,
+  "description": "Test annotation_delete tool deletes annotations matching an entity key prefix"
+}
@@ -0,0 +1,6 @@
+{
+  "toolName": "annotation_delete",
+  "arguments": {
+    "entityKeyPrefix": "file:test/"
+  }
+}
@@ -0,0 +1,10 @@
+{
+  "toolName": "annotation_list",
+  "parameters": {
+    "category": "note",
+    "entityKeyPrefix": "file:test/",
+    "limit": 10
+  },
+  "success": true,
+  "description": "Successfully listed annotations filtered by category and entity key prefix"
+}
@@ -0,0 +1,10 @@
+{
+  "toolName": "annotation_list",
+  "parameters": {
+    "category": "note",
+    "entityKeyPrefix": "file:test/",
+    "limit": 10
+  },
+  "expectedSuccess": true,
+  "description": "Test annotation_list tool filters annotations by category and entity key prefix"
+}
@@ -0,0 +1,8 @@
+{
+  "toolName": "annotation_list",
+  "arguments": {
+    "category": "note",
+    "entityKeyPrefix": "file:test/",
+    "limit": 10
+  }
+}
@@ -0,0 +1,9 @@
+{
+  "toolName": "annotation_search",
+  "parameters": {
+    "query": "SQL injection",
+    "limit": 20
+  },
+  "success": true,
+  "description": "Successfully searched annotations by content text"
+}
@@ -0,0 +1,9 @@
+{
+  "toolName": "annotation_search",
+  "parameters": {
+    "query": "SQL injection",
+    "limit": 20
+  },
+  "expectedSuccess": true,
+  "description": "Test annotation_search tool performs full-text search across annotation content"
+}
@@ -0,0 +1,7 @@
+{
+  "toolName": "annotation_search",
+  "arguments": {
+    "query": "SQL injection",
+    "limit": 20
+  }
+}
@@ -0,0 +1,12 @@
+{
+  "toolName": "audit_add_notes",
+  "parameters": {
+    "owner": "arduino",
+    "repo": "Arduino",
+    "sourceLocation": "app/src/main.cpp",
+    "line": 42,
+    "notes": "False positive: serial input is sanitized by validate_command() at line 38 before reaching exec()."
+  },
+  "success": true,
+  "description": "Successfully appended triage notes to MRVA finding at app/src/main.cpp:42"
+}
@@ -0,0 +1,12 @@
+{
+  "toolName": "audit_add_notes",
+  "parameters": {
+    "owner": "arduino",
+    "repo": "Arduino",
+    "sourceLocation": "app/src/main.cpp",
+    "line": 42,
+    "notes": "False positive: serial input is sanitized by validate_command() at line 38 before reaching exec()."
+  },
+  "expectedSuccess": true,
+  "description": "Test audit_add_notes appends triage notes to an existing MRVA finding"
+}
@@ -0,0 +1,10 @@
+{
+  "toolName": "audit_add_notes",
+  "arguments": {
+    "owner": "arduino",
+    "repo": "Arduino",
+    "sourceLocation": "app/src/main.cpp",
+    "line": 42,
+    "notes": "False positive: serial input is sanitized by validate_command() at line 38 before reaching exec()."
+  }
+}
@@ -0,0 +1,9 @@
+{
+  "toolName": "audit_clear_repo",
+  "parameters": {
+    "owner": "arduino",
+    "repo": "Arduino"
+  },
+  "success": true,
+  "description": "Successfully cleared all audit findings for arduino/Arduino repository"
+}
@@ -0,0 +1,9 @@
+{
+  "toolName": "audit_clear_repo",
+  "parameters": {
+    "owner": "arduino",
+    "repo": "Arduino"
+  },
+  "expectedSuccess": true,
+  "description": "Test audit_clear_repo clears all findings for a single repository without affecting others"
+}
@@ -0,0 +1,7 @@
+{
+  "toolName": "audit_clear_repo",
+  "arguments": {
+    "owner": "arduino",
+    "repo": "Arduino"
+  }
+}
@@ -0,0 +1,9 @@
+{
+  "toolName": "audit_list_findings",
+  "parameters": {
+    "owner": "arduino",
+    "repo": "Arduino"
+  },
+  "success": true,
+  "description": "Successfully listed audit findings for arduino/Arduino repository"
+}
@@ -0,0 +1,9 @@
+{
+  "toolName": "audit_list_findings",
+  "parameters": {
+    "owner": "arduino",
+    "repo": "Arduino"
+  },
+  "expectedSuccess": true,
+  "description": "Test audit_list_findings lists findings for a single repository from MRVA results"
+}
@@ -0,0 +1,7 @@
+{
+  "toolName": "audit_list_findings",
+  "arguments": {
+    "owner": "arduino",
+    "repo": "Arduino"
+  }
+}
@@ -0,0 +1,23 @@
+{
+  "toolName": "audit_store_findings",
+  "parameters": {
+    "owner": "arduino",
+    "repo": "Arduino",
+    "findings": [
+      {
+        "sourceLocation": "app/src/main.cpp",
+        "line": 42,
+        "sourceType": "RemoteFlowSource",
+        "description": "User input from serial read flows to command execution"
+      },
+      {
+        "sourceLocation": "app/src/network.cpp",
+        "line": 108,
+        "sourceType": "RemoteFlowSource",
+        "description": "HTTP request parameter flows to file path"
+      }
+    ]
+  },
+  "success": true,
+  "description": "Successfully stored MRVA findings for arduino/Arduino repository"
+}
@@ -0,0 +1,23 @@
+{
+  "toolName": "audit_store_findings",
+  "parameters": {
+    "owner": "arduino",
+    "repo": "Arduino",
+    "findings": [
+      {
+        "sourceLocation": "app/src/main.cpp",
+        "line": 42,
+        "sourceType": "RemoteFlowSource",
+        "description": "User input from serial read flows to command execution"
+      },
+      {
+        "sourceLocation": "app/src/network.cpp",
+        "line": 108,
+        "sourceType": "RemoteFlowSource",
+        "description": "HTTP request parameter flows to file path"
+      }
+    ]
+  },
+  "expectedSuccess": true,
+  "description": "Test audit_store_findings stores MRVA findings for a repository with deduplication"
+}
@@ -0,0 +1,21 @@
+{
+  "toolName": "audit_store_findings",
+  "arguments": {
+    "owner": "arduino",
+    "repo": "Arduino",
+    "findings": [
+      {
+        "sourceLocation": "app/src/main.cpp",
+        "line": 42,
+        "sourceType": "RemoteFlowSource",
+        "description": "User input from serial read flows to command execution"
+      },
+      {
+        "sourceLocation": "app/src/network.cpp",
+        "line": 108,
+        "sourceType": "RemoteFlowSource",
+        "description": "HTTP request parameter flows to file path"
+      }
+    ]
+  }
+}
@@ -0,0 +1,5 @@
+# Integration Test: codeql_query_run/cpp_call_graph_from_to_example1
+
+## Purpose
+
+Tests the `codeql_query_run` tool with the CallGraphFromTo query for cpp language, demonstrating external predicates for both source and target function selection to find transitive call graph reachability.
@@ -0,0 +1,16 @@
+{
+  "toolName": "codeql_query_run",
+  "parameters": {
+    "queryName": "CallGraphFromTo",
+    "queryLanguage": "cpp",
+    "database": "server/ql/cpp/tools/test/CallGraphFromTo/CallGraphFromTo.testproj",
+    "sourceFunction": "source",
+    "targetFunction": "target",
+    "output": "query-results.bqrs",
+    "format": "sarif-latest",
+    "interpretedOutput": "query-results.sarif",
+    "timeout": 300000
+  },
+  "success": true,
+  "description": "Successfully executed CallGraphFromTo (@kind problem) query using query name resolution with external predicates for both source and target function selection and SARIF format interpretation"
+}
@@ -0,0 +1,16 @@
+{
+  "toolName": "codeql_query_run",
+  "parameters": {
+    "queryName": "CallGraphFromTo",
+    "queryLanguage": "cpp",
+    "database": "server/ql/cpp/tools/test/CallGraphFromTo/CallGraphFromTo.testproj",
+    "sourceFunction": "source",
+    "targetFunction": "target",
+    "output": "query-results.bqrs",
+    "format": "sarif-latest",
+    "interpretedOutput": "query-results.sarif",
+    "timeout": 300000
+  },
+  "expectedSuccess": true,
+  "description": "Test codeql_query_run with queryName resolution for CallGraphFromTo (@kind problem) query using external predicates for both source and target function selection and SARIF format interpretation"
+}
@@ -0,0 +1,5 @@
+# Integration Test: codeql_query_run/javascript_call_graph_from_to_example1
+
+## Purpose
+
+Tests the `codeql_query_run` tool with the CallGraphFromTo query for javascript language, demonstrating external predicates for both source and target function selection to find transitive call graph reachability.
@@ -0,0 +1,16 @@
+{
+  "toolName": "codeql_query_run",
+  "parameters": {
+    "queryName": "CallGraphFromTo",
+    "queryLanguage": "javascript",
+    "database": "server/ql/javascript/tools/test/CallGraphFromTo/CallGraphFromTo.testproj",
+    "sourceFunction": "source",
+    "targetFunction": "target",
+    "output": "query-results.bqrs",
+    "format": "sarif-latest",
+    "interpretedOutput": "query-results.sarif",
+    "timeout": 300000
+  },
+  "success": true,
+  "description": "Successfully executed CallGraphFromTo (@kind problem) query for javascript using query name resolution with external predicates for source and target function selection"
+}
@@ -0,0 +1,16 @@
+{
+  "toolName": "codeql_query_run",
+  "parameters": {
+    "queryName": "CallGraphFromTo",
+    "queryLanguage": "javascript",
+    "database": "server/ql/javascript/tools/test/CallGraphFromTo/CallGraphFromTo.testproj",
+    "sourceFunction": "source",
+    "targetFunction": "target",
+    "output": "query-results.bqrs",
+    "format": "sarif-latest",
+    "interpretedOutput": "query-results.sarif",
+    "timeout": 300000
+  },
+  "expectedSuccess": true,
+  "description": "Test codeql_query_run with queryName resolution for CallGraphFromTo (@kind problem) query for javascript using external predicates for source and target function selection"
+}
@@ -0,0 +1,5 @@
+# Integration Test: codeql_query_run/python_call_graph_from_to_example1
+
+## Purpose
+
+Tests the `codeql_query_run` tool with the CallGraphFromTo query for python language, demonstrating external predicates for both source and target function selection to find transitive call graph reachability.
@@ -0,0 +1,16 @@
+{
+  "toolName": "codeql_query_run",
+  "parameters": {
+    "queryName": "CallGraphFromTo",
+    "queryLanguage": "python",
+    "database": "server/ql/python/tools/test/CallGraphFromTo/CallGraphFromTo.testproj",
+    "sourceFunction": "source",
+    "targetFunction": "target",
+    "output": "query-results.bqrs",
+    "format": "sarif-latest",
+    "interpretedOutput": "query-results.sarif",
+    "timeout": 300000
+  },
+  "success": true,
+  "description": "Successfully executed CallGraphFromTo (@kind problem) query for python using query name resolution with external predicates for source and target function selection"
+}