Apply suggestions from code review

Co-authored-by: Copilot <[email protected]>

Author: sylwia-budzynska

src/seclab_taskflows/mcp_servers/codeql_python/README.md

@@ -17,7 +17,7 @@ It will most likely look similar to this:
 - create a folder named 'data'
 - create or update your `.env` file in the root of this project with values for:
 ```
-COPILOT_TOKEN= # a fine-grained GitHub personal access token with permssion for "copilot chat"
+COPILOT_TOKEN= # a fine-grained GitHub personal access token with permission for "copilot chat"
 CODEQL_DBS_BASE_PATH="/workspaces/seclab-taskflows/data/codeql_databases" #path to folder with your CodeQL databases
 
 # Example values for a local setup, run with `python -m seclab_taskflow_agent -t seclab_taskflows.taskflows.audit.remote_sources_local`

src/seclab_taskflows/mcp_servers/codeql_python/codeql_sqlite_models.py

@@ -1,8 +1,8 @@
 # SPDX-FileCopyrightText: 2025 GitHub
 # SPDX-License-Identifier: MIT
 
-from sqlalchemy import String, Text, Integer, ForeignKey, Column
-from sqlalchemy.orm import DeclarativeBase, mapped_column, Mapped, relationship
+from sqlalchemy import Text
+from sqlalchemy.orm import DeclarativeBase, mapped_column, Mapped
 from typing import Optional
 
 class Base(DeclarativeBase):

src/seclab_taskflows/mcp_servers/codeql_python/mcp_server.py

@@ -20,7 +20,7 @@
 import json
 from sqlalchemy import create_engine
 from sqlalchemy.orm import Session
-from pathlib import Path
+
 import zipfile
 import httpx
 import aiofiles
@@ -88,7 +88,7 @@ def store_new_source(self, repo, source_location, type, notes, update = False):
         with Session(self.engine) as session:
             existing = session.query(Source).filter_by(repo = repo, source_location = source_location).first()
             if existing:
-                existing.notes += notes
+                existing.notes = (existing.notes or "") + notes
                 session.commit()
                 return f"Updated notes for source at {source_location} in {repo}."
             else:
@@ -120,7 +120,7 @@ def _csv_parse(raw):
             for j, k in enumerate(keys):
                 this_obj[k.strip()] = row[j + 2]
             results.append(this_obj)
-    except csv.Error as e:
+    except (csv.Error, IndexError, ValueError) as e:
         return ["Error: CSV parsing error: " + str(e)]
     return results
 
@@ -218,7 +218,7 @@ def clear_codeql_repo(owner: str, repo: str):
 
 @mcp.tool()
 def get_file_contents(
-        file_uri: str = Field(description="The file URI to get contents for. The URI scheme is defined as `file://path` and `file://path:region`. Examples of file URI: `file:///path/to/file:1:2:3:4`, `file:///path/to/file`. File URIs optionally contain a region definition that looks like `start_line:start_column:end_line:end_column` which will limit the contents returned to the specified region, for example `file:///path/to/file:1:2:3:4` indicates a file region of `1:2:3:4` which would return the content of the file starting at line 1, column 1 and ending at line 3 column 4. Line and column indices are 1-based, meaning line and column values start at 1. If the region is ommitted the full contents of the file will be returned, for example `file:///path/to/file` returns the full contents of `/path/to/file`."),
+        file_uri: str = Field(description="The file URI to get contents for. The URI scheme is defined as `file://path` and `file://path:region`. Examples of file URI: `file:///path/to/file:1:2:3:4`, `file:///path/to/file`. File URIs optionally contain a region definition that looks like `start_line:start_column:end_line:end_column` which will limit the contents returned to the specified region, for example `file:///path/to/file:1:2:3:4` indicates a file region of `1:2:3:4` which would return the content of the file starting at line 1, column 1 and ending at line 3 column 4. Line and column indices are 1-based, meaning line and column values start at 1. If the region is omitted the full contents of the file will be returned, for example `file:///path/to/file` returns the full contents of `/path/to/file`."),
         database_path: str = Field(description="The path to the CodeQL database.")):
     """Get the contents of a file URI from a CodeQL database path."""
 

src/seclab_taskflows/taskflows/audit/remote_sources_local.yaml

@@ -54,7 +54,7 @@ taskflow:
       async_limit: 5
       max_steps: 100
       name: source analysis
-      description: Identify actions that untrusted users are allowed performed the source.
+      description: Identify actions that untrusted users are allowed perform the source.
       agents:
         - seclab_taskflows.personalities.auditer
       user_prompt: |

src/seclab_taskflows/toolboxes/codeql_python.yaml

@@ -62,7 +62,7 @@ server_prompt: |
   `start_line:start_column:end_line:end_column` which will limit the contents
   returned to the specified region. For example `file:///path/to/file:1:2:3:4`
   indicates a file region of `1:2:3:4` which would return the content of the
-  file starting at line 1, column 1 and ending at line 3 column 4. These line
+  file starting at line 1, column 2 and ending at line 3, column 4. These line
   and column indices are 1-based, meaning line and column values start at 1.
 
   If the region is ommitted the full contents of the file will be returned,
@@ -75,5 +75,5 @@ server_prompt: |
   with a region definition such as: `file:///path/to/file:1:0:4:0`.
 
   When unsure how to fetch a specific region, fall back to fetching the full file
-  contents for a file by ommitting the region definition, for example
+  contents for a file by omitting the region definition, for example
   `file:///path/to/file`