Merge branch 'codeql-python' of https://github.com/GitHubSecurityLab/seclab-taskflows into codeql-python

Author: sylwia-budzynska

src/seclab_taskflows/mcp_servers/codeql_python/mcp_server.py

@@ -13,17 +13,17 @@
 
 from pydantic import Field
 #from mcp.server.fastmcp import FastMCP, Context
-from fastmcp import FastMCP, Context # use FastMCP 2.0
+from fastmcp import FastMCP # use FastMCP 2.0
 from pathlib import Path
 import os
 import csv
 import json
 from sqlalchemy import create_engine
 from sqlalchemy.orm import Session
 
-import zipfile
-import httpx
-import aiofiles
+
+
+
 from .codeql_sqlite_models import Base, Source
 
 MEMORY = Path(os.getenv('CODEQL_SQLITE_DIR', default='/app/my_data'))
@@ -165,6 +165,8 @@ def remote_sources(owner: str, repo: str,
     results = _run_query('remote_sources', database_path, language, {})
 
     # Check if results is an error (list of strings) or valid data (list of dicts)
+    if isinstance(results, str):
+        return f"Error: {results}"
     if results and isinstance(results[0], str):
         return f"Error: {results[0]}"
 

src/seclab_taskflows/taskflows/audit/remote_sources_local.yaml

@@ -60,7 +60,7 @@ taskflow:
         If it is a web endpoint, identify the routing path that reaches this source, HTTP method,
         any middlewares used, which roles are allowed to call it.
         Note which kind of authentication is required for that endpoint.
-        It is possible that the source does not have require any authentication.
+        It is possible that the source does not require any authentication.
         If authorization is required, note the details.
 
         Update the source entry in the codeql_sqlite database with your findings.