CLI-246 UserPromptSubmit secrets scanner callback

Author: kirill-knize-sonarsource

src/cli/command-tree.ts

@@ -40,6 +40,7 @@ import { MAX_PAGE_SIZE } from '../sonarqube/projects';
 import { apiCommand, apiExtraHelpText, type ApiCommandOptions } from './commands/api/api';
 import { GENERIC_HTTP_METHODS } from '../sonarqube/client';
 import { claudePreToolUse } from './commands/hook/claude-pre-tool-use';
+import { agentPromptSubmit } from './commands/hook/agent-prompt-submit';
 
 const DEFAULT_PAGE_SIZE = MAX_PAGE_SIZE;
 
@@ -247,9 +248,7 @@ hookCommand
 hookCommand
   .command('claude-prompt-submit')
   .description('UserPromptSubmit handler: scan prompts for secrets before sending')
-  .anonymousAction(() => {
-    return;
-  });
+  .anonymousAction(() => agentPromptSubmit());
 
 hookCommand
   .command('claude-post-tool-use')

src/cli/commands/analyze/secrets.ts

@@ -64,6 +64,23 @@ export async function runSecretsBinary(
   });
 }
 
+/**
+ * Run sonar-secrets binary on arbitrary text via stdin (--input mode). Returns the full spawn result.
+ */
+export async function runSecretsBinaryOnText(
+  binaryPath: string,
+  text: string,
+  auth: ResolvedAuth,
+): Promise<SpawnResult> {
+  return spawnWithTimeout(binaryPath, ['--input'], {
+    stdin: 'pipe',
+    stdinData: text,
+    stdout: 'pipe',
+    stderr: 'pipe',
+    env: buildAuthEnv(auth),
+  });
+}
+
 function buildAuthEnv(auth: ResolvedAuth): Record<string, string> {
   return { [BINARY_AUTH_URL_ENV]: auth.serverUrl, [BINARY_AUTH_TOKEN_ENV]: auth.token };
 }

src/cli/commands/hook/agent-prompt-submit.ts

@@ -0,0 +1,62 @@
+/*
+ * SonarQube CLI
+ * Copyright (C) SonarSource Sàrl
+ * mailto:info AT sonarsource DOT com
+ *
+ * This program is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either
+ * version 3 of the License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301, USA.
+ */
+
+// UserPromptSubmit callback handler — scans prompt text for secrets before it is sent.
+// Replaces the bash/PowerShell logic that was previously embedded in the hook script.
+
+import { resolveAuth } from '../../../lib/auth-resolver';
+import logger from '../../../lib/logger';
+import { readStdinJson } from './stdin';
+import { resolveSecretsBinaryPath } from '../_common/install/secrets';
+import { EXIT_CODE_SECRETS_FOUND, runSecretsBinaryOnText } from '../analyze/secrets';
+
+interface PromptSubmitPayload {
+  prompt?: string;
+}
+
+export async function agentPromptSubmit(): Promise<void> {
+  let payload: PromptSubmitPayload;
+  try {
+    payload = await readStdinJson<PromptSubmitPayload>();
+  } catch {
+    return; // unparseable stdin — allow
+  }
+
+  const prompt = payload.prompt;
+  if (!prompt) return;
+
+  const auth = await resolveAuth().catch(() => null);
+  if (!auth) return; // not authenticated — allow gracefully
+
+  const binaryPath = resolveSecretsBinaryPath();
+  if (!binaryPath) return; // binary not installed — allow gracefully
+
+  try {
+    const result = await runSecretsBinaryOnText(binaryPath, prompt, auth);
+    const exitCode = result.exitCode ?? 1;
+    if (exitCode === EXIT_CODE_SECRETS_FOUND) {
+      process.stdout.write(
+        JSON.stringify({ decision: 'block', reason: 'Sonar detected secrets in prompt' }) + '\n',
+      );
+    }
+  } catch (err) {
+    logger.debug(`UserPromptSubmit secrets scan failed: ${(err as Error).message}`);
+  }
+}

src/cli/commands/hook/claude-pre-tool-use.ts

@@ -1,6 +1,6 @@
 /*
  * SonarQube CLI
- * Copyright (C) 2026 SonarSource Sàrl
+ * Copyright (C) SonarSource Sàrl
  * mailto:info AT sonarsource DOT com
  *
  * This program is free software; you can redistribute it and/or

src/cli/commands/hook/stdin.ts

@@ -1,6 +1,6 @@
 /*
  * SonarQube CLI
- * Copyright (C) 2026 SonarSource Sàrl
+ * Copyright (C) SonarSource Sàrl
  * mailto:info AT sonarsource DOT com
  *
  * This program is free software; you can redistribute it and/or

src/lib/process.ts

@@ -28,6 +28,7 @@ export interface SpawnOptions {
   cwd?: string;
   env?: Record<string, string>;
   stdin?: StdioMode;
+  stdinData?: string;
   stdout?: StdioMode;
   stderr?: StdioMode;
   detached?: boolean;
@@ -56,6 +57,7 @@ export async function spawnProcess(
       stdio: [options.stdin || 'ignore', options.stdout || 'pipe', options.stderr || 'pipe'],
       detached: options.detached || false,
     });
+    options.onSpawn?.(() => proc.kill());
 
     let stdout = '';
     let stderr = '';
@@ -72,8 +74,9 @@ export async function spawnProcess(
       });
     }
 
-    if (options.onSpawn) {
-      options.onSpawn(() => proc.kill());
+    if (options.stdinData !== undefined && proc.stdin) {
+      proc.stdin.write(options.stdinData);
+      proc.stdin.end();
     }
 
     proc.on('error', reject);

tests/integration/specs/hook/hook-agent-prompt-submit.test.ts

@@ -0,0 +1,149 @@
+/*
+ * SonarQube CLI
+ * Copyright (C) 2026 SonarSource Sàrl
+ * mailto:info AT sonarsource DOT com
+ *
+ * This program is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either
+ * version 3 of the License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301, USA.
+ */
+
+// Integration tests for `sonar hook claude-prompt-submit`.
+// Runs the actual binary with real stdin to exercise scanText (stdinData path) in process.ts.
+//
+// Note: hardcoded token below is an intentional test fixture for the secret scanner.
+// sonar-ignore-next-line S6769
+
+import { afterEach, beforeEach, describe, expect, it } from 'bun:test';
+import { TestHarness } from '../../harness';
+
+// Hardcoded test token — intentional fixture for secret detection, not a real credential
+// sonar-ignore-next-line S6769
+const GITHUB_TEST_TOKEN = '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';
+
+// Unreachable server — binary handles connection-refused gracefully and proceeds with scan
+const FAKE_SERVER = 'http://localhost:19999';
+
+describe('sonar hook claude-prompt-submit', () => {
+  let harness: TestHarness;
+
+  beforeEach(async () => {
+    harness = await TestHarness.create();
+  });
+
+  afterEach(async () => {
+    await harness.dispose();
+  });
+
+  it(
+    'exits 0 and outputs block JSON when prompt contains a secret',
+    async () => {
+      harness.state().withSecretsBinaryInstalled();
+      harness.withAuth(FAKE_SERVER, 'fake-token');
+
+      const result = await harness.run('hook claude-prompt-submit', {
+        stdin: JSON.stringify({ prompt: `my token is ${GITHUB_TEST_TOKEN}` }),
+      });
+
+      expect(result.exitCode).toBe(0);
+      const blockLine = result.stdout
+        .split('\n')
+        .map((l) => l.trim())
+        .find((l) => l.startsWith('{') && l.includes('"block"'));
+      expect(blockLine).toBeDefined();
+      const output = JSON.parse(blockLine ?? '{}');
+      expect(output.decision).toBe('block');
+      expect(output.reason).toContain('secrets');
+    },
+    { timeout: 30000 },
+  );
+
+  it(
+    'exits 0 and outputs nothing when prompt contains no secrets',
+    async () => {
+      harness.state().withSecretsBinaryInstalled();
+      harness.withAuth(FAKE_SERVER, 'fake-token');
+
+      const result = await harness.run('hook claude-prompt-submit', {
+        stdin: JSON.stringify({ prompt: 'please help me refactor this function' }),
+      });
+
+      expect(result.exitCode).toBe(0);
+      expect(result.stdout).not.toContain('"block"');
+    },
+    { timeout: 30000 },
+  );
+
+  it(
+    'exits 0 and outputs nothing when stdin is invalid JSON',
+    async () => {
+      harness.state().withSecretsBinaryInstalled();
+      harness.withAuth(FAKE_SERVER, 'fake-token');
+
+      const result = await harness.run('hook claude-prompt-submit', {
+        stdin: 'not valid json {{',
+      });
+
+      expect(result.exitCode).toBe(0);
+      expect(result.stdout).not.toContain('"block"');
+    },
+    { timeout: 15000 },
+  );
+
+  it(
+    'exits 0 and outputs nothing when prompt field is absent',
+    async () => {
+      harness.state().withSecretsBinaryInstalled();
+      harness.withAuth(FAKE_SERVER, 'fake-token');
+
+      const result = await harness.run('hook claude-prompt-submit', {
+        stdin: JSON.stringify({ tool_name: 'Read' }),
+      });
+
+      expect(result.exitCode).toBe(0);
+      expect(result.stdout).not.toContain('"block"');
+    },
+    { timeout: 15000 },
+  );
+
+  it(
+    'exits 0 and outputs nothing when not authenticated',
+    async () => {
+      harness.state().withSecretsBinaryInstalled();
+      // no withAuth — no active connection
+
+      const result = await harness.run('hook claude-prompt-submit', {
+        stdin: JSON.stringify({ prompt: `my token is ${GITHUB_TEST_TOKEN}` }),
+      });
+
+      expect(result.exitCode).toBe(0);
+      expect(result.stdout).not.toContain('"block"');
+    },
+    { timeout: 15000 },
+  );
+
+  it(
+    'exits 0 and outputs nothing when secrets binary is not installed',
+    async () => {
+      harness.withAuth(FAKE_SERVER, 'fake-token');
+
+      const result = await harness.run('hook claude-prompt-submit', {
+        stdin: JSON.stringify({ prompt: `my token is ${GITHUB_TEST_TOKEN}` }),
+      });
+
+      expect(result.exitCode).toBe(0);
+      expect(result.stdout).not.toContain('"block"');
+    },
+    { timeout: 15000 },
+  );
+});

tests/unit/hook-agent-prompt-submit.test.ts

@@ -0,0 +1,83 @@
+/*
+ * SonarQube CLI
+ * Copyright (C) SonarSource Sàrl
+ * mailto:info AT sonarsource DOT com
+ *
+ * This program is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either
+ * version 3 of the License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301, USA.
+ */
+
+// Unit tests for agentPromptSubmit — only paths that cannot be exercised via integration tests:
+//   • catch block when runSecretsBinaryOnText throws (no way to make the real binary throw)
+//   • exitCode null branch (real binary always returns an integer exit code)
+
+import { describe, it, expect, beforeEach, afterEach, spyOn } from 'bun:test';
+import * as authResolver from '../../src/lib/auth-resolver';
+import * as stdinModule from '../../src/cli/commands/hook/stdin';
+import * as installSecrets from '../../src/cli/commands/_common/install/secrets';
+import * as analyzeSecrets from '../../src/cli/commands/analyze/secrets';
+import { agentPromptSubmit } from '../../src/cli/commands/hook/agent-prompt-submit';
+
+describe('agentPromptSubmit (unit — impractical-via-e2e paths)', () => {
+  let stdoutSpy: ReturnType<typeof spyOn>;
+  let resolveAuthSpy: ReturnType<typeof spyOn>;
+  let readStdinJsonSpy: ReturnType<typeof spyOn>;
+  let resolveSecretsBinaryPathSpy: ReturnType<typeof spyOn>;
+  let runSecretsBinaryOnTextSpy: ReturnType<typeof spyOn>;
+
+  beforeEach(() => {
+    stdoutSpy = spyOn(process.stdout, 'write').mockImplementation(() => true);
+    resolveAuthSpy = spyOn(authResolver, 'resolveAuth').mockResolvedValue({
+      token: 'tok',
+      serverUrl: 'https://sonarcloud.io',
+      connectionType: 'cloud',
+      orgKey: 'myorg',
+    });
+    readStdinJsonSpy = spyOn(stdinModule, 'readStdinJson').mockResolvedValue({
+      prompt: 'help me refactor this',
+    });
+    resolveSecretsBinaryPathSpy = spyOn(installSecrets, 'resolveSecretsBinaryPath').mockReturnValue(
+      '/usr/bin/sonar-secrets',
+    );
+    runSecretsBinaryOnTextSpy = spyOn(analyzeSecrets, 'runSecretsBinaryOnText').mockResolvedValue({
+      exitCode: 0,
+      stdout: '',
+      stderr: '',
+    });
+  });
+
+  afterEach(() => {
+    stdoutSpy.mockRestore();
+    resolveAuthSpy.mockRestore();
+    readStdinJsonSpy.mockRestore();
+    resolveSecretsBinaryPathSpy.mockRestore();
+    runSecretsBinaryOnTextSpy.mockRestore();
+  });
+
+  it('outputs nothing and does not throw when scan throws an error', async () => {
+    runSecretsBinaryOnTextSpy.mockRejectedValue(new Error('scan process crashed'));
+
+    await agentPromptSubmit();
+
+    expect(stdoutSpy).not.toHaveBeenCalled();
+  });
+
+  it('outputs nothing when exitCode is null', async () => {
+    runSecretsBinaryOnTextSpy.mockResolvedValue({ exitCode: null, stdout: '', stderr: '' });
+
+    await agentPromptSubmit();
+
+    expect(stdoutSpy).not.toHaveBeenCalled();
+  });
+});