feat(security): add sensitive data detection for tool calls (Spec 026) (#289)

* feat(security): add sensitive data detection for tool calls (Spec 026)

Implement automatic scanning of tool call arguments and responses for
secrets, credentials, and sensitive data patterns including:

- Cloud credentials (AWS, GCP, Azure)
- Private keys (RSA, EC, DSA, OpenSSH, PGP)
- API tokens (GitHub, GitLab, Stripe, Slack, OpenAI)
- Database connection strings (MySQL, PostgreSQL, MongoDB)
- Credit card numbers (with Luhn validation)
- Sensitive file paths (.ssh/, .aws/, .env files)
- High-entropy strings (potential secrets)

Key features:
- Async detection integrated with ActivityService
- REST API filtering (sensitive_data, detection_type, severity params)
- CLI flags: --sensitive-data, --detection-type, --severity
- Web UI: detection badges, severity indicators, detail drawer
- Configurable categories and custom patterns support
- Event bus integration for real-time notifications

Also fixes CLI socket path detection bug where os.Stat was called
with unix:// prefix, causing fallback to HTTP with wrong port.

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>

* feat(security): add LLM provider API keys and doctor status

- Add sensitive data detection status to `mcpproxy doctor` output
- Include SensitiveDataDetection in DefaultConfig() for new installs
- Add detection patterns for 14 LLM/AI providers:
  - Google AI/Gemini (AIzaSy prefix)
  - xAI/Grok (xai- prefix)
  - Groq (gsk_ prefix)
  - Hugging Face (hf_, api_org_ prefixes)
  - Replicate (r8_ prefix)
  - Perplexity (pplx- prefix)
  - Fireworks AI (fw_ prefix)
  - Anyscale (esecret_ prefix)
  - Mistral AI (keyword context)
  - Cohere (keyword context)
  - DeepSeek (sk- with keyword)
  - Together AI (keyword context)
- Improve OpenAI pattern (sk-proj-, sk-svcacct-, sk-admin-)
- Improve Anthropic pattern (sk-ant-api03-, sk-ant-admin01-)
- Add comprehensive tests with dynamic key construction
- Update documentation with new provider patterns

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>

* test(security): add comprehensive tests for LLM API key detection

Add extensive test coverage for all 15 LLM provider API key patterns:

- TestLLMKeysInJSONContext: Keys in JSON configuration files
- TestLLMKeysInYAMLContext: Keys in YAML configuration files
- TestLLMKeysInCodeSnippets: Keys in Python/JS/Shell code examples
- TestLLMKeysFalsePositivePrevention: Ensures patterns don't over-match
- TestLLMKeysWithMixedAlphanumeric: Realistic mixed-case key patterns
- TestLLMKeysInLogOutput: Keys exposed in error messages and logs
- TestOpenAIAnthropicImprovedPatterns: All OpenAI/Anthropic variants
- TestAllLLMPatternsExist: Validates all expected patterns are registered

Tests cover:
- OpenAI (sk-, sk-proj-, sk-svcacct-, sk-admin-)
- Anthropic (sk-ant-api03-, sk-ant-admin01-)
- Google AI/Gemini (AIzaSy)
- xAI/Grok (xai-)
- Groq (gsk_)
- HuggingFace (hf_, api_org_)
- Replicate (r8_)
- Perplexity (pplx-)
- Fireworks AI (fw_)
- Anyscale (esecret_)
- Mistral, Cohere, DeepSeek, Together AI (keyword context)

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>

* fix(security): reduce false positives and deduplicate detections

- Add deduplication to AddDetection() to prevent duplicate type+location
- AWS secret key pattern now requires keyword context (aws_secret_access_key=,
  AWS_SECRET_KEY:, secretAccessKey:) to avoid matching random base64 in RSA keys
- Azure client secret pattern now requires keyword context (AZURE_CLIENT_SECRET=,
  client_secret:, clientSecret:) to avoid false positives
- Update tests to reflect context-required behavior
- Add TestResult_AddDetection_Deduplication test

Before: id_rsa showed 9 detections (including aws_secret_key false positives)
After: id_rsa shows 3 detections (rsa_private_key, private_key, high_entropy)

Before: .env showed 29 detections (many duplicates)
After: .env shows 9 unique detections

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>

* docs: add sensitive data detection to activity log documentation

- Add sensitive data detection section to activity-log.md
- Document detection metadata structure and filtering options
- Add cross-reference to sensitive-data-detection.md
- Update sidebars.js with sensitive data detection page
- Update intro.md and AGENTS.md references

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>

* docs(spec): add specification for sensitive data detection (Spec 026)

- spec.md: Feature specification and requirements
- plan.md: Implementation plan
- tasks.md: Task breakdown
- data-model.md: Data model design
- research.md: Research notes
- quickstart.md: Quick start guide
- contracts/: API contracts
- checklists/: Implementation checklists
- MANUAL_TESTING_PLAN.md: Manual testing guide

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>

---------

Co-authored-by: Claude Opus 4.5 <noreply@anthropic.com>

Author: Dumbris

AGENTS.md

@@ -32,3 +32,10 @@
 ## Security & Configuration Tips
 - Never hardcode secrets; load them via the tray secure store or environment lookups in `internal/secret`.
 - When editing configs, prefer `runtime.SaveConfiguration()` flows so disk state and in-memory state stay aligned; regenerated files land in `~/.mcpproxy/`.
+
+## Active Technologies
+- Go 1.24 (toolchain go1.24.10) + BBolt (storage), Chi router (HTTP), Zap (logging), regexp (stdlib), existing ActivityService (026-pii-detection)
+- BBolt database (`~/.mcpproxy/config.db`) - ActivityRecord.Metadata extension (026-pii-detection)
+
+## Recent Changes
+- 026-pii-detection: Added Go 1.24 (toolchain go1.24.10) + BBolt (storage), Chi router (HTTP), Zap (logging), regexp (stdlib), existing ActivityService

CLAUDE.md

@@ -304,6 +304,81 @@ See `docs/code_execution/` for complete guides:
 
 See [docs/features/security-quarantine.md](docs/features/security-quarantine.md) for details.
 
+## Sensitive Data Detection
+
+Automatic scanning of tool call arguments and responses for secrets, credentials, and sensitive data. Enabled by default and integrates with the activity log for security auditing.
+
+### Detection Categories
+
+| Category | Examples | Severity |
+|----------|----------|----------|
+| `cloud_credentials` | AWS keys, GCP API keys, Azure storage keys | critical |
+| `private_key` | RSA, EC, DSA, OpenSSH, PGP private keys | critical |
+| `api_token` | GitHub, GitLab, Stripe, Slack, OpenAI, Anthropic, Google AI, xAI, Groq, HuggingFace, Replicate, Perplexity, Fireworks, Anyscale, Mistral, Cohere, DeepSeek, Together AI tokens | critical |
+| `database_credential` | MySQL, PostgreSQL, MongoDB connection strings | critical/high |
+| `credit_card` | Visa, Mastercard, Amex (Luhn validated) | high |
+| `sensitive_file` | Paths to `.ssh/`, `.aws/`, `.env` files | high/medium |
+| `high_entropy` | Base64/hex strings with high Shannon entropy | medium |
+
+### Key Files
+
+| File | Purpose |
+|------|---------|
+| `internal/security/detector.go` | Main detector with `Scan()` method |
+| `internal/security/types.go` | Detection, Result, Severity, Category types |
+| `internal/security/patterns/` | Pattern definitions by category |
+| `internal/security/patterns/cloud.go` | AWS, GCP, Azure credential patterns |
+| `internal/security/patterns/keys.go` | Private key detection patterns |
+| `internal/security/patterns/tokens.go` | API token patterns |
+| `internal/security/patterns/database.go` | Database connection string patterns |
+| `internal/security/patterns/creditcard.go` | Credit card patterns with Luhn validation |
+| `internal/security/entropy.go` | High-entropy string detection |
+| `internal/security/paths.go` | Sensitive file path patterns |
+| `internal/runtime/activity_service.go` | Integration point via `SetDetector()` |
+
+### CLI Commands
+
+```bash
+mcpproxy activity list --sensitive-data              # Show only activities with detections
+mcpproxy activity list --severity critical           # Filter by severity level
+mcpproxy activity list --detection-type aws_access_key  # Filter by detection type
+mcpproxy activity show <id>                          # View detection details
+mcpproxy activity export --sensitive-data --output audit.jsonl  # Export for compliance
+```
+
+### Configuration
+
+```json
+{
+  "sensitive_data_detection": {
+    "enabled": true,
+    "scan_requests": true,
+    "scan_responses": true,
+    "max_payload_size_kb": 1024,
+    "entropy_threshold": 4.5,
+    "categories": {
+      "cloud_credentials": true,
+      "private_key": true,
+      "api_token": true,
+      "database_credential": true,
+      "credit_card": true,
+      "high_entropy": true
+    },
+    "custom_patterns": [
+      {
+        "name": "internal_api_key",
+        "regex": "INTERNAL-[A-Z0-9]{32}",
+        "severity": "high",
+        "category": "custom"
+      }
+    ],
+    "sensitive_keywords": ["password", "secret"]
+  }
+}
+```
+
+See [docs/features/sensitive-data-detection.md](docs/features/sensitive-data-detection.md) for complete reference.
+
 ### Exit Codes
 
 | Code | Meaning |
@@ -394,6 +469,8 @@ See `docs/prerelease-builds.md` for download instructions.
 - BBolt database (`~/.mcpproxy/config.db`) - `oauth_tokens` bucket with `OAuthTokenRecord` model (023-oauth-state-persistence)
 - Go 1.24 (toolchain go1.24.10) + TypeScript 5.x / Vue 3.5 + Cobra CLI, Chi router, BBolt storage, Zap logging, mark3labs/mcp-go, Vue 3, Tailwind CSS, DaisyUI (024-expand-activity-log)
 - BBolt database (`~/.mcpproxy/config.db`) - ActivityRecord model (024-expand-activity-log)
+- Go 1.24 (toolchain go1.24.10) + BBolt (storage), Chi router (HTTP), Zap (logging), regexp (stdlib), existing ActivityService (026-pii-detection)
+- BBolt database (`~/.mcpproxy/config.db`) - ActivityRecord.Metadata extension (026-pii-detection)
 
 ## Recent Changes
 - 001-update-version-display: Added Go 1.24 (toolchain go1.24.10)