@a13xu/lucid 1.1.0 → 1.9.0

package/build/security/waf.js

@@ -0,0 +1,174 @@
+/**
+ * WAF (Web Application Firewall) rules for MCP tool inputs.
+ *
+ * Covers:
+ *  - Path traversal & directory escape
+ *  - Null-byte & CRLF injection
+ *  - ReDoS (catastrophic backtracking) detection
+ *  - Input size limits (DoS prevention)
+ *  - Suspicious injection patterns (SQLi, command injection)
+ *  - Sensitive data leakage in outputs
+ */
+import { resolve, normalize } from "path";
+const PASS = { blocked: false, violations: [] };
+function block(rule, severity, detail) {
+    return { blocked: true, violations: [{ rule, severity, detail }] };
+}
+// ---------------------------------------------------------------------------
+// Input size limits
+// ---------------------------------------------------------------------------
+const MAX_LENGTHS = {
+    query: 2_000,
+    pattern: 500,
+    path: 1_000,
+    code: 200_000, // check_drift: allow large snippets
+    observation: 10_000,
+    entity: 500,
+    command: 2_000,
+    default: 50_000,
+};
+export function checkSize(field, value) {
+    const limit = MAX_LENGTHS[field] ?? MAX_LENGTHS["default"];
+    if (value.length > limit) {
+        return block("SIZE_LIMIT", "medium", `Field "${field}" exceeds max length (${value.length} > ${limit})`);
+    }
+    return PASS;
+}
+// ---------------------------------------------------------------------------
+// Null-byte & CRLF injection
+// ---------------------------------------------------------------------------
+export function checkInjection(value) {
+    if (value.includes("\0")) {
+        return block("NULL_BYTE", "high", "Null byte detected in input");
+    }
+    if (/\r\n|\r/.test(value) && value.includes("HTTP/")) {
+        return block("CRLF_INJECTION", "high", "CRLF injection pattern detected");
+    }
+    return PASS;
+}
+// ---------------------------------------------------------------------------
+// Path traversal
+// ---------------------------------------------------------------------------
+// Normalize and verify path stays within an allowed root
+export function checkPath(inputPath, allowedRoot) {
+    const injection = checkInjection(inputPath);
+    if (injection.blocked)
+        return injection;
+    // Detect traversal patterns before resolution
+    if (/\.\.[/\\]/.test(inputPath) || inputPath.includes("..%2F") || inputPath.includes("..%5C")) {
+        return block("PATH_TRAVERSAL", "critical", "Directory traversal sequence detected");
+    }
+    // Detect absolute paths to sensitive OS locations
+    const normalized = normalize(inputPath).replace(/\\/g, "/");
+    const sensitiveRoots = ["/etc/", "/proc/", "/sys/", "/dev/", "/root/",
+        "C:/Windows/", "C:\\Windows\\"];
+    for (const root of sensitiveRoots) {
+        if (normalized.toLowerCase().startsWith(root.toLowerCase())) {
+            return block("SENSITIVE_PATH", "critical", `Access to sensitive system path blocked`);
+        }
+    }
+    // If an allowed root is provided, verify path stays within it
+    if (allowedRoot) {
+        const resolvedPath = resolve(inputPath);
+        const resolvedRoot = resolve(allowedRoot);
+        if (!resolvedPath.startsWith(resolvedRoot)) {
+            return block("PATH_ESCAPE", "critical", `Path escapes allowed root (${resolvedRoot})`);
+        }
+    }
+    return PASS;
+}
+// ---------------------------------------------------------------------------
+// ReDoS detection (for regex inputs in grep_code)
+// ---------------------------------------------------------------------------
+// Patterns that indicate catastrophic backtracking risk
+const REDOS_PATTERNS = [
+    { re: /\([^)]*[+*][^)]*\)[+*{]/, name: "nested-quantifier" }, // (a+)+
+    { re: /\([^)]*\|[^)]*\)[+*{]/, name: "alternation-quantifier" }, // (a|b)+
+    { re: /[+*]\s*[+*]/, name: "consecutive-quantifiers" }, // .* .*
+    { re: /\{[0-9]{3,},/, name: "large-repetition" }, // {1000,}
+    { re: /(\(\?[^)]*\)){3,}/, name: "excessive-lookahead" }, // (?=...)(?=...)(?=...)
+];
+export function checkReDoS(pattern) {
+    for (const { re, name } of REDOS_PATTERNS) {
+        if (re.test(pattern)) {
+            return block("REDOS", "high", `Regex pattern may cause catastrophic backtracking (rule: ${name})`);
+        }
+    }
+    // Also attempt to measure compile time as a secondary check
+    try {
+        const start = Date.now();
+        new RegExp(pattern);
+        if (Date.now() - start > 100) {
+            return block("REDOS", "medium", "Regex compilation was unexpectedly slow");
+        }
+    }
+    catch (e) {
+        return block("INVALID_REGEX", "low", `Invalid regex pattern: ${e.message}`);
+    }
+    return PASS;
+}
+// ---------------------------------------------------------------------------
+// Command/SQL injection patterns (defensive — prepared stmts are primary guard)
+// ---------------------------------------------------------------------------
+const INJECTION_PATTERNS = [
+    { re: /;\s*(DROP|DELETE|TRUNCATE|ALTER)\s+/i, rule: "SQL_INJECTION", severity: "critical" },
+    { re: /UNION\s+(?:ALL\s+)?SELECT/i, rule: "SQL_UNION", severity: "high" },
+    { re: /'\s*OR\s+'1'\s*=\s*'1/i, rule: "SQL_TAUTOLOGY", severity: "high" },
+    { re: /`[^`]*`|;\s*[a-z]+\s+\/|&&|\|\|/, rule: "CMD_INJECTION", severity: "high" },
+    { re: /\$\([^)]+\)|`[^`]+`/, rule: "SHELL_SUBSTITUTION", severity: "high" },
+];
+export function checkInjectionPatterns(value) {
+    for (const { re, rule, severity } of INJECTION_PATTERNS) {
+        if (re.test(value)) {
+            return block(rule, severity, `Injection pattern detected (rule: ${rule})`);
+        }
+    }
+    return PASS;
+}
+// ---------------------------------------------------------------------------
+// Sensitive data leak detection (for outbound content)
+// ---------------------------------------------------------------------------
+const SENSITIVE_LEAK_PATTERNS = [
+    /sk-[a-zA-Z0-9]{20,}/, // OpenAI API key
+    /AKIA[0-9A-Z]{16}/, // AWS access key
+    /(?:eyJ)[a-zA-Z0-9_-]{10,}\.(?:eyJ)[a-zA-Z0-9_-]{10,}/, // JWT
+    /-----BEGIN (?:RSA |EC )?PRIVATE KEY-----/, // PEM key
+    /(?:password|passwd|secret|token)\s*[=:]\s*['"]?[^\s'"]{8,}/i, // generic
+];
+/** Check if a text blob about to be returned contains secrets. */
+export function checkOutputLeakage(text) {
+    const violations = [];
+    for (const pattern of SENSITIVE_LEAK_PATTERNS) {
+        if (pattern.test(text)) {
+            violations.push({
+                rule: "DATA_LEAKAGE",
+                severity: "critical",
+                detail: "Output may contain sensitive credentials or keys",
+            });
+            break; // one warning is enough
+        }
+    }
+    return violations;
+}
+// ---------------------------------------------------------------------------
+// Composite check for common string fields
+// ---------------------------------------------------------------------------
+export function checkStringField(field, value, opts) {
+    const size = checkSize(field, value);
+    if (size.blocked)
+        return size;
+    const inj = checkInjection(value);
+    if (inj.blocked)
+        return inj;
+    if (opts?.isPath) {
+        const path = checkPath(value, opts.allowedRoot);
+        if (path.blocked)
+            return path;
+    }
+    if (opts?.isRegex) {
+        const redos = checkReDoS(value);
+        if (redos.blocked)
+            return redos;
+    }
+    return PASS;
+}

package/build/store/content.d.ts

@@ -0,0 +1,3 @@
+export declare function compress(source: string): Buffer;
+export declare function decompress(blob: Buffer): string;
+export declare function sha256(source: string): string;

package/build/store/content.js

@@ -0,0 +1,11 @@
+import { deflateSync, inflateSync } from "zlib";
+import { createHash } from "crypto";
+export function compress(source) {
+    return deflateSync(Buffer.from(source, "utf-8"), { level: 9 });
+}
+export function decompress(blob) {
+    return inflateSync(blob).toString("utf-8");
+}
+export function sha256(source) {
+    return createHash("sha256").update(source).digest("hex");
+}

package/build/tools/coding-guard.d.ts

@@ -0,0 +1,24 @@
+import { z } from "zod";
+export declare const CheckCodeQualitySchema: z.ZodEffects<z.ZodObject<{
+    path: z.ZodOptional<z.ZodString>;
+    code: z.ZodOptional<z.ZodString>;
+    language: z.ZodOptional<z.ZodEnum<["python", "javascript", "typescript", "vue", "generic"]>>;
+}, "strip", z.ZodTypeAny, {
+    path?: string | undefined;
+    code?: string | undefined;
+    language?: "python" | "javascript" | "typescript" | "generic" | "vue" | undefined;
+}, {
+    path?: string | undefined;
+    code?: string | undefined;
+    language?: "python" | "javascript" | "typescript" | "generic" | "vue" | undefined;
+}>, {
+    path?: string | undefined;
+    code?: string | undefined;
+    language?: "python" | "javascript" | "typescript" | "generic" | "vue" | undefined;
+}, {
+    path?: string | undefined;
+    code?: string | undefined;
+    language?: "python" | "javascript" | "typescript" | "generic" | "vue" | undefined;
+}>;
+export declare function handleGetCodingRules(): string;
+export declare function handleCheckCodeQuality(args: z.infer<typeof CheckCodeQualitySchema>): string;

package/build/tools/coding-guard.js

@@ -0,0 +1,82 @@
+import { z } from "zod";
+import { readFileSync } from "fs";
+import { extname } from "path";
+import { analyzeCodeQuality, formatQualityReport } from "../guardian/coding-analyzer.js";
+import { CODING_RULES } from "../guardian/coding-rules.js";
+// ---------------------------------------------------------------------------
+// Schemas
+// ---------------------------------------------------------------------------
+export const CheckCodeQualitySchema = z
+    .object({
+    path: z.string().optional().describe("Absolute or relative path to the file to analyze."),
+    code: z.string().optional().describe("Code snippet to analyze inline."),
+    language: z
+        .enum(["python", "javascript", "typescript", "vue", "generic"])
+        .optional()
+        .describe("Language hint. Auto-detected from file extension if path is provided."),
+})
+    .refine((args) => args.path !== undefined || args.code !== undefined, {
+    message: "Provide either path (file to read) or code (inline snippet).",
+});
+// ---------------------------------------------------------------------------
+// Extension → language map for synthetic snippet paths
+// ---------------------------------------------------------------------------
+const LANG_EXT = {
+    python: ".py",
+    javascript: ".js",
+    typescript: ".ts",
+    vue: ".vue",
+    generic: ".txt",
+};
+// Languages where frontend rules activate (by extension)
+const FRONTEND_EXTS = new Set([".tsx", ".jsx", ".vue"]);
+function syntheticPath(lang) {
+    const ext = LANG_EXT[lang] ?? ".txt";
+    return `<snippet>${ext}`;
+}
+function inferLang(filepath) {
+    const ext = extname(filepath).toLowerCase();
+    const map = {
+        ".py": "python",
+        ".js": "javascript",
+        ".jsx": "javascript",
+        ".ts": "typescript",
+        ".tsx": "typescript",
+        ".vue": "vue",
+    };
+    return map[ext];
+}
+// ---------------------------------------------------------------------------
+// Handlers
+// ---------------------------------------------------------------------------
+export function handleGetCodingRules() {
+    return CODING_RULES;
+}
+export function handleCheckCodeQuality(args) {
+    let source;
+    let filepath;
+    let lang;
+    if (args.path !== undefined) {
+        try {
+            source = readFileSync(args.path, "utf-8");
+        }
+        catch (err) {
+            return `❌ Cannot read file "${args.path}": ${err instanceof Error ? err.message : String(err)}`;
+        }
+        filepath = args.path;
+        // Explicit language overrides, otherwise infer from extension
+        lang = args.language ?? inferLang(args.path);
+        // Warn if extension is frontend but language was explicitly set to non-frontend
+        const ext = extname(args.path).toLowerCase();
+        if (FRONTEND_EXTS.has(ext) && lang && !["typescript", "javascript", "vue"].includes(lang)) {
+            lang = inferLang(args.path) ?? lang;
+        }
+    }
+    else {
+        source = args.code;
+        lang = args.language ?? "generic";
+        filepath = syntheticPath(lang);
+    }
+    const issues = analyzeCodeQuality(filepath, source, lang);
+    return formatQualityReport(filepath, issues);
+}

package/build/tools/context.d.ts

@@ -0,0 +1,39 @@
+import { z } from "zod";
+import type { Statements } from "../database.js";
+export declare const GetContextSchema: z.ZodObject<{
+    query: z.ZodString;
+    maxTokens: z.ZodOptional<z.ZodNumber>;
+    dirs: z.ZodOptional<z.ZodArray<z.ZodString, "many">>;
+    recentOnly: z.ZodOptional<z.ZodBoolean>;
+    recentHours: z.ZodOptional<z.ZodNumber>;
+    skeletonOnly: z.ZodOptional<z.ZodBoolean>;
+    topK: z.ZodOptional<z.ZodNumber>;
+}, "strip", z.ZodTypeAny, {
+    query: string;
+    maxTokens?: number | undefined;
+    dirs?: string[] | undefined;
+    recentOnly?: boolean | undefined;
+    recentHours?: number | undefined;
+    skeletonOnly?: boolean | undefined;
+    topK?: number | undefined;
+}, {
+    query: string;
+    maxTokens?: number | undefined;
+    dirs?: string[] | undefined;
+    recentOnly?: boolean | undefined;
+    recentHours?: number | undefined;
+    skeletonOnly?: boolean | undefined;
+    topK?: number | undefined;
+}>;
+export declare function handleGetContext(stmts: Statements, args: z.infer<typeof GetContextSchema>): Promise<string>;
+export declare const GetRecentSchema: z.ZodObject<{
+    hours: z.ZodOptional<z.ZodNumber>;
+    withDiffs: z.ZodOptional<z.ZodBoolean>;
+}, "strip", z.ZodTypeAny, {
+    hours?: number | undefined;
+    withDiffs?: boolean | undefined;
+}, {
+    hours?: number | undefined;
+    withDiffs?: boolean | undefined;
+}>;
+export declare function handleGetRecent(stmts: Statements, args: z.infer<typeof GetRecentSchema>): string;

package/build/tools/context.js

@@ -0,0 +1,105 @@
+import { z } from "zod";
+import { assembleContext } from "../retrieval/context.js";
+import { loadConfig } from "../config.js";
+import { decompress } from "../store/content.js";
+import { createExperience } from "../memory/experience.js";
+// ---------------------------------------------------------------------------
+// get_context — smart token-efficient context retrieval
+// ---------------------------------------------------------------------------
+export const GetContextSchema = z.object({
+    query: z.string().min(1).describe("What you are working on or searching for"),
+    maxTokens: z.number().int().min(100).max(32000).optional()
+        .describe("Total token budget (default from lucid.config.json, typically 4000)"),
+    dirs: z.array(z.string()).optional()
+        .describe("Whitelist: only return files from these directories (e.g. [\"src\", \"backend\"])"),
+    recentOnly: z.boolean().optional()
+        .describe("Only return files modified within recentWindowHours"),
+    recentHours: z.number().optional()
+        .describe("Override recentWindowHours for this call"),
+    skeletonOnly: z.boolean().optional()
+        .describe("Always show skeleton (signatures only) even for small files"),
+    topK: z.number().int().min(1).max(50).optional()
+        .describe("Max files to consider (Qdrant: top-k chunks)"),
+});
+export async function handleGetContext(stmts, args) {
+    const cfg = loadConfig();
+    const result = await assembleContext(args.query, stmts, cfg, {
+        maxTokens: args.maxTokens,
+        dirs: args.dirs,
+        recentOnly: args.recentOnly,
+        recentHours: args.recentHours,
+        skeletonOnly: args.skeletonOnly,
+        topK: args.topK,
+    });
+    if (result.files.length === 0) {
+        return [
+            `⚠️  No relevant files found for: "${args.query}"`,
+            `   Strategy: ${result.strategy}`,
+            `   Tip: run init_project() or sync_project() first to index files`,
+        ].join("\n");
+    }
+    // Log experience for RL reward system
+    const contextFps = result.files.map((f) => f.filepath);
+    const expId = createExperience(args.query, contextFps, result.strategy, stmts);
+    const lines = [
+        `// get_context: "${args.query}"`,
+        `// Strategy: ${result.strategy} | ${result.files.length} files | ~${result.totalTokens} tokens`,
+        `// Experience #${expId} logged. Call reward() if this context helped, penalize() if not.`,
+        result.truncated ? `// ⚠️  Truncated (${result.skippedFiles} files skipped — increase maxTokens to see more)` : "",
+        "",
+    ].filter((l) => l !== undefined);
+    for (const f of result.files) {
+        lines.push(`// ─── ${f.filepath} [${f.language}] ~${f.tokens}t (${f.reason}) ───`);
+        lines.push(f.content);
+        lines.push("");
+    }
+    return lines.join("\n");
+}
+// ---------------------------------------------------------------------------
+// get_recent — recently modified files with diffs
+// ---------------------------------------------------------------------------
+export const GetRecentSchema = z.object({
+    hours: z.number().positive().optional()
+        .describe("Look back N hours (default 24)"),
+    withDiffs: z.boolean().optional()
+        .describe("Include line-level diffs (default true)"),
+});
+export function handleGetRecent(stmts, args) {
+    const cfg = loadConfig();
+    const hours = args.hours ?? cfg.recentWindowHours;
+    const withDiffs = args.withDiffs ?? true;
+    const cutoff = Math.floor(Date.now() / 1000) - hours * 3600;
+    const recentFiles = stmts.getRecentFiles.all(cutoff);
+    if (recentFiles.length === 0) {
+        return `No files modified in the last ${hours}h.\nTip: call sync_file(path) after each file change.`;
+    }
+    const recentDiffs = withDiffs
+        ? stmts.getRecentDiffs.all(cutoff)
+        : [];
+    const diffMap = new Map(recentDiffs.map((d) => [d.filepath, d]));
+    const lines = [
+        `// ${recentFiles.length} file(s) modified in the last ${hours}h`,
+        "",
+    ];
+    for (const f of recentFiles) {
+        const age = Math.round((Date.now() / 1000 - f.indexed_at) / 60);
+        const ageStr = age < 60 ? `${age}m ago` : `${Math.round(age / 60)}h ago`;
+        lines.push(`// ─── ${f.filepath} [${f.language}] (${ageStr}) ───`);
+        const diff = diffMap.get(f.filepath);
+        if (diff) {
+            lines.push(diff.diff_text);
+        }
+        else {
+            // New file — show first ~20 lines
+            const row = stmts.getFileByPath.get(f.filepath);
+            if (row) {
+                const src = decompress(row.content).split("\n").slice(0, 20).join("\n");
+                lines.push(src);
+                if (row.original_size > src.length)
+                    lines.push("… [new file, showing first 20 lines]");
+            }
+        }
+        lines.push("");
+    }
+    return lines.join("\n");
+}

package/build/tools/grep.d.ts

@@ -0,0 +1,17 @@
+import { z } from "zod";
+import type { Statements } from "../database.js";
+export declare const GrepCodeSchema: z.ZodObject<{
+    pattern: z.ZodString;
+    language: z.ZodOptional<z.ZodEnum<["python", "javascript", "typescript", "generic"]>>;
+    context: z.ZodDefault<z.ZodNumber>;
+}, "strip", z.ZodTypeAny, {
+    pattern: string;
+    context: number;
+    language?: "python" | "javascript" | "typescript" | "generic" | undefined;
+}, {
+    pattern: string;
+    language?: "python" | "javascript" | "typescript" | "generic" | undefined;
+    context?: number | undefined;
+}>;
+export type GrepCodeInput = z.infer<typeof GrepCodeSchema>;
+export declare function handleGrepCode(stmts: Statements, input: GrepCodeInput): string;

package/build/tools/grep.js

@@ -0,0 +1,65 @@
+import { z } from "zod";
+import { decompress } from "../store/content.js";
+export const GrepCodeSchema = z.object({
+    pattern: z.string().min(1),
+    language: z.enum(["python", "javascript", "typescript", "generic"]).optional(),
+    context: z.number().int().min(0).max(10).default(2),
+});
+export function handleGrepCode(stmts, input) {
+    let regex;
+    try {
+        regex = new RegExp(input.pattern, "i");
+    }
+    catch {
+        return `Invalid regex pattern: ${input.pattern}`;
+    }
+    const files = stmts.getAllFiles.all();
+    const matches = [];
+    for (const file of files) {
+        if (input.language && file.language !== input.language)
+            continue;
+        let source;
+        try {
+            source = decompress(file.content);
+        }
+        catch {
+            continue; // skip fișiere corupte
+        }
+        const lines = source.split("\n");
+        for (let i = 0; i < lines.length; i++) {
+            if (!regex.test(lines[i]))
+                continue;
+            matches.push({
+                filepath: file.filepath,
+                line: i + 1,
+                text: lines[i],
+                contextBefore: lines.slice(Math.max(0, i - input.context), i),
+                contextAfter: lines.slice(i + 1, i + 1 + input.context),
+            });
+            if (matches.length >= 30)
+                break; // cap la 30 match-uri
+        }
+        if (matches.length >= 30)
+            break;
+    }
+    if (matches.length === 0) {
+        return `No matches for /${input.pattern}/ in ${files.length} indexed file(s).`;
+    }
+    const lines = [
+        `Found ${matches.length} match(es) for /${input.pattern}/ across ${files.length} file(s):\n`,
+    ];
+    let lastFile = "";
+    for (const m of matches) {
+        if (m.filepath !== lastFile) {
+            lines.push(`── ${m.filepath}`);
+            lastFile = m.filepath;
+        }
+        for (const l of m.contextBefore)
+            lines.push(`  ${m.line - m.contextBefore.length + m.contextBefore.indexOf(l)}│ ${l}`);
+        lines.push(`▶ ${m.line}│ ${m.text}`);
+        for (const l of m.contextAfter)
+            lines.push(`  ${m.line + 1 + m.contextAfter.indexOf(l)}│ ${l}`);
+        lines.push("");
+    }
+    return lines.join("\n");
+}

package/build/tools/init.d.ts

@@ -0,0 +1,51 @@
+import { z } from "zod";
+import type { Statements } from "../database.js";
+export declare const InitProjectSchema: z.ZodObject<{
+    directory: z.ZodOptional<z.ZodString>;
+    /** Display name of the security admin */
+    adminName: z.ZodOptional<z.ZodString>;
+    /** Email address to send security alerts to */
+    adminEmail: z.ZodOptional<z.ZodString>;
+    /** SMTP server hostname (e.g. smtp.gmail.com) */
+    smtpHost: z.ZodOptional<z.ZodString>;
+    /** SMTP port: 587 (STARTTLS, default) or 465 (direct TLS) */
+    smtpPort: z.ZodOptional<z.ZodNumber>;
+    /** SMTP login username (often same as adminEmail) */
+    smtpUser: z.ZodOptional<z.ZodString>;
+    /** "From" display name + address (e.g. "Lucid Security <alerts@co.com>") */
+    smtpFrom: z.ZodOptional<z.ZodString>;
+    /** Generic HTTP webhook URL (receives JSON POST, HMAC-signed if LUCID_WEBHOOK_SECRET is set) */
+    webhookUrl: z.ZodOptional<z.ZodString>;
+    /** Slack incoming webhook URL */
+    slackWebhookUrl: z.ZodOptional<z.ZodString>;
+    /** Which severities trigger an alert: default ["critical","high"] */
+    alertOn: z.ZodOptional<z.ZodArray<z.ZodEnum<["critical", "high", "medium", "low"]>, "many">>;
+    /** Human-readable project name shown in alerts */
+    projectName: z.ZodOptional<z.ZodString>;
+}, "strip", z.ZodTypeAny, {
+    directory?: string | undefined;
+    adminName?: string | undefined;
+    adminEmail?: string | undefined;
+    smtpHost?: string | undefined;
+    smtpPort?: number | undefined;
+    smtpUser?: string | undefined;
+    smtpFrom?: string | undefined;
+    webhookUrl?: string | undefined;
+    slackWebhookUrl?: string | undefined;
+    alertOn?: ("low" | "medium" | "high" | "critical")[] | undefined;
+    projectName?: string | undefined;
+}, {
+    directory?: string | undefined;
+    adminName?: string | undefined;
+    adminEmail?: string | undefined;
+    smtpHost?: string | undefined;
+    smtpPort?: number | undefined;
+    smtpUser?: string | undefined;
+    smtpFrom?: string | undefined;
+    webhookUrl?: string | undefined;
+    slackWebhookUrl?: string | undefined;
+    alertOn?: ("low" | "medium" | "high" | "critical")[] | undefined;
+    projectName?: string | undefined;
+}>;
+export type InitProjectInput = z.infer<typeof InitProjectSchema>;
+export declare function handleInitProject(stmts: Statements, input: InitProjectInput): Promise<string>;