@aigrc/core 0.1.0

package/dist/index.mjs

@@ -0,0 +1,2264 @@
+var __defProp = Object.defineProperty;
+var __getOwnPropDesc = Object.getOwnPropertyDescriptor;
+var __getOwnPropNames = Object.getOwnPropertyNames;
+var __hasOwnProp = Object.prototype.hasOwnProperty;
+var __esm = (fn, res) => function __init() {
+  return fn && (res = (0, fn[__getOwnPropNames(fn)[0]])(fn = 0)), res;
+};
+var __export = (target, all) => {
+  for (var name in all)
+    __defProp(target, name, { get: all[name], enumerable: true });
+};
+var __copyProps = (to, from, except, desc) => {
+  if (from && typeof from === "object" || typeof from === "function") {
+    for (let key of __getOwnPropNames(from))
+      if (!__hasOwnProp.call(to, key) && key !== except)
+        __defProp(to, key, { get: () => from[key], enumerable: !(desc = __getOwnPropDesc(from, key)) || desc.enumerable });
+  }
+  return to;
+};
+var __toCommonJS = (mod) => __copyProps(__defProp({}, "__esModule", { value: true }), mod);
+
+// src/detection/patterns/registry.ts
+var registry_exports = {};
+__export(registry_exports, {
+  clearRegistry: () => clearRegistry,
+  createImplication: () => createImplication,
+  getAllPatterns: () => getAllPatterns,
+  getPattern: () => getPattern,
+  getPatternsByCategory: () => getPatternsByCategory,
+  getPatternsByLanguage: () => getPatternsByLanguage,
+  isRegistryInitialized: () => isRegistryInitialized,
+  registerPattern: () => registerPattern
+});
+function registerPattern(pattern) {
+  if (registry.has(pattern.id)) {
+    throw new Error(`Pattern with ID "${pattern.id}" already registered`);
+  }
+  registry.set(pattern.id, pattern);
+}
+function getPattern(id) {
+  return registry.get(id);
+}
+function getAllPatterns() {
+  return Array.from(registry.values());
+}
+function getPatternsByCategory(category) {
+  return getAllPatterns().filter((p) => p.category === category);
+}
+function getPatternsByLanguage(language) {
+  return getAllPatterns().filter((p) => p.language === language || p.language === "any");
+}
+function clearRegistry() {
+  registry.clear();
+}
+function isRegistryInitialized() {
+  return registry.size > 0;
+}
+function createImplication(factor, value, reason) {
+  return { factor, value, reason };
+}
+var registry;
+var init_registry = __esm({
+  "src/detection/patterns/registry.ts"() {
+    "use strict";
+    registry = /* @__PURE__ */ new Map();
+  }
+});
+
+// src/detection/patterns/python.ts
+var python_exports = {};
+__export(python_exports, {
+  pythonPatterns: () => pythonPatterns,
+  registerPythonPatterns: () => registerPythonPatterns
+});
+function registerPythonPatterns() {
+  pythonPatterns.forEach(registerPattern);
+}
+var pythonPatterns;
+var init_python = __esm({
+  "src/detection/patterns/python.ts"() {
+    "use strict";
+    init_registry();
+    pythonPatterns = [
+      // ─────────────────────────────────────────────────────────────────
+      // ML FRAMEWORKS
+      // ─────────────────────────────────────────────────────────────────
+      {
+        id: "pytorch",
+        name: "PyTorch",
+        category: "ml_framework",
+        language: "python",
+        patterns: [
+          { type: "import", pattern: "import torch", confidence: "high" },
+          { type: "import", pattern: "from torch", confidence: "high" },
+          { type: "regex", pattern: "torch\\.nn\\.", confidence: "medium" },
+          { type: "regex", pattern: "torch\\.tensor", confidence: "medium" },
+          { type: "regex", pattern: "torch\\.cuda", confidence: "medium" }
+        ],
+        implies: []
+      },
+      {
+        id: "tensorflow",
+        name: "TensorFlow",
+        category: "ml_framework",
+        language: "python",
+        patterns: [
+          { type: "import", pattern: "import tensorflow", confidence: "high" },
+          { type: "import", pattern: "from tensorflow", confidence: "high" },
+          { type: "regex", pattern: "tf\\.keras", confidence: "medium" },
+          { type: "regex", pattern: "tf\\.data", confidence: "medium" }
+        ],
+        implies: []
+      },
+      {
+        id: "keras",
+        name: "Keras",
+        category: "ml_framework",
+        language: "python",
+        patterns: [
+          { type: "import", pattern: "import keras", confidence: "high" },
+          { type: "import", pattern: "from keras", confidence: "high" },
+          { type: "regex", pattern: "Sequential\\(", confidence: "medium" }
+        ],
+        implies: []
+      },
+      {
+        id: "scikit-learn",
+        name: "Scikit-learn",
+        category: "ml_framework",
+        language: "python",
+        patterns: [
+          { type: "import", pattern: "import sklearn", confidence: "high" },
+          { type: "import", pattern: "from sklearn", confidence: "high" },
+          { type: "regex", pattern: "\\.fit\\(", confidence: "low" },
+          { type: "regex", pattern: "\\.predict\\(", confidence: "low" }
+        ],
+        implies: []
+      },
+      // ─────────────────────────────────────────────────────────────────
+      // LLM PROVIDERS
+      // ─────────────────────────────────────────────────────────────────
+      {
+        id: "openai-python",
+        name: "OpenAI Python SDK",
+        category: "llm_provider",
+        language: "python",
+        patterns: [
+          { type: "import", pattern: "from openai", confidence: "high" },
+          { type: "import", pattern: "import openai", confidence: "high" },
+          { type: "regex", pattern: "OpenAI\\s*\\(", confidence: "high" },
+          { type: "regex", pattern: "client\\.chat\\.completions", confidence: "medium" },
+          { type: "regex", pattern: "ChatCompletion\\.create", confidence: "medium" }
+        ],
+        implies: [
+          createImplication("externalDataAccess", true, "OpenAI SDK calls external API")
+        ]
+      },
+      {
+        id: "anthropic-python",
+        name: "Anthropic Python SDK",
+        category: "llm_provider",
+        language: "python",
+        patterns: [
+          { type: "import", pattern: "from anthropic", confidence: "high" },
+          { type: "import", pattern: "import anthropic", confidence: "high" },
+          { type: "regex", pattern: "Anthropic\\s*\\(", confidence: "high" },
+          { type: "regex", pattern: "client\\.messages\\.create", confidence: "medium" }
+        ],
+        implies: [
+          createImplication("externalDataAccess", true, "Anthropic SDK calls external API")
+        ]
+      },
+      {
+        id: "cohere-python",
+        name: "Cohere Python SDK",
+        category: "llm_provider",
+        language: "python",
+        patterns: [
+          { type: "import", pattern: "import cohere", confidence: "high" },
+          { type: "import", pattern: "from cohere", confidence: "high" },
+          { type: "regex", pattern: "cohere\\.Client", confidence: "high" }
+        ],
+        implies: [
+          createImplication("externalDataAccess", true, "Cohere SDK calls external API")
+        ]
+      },
+      {
+        id: "google-genai",
+        name: "Google Generative AI",
+        category: "llm_provider",
+        language: "python",
+        patterns: [
+          { type: "import", pattern: "import google.generativeai", confidence: "high" },
+          { type: "import", pattern: "from google.generativeai", confidence: "high" },
+          { type: "regex", pattern: "genai\\.GenerativeModel", confidence: "high" }
+        ],
+        implies: [
+          createImplication("externalDataAccess", true, "Google GenAI SDK calls external API")
+        ]
+      },
+      // ─────────────────────────────────────────────────────────────────
+      // FRAMEWORKS
+      // ─────────────────────────────────────────────────────────────────
+      {
+        id: "huggingface-transformers",
+        name: "Hugging Face Transformers",
+        category: "framework",
+        language: "python",
+        patterns: [
+          { type: "import", pattern: "from transformers", confidence: "high" },
+          { type: "import", pattern: "import transformers", confidence: "high" },
+          { type: "regex", pattern: "AutoModel\\.from_pretrained", confidence: "high" },
+          { type: "regex", pattern: "AutoTokenizer", confidence: "medium" },
+          { type: "regex", pattern: "pipeline\\s*\\(", confidence: "medium" }
+        ],
+        implies: [
+          createImplication("externalDataAccess", true, "Hugging Face typically loads models from Hub")
+        ]
+      },
+      {
+        id: "langchain-python",
+        name: "LangChain",
+        category: "framework",
+        language: "python",
+        patterns: [
+          { type: "import", pattern: "from langchain", confidence: "high" },
+          { type: "import", pattern: "import langchain", confidence: "high" },
+          { type: "import", pattern: "from langchain_core", confidence: "high" },
+          { type: "import", pattern: "from langchain_openai", confidence: "high" },
+          { type: "import", pattern: "from langchain_anthropic", confidence: "high" },
+          { type: "import", pattern: "from langchain_community", confidence: "high" },
+          { type: "regex", pattern: "LLMChain", confidence: "high" },
+          { type: "regex", pattern: "ChatPromptTemplate", confidence: "medium" },
+          { type: "regex", pattern: "\\.invoke\\s*\\(", confidence: "medium" }
+        ],
+        implies: [
+          createImplication("toolExecution", true, "LangChain supports tool/function calling"),
+          createImplication("externalDataAccess", true, "LangChain chains often access external data")
+        ]
+      },
+      {
+        id: "llamaindex",
+        name: "LlamaIndex",
+        category: "framework",
+        language: "python",
+        patterns: [
+          { type: "import", pattern: "from llama_index", confidence: "high" },
+          { type: "import", pattern: "import llama_index", confidence: "high" },
+          { type: "regex", pattern: "VectorStoreIndex", confidence: "medium" },
+          { type: "regex", pattern: "ServiceContext", confidence: "medium" },
+          { type: "regex", pattern: "SimpleDirectoryReader", confidence: "medium" }
+        ],
+        implies: [
+          createImplication("externalDataAccess", true, "LlamaIndex typically ingests external data")
+        ]
+      },
+      // ─────────────────────────────────────────────────────────────────
+      // AGENT FRAMEWORKS
+      // ─────────────────────────────────────────────────────────────────
+      {
+        id: "crewai",
+        name: "CrewAI",
+        category: "agent_framework",
+        language: "python",
+        patterns: [
+          { type: "import", pattern: "from crewai", confidence: "high" },
+          { type: "import", pattern: "import crewai", confidence: "high" },
+          { type: "decorator", pattern: "@agent", confidence: "high" },
+          { type: "decorator", pattern: "@task", confidence: "high" },
+          { type: "decorator", pattern: "@crew", confidence: "high" },
+          { type: "regex", pattern: "Crew\\s*\\(", confidence: "high" },
+          { type: "regex", pattern: "Agent\\s*\\(", confidence: "medium" }
+        ],
+        implies: [
+          createImplication("autonomousDecisions", true, "CrewAI enables autonomous agent orchestration"),
+          createImplication("toolExecution", true, "CrewAI agents execute tools autonomously")
+        ]
+      },
+      {
+        id: "autogen",
+        name: "AutoGen",
+        category: "agent_framework",
+        language: "python",
+        patterns: [
+          { type: "import", pattern: "from autogen", confidence: "high" },
+          { type: "import", pattern: "import autogen", confidence: "high" },
+          { type: "regex", pattern: "AssistantAgent", confidence: "high" },
+          { type: "regex", pattern: "UserProxyAgent", confidence: "high" },
+          { type: "regex", pattern: "GroupChat", confidence: "medium" }
+        ],
+        implies: [
+          createImplication("autonomousDecisions", true, "AutoGen enables multi-agent autonomous systems"),
+          createImplication("toolExecution", true, "AutoGen agents can execute code and tools")
+        ]
+      },
+      {
+        id: "langgraph",
+        name: "LangGraph",
+        category: "agent_framework",
+        language: "python",
+        patterns: [
+          { type: "import", pattern: "from langgraph", confidence: "high" },
+          { type: "import", pattern: "import langgraph", confidence: "high" },
+          { type: "regex", pattern: "StateGraph", confidence: "high" },
+          { type: "regex", pattern: "add_node", confidence: "medium" },
+          { type: "regex", pattern: "add_edge", confidence: "medium" }
+        ],
+        implies: [
+          createImplication("autonomousDecisions", true, "LangGraph enables stateful agent workflows"),
+          createImplication("toolExecution", true, "LangGraph agents execute tools in graph nodes")
+        ]
+      },
+      {
+        id: "agency-swarm",
+        name: "Agency Swarm",
+        category: "agent_framework",
+        language: "python",
+        patterns: [
+          { type: "import", pattern: "from agency_swarm", confidence: "high" },
+          { type: "regex", pattern: "Agency\\s*\\(", confidence: "high" }
+        ],
+        implies: [
+          createImplication("autonomousDecisions", true, "Agency Swarm enables multi-agent systems"),
+          createImplication("toolExecution", true, "Agency Swarm agents execute tools")
+        ]
+      },
+      // ─────────────────────────────────────────────────────────────────
+      // ML OPS
+      // ─────────────────────────────────────────────────────────────────
+      {
+        id: "mlflow",
+        name: "MLflow",
+        category: "ml_ops",
+        language: "python",
+        patterns: [
+          { type: "import", pattern: "import mlflow", confidence: "high" },
+          { type: "import", pattern: "from mlflow", confidence: "high" },
+          { type: "regex", pattern: "mlflow\\.log_", confidence: "medium" },
+          { type: "regex", pattern: "mlflow\\.start_run", confidence: "medium" }
+        ],
+        implies: []
+      },
+      {
+        id: "wandb",
+        name: "Weights & Biases",
+        category: "ml_ops",
+        language: "python",
+        patterns: [
+          { type: "import", pattern: "import wandb", confidence: "high" },
+          { type: "import", pattern: "from wandb", confidence: "high" },
+          { type: "regex", pattern: "wandb\\.init", confidence: "medium" }
+        ],
+        implies: [
+          createImplication("externalDataAccess", true, "W&B syncs to external service")
+        ]
+      }
+    ];
+  }
+});
+
+// src/detection/patterns/javascript.ts
+var javascript_exports = {};
+__export(javascript_exports, {
+  javascriptPatterns: () => javascriptPatterns,
+  registerJavaScriptPatterns: () => registerJavaScriptPatterns
+});
+function registerJavaScriptPatterns() {
+  javascriptPatterns.forEach(registerPattern);
+}
+var javascriptPatterns;
+var init_javascript = __esm({
+  "src/detection/patterns/javascript.ts"() {
+    "use strict";
+    init_registry();
+    javascriptPatterns = [
+      // ─────────────────────────────────────────────────────────────────
+      // LLM PROVIDERS
+      // ─────────────────────────────────────────────────────────────────
+      {
+        id: "openai-js",
+        name: "OpenAI JavaScript SDK",
+        category: "llm_provider",
+        language: "javascript",
+        patterns: [
+          { type: "import", pattern: 'from "openai"', confidence: "high" },
+          { type: "import", pattern: "from 'openai'", confidence: "high" },
+          { type: "regex", pattern: "new OpenAI\\s*\\(", confidence: "high" },
+          { type: "regex", pattern: "openai\\.chat\\.completions", confidence: "medium" }
+        ],
+        implies: [
+          createImplication("externalDataAccess", true, "OpenAI SDK calls external API")
+        ]
+      },
+      {
+        id: "anthropic-js",
+        name: "Anthropic JavaScript SDK",
+        category: "llm_provider",
+        language: "javascript",
+        patterns: [
+          { type: "import", pattern: 'from "@anthropic-ai/sdk"', confidence: "high" },
+          { type: "import", pattern: "from '@anthropic-ai/sdk'", confidence: "high" },
+          { type: "regex", pattern: "new Anthropic\\s*\\(", confidence: "high" },
+          { type: "regex", pattern: "\\.messages\\.create", confidence: "medium" }
+        ],
+        implies: [
+          createImplication("externalDataAccess", true, "Anthropic SDK calls external API")
+        ]
+      },
+      {
+        id: "cohere-js",
+        name: "Cohere JavaScript SDK",
+        category: "llm_provider",
+        language: "javascript",
+        patterns: [
+          { type: "import", pattern: 'from "cohere-ai"', confidence: "high" },
+          { type: "import", pattern: "from 'cohere-ai'", confidence: "high" },
+          { type: "regex", pattern: "new CohereClient", confidence: "high" }
+        ],
+        implies: [
+          createImplication("externalDataAccess", true, "Cohere SDK calls external API")
+        ]
+      },
+      {
+        id: "replicate-js",
+        name: "Replicate",
+        category: "llm_provider",
+        language: "javascript",
+        patterns: [
+          { type: "import", pattern: 'from "replicate"', confidence: "high" },
+          { type: "import", pattern: "from 'replicate'", confidence: "high" },
+          { type: "regex", pattern: "new Replicate\\s*\\(", confidence: "high" }
+        ],
+        implies: [
+          createImplication("externalDataAccess", true, "Replicate SDK calls external API")
+        ]
+      },
+      {
+        id: "huggingface-js",
+        name: "Hugging Face Inference",
+        category: "llm_provider",
+        language: "javascript",
+        patterns: [
+          { type: "import", pattern: 'from "@huggingface/inference"', confidence: "high" },
+          { type: "import", pattern: "from '@huggingface/inference'", confidence: "high" },
+          { type: "regex", pattern: "HfInference\\s*\\(", confidence: "high" }
+        ],
+        implies: [
+          createImplication("externalDataAccess", true, "Hugging Face SDK calls external API")
+        ]
+      },
+      {
+        id: "together-js",
+        name: "Together AI",
+        category: "llm_provider",
+        language: "javascript",
+        patterns: [
+          { type: "import", pattern: 'from "together-ai"', confidence: "high" },
+          { type: "import", pattern: "from 'together-ai'", confidence: "high" },
+          { type: "regex", pattern: "new Together\\s*\\(", confidence: "high" }
+        ],
+        implies: [
+          createImplication("externalDataAccess", true, "Together AI SDK calls external API")
+        ]
+      },
+      {
+        id: "groq-js",
+        name: "Groq SDK",
+        category: "llm_provider",
+        language: "javascript",
+        patterns: [
+          { type: "import", pattern: 'from "groq-sdk"', confidence: "high" },
+          { type: "import", pattern: "from 'groq-sdk'", confidence: "high" },
+          { type: "regex", pattern: "new Groq\\s*\\(", confidence: "high" }
+        ],
+        implies: [
+          createImplication("externalDataAccess", true, "Groq SDK calls external API")
+        ]
+      },
+      // ─────────────────────────────────────────────────────────────────
+      // FRAMEWORKS
+      // ─────────────────────────────────────────────────────────────────
+      {
+        id: "langchain-js",
+        name: "LangChain.js",
+        category: "framework",
+        language: "javascript",
+        patterns: [
+          { type: "import", pattern: 'from "langchain"', confidence: "high" },
+          { type: "import", pattern: "from 'langchain'", confidence: "high" },
+          { type: "import", pattern: 'from "@langchain/core"', confidence: "high" },
+          { type: "import", pattern: 'from "@langchain/openai"', confidence: "high" },
+          { type: "import", pattern: 'from "@langchain/anthropic"', confidence: "high" },
+          { type: "import", pattern: 'from "@langchain/community"', confidence: "high" },
+          { type: "regex", pattern: "new ChatOpenAI", confidence: "medium" },
+          { type: "regex", pattern: "ChatPromptTemplate", confidence: "medium" },
+          { type: "regex", pattern: "\\.invoke\\s*\\(", confidence: "low" }
+        ],
+        implies: [
+          createImplication("toolExecution", true, "LangChain.js supports tool calling"),
+          createImplication("externalDataAccess", true, "LangChain.js chains access external data")
+        ]
+      },
+      {
+        id: "vercel-ai-sdk",
+        name: "Vercel AI SDK",
+        category: "framework",
+        language: "javascript",
+        patterns: [
+          { type: "import", pattern: 'from "ai"', confidence: "medium" },
+          { type: "import", pattern: "from 'ai'", confidence: "medium" },
+          { type: "import", pattern: 'from "ai/react"', confidence: "high" },
+          { type: "import", pattern: 'from "@ai-sdk/openai"', confidence: "high" },
+          { type: "import", pattern: 'from "@ai-sdk/anthropic"', confidence: "high" },
+          { type: "regex", pattern: "generateText\\s*\\(", confidence: "high" },
+          { type: "regex", pattern: "streamText\\s*\\(", confidence: "high" },
+          { type: "regex", pattern: "useChat\\s*\\(", confidence: "high" },
+          { type: "regex", pattern: "useCompletion\\s*\\(", confidence: "high" }
+        ],
+        implies: [
+          createImplication("customerFacing", true, "Vercel AI SDK typically used in user-facing apps"),
+          createImplication("externalDataAccess", true, "Vercel AI SDK calls LLM providers")
+        ]
+      },
+      {
+        id: "llamaindex-js",
+        name: "LlamaIndex.TS",
+        category: "framework",
+        language: "javascript",
+        patterns: [
+          { type: "import", pattern: 'from "llamaindex"', confidence: "high" },
+          { type: "import", pattern: "from 'llamaindex'", confidence: "high" },
+          { type: "regex", pattern: "VectorStoreIndex", confidence: "medium" }
+        ],
+        implies: [
+          createImplication("externalDataAccess", true, "LlamaIndex typically ingests external data")
+        ]
+      },
+      // ─────────────────────────────────────────────────────────────────
+      // ML FRAMEWORKS
+      // ─────────────────────────────────────────────────────────────────
+      {
+        id: "tensorflow-js",
+        name: "TensorFlow.js",
+        category: "ml_framework",
+        language: "javascript",
+        patterns: [
+          { type: "import", pattern: 'from "@tensorflow/tfjs"', confidence: "high" },
+          { type: "import", pattern: "from '@tensorflow/tfjs'", confidence: "high" },
+          { type: "import", pattern: 'from "@tensorflow/tfjs-node"', confidence: "high" },
+          { type: "regex", pattern: "tf\\.loadLayersModel", confidence: "medium" },
+          { type: "regex", pattern: "tf\\.sequential", confidence: "medium" }
+        ],
+        implies: []
+      },
+      {
+        id: "onnxruntime-js",
+        name: "ONNX Runtime Web",
+        category: "ml_framework",
+        language: "javascript",
+        patterns: [
+          { type: "import", pattern: 'from "onnxruntime-web"', confidence: "high" },
+          { type: "import", pattern: 'from "onnxruntime-node"', confidence: "high" },
+          { type: "regex", pattern: "InferenceSession\\.create", confidence: "high" }
+        ],
+        implies: []
+      },
+      {
+        id: "transformers-js",
+        name: "Transformers.js",
+        category: "ml_framework",
+        language: "javascript",
+        patterns: [
+          { type: "import", pattern: 'from "@xenova/transformers"', confidence: "high" },
+          { type: "import", pattern: 'from "@huggingface/transformers"', confidence: "high" },
+          { type: "regex", pattern: "pipeline\\s*\\(", confidence: "medium" }
+        ],
+        implies: []
+      },
+      // ─────────────────────────────────────────────────────────────────
+      // AGENT FRAMEWORKS
+      // ─────────────────────────────────────────────────────────────────
+      {
+        id: "langgraph-js",
+        name: "LangGraph.js",
+        category: "agent_framework",
+        language: "javascript",
+        patterns: [
+          { type: "import", pattern: 'from "@langchain/langgraph"', confidence: "high" },
+          { type: "regex", pattern: "StateGraph", confidence: "high" },
+          { type: "regex", pattern: "addNode", confidence: "medium" }
+        ],
+        implies: [
+          createImplication("autonomousDecisions", true, "LangGraph enables stateful agent workflows"),
+          createImplication("toolExecution", true, "LangGraph agents execute tools")
+        ]
+      },
+      {
+        id: "autogen-js",
+        name: "AutoGen.js",
+        category: "agent_framework",
+        language: "javascript",
+        patterns: [
+          { type: "import", pattern: 'from "autogen"', confidence: "high" },
+          { type: "regex", pattern: "AssistantAgent", confidence: "high" }
+        ],
+        implies: [
+          createImplication("autonomousDecisions", true, "AutoGen enables multi-agent systems"),
+          createImplication("toolExecution", true, "AutoGen agents execute tools")
+        ]
+      }
+    ];
+  }
+});
+
+// src/detection/patterns/model-files.ts
+var model_files_exports = {};
+__export(model_files_exports, {
+  modelFilePatterns: () => modelFilePatterns,
+  registerModelFilePatterns: () => registerModelFilePatterns
+});
+function registerModelFilePatterns() {
+  modelFilePatterns.forEach(registerPattern);
+}
+var modelFilePatterns;
+var init_model_files = __esm({
+  "src/detection/patterns/model-files.ts"() {
+    "use strict";
+    init_registry();
+    modelFilePatterns = [
+      {
+        id: "pytorch-model",
+        name: "PyTorch Model File",
+        category: "model_file",
+        language: "any",
+        patterns: [
+          { type: "literal", pattern: ".pt", confidence: "high" },
+          { type: "literal", pattern: ".pth", confidence: "high" },
+          { type: "literal", pattern: ".bin", confidence: "medium", description: "May be transformer weights" }
+        ],
+        implies: []
+      },
+      {
+        id: "safetensors-model",
+        name: "SafeTensors Model File",
+        category: "model_file",
+        language: "any",
+        patterns: [
+          { type: "literal", pattern: ".safetensors", confidence: "high" }
+        ],
+        implies: []
+      },
+      {
+        id: "onnx-model",
+        name: "ONNX Model File",
+        category: "model_file",
+        language: "any",
+        patterns: [
+          { type: "literal", pattern: ".onnx", confidence: "high" }
+        ],
+        implies: []
+      },
+      {
+        id: "keras-model",
+        name: "Keras/TensorFlow Model File",
+        category: "model_file",
+        language: "any",
+        patterns: [
+          { type: "literal", pattern: ".h5", confidence: "high" },
+          { type: "literal", pattern: ".keras", confidence: "high" },
+          { type: "literal", pattern: ".pb", confidence: "medium", description: "TensorFlow frozen graph" }
+        ],
+        implies: []
+      },
+      {
+        id: "sklearn-model",
+        name: "Scikit-learn Model File",
+        category: "model_file",
+        language: "any",
+        patterns: [
+          { type: "literal", pattern: ".pkl", confidence: "low", description: "Could be any pickle file" },
+          { type: "literal", pattern: ".joblib", confidence: "high" }
+        ],
+        implies: []
+      },
+      {
+        id: "model-config",
+        name: "Model Configuration File",
+        category: "model_file",
+        language: "any",
+        patterns: [
+          { type: "regex", pattern: "config\\.json$", confidence: "low", description: "May be model config" },
+          { type: "regex", pattern: "model\\.json$", confidence: "medium" },
+          { type: "regex", pattern: "adapter_config\\.json$", confidence: "high", description: "LoRA adapter" },
+          { type: "regex", pattern: "tokenizer\\.json$", confidence: "high" },
+          { type: "regex", pattern: "tokenizer_config\\.json$", confidence: "high" },
+          { type: "regex", pattern: "generation_config\\.json$", confidence: "high" }
+        ],
+        implies: []
+      },
+      {
+        id: "gguf-model",
+        name: "GGUF Model File",
+        category: "model_file",
+        language: "any",
+        patterns: [
+          { type: "literal", pattern: ".gguf", confidence: "high", description: "llama.cpp format" },
+          { type: "literal", pattern: ".ggml", confidence: "high", description: "Legacy GGML format" }
+        ],
+        implies: []
+      },
+      {
+        id: "mlx-model",
+        name: "MLX Model File",
+        category: "model_file",
+        language: "any",
+        patterns: [
+          { type: "literal", pattern: ".npz", confidence: "low", description: "May be MLX weights" }
+        ],
+        implies: []
+      }
+    ];
+  }
+});
+
+// src/detection/patterns/risk-indicators.ts
+var risk_indicators_exports = {};
+__export(risk_indicators_exports, {
+  registerRiskIndicatorPatterns: () => registerRiskIndicatorPatterns,
+  riskIndicatorPatterns: () => riskIndicatorPatterns
+});
+function registerRiskIndicatorPatterns() {
+  riskIndicatorPatterns.forEach(registerPattern);
+}
+var riskIndicatorPatterns;
+var init_risk_indicators = __esm({
+  "src/detection/patterns/risk-indicators.ts"() {
+    "use strict";
+    init_registry();
+    riskIndicatorPatterns = [
+      // ─────────────────────────────────────────────────────────────────
+      // AUTONOMOUS EXECUTION
+      // ─────────────────────────────────────────────────────────────────
+      {
+        id: "autonomous-execution",
+        name: "Autonomous Execution Patterns",
+        category: "framework",
+        language: "any",
+        patterns: [
+          { type: "regex", pattern: "\\.invoke\\s*\\(", confidence: "medium", description: "Agent invocation" },
+          { type: "regex", pattern: "\\.run\\s*\\(", confidence: "low", description: "Run method (generic)" },
+          { type: "regex", pattern: "while\\s+True", confidence: "medium", description: "Potential agent loop (Python)" },
+          { type: "regex", pattern: "while\\s*\\(\\s*true\\s*\\)", confidence: "medium", description: "Potential agent loop (JS)" },
+          { type: "regex", pattern: "agent\\.execute", confidence: "high", description: "Agent execution" },
+          { type: "regex", pattern: "AgentExecutor", confidence: "high", description: "LangChain agent executor" }
+        ],
+        implies: [
+          createImplication("autonomousDecisions", true, "Pattern indicates autonomous execution capability")
+        ]
+      },
+      // ─────────────────────────────────────────────────────────────────
+      // TOOL EXECUTION
+      // ─────────────────────────────────────────────────────────────────
+      {
+        id: "tool-execution",
+        name: "Tool Execution Patterns",
+        category: "framework",
+        language: "any",
+        patterns: [
+          { type: "decorator", pattern: "@tool", confidence: "high", description: "Tool decorator" },
+          { type: "regex", pattern: "function_calling", confidence: "high" },
+          { type: "regex", pattern: "tools\\s*[=:]\\s*\\[", confidence: "medium" },
+          { type: "regex", pattern: "bind_tools", confidence: "high" },
+          { type: "regex", pattern: "create_tool", confidence: "high" },
+          { type: "regex", pattern: "StructuredTool", confidence: "high" },
+          { type: "regex", pattern: "BaseTool", confidence: "high" },
+          { type: "regex", pattern: "mcp_server", confidence: "high", description: "MCP tool server" },
+          { type: "regex", pattern: "McpServer", confidence: "high", description: "MCP server" }
+        ],
+        implies: [
+          createImplication("toolExecution", true, "Pattern indicates tool execution capability")
+        ]
+      },
+      // ─────────────────────────────────────────────────────────────────
+      // EXTERNAL DATA ACCESS
+      // ─────────────────────────────────────────────────────────────────
+      {
+        id: "external-data-access",
+        name: "External Data Access Patterns",
+        category: "framework",
+        language: "any",
+        patterns: [
+          { type: "regex", pattern: "requests\\.(get|post|put|delete|patch)", confidence: "medium" },
+          { type: "regex", pattern: "fetch\\s*\\(", confidence: "medium" },
+          { type: "regex", pattern: "axios\\.", confidence: "medium" },
+          { type: "regex", pattern: "httpx\\.", confidence: "medium" },
+          { type: "regex", pattern: "aiohttp\\.", confidence: "medium" },
+          { type: "regex", pattern: "WebBrowser", confidence: "high", description: "Web browsing capability" },
+          { type: "regex", pattern: "Retriever", confidence: "medium", description: "RAG retrieval" },
+          { type: "regex", pattern: "VectorStore", confidence: "medium", description: "Vector database access" }
+        ],
+        implies: [
+          createImplication("externalDataAccess", true, "Pattern indicates external data access")
+        ]
+      },
+      // ─────────────────────────────────────────────────────────────────
+      // DATABASE ACCESS
+      // ─────────────────────────────────────────────────────────────────
+      {
+        id: "database-access",
+        name: "Database Access Patterns",
+        category: "framework",
+        language: "any",
+        patterns: [
+          { type: "regex", pattern: "SQLDatabase", confidence: "high" },
+          { type: "regex", pattern: "create_sql_agent", confidence: "high" },
+          { type: "regex", pattern: "sql_agent", confidence: "high" },
+          { type: "regex", pattern: "MongoClient", confidence: "medium" },
+          { type: "regex", pattern: "psycopg", confidence: "medium" },
+          { type: "regex", pattern: "pymongo", confidence: "medium" }
+        ],
+        implies: [
+          createImplication("externalDataAccess", true, "Pattern indicates database access")
+        ]
+      },
+      // ─────────────────────────────────────────────────────────────────
+      // PII PROCESSING
+      // ─────────────────────────────────────────────────────────────────
+      {
+        id: "pii-processing",
+        name: "PII Processing Patterns",
+        category: "framework",
+        language: "any",
+        patterns: [
+          { type: "regex", pattern: "email|e-mail|e_mail", confidence: "low" },
+          { type: "regex", pattern: "phone_number|phone|telephone|mobile", confidence: "low" },
+          { type: "regex", pattern: "ssn|social_security|social-security", confidence: "high" },
+          { type: "regex", pattern: "password|passwd|pwd", confidence: "medium" },
+          { type: "regex", pattern: "credit_card|creditcard|cc_number", confidence: "high" },
+          { type: "regex", pattern: "date_of_birth|dob|birthdate", confidence: "medium" },
+          { type: "regex", pattern: "address|street|city|zipcode|zip_code", confidence: "low" },
+          { type: "regex", pattern: "passport|driver_license|drivers_license", confidence: "high" }
+        ],
+        implies: [
+          createImplication("piiProcessing", "yes", "Pattern suggests PII handling")
+        ]
+      },
+      // ─────────────────────────────────────────────────────────────────
+      // HIGH-STAKES DECISIONS
+      // ─────────────────────────────────────────────────────────────────
+      {
+        id: "high-stakes-medical",
+        name: "Medical/Healthcare Patterns",
+        category: "framework",
+        language: "any",
+        patterns: [
+          { type: "regex", pattern: "medical|diagnosis|patient|treatment", confidence: "high" },
+          { type: "regex", pattern: "healthcare|health_care|clinical", confidence: "high" },
+          { type: "regex", pattern: "prescription|medication|drug", confidence: "medium" },
+          { type: "regex", pattern: "symptom|disease|condition", confidence: "medium" }
+        ],
+        implies: [
+          createImplication("highStakesDecisions", true, "Pattern indicates medical/healthcare domain")
+        ]
+      },
+      {
+        id: "high-stakes-legal",
+        name: "Legal Patterns",
+        category: "framework",
+        language: "any",
+        patterns: [
+          { type: "regex", pattern: "legal|lawsuit|attorney|lawyer", confidence: "high" },
+          { type: "regex", pattern: "contract|agreement|terms", confidence: "low" },
+          { type: "regex", pattern: "court|judge|verdict|sentence", confidence: "high" },
+          { type: "regex", pattern: "compliance|regulation|regulatory", confidence: "medium" }
+        ],
+        implies: [
+          createImplication("highStakesDecisions", true, "Pattern indicates legal domain")
+        ]
+      },
+      {
+        id: "high-stakes-financial",
+        name: "Financial Patterns",
+        category: "framework",
+        language: "any",
+        patterns: [
+          { type: "regex", pattern: "financial|trading|investment|loan", confidence: "high" },
+          { type: "regex", pattern: "credit_score|creditworthiness|credit_rating", confidence: "high" },
+          { type: "regex", pattern: "mortgage|banking|transaction", confidence: "medium" },
+          { type: "regex", pattern: "portfolio|stock|bond|asset", confidence: "medium" }
+        ],
+        implies: [
+          createImplication("highStakesDecisions", true, "Pattern indicates financial domain")
+        ]
+      },
+      {
+        id: "high-stakes-hiring",
+        name: "Hiring/Employment Patterns",
+        category: "framework",
+        language: "any",
+        patterns: [
+          { type: "regex", pattern: "hiring|recruitment|candidate|applicant", confidence: "high" },
+          { type: "regex", pattern: "resume|cv|curriculum_vitae", confidence: "high" },
+          { type: "regex", pattern: "interview|screening|background_check", confidence: "high" },
+          { type: "regex", pattern: "employee|termination|performance_review", confidence: "medium" }
+        ],
+        implies: [
+          createImplication("highStakesDecisions", true, "Pattern indicates hiring/employment domain")
+        ]
+      },
+      // ─────────────────────────────────────────────────────────────────
+      // CUSTOMER FACING
+      // ─────────────────────────────────────────────────────────────────
+      {
+        id: "customer-facing",
+        name: "Customer-Facing Patterns",
+        category: "framework",
+        language: "any",
+        patterns: [
+          { type: "regex", pattern: "chatbot|chat_bot|conversational", confidence: "high" },
+          { type: "regex", pattern: "customer_service|customer_support", confidence: "high" },
+          { type: "regex", pattern: "useChat|useCompletion", confidence: "high", description: "Vercel AI hooks" },
+          { type: "regex", pattern: "StreamingTextResponse", confidence: "high" },
+          { type: "regex", pattern: "user_input|user_message|user_query", confidence: "medium" }
+        ],
+        implies: [
+          createImplication("customerFacing", true, "Pattern indicates customer-facing application")
+        ]
+      }
+    ];
+  }
+});
+
+// src/schemas/index.ts
+import { z } from "zod";
+var OwnerSchema = z.object({
+  name: z.string().min(1),
+  email: z.string().email(),
+  team: z.string().optional()
+});
+var TechnicalSchema = z.object({
+  type: z.enum(["model", "agent", "api_client", "framework", "pipeline"]),
+  framework: z.string().optional(),
+  frameworkVersion: z.string().optional(),
+  components: z.array(
+    z.object({
+      type: z.string(),
+      provider: z.string().optional(),
+      model: z.string().optional()
+    })
+  ).optional(),
+  sourceFiles: z.array(z.string()).optional()
+});
+var RiskFactorsSchema = z.object({
+  autonomousDecisions: z.boolean().default(false),
+  customerFacing: z.boolean().default(false),
+  toolExecution: z.boolean().default(false),
+  externalDataAccess: z.boolean().default(false),
+  piiProcessing: z.enum(["yes", "no", "unknown"]).default("unknown"),
+  highStakesDecisions: z.boolean().default(false)
+});
+var ControlStatusSchema = z.object({
+  controlId: z.string(),
+  status: z.enum(["implemented", "partial", "not_implemented", "not_applicable"]),
+  evidence: z.string().optional(),
+  notes: z.string().optional(),
+  lastUpdated: z.string().datetime().optional()
+});
+var JurisdictionClassificationSchema = z.object({
+  /** Profile/jurisdiction ID (e.g., "eu-ai-act", "us-omb-m24") */
+  jurisdictionId: z.string(),
+  /** Risk level mapped to this jurisdiction's terminology */
+  riskLevel: z.string(),
+  /** Jurisdiction-specific category (e.g., EU AI Act category) */
+  category: z.string().optional(),
+  /** Status of controls for this jurisdiction */
+  controlStatuses: z.array(ControlStatusSchema).optional(),
+  /** Required artifacts for this jurisdiction */
+  requiredArtifacts: z.array(
+    z.object({
+      artifactId: z.string(),
+      status: z.enum(["pending", "complete", "not_applicable"]),
+      path: z.string().optional()
+    })
+  ).optional(),
+  /** Last compliance check date */
+  lastChecked: z.string().datetime().optional(),
+  /** Compliance percentage for this jurisdiction */
+  compliancePercentage: z.number().min(0).max(100).optional()
+});
+var TrustworthinessCharacteristicSchema = z.object({
+  score: z.number().min(0).max(100).optional(),
+  notes: z.string().optional(),
+  lastAssessed: z.string().datetime().optional(),
+  assessedBy: z.string().optional()
+});
+var TrustworthinessSchema = z.object({
+  /** Valid and reliable: produces accurate, consistent results */
+  valid: TrustworthinessCharacteristicSchema.optional(),
+  reliable: TrustworthinessCharacteristicSchema.optional(),
+  /** Safe: minimizes harm and risk */
+  safe: TrustworthinessCharacteristicSchema.optional(),
+  /** Secure: protected against threats */
+  secure: TrustworthinessCharacteristicSchema.optional(),
+  /** Accountable: clear responsibility and oversight */
+  accountable: TrustworthinessCharacteristicSchema.optional(),
+  /** Transparent: understandable and open about limitations */
+  transparent: TrustworthinessCharacteristicSchema.optional(),
+  /** Explainable: decisions can be understood */
+  explainable: TrustworthinessCharacteristicSchema.optional(),
+  /** Privacy-enhanced: protects personal information */
+  privacyEnhanced: TrustworthinessCharacteristicSchema.optional(),
+  /** Fair: avoids bias and discrimination */
+  fair: TrustworthinessCharacteristicSchema.optional()
+});
+var ClassificationSchema = z.object({
+  /** Primary AIGRC risk level */
+  riskLevel: z.enum(["minimal", "limited", "high", "unacceptable"]),
+  /** Risk factors that influenced the classification */
+  riskFactors: RiskFactorsSchema,
+  /** EU AI Act specific classification (legacy, prefer jurisdictions) */
+  euAiAct: z.object({
+    category: z.string(),
+    transparencyRequired: z.boolean().default(false)
+  }).optional(),
+  /** Required artifacts based on classification */
+  requiredArtifacts: z.array(
+    z.object({
+      type: z.string(),
+      status: z.enum(["pending", "complete", "not_applicable"]),
+      path: z.string().optional()
+    })
+  ).optional(),
+  /** Per-jurisdiction classifications for multi-jurisdiction compliance */
+  jurisdictions: z.array(JurisdictionClassificationSchema).optional(),
+  /** NIST AI RMF trustworthiness characteristics */
+  trustworthiness: TrustworthinessSchema.optional()
+});
+var IntentSchema = z.object({
+  linked: z.boolean().default(false),
+  ticketSystem: z.enum(["jira", "ado", "github", "gitlab"]).nullable().optional(),
+  ticketId: z.string().nullable().optional(),
+  ticketUrl: z.string().url().nullable().optional(),
+  businessJustification: z.string().nullable().optional(),
+  riskTolerance: z.enum(["low", "medium", "high"]).nullable().optional(),
+  importedAt: z.string().datetime().nullable().optional()
+});
+var ApprovalSchema = z.object({
+  role: z.string(),
+  name: z.string(),
+  email: z.string().email().optional(),
+  date: z.string(),
+  source: z.string().optional()
+});
+var GovernanceSchema = z.object({
+  status: z.enum(["draft", "linked", "approved", "production", "deprecated", "revoked"]),
+  approvals: z.array(ApprovalSchema).default([]),
+  deployment: z.object({
+    environments: z.array(z.string()).default([]),
+    lastDeployed: z.string().datetime().nullable().optional()
+  }).optional()
+});
+var ConstraintsSchema = z.object({
+  runtime: z.object({
+    maxIterations: z.number().positive().optional(),
+    timeoutSeconds: z.number().positive().optional(),
+    maxTokensPerRequest: z.number().positive().optional(),
+    maxCostPerRequestUsd: z.number().positive().optional()
+  }).optional(),
+  humanApprovalRequired: z.array(z.string()).optional(),
+  monitoring: z.object({
+    logAllDecisions: z.boolean().default(true),
+    logToolInvocations: z.boolean().default(true)
+  }).optional()
+});
+var AssetCardSchema = z.object({
+  $schema: z.string().optional(),
+  id: z.string().regex(/^aigrc-\d{4}-[a-f0-9]{8}$/),
+  name: z.string().min(1).max(100),
+  description: z.string().max(500).optional(),
+  version: z.string().default("1.0.0"),
+  created: z.string().datetime(),
+  updated: z.string().datetime(),
+  ownership: z.object({
+    owner: OwnerSchema,
+    team: z.string().optional()
+  }),
+  technical: TechnicalSchema,
+  classification: ClassificationSchema,
+  intent: IntentSchema,
+  governance: GovernanceSchema,
+  constraints: ConstraintsSchema.optional()
+});
+
+// src/classification.ts
+function classifyRisk(factors) {
+  const reasons = [];
+  let riskLevel = "minimal";
+  if (factors.highStakesDecisions) {
+    riskLevel = "high";
+    reasons.push("Makes high-stakes decisions affecting individuals");
+  }
+  if (factors.autonomousDecisions && factors.toolExecution) {
+    riskLevel = "high";
+    reasons.push("Autonomous agent with tool execution capability");
+  }
+  if (factors.customerFacing && riskLevel === "minimal") {
+    riskLevel = "limited";
+    reasons.push("Customer-facing AI requires transparency");
+  }
+  if (factors.piiProcessing === "yes" && riskLevel === "minimal") {
+    riskLevel = "limited";
+    reasons.push("Processes personal data");
+  }
+  const euAiActCategory = mapToEuAiAct(riskLevel, factors);
+  const requiredArtifacts = getRequiredArtifacts(riskLevel, factors);
+  return {
+    riskLevel,
+    reasons,
+    euAiActCategory,
+    requiredArtifacts
+  };
+}
+function mapToEuAiAct(level, factors) {
+  if (level === "unacceptable") return "prohibited";
+  if (level === "high") return "high_risk";
+  if (level === "limited" || factors.customerFacing) return "limited_risk";
+  return "minimal_risk";
+}
+function getRequiredArtifacts(level, factors) {
+  const artifacts = ["ai_asset_card"];
+  if (level === "limited" || level === "high") {
+    if (factors.customerFacing) {
+      artifacts.push("transparency_notice");
+    }
+  }
+  if (level === "high") {
+    artifacts.push("risk_assessment");
+    artifacts.push("human_oversight_plan");
+    if (factors.toolExecution) {
+      artifacts.push("tool_inventory");
+    }
+  }
+  return artifacts;
+}
+function validateRiskFactors(factors) {
+  const requiredProperties = [
+    "highStakesDecisions",
+    "autonomousDecisions",
+    "toolExecution",
+    "customerFacing",
+    "piiProcessing"
+  ];
+  for (const prop of requiredProperties) {
+    if (!(prop in factors)) {
+      console.error(`Missing required property: ${prop}`);
+      return false;
+    }
+  }
+  return true;
+}
+
+// src/asset-card.ts
+import { readFileSync, writeFileSync, existsSync, mkdirSync } from "fs";
+import { dirname } from "path";
+import YAML from "yaml";
+import { randomBytes } from "crypto";
+function generateAssetId() {
+  const year = (/* @__PURE__ */ new Date()).getFullYear();
+  const random = randomBytes(4).toString("hex");
+  return `aigrc-${year}-${random}`;
+}
+function createAssetCard(options) {
+  const now = (/* @__PURE__ */ new Date()).toISOString();
+  const id = generateAssetId();
+  const jurisdictions = options.jurisdictions && options.jurisdictions.length > 0 ? options.jurisdictions.map((jurisdictionId) => ({
+    jurisdictionId,
+    riskLevel: "minimal",
+    // Will be updated by classify
+    controlStatuses: [],
+    requiredArtifacts: []
+  })) : void 0;
+  const card = {
+    $schema: "https://aigrc.dev/schemas/asset-card/v1",
+    id,
+    name: options.name,
+    description: options.description,
+    version: "1.0.0",
+    created: now,
+    updated: now,
+    ownership: {
+      owner: options.owner,
+      team: options.owner.team
+    },
+    technical: {
+      type: options.technical.type,
+      framework: options.technical.framework,
+      frameworkVersion: options.technical.frameworkVersion
+    },
+    classification: {
+      riskLevel: "minimal",
+      riskFactors: {
+        autonomousDecisions: options.riskFactors?.autonomousDecisions ?? false,
+        customerFacing: options.riskFactors?.customerFacing ?? false,
+        toolExecution: options.riskFactors?.toolExecution ?? false,
+        externalDataAccess: options.riskFactors?.externalDataAccess ?? false,
+        piiProcessing: options.riskFactors?.piiProcessing ?? "unknown",
+        highStakesDecisions: options.riskFactors?.highStakesDecisions ?? false
+      },
+      jurisdictions,
+      trustworthiness: options.trustworthiness
+    },
+    intent: {
+      linked: false
+    },
+    governance: {
+      status: "draft",
+      approvals: []
+    }
+  };
+  const result = AssetCardSchema.safeParse(card);
+  if (!result.success) {
+    throw new Error(`Invalid asset card: ${result.error.message}`);
+  }
+  return result.data;
+}
+function addJurisdiction(card, jurisdictionId, riskLevel) {
+  const jurisdictions = card.classification.jurisdictions || [];
+  const existing = jurisdictions.find((j) => j.jurisdictionId === jurisdictionId);
+  if (existing) {
+    if (riskLevel) {
+      existing.riskLevel = riskLevel;
+    }
+  } else {
+    jurisdictions.push({
+      jurisdictionId,
+      riskLevel: riskLevel || "minimal",
+      controlStatuses: [],
+      requiredArtifacts: []
+    });
+  }
+  return {
+    ...card,
+    classification: {
+      ...card.classification,
+      jurisdictions
+    }
+  };
+}
+function updateJurisdictionCompliance(card, jurisdictionId, update) {
+  const jurisdictions = card.classification.jurisdictions || [];
+  const idx = jurisdictions.findIndex((j) => j.jurisdictionId === jurisdictionId);
+  if (idx === -1) {
+    jurisdictions.push({
+      jurisdictionId,
+      riskLevel: update.riskLevel || "minimal",
+      ...update,
+      lastChecked: (/* @__PURE__ */ new Date()).toISOString()
+    });
+  } else {
+    jurisdictions[idx] = {
+      ...jurisdictions[idx],
+      ...update,
+      lastChecked: (/* @__PURE__ */ new Date()).toISOString()
+    };
+  }
+  return {
+    ...card,
+    classification: {
+      ...card.classification,
+      jurisdictions
+    }
+  };
+}
+function loadAssetCard(filePath) {
+  if (!existsSync(filePath)) {
+    throw new Error(`Asset card not found: ${filePath}`);
+  }
+  const content = readFileSync(filePath, "utf-8");
+  const data = YAML.parse(content);
+  const result = AssetCardSchema.safeParse(data);
+  if (!result.success) {
+    throw new Error(`Invalid asset card at ${filePath}: ${result.error.message}`);
+  }
+  return result.data;
+}
+function saveAssetCard(card, filePath) {
+  const result = AssetCardSchema.safeParse(card);
+  if (!result.success) {
+    throw new Error(`Invalid asset card: ${result.error.message}`);
+  }
+  const dir = dirname(filePath);
+  if (!existsSync(dir)) {
+    mkdirSync(dir, { recursive: true });
+  }
+  card.updated = (/* @__PURE__ */ new Date()).toISOString();
+  const content = YAML.stringify(card, { indent: 2, lineWidth: 100 });
+  writeFileSync(filePath, content, "utf-8");
+}
+function validateAssetCard(card) {
+  const result = AssetCardSchema.safeParse(card);
+  if (result.success) {
+    return { valid: true };
+  }
+  return {
+    valid: false,
+    errors: result.error.errors.map((e) => `${e.path.join(".")}: ${e.message}`)
+  };
+}
+
+// src/golden-thread.ts
+function linkAssetToTicket(asset, ticket) {
+  const warnings = [];
+  const intent = {
+    linked: true,
+    ticketSystem: ticket.system,
+    ticketId: ticket.id,
+    ticketUrl: ticket.url,
+    businessJustification: ticket.businessJustification,
+    riskTolerance: ticket.riskTolerance,
+    importedAt: (/* @__PURE__ */ new Date()).toISOString()
+  };
+  if (ticket.riskTolerance && asset.classification.riskLevel) {
+    const toleranceMap = { low: 0, medium: 1, high: 2 };
+    const levelMap = { minimal: 0, limited: 1, high: 2, unacceptable: 3 };
+    if (levelMap[asset.classification.riskLevel] > toleranceMap[ticket.riskTolerance]) {
+      warnings.push(
+        `Asset risk (${asset.classification.riskLevel}) exceeds ticket tolerance (${ticket.riskTolerance})`
+      );
+    }
+  }
+  return {
+    success: true,
+    intent,
+    warnings: warnings.length > 0 ? warnings : void 0
+  };
+}
+function validateGoldenThread(asset) {
+  const issues = [];
+  let score = 100;
+  if (!asset.intent.linked) {
+    issues.push("Asset is not linked to any ticket");
+    score -= 50;
+    return { valid: false, healthScore: score, issues };
+  }
+  if (!asset.intent.businessJustification) {
+    issues.push("Missing business justification");
+    score -= 20;
+  }
+  if (asset.classification.riskLevel === "high" && asset.governance.approvals.length === 0) {
+    issues.push("High-risk asset missing approvals");
+    score -= 30;
+  }
+  return {
+    valid: issues.length === 0,
+    healthScore: Math.max(0, score),
+    issues
+  };
+}
+
+// src/detection/types.ts
+import { z as z2 } from "zod";
+var ConfidenceLevelSchema = z2.enum(["high", "medium", "low"]);
+var DetectionStrategySchema = z2.enum([
+  "pattern_match",
+  "import_analysis",
+  "file_extension",
+  "annotation"
+]);
+var FrameworkCategorySchema = z2.enum([
+  "llm_provider",
+  "framework",
+  "agent_framework",
+  "ml_framework",
+  "ml_ops",
+  "model_file"
+]);
+
+// src/detection/scanner.ts
+import { readFileSync as readFileSync2, readdirSync, statSync, existsSync as existsSync2 } from "fs";
+import { join, extname as extname2, relative } from "path";
+
+// src/detection/patterns/index.ts
+init_registry();
+init_python();
+init_javascript();
+init_model_files();
+init_risk_indicators();
+var initialized = false;
+function initializePatterns() {
+  if (initialized) {
+    return;
+  }
+  const { registerPythonPatterns: registerPythonPatterns2 } = (init_python(), __toCommonJS(python_exports));
+  const { registerJavaScriptPatterns: registerJavaScriptPatterns2 } = (init_javascript(), __toCommonJS(javascript_exports));
+  const { registerModelFilePatterns: registerModelFilePatterns2 } = (init_model_files(), __toCommonJS(model_files_exports));
+  const { registerRiskIndicatorPatterns: registerRiskIndicatorPatterns2 } = (init_risk_indicators(), __toCommonJS(risk_indicators_exports));
+  registerPythonPatterns2();
+  registerJavaScriptPatterns2();
+  registerModelFilePatterns2();
+  registerRiskIndicatorPatterns2();
+  initialized = true;
+}
+function resetPatterns() {
+  const { clearRegistry: clearRegistry2 } = (init_registry(), __toCommonJS(registry_exports));
+  clearRegistry2();
+  initialized = false;
+}
+
+// src/detection/strategies/pattern-matcher.ts
+function matchPatterns(filePath, lines, patterns) {
+  const detections = [];
+  for (let lineIndex = 0; lineIndex < lines.length; lineIndex++) {
+    const line = lines[lineIndex];
+    for (const pattern of patterns) {
+      for (const rule of pattern.patterns) {
+        if (rule.type !== "regex" && rule.type !== "literal") continue;
+        const match = matchRule(line, rule);
+        if (match) {
+          detections.push({
+            filePath,
+            line: lineIndex + 1,
+            column: match.index,
+            match: match.text,
+            matchContext: getContext(lines, lineIndex),
+            registryCard: pattern.id,
+            framework: pattern.name,
+            category: pattern.category,
+            confidence: rule.confidence,
+            strategy: "pattern_match",
+            implies: pattern.implies
+          });
+        }
+      }
+    }
+  }
+  return detections;
+}
+function matchRule(line, rule) {
+  if (rule.type === "literal") {
+    const index = line.indexOf(rule.pattern);
+    if (index !== -1) {
+      return { text: rule.pattern, index };
+    }
+  } else if (rule.type === "regex") {
+    try {
+      const regex = new RegExp(rule.pattern, "i");
+      const match = regex.exec(line);
+      if (match) {
+        return { text: match[0], index: match.index };
+      }
+    } catch {
+    }
+  }
+  return null;
+}
+function getContext(lines, index, contextLines = 2) {
+  const start = Math.max(0, index - contextLines);
+  const end = Math.min(lines.length, index + contextLines + 1);
+  return lines.slice(start, end).join("\n");
+}
+
+// src/detection/strategies/import-analyzer.ts
+var PYTHON_IMPORT_REGEX = /^(?:from\s+(\S+)\s+import|import\s+(\S+))/;
+var JS_IMPORT_REGEX = /(?:import\s+(?:[\w{},*\s]+\s+from\s+)?['"]([^'"]+)['"]|require\s*\(\s*['"]([^'"]+)['"]\s*\))/;
+function analyzeImports(filePath, content, patterns) {
+  const detections = [];
+  const lines = content.split("\n");
+  const isPython = filePath.endsWith(".py");
+  for (let lineIndex = 0; lineIndex < lines.length; lineIndex++) {
+    const line = lines[lineIndex].trim();
+    if (!line) continue;
+    if (isPython && line.startsWith("#")) continue;
+    if (!isPython && (line.startsWith("//") || line.startsWith("/*"))) continue;
+    const importMatch = isPython ? extractPythonImport(line) : extractJsImport(line);
+    if (!importMatch) continue;
+    for (const pattern of patterns) {
+      if (pattern.language !== "any" && (isPython && pattern.language !== "python" || !isPython && pattern.language !== "javascript" && pattern.language !== "typescript")) {
+        continue;
+      }
+      for (const rule of pattern.patterns) {
+        if (rule.type !== "import") continue;
+        if (matchesImport(line, rule.pattern)) {
+          detections.push({
+            filePath,
+            line: lineIndex + 1,
+            match: line,
+            registryCard: pattern.id,
+            framework: pattern.name,
+            category: pattern.category,
+            confidence: rule.confidence,
+            strategy: "import_analysis",
+            implies: pattern.implies,
+            metadata: { importedModule: importMatch }
+          });
+        }
+      }
+    }
+  }
+  return detections;
+}
+function extractPythonImport(line) {
+  const match = PYTHON_IMPORT_REGEX.exec(line);
+  if (match) {
+    return match[1] || match[2];
+  }
+  return null;
+}
+function extractJsImport(line) {
+  const match = JS_IMPORT_REGEX.exec(line);
+  if (match) {
+    return match[1] || match[2];
+  }
+  return null;
+}
+function matchesImport(line, pattern) {
+  const normalizedLine = line.toLowerCase().replace(/'/g, '"');
+  const normalizedPattern = pattern.toLowerCase().replace(/'/g, '"');
+  return normalizedLine.includes(normalizedPattern);
+}
+
+// src/detection/strategies/file-scanner.ts
+init_registry();
+import { extname, basename } from "path";
+function scanFileExtension(filePath) {
+  const detections = [];
+  const ext = extname(filePath).toLowerCase();
+  const filename = basename(filePath);
+  const modelPatterns = getPatternsByCategory("model_file");
+  for (const pattern of modelPatterns) {
+    for (const rule of pattern.patterns) {
+      let matched = false;
+      if (rule.type === "literal") {
+        if (ext === rule.pattern.toLowerCase()) {
+          matched = true;
+        }
+      } else if (rule.type === "regex") {
+        try {
+          const regex = new RegExp(rule.pattern, "i");
+          matched = regex.test(filename);
+        } catch {
+        }
+      }
+      if (matched) {
+        detections.push({
+          filePath,
+          line: 0,
+          // N/A for file-level detection
+          match: filename,
+          registryCard: pattern.id,
+          framework: pattern.name,
+          category: pattern.category,
+          confidence: rule.confidence,
+          strategy: "file_extension",
+          implies: pattern.implies,
+          metadata: { extension: ext, filename }
+        });
+      }
+    }
+  }
+  return detections;
+}
+var MODEL_EXTENSIONS = [
+  ".pt",
+  ".pth",
+  ".safetensors",
+  ".onnx",
+  ".h5",
+  ".keras",
+  ".pb",
+  ".pkl",
+  ".joblib",
+  ".bin",
+  ".gguf",
+  ".ggml",
+  ".npz"
+];
+function isModelFile(filePath) {
+  const ext = extname(filePath).toLowerCase();
+  return MODEL_EXTENSIONS.includes(ext);
+}
+
+// src/detection/strategies/annotation-detector.ts
+var PYTHON_DECORATOR_REGEX = /^\s*@(\w+)(?:\(.*\))?\s*$/;
+var TS_DECORATOR_REGEX = /^\s*@(\w+)(?:\(.*\))?\s*$/;
+function detectAnnotations(filePath, lines, patterns) {
+  const detections = [];
+  const isPython = filePath.endsWith(".py");
+  for (let lineIndex = 0; lineIndex < lines.length; lineIndex++) {
+    const line = lines[lineIndex];
+    const trimmedLine = line.trim();
+    if (!trimmedLine.startsWith("@")) continue;
+    const decoratorMatch = isPython ? PYTHON_DECORATOR_REGEX.exec(trimmedLine) : TS_DECORATOR_REGEX.exec(trimmedLine);
+    if (!decoratorMatch) continue;
+    const decoratorName = decoratorMatch[1];
+    for (const pattern of patterns) {
+      if (pattern.language !== "any" && (isPython && pattern.language !== "python" || !isPython && pattern.language !== "javascript" && pattern.language !== "typescript")) {
+        continue;
+      }
+      for (const rule of pattern.patterns) {
+        if (rule.type !== "decorator") continue;
+        const ruleDecorator = rule.pattern.replace(/^@/, "");
+        if (decoratorName.toLowerCase() === ruleDecorator.toLowerCase()) {
+          const nextLine = lineIndex + 1 < lines.length ? lines[lineIndex + 1] : "";
+          const decoratedName = extractDecoratedName(nextLine, isPython);
+          detections.push({
+            filePath,
+            line: lineIndex + 1,
+            match: trimmedLine,
+            matchContext: decoratedName ? `${trimmedLine}
+${nextLine.trim()}` : trimmedLine,
+            registryCard: pattern.id,
+            framework: pattern.name,
+            category: pattern.category,
+            confidence: rule.confidence,
+            strategy: "annotation",
+            implies: pattern.implies,
+            metadata: {
+              decorator: decoratorName,
+              decorated: decoratedName
+            }
+          });
+        }
+      }
+    }
+  }
+  return detections;
+}
+function extractDecoratedName(line, isPython) {
+  if (isPython) {
+    const pythonMatch = /(?:def|class|async\s+def)\s+(\w+)/.exec(line);
+    if (pythonMatch) return pythonMatch[1];
+  } else {
+    const tsMatch = /(?:function|class|async\s+function)\s+(\w+)/.exec(line);
+    if (tsMatch) return tsMatch[1];
+    const methodMatch = /^\s*(?:async\s+)?(\w+)\s*\(/.exec(line);
+    if (methodMatch) return methodMatch[1];
+  }
+  return null;
+}
+
+// src/detection/risk-inference.ts
+function inferRiskFactors(detections) {
+  const implications = collectImplications(detections);
+  return {
+    autonomousDecisions: inferBoolean(implications, "autonomousDecisions"),
+    customerFacing: inferBoolean(implications, "customerFacing"),
+    toolExecution: inferBoolean(implications, "toolExecution"),
+    externalDataAccess: inferBoolean(implications, "externalDataAccess"),
+    piiProcessing: inferPiiProcessing(implications),
+    highStakesDecisions: inferBoolean(implications, "highStakesDecisions")
+  };
+}
+function collectImplications(detections) {
+  const implications = [];
+  for (const detection of detections) {
+    const weight = confidenceWeight(detection.confidence);
+    for (const implication of detection.implies) {
+      if (weight >= 2) {
+        implications.push({
+          ...implication,
+          weight
+        });
+      }
+    }
+  }
+  return implications;
+}
+function confidenceWeight(confidence) {
+  const weights = {
+    high: 3,
+    medium: 2,
+    low: 1
+  };
+  return weights[confidence];
+}
+function inferBoolean(implications, factor) {
+  const relevant = implications.filter((i) => i.factor === factor);
+  if (relevant.length === 0) return false;
+  const highWeight = relevant.filter((i) => i.weight >= 3 && i.value === true);
+  if (highWeight.length > 0) return true;
+  const mediumWeight = relevant.filter((i) => i.weight >= 2 && i.value === true);
+  if (mediumWeight.length >= 2) return true;
+  if (mediumWeight.length >= 1) return true;
+  return false;
+}
+function inferPiiProcessing(implications) {
+  const relevant = implications.filter((i) => i.factor === "piiProcessing");
+  if (relevant.length === 0) return "unknown";
+  const highYes = relevant.filter((i) => i.weight >= 3 && i.value === "yes");
+  if (highYes.length > 0) return "yes";
+  const mediumYes = relevant.filter((i) => i.weight >= 2 && i.value === "yes");
+  if (mediumYes.length >= 2) return "yes";
+  if (relevant.some((i) => i.value === "yes")) return "yes";
+  if (relevant.every((i) => i.value === "no")) return "no";
+  return "unknown";
+}
+var IMPLICATION_CHAINS = {
+  // LangChain implies tool execution and external data access
+  "langchain-python": [
+    { factor: "toolExecution", value: true, reason: "LangChain enables tool calling" },
+    { factor: "externalDataAccess", value: true, reason: "LangChain chains access external data" }
+  ],
+  "langchain-js": [
+    { factor: "toolExecution", value: true, reason: "LangChain.js enables tool calling" },
+    { factor: "externalDataAccess", value: true, reason: "LangChain.js chains access external data" }
+  ],
+  // CrewAI implies autonomous decisions and tool execution
+  crewai: [
+    { factor: "autonomousDecisions", value: true, reason: "CrewAI enables autonomous agents" },
+    { factor: "toolExecution", value: true, reason: "CrewAI agents execute tools" }
+  ],
+  // AutoGen implies autonomous decisions and tool execution
+  autogen: [
+    { factor: "autonomousDecisions", value: true, reason: "AutoGen enables autonomous agents" },
+    { factor: "toolExecution", value: true, reason: "AutoGen agents can execute code" }
+  ],
+  // LangGraph implies autonomous decisions
+  langgraph: [
+    { factor: "autonomousDecisions", value: true, reason: "LangGraph enables stateful agents" }
+  ],
+  "langgraph-js": [
+    { factor: "autonomousDecisions", value: true, reason: "LangGraph.js enables stateful agents" }
+  ],
+  // Vercel AI SDK implies customer-facing
+  "vercel-ai-sdk": [
+    { factor: "customerFacing", value: true, reason: "Vercel AI SDK used in user-facing apps" }
+  ]
+};
+function applyImplicationChains(detections) {
+  return detections.map((detection) => {
+    const chainedImplications = IMPLICATION_CHAINS[detection.registryCard];
+    if (chainedImplications) {
+      return {
+        ...detection,
+        implies: [...detection.implies, ...chainedImplications]
+      };
+    }
+    return detection;
+  });
+}
+
+// src/detection/scanner.ts
+var DEFAULT_IGNORE_PATTERNS = [
+  "node_modules",
+  "__pycache__",
+  ".git",
+  "dist",
+  "build",
+  ".next",
+  ".nuxt",
+  "venv",
+  ".venv",
+  "env",
+  ".env",
+  ".aigrc",
+  "*.min.js",
+  "*.bundle.js",
+  "*.map",
+  "coverage",
+  ".pytest_cache",
+  ".mypy_cache",
+  ".tox",
+  "egg-info"
+];
+var DEFAULT_CODE_EXTENSIONS = [
+  ".py",
+  ".js",
+  ".ts",
+  ".jsx",
+  ".tsx",
+  ".mjs",
+  ".cjs"
+];
+async function scan(options, onProgress) {
+  const startTime = Date.now();
+  const detections = [];
+  const errors = [];
+  let scannedFiles = 0;
+  let skippedFiles = 0;
+  if (!isRegistryInitialized()) {
+    initializePatterns();
+  }
+  const resolvedOptions = resolveOptions(options);
+  const files = collectFiles(resolvedOptions);
+  const totalFiles = files.length;
+  for (const filePath of files) {
+    if (resolvedOptions.maxFiles && scannedFiles >= resolvedOptions.maxFiles) {
+      break;
+    }
+    if (onProgress) {
+      onProgress({
+        totalFiles,
+        scannedFiles,
+        currentFile: relative(resolvedOptions.directory, filePath),
+        detections: detections.length
+      });
+    }
+    try {
+      const fileDetections = await scanFile(filePath, resolvedOptions);
+      detections.push(...fileDetections);
+      scannedFiles++;
+      if (resolvedOptions.earlyExit && fileDetections.some((d) => d.confidence === "high")) {
+        break;
+      }
+    } catch (error) {
+      errors.push({
+        filePath,
+        error: error instanceof Error ? error.message : String(error),
+        recoverable: true
+      });
+      skippedFiles++;
+    }
+  }
+  const uniqueDetections = deduplicateDetections(detections);
+  const summary = createSummary(uniqueDetections);
+  const inferredRiskFactors = inferRiskFactors(uniqueDetections);
+  const suggestedTechnical = suggestTechnical(uniqueDetections, summary);
+  return {
+    detections: uniqueDetections,
+    summary,
+    inferredRiskFactors,
+    suggestedTechnical,
+    scannedFiles,
+    skippedFiles,
+    duration: Date.now() - startTime,
+    errors: errors.length > 0 ? errors : void 0
+  };
+}
+function scanSync(options, onProgress) {
+  const startTime = Date.now();
+  const detections = [];
+  const errors = [];
+  let scannedFiles = 0;
+  let skippedFiles = 0;
+  if (!isRegistryInitialized()) {
+    initializePatterns();
+  }
+  const resolvedOptions = resolveOptions(options);
+  const files = collectFiles(resolvedOptions);
+  const totalFiles = files.length;
+  for (const filePath of files) {
+    if (resolvedOptions.maxFiles && scannedFiles >= resolvedOptions.maxFiles) {
+      break;
+    }
+    if (onProgress) {
+      onProgress({
+        totalFiles,
+        scannedFiles,
+        currentFile: relative(resolvedOptions.directory, filePath),
+        detections: detections.length
+      });
+    }
+    try {
+      const fileDetections = scanFileSync(filePath, resolvedOptions);
+      detections.push(...fileDetections);
+      scannedFiles++;
+      if (resolvedOptions.earlyExit && fileDetections.some((d) => d.confidence === "high")) {
+        break;
+      }
+    } catch (error) {
+      errors.push({
+        filePath,
+        error: error instanceof Error ? error.message : String(error),
+        recoverable: true
+      });
+      skippedFiles++;
+    }
+  }
+  const uniqueDetections = deduplicateDetections(detections);
+  const summary = createSummary(uniqueDetections);
+  const inferredRiskFactors = inferRiskFactors(uniqueDetections);
+  const suggestedTechnical = suggestTechnical(uniqueDetections, summary);
+  return {
+    detections: uniqueDetections,
+    summary,
+    inferredRiskFactors,
+    suggestedTechnical,
+    scannedFiles,
+    skippedFiles,
+    duration: Date.now() - startTime,
+    errors: errors.length > 0 ? errors : void 0
+  };
+}
+function resolveOptions(options) {
+  return {
+    directory: options.directory,
+    recursive: options.recursive ?? true,
+    extensions: options.extensions ?? [...DEFAULT_CODE_EXTENSIONS, ...MODEL_EXTENSIONS],
+    ignorePatterns: options.ignorePatterns ?? DEFAULT_IGNORE_PATTERNS,
+    strategies: options.strategies ?? [
+      "pattern_match",
+      "import_analysis",
+      "file_extension",
+      "annotation"
+    ],
+    maxFileSize: options.maxFileSize ?? 1024 * 1024,
+    // 1MB default
+    maxFiles: options.maxFiles ?? 1e4,
+    earlyExit: options.earlyExit ?? false,
+    respectGitignore: options.respectGitignore ?? true,
+    customPatterns: options.customPatterns ?? []
+  };
+}
+function collectFiles(options) {
+  const files = [];
+  const gitignorePatterns = options.respectGitignore ? loadGitignore(options.directory) : [];
+  function walk(dir) {
+    let entries;
+    try {
+      entries = readdirSync(dir, { withFileTypes: true });
+    } catch {
+      return;
+    }
+    for (const entry of entries) {
+      const fullPath = join(dir, entry.name);
+      const relativePath = relative(options.directory, fullPath);
+      if (shouldIgnore(relativePath, entry.name, options.ignorePatterns, gitignorePatterns)) {
+        continue;
+      }
+      if (entry.isDirectory() && options.recursive) {
+        walk(fullPath);
+      } else if (entry.isFile()) {
+        const ext = extname2(entry.name).toLowerCase();
+        if (options.extensions.some((e) => e.toLowerCase() === ext)) {
+          try {
+            const stats = statSync(fullPath);
+            if (stats.size <= options.maxFileSize) {
+              files.push(fullPath);
+            }
+          } catch {
+          }
+        }
+      }
+    }
+  }
+  if (existsSync2(options.directory)) {
+    const stat = statSync(options.directory);
+    if (stat.isDirectory()) {
+      walk(options.directory);
+    } else if (stat.isFile()) {
+      files.push(options.directory);
+    }
+  }
+  return files;
+}
+function shouldIgnore(relativePath, name, ignorePatterns, gitignorePatterns) {
+  const allPatterns = [...ignorePatterns, ...gitignorePatterns];
+  for (const pattern of allPatterns) {
+    if (name === pattern || relativePath === pattern) {
+      return true;
+    }
+    if (relativePath.includes(pattern)) {
+      return true;
+    }
+    if (pattern.includes("*")) {
+      const regexPattern = pattern.replace(/\./g, "\\.").replace(/\*/g, ".*");
+      try {
+        const regex = new RegExp(regexPattern);
+        if (regex.test(name) || regex.test(relativePath)) {
+          return true;
+        }
+      } catch {
+      }
+    }
+  }
+  return false;
+}
+function loadGitignore(directory) {
+  const gitignorePath = join(directory, ".gitignore");
+  if (!existsSync2(gitignorePath)) {
+    return [];
+  }
+  try {
+    const content = readFileSync2(gitignorePath, "utf-8");
+    return content.split("\n").map((line) => line.trim()).filter((line) => line && !line.startsWith("#"));
+  } catch {
+    return [];
+  }
+}
+async function scanFile(filePath, options) {
+  return scanFileSync(filePath, options);
+}
+function scanFileSync(filePath, options) {
+  const detections = [];
+  const ext = extname2(filePath).toLowerCase();
+  const patterns = [...getAllPatterns(), ...options.customPatterns ?? []];
+  if (options.strategies.includes("file_extension") && MODEL_EXTENSIONS.some((e) => e.toLowerCase() === ext)) {
+    const extensionDetections = scanFileExtension(filePath);
+    detections.push(...extensionDetections);
+  }
+  if (DEFAULT_CODE_EXTENSIONS.some((e) => e.toLowerCase() === ext)) {
+    const content = readFileSync2(filePath, "utf-8");
+    const lines = content.split("\n");
+    if (options.strategies.includes("import_analysis")) {
+      const importDetections = analyzeImports(filePath, content, patterns);
+      detections.push(...importDetections);
+    }
+    if (options.strategies.includes("pattern_match")) {
+      const patternDetections = matchPatterns(filePath, lines, patterns);
+      detections.push(...patternDetections);
+    }
+    if (options.strategies.includes("annotation")) {
+      const annotationDetections = detectAnnotations(filePath, lines, patterns);
+      detections.push(...annotationDetections);
+    }
+  }
+  return detections;
+}
+function deduplicateDetections(detections) {
+  const seen = /* @__PURE__ */ new Map();
+  for (const detection of detections) {
+    const key = `${detection.filePath}:${detection.line}:${detection.registryCard}`;
+    const existing = seen.get(key);
+    if (!existing || confidenceRank(detection.confidence) > confidenceRank(existing.confidence)) {
+      seen.set(key, detection);
+    }
+  }
+  return Array.from(seen.values());
+}
+function confidenceRank(level) {
+  const ranks = { high: 3, medium: 2, low: 1 };
+  return ranks[level];
+}
+function createSummary(detections) {
+  const byFramework = {};
+  const byCategory = {
+    llm_provider: 0,
+    framework: 0,
+    agent_framework: 0,
+    ml_framework: 0,
+    ml_ops: 0,
+    model_file: 0
+  };
+  const byConfidence = {
+    high: 0,
+    medium: 0,
+    low: 0
+  };
+  for (const detection of detections) {
+    byFramework[detection.framework] = (byFramework[detection.framework] || 0) + 1;
+    byCategory[detection.category]++;
+    byConfidence[detection.confidence]++;
+  }
+  let primaryFramework;
+  let maxScore = 0;
+  for (const [framework] of Object.entries(byFramework)) {
+    const frameworkDetections = detections.filter((d) => d.framework === framework);
+    const score = frameworkDetections.reduce(
+      (sum, d) => sum + confidenceRank(d.confidence),
+      0
+    );
+    if (score > maxScore) {
+      maxScore = score;
+      primaryFramework = framework;
+    }
+  }
+  let primaryCategory;
+  let maxCategoryCount = 0;
+  for (const [cat, count] of Object.entries(byCategory)) {
+    if (count > maxCategoryCount) {
+      maxCategoryCount = count;
+      primaryCategory = cat;
+    }
+  }
+  return {
+    totalDetections: detections.length,
+    byFramework,
+    byCategory,
+    byConfidence,
+    primaryFramework,
+    primaryCategory
+  };
+}
+function suggestTechnical(detections, summary) {
+  const typeMap = {
+    llm_provider: "api_client",
+    framework: "framework",
+    agent_framework: "agent",
+    ml_framework: "model",
+    ml_ops: "pipeline",
+    model_file: "model"
+  };
+  const sourceFiles = [...new Set(detections.map((d) => d.filePath))];
+  return {
+    type: typeMap[summary.primaryCategory ?? "framework"],
+    framework: summary.primaryFramework,
+    sourceFiles
+  };
+}
+
+// src/detection/asset-suggestion.ts
+function suggestAssetCard(scanResult) {
+  const { detections, summary, inferredRiskFactors, suggestedTechnical } = scanResult;
+  const name = generateName(summary.primaryFramework, suggestedTechnical?.type);
+  const description = generateDescription(detections, summary);
+  const components = collectComponents(detections);
+  const sourceFiles = [...new Set(detections.map((d) => d.filePath))];
+  const confidence = calculateOverallConfidence(detections);
+  const basedOn = [...new Set(detections.map((d) => d.registryCard))];
+  return {
+    name,
+    description,
+    technical: {
+      type: suggestedTechnical?.type ?? "framework",
+      framework: suggestedTechnical?.framework ?? summary.primaryFramework ?? "unknown",
+      components,
+      sourceFiles
+    },
+    riskFactors: inferredRiskFactors,
+    confidence,
+    basedOn
+  };
+}
+function generateName(primaryFramework, type) {
+  if (!primaryFramework) {
+    return "AI Asset";
+  }
+  const typeLabel = {
+    model: "Model",
+    agent: "Agent",
+    api_client: "Integration",
+    framework: "Application",
+    pipeline: "Pipeline"
+  };
+  return `${primaryFramework} ${typeLabel[type ?? "framework"]}`;
+}
+function generateDescription(detections, summary) {
+  const frameworks = Object.keys(summary.byFramework);
+  const parts = [];
+  if (frameworks.length === 1) {
+    parts.push(`AI asset using ${frameworks[0]}.`);
+  } else if (frameworks.length > 1) {
+    parts.push(`AI asset using ${frameworks.slice(0, 3).join(", ")}${frameworks.length > 3 ? ` and ${frameworks.length - 3} more` : ""}.`);
+  } else {
+    parts.push("AI asset detected in codebase.");
+  }
+  const categories = summary.byCategory;
+  if (categories.agent_framework > 0) {
+    parts.push("Includes autonomous agent capabilities.");
+  }
+  if (categories.llm_provider > 0) {
+    parts.push("Integrates with LLM providers.");
+  }
+  if (categories.ml_framework > 0) {
+    parts.push("Uses machine learning frameworks.");
+  }
+  if (categories.model_file > 0) {
+    parts.push("Contains model files.");
+  }
+  return parts.join(" ");
+}
+function collectComponents(detections) {
+  const components = [];
+  const seen = /* @__PURE__ */ new Set();
+  for (const detection of detections) {
+    const key = `${detection.category}-${detection.framework}`;
+    if (seen.has(key)) continue;
+    seen.add(key);
+    const component = {
+      type: mapCategoryToComponentType(detection.category)
+    };
+    if (detection.category === "llm_provider") {
+      component.provider = detection.framework;
+    }
+    components.push(component);
+  }
+  return components;
+}
+function mapCategoryToComponentType(category) {
+  const mapping = {
+    llm_provider: "llm",
+    framework: "framework",
+    agent_framework: "agent",
+    ml_framework: "model",
+    ml_ops: "mlops",
+    model_file: "model"
+  };
+  return mapping[category] ?? category;
+}
+function calculateOverallConfidence(detections) {
+  if (detections.length === 0) return "low";
+  const highCount = detections.filter((d) => d.confidence === "high").length;
+  const mediumCount = detections.filter((d) => d.confidence === "medium").length;
+  if (highCount >= 3) return "high";
+  if (highCount >= 1 && mediumCount >= 2) return "high";
+  if (highCount >= 1 || mediumCount >= 3) return "medium";
+  if (mediumCount >= 1) return "medium";
+  return "low";
+}
+
+// src/detection/index.ts
+init_python();
+init_javascript();
+init_model_files();
+init_risk_indicators();
+
+// src/utils.ts
+function formatDate(date) {
+  return date.toISOString();
+}
+function parseDate(dateString) {
+  return new Date(dateString);
+}
+function slugify(text) {
+  return text.toLowerCase().replace(/[^a-z0-9]+/g, "-").replace(/(^-|-$)/g, "");
+}
+export {
+  ApprovalSchema,
+  AssetCardSchema,
+  ClassificationSchema,
+  ConfidenceLevelSchema,
+  ConstraintsSchema,
+  ControlStatusSchema,
+  DetectionStrategySchema,
+  FrameworkCategorySchema,
+  GovernanceSchema,
+  IntentSchema,
+  JurisdictionClassificationSchema,
+  MODEL_EXTENSIONS,
+  OwnerSchema,
+  RiskFactorsSchema,
+  TechnicalSchema,
+  TrustworthinessCharacteristicSchema,
+  TrustworthinessSchema,
+  addJurisdiction,
+  analyzeImports,
+  applyImplicationChains,
+  classifyRisk,
+  clearRegistry,
+  createAssetCard,
+  createImplication,
+  detectAnnotations,
+  formatDate,
+  generateAssetId,
+  getAllPatterns,
+  getPattern,
+  getPatternsByCategory,
+  getPatternsByLanguage,
+  inferRiskFactors,
+  initializePatterns,
+  isModelFile,
+  isRegistryInitialized,
+  javascriptPatterns,
+  linkAssetToTicket,
+  loadAssetCard,
+  matchPatterns,
+  modelFilePatterns,
+  parseDate,
+  pythonPatterns,
+  registerPattern,
+  resetPatterns,
+  riskIndicatorPatterns,
+  saveAssetCard,
+  scan,
+  scanFileExtension,
+  scanSync,
+  slugify,
+  suggestAssetCard,
+  updateJurisdictionCompliance,
+  validateAssetCard,
+  validateGoldenThread,
+  validateRiskFactors
+};
+//# sourceMappingURL=index.mjs.map