@aion0/bastion 0.1.12 → 0.1.14

package/dist/storage/repositories/threat-score-events.js

@@ -0,0 +1,24 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.ThreatScoreEventsRepository = void 0;
+class ThreatScoreEventsRepository {
+    db;
+    constructor(db) {
+        this.db = db;
+    }
+    insert(record) {
+        this.db.prepare(`
+      INSERT INTO threat_score_events (id, session_id, event_type, source_event, points, score_after, level_after)
+      VALUES (@id, @session_id, @event_type, @source_event, @points, @score_after, @level_after)
+    `).run(record);
+    }
+    getBySession(sessionId, limit = 50) {
+        return this.db.prepare('SELECT * FROM threat_score_events WHERE session_id = ? ORDER BY created_at DESC LIMIT ?').all(sessionId, limit);
+    }
+    purgeOlderThan(hours) {
+        const result = this.db.prepare(`DELETE FROM threat_score_events WHERE created_at < datetime('now', '-' || ? || ' hours')`).run(hours);
+        return result.changes;
+    }
+}
+exports.ThreatScoreEventsRepository = ThreatScoreEventsRepository;
+//# sourceMappingURL=threat-score-events.js.map

package/dist/storage/repositories/threat-score-events.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"threat-score-events.js","sourceRoot":"","sources":["../../../src/storage/repositories/threat-score-events.ts"],"names":[],"mappings":";;;AAaA,MAAa,2BAA2B;IAC9B,EAAE,CAAoB;IAE9B,YAAY,EAAqB;QAC/B,IAAI,CAAC,EAAE,GAAG,EAAE,CAAC;IACf,CAAC;IAED,MAAM,CAAC,MAQN;QACC,IAAI,CAAC,EAAE,CAAC,OAAO,CAAC;;;KAGf,CAAC,CAAC,GAAG,CAAC,MAAM,CAAC,CAAC;IACjB,CAAC;IAED,YAAY,CAAC,SAAiB,EAAE,QAAgB,EAAE;QAChD,OAAO,IAAI,CAAC,EAAE,CAAC,OAAO,CACpB,yFAAyF,CAC1F,CAAC,GAAG,CAAC,SAAS,EAAE,KAAK,CAA6B,CAAC;IACtD,CAAC;IAED,cAAc,CAAC,KAAa;QAC1B,MAAM,MAAM,GAAG,IAAI,CAAC,EAAE,CAAC,OAAO,CAC5B,0FAA0F,CAC3F,CAAC,GAAG,CAAC,KAAK,CAAC,CAAC;QACb,OAAO,MAAM,CAAC,OAAO,CAAC;IACxB,CAAC;CACF;AAlCD,kEAkCC"}

package/dist/storage/repositories/threat-scores.d.ts

@@ -0,0 +1,26 @@
+import type Database from 'better-sqlite3';
+export interface ThreatScoreRecord {
+    session_id: string;
+    score: number;
+    level: string;
+    event_count: number;
+    last_event_at: string | null;
+    updated_at: string;
+}
+export declare class ThreatScoresRepository {
+    private db;
+    constructor(db: Database.Database);
+    upsert(record: {
+        session_id: string;
+        score: number;
+        level: string;
+        event_count: number;
+        last_event_at: string | null;
+    }): void;
+    get(sessionId: string): ThreatScoreRecord | null;
+    getAll(): ThreatScoreRecord[];
+    getElevated(): ThreatScoreRecord[];
+    reset(sessionId: string): void;
+    purgeOlderThan(hours: number): number;
+}
+//# sourceMappingURL=threat-scores.d.ts.map

package/dist/storage/repositories/threat-scores.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"threat-scores.d.ts","sourceRoot":"","sources":["../../../src/storage/repositories/threat-scores.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,QAAQ,MAAM,gBAAgB,CAAC;AAE3C,MAAM,WAAW,iBAAiB;IAChC,UAAU,EAAE,MAAM,CAAC;IACnB,KAAK,EAAE,MAAM,CAAC;IACd,KAAK,EAAE,MAAM,CAAC;IACd,WAAW,EAAE,MAAM,CAAC;IACpB,aAAa,EAAE,MAAM,GAAG,IAAI,CAAC;IAC7B,UAAU,EAAE,MAAM,CAAC;CACpB;AAED,qBAAa,sBAAsB;IACjC,OAAO,CAAC,EAAE,CAAoB;gBAElB,EAAE,EAAE,QAAQ,CAAC,QAAQ;IAIjC,MAAM,CAAC,MAAM,EAAE;QACb,UAAU,EAAE,MAAM,CAAC;QACnB,KAAK,EAAE,MAAM,CAAC;QACd,KAAK,EAAE,MAAM,CAAC;QACd,WAAW,EAAE,MAAM,CAAC;QACpB,aAAa,EAAE,MAAM,GAAG,IAAI,CAAC;KAC9B,GAAG,IAAI;IAaR,GAAG,CAAC,SAAS,EAAE,MAAM,GAAG,iBAAiB,GAAG,IAAI;IAMhD,MAAM,IAAI,iBAAiB,EAAE;IAM7B,WAAW,IAAI,iBAAiB,EAAE;IAMlC,KAAK,CAAC,SAAS,EAAE,MAAM,GAAG,IAAI;IAO9B,cAAc,CAAC,KAAK,EAAE,MAAM,GAAG,MAAM;CAMtC"}

package/dist/storage/repositories/threat-scores.js

@@ -0,0 +1,42 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.ThreatScoresRepository = void 0;
+class ThreatScoresRepository {
+    db;
+    constructor(db) {
+        this.db = db;
+    }
+    upsert(record) {
+        this.db.prepare(`
+      INSERT INTO threat_scores (session_id, score, level, event_count, last_event_at, updated_at)
+      VALUES (@session_id, @score, @level, @event_count, @last_event_at, datetime('now'))
+      ON CONFLICT(session_id) DO UPDATE SET
+        score = @score,
+        level = @level,
+        event_count = @event_count,
+        last_event_at = @last_event_at,
+        updated_at = datetime('now')
+    `).run(record);
+    }
+    get(sessionId) {
+        return this.db.prepare('SELECT * FROM threat_scores WHERE session_id = ?').get(sessionId) ?? null;
+    }
+    getAll() {
+        return this.db.prepare('SELECT * FROM threat_scores ORDER BY updated_at DESC').all();
+    }
+    getElevated() {
+        return this.db.prepare("SELECT * FROM threat_scores WHERE level != 'normal' ORDER BY score DESC").all();
+    }
+    reset(sessionId) {
+        this.db.prepare(`
+      UPDATE threat_scores SET score = 0, level = 'normal', event_count = 0, updated_at = datetime('now')
+      WHERE session_id = ?
+    `).run(sessionId);
+    }
+    purgeOlderThan(hours) {
+        const result = this.db.prepare(`DELETE FROM threat_scores WHERE updated_at < datetime('now', '-' || ? || ' hours')`).run(hours);
+        return result.changes;
+    }
+}
+exports.ThreatScoresRepository = ThreatScoresRepository;
+//# sourceMappingURL=threat-scores.js.map

package/dist/storage/repositories/threat-scores.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"threat-scores.js","sourceRoot":"","sources":["../../../src/storage/repositories/threat-scores.ts"],"names":[],"mappings":";;;AAWA,MAAa,sBAAsB;IACzB,EAAE,CAAoB;IAE9B,YAAY,EAAqB;QAC/B,IAAI,CAAC,EAAE,GAAG,EAAE,CAAC;IACf,CAAC;IAED,MAAM,CAAC,MAMN;QACC,IAAI,CAAC,EAAE,CAAC,OAAO,CAAC;;;;;;;;;KASf,CAAC,CAAC,GAAG,CAAC,MAAM,CAAC,CAAC;IACjB,CAAC;IAED,GAAG,CAAC,SAAiB;QACnB,OAAQ,IAAI,CAAC,EAAE,CAAC,OAAO,CACrB,kDAAkD,CACnD,CAAC,GAAG,CAAC,SAAS,CAAmC,IAAI,IAAI,CAAC;IAC7D,CAAC;IAED,MAAM;QACJ,OAAO,IAAI,CAAC,EAAE,CAAC,OAAO,CACpB,sDAAsD,CACvD,CAAC,GAAG,EAAyB,CAAC;IACjC,CAAC;IAED,WAAW;QACT,OAAO,IAAI,CAAC,EAAE,CAAC,OAAO,CACpB,yEAAyE,CAC1E,CAAC,GAAG,EAAyB,CAAC;IACjC,CAAC;IAED,KAAK,CAAC,SAAiB;QACrB,IAAI,CAAC,EAAE,CAAC,OAAO,CAAC;;;KAGf,CAAC,CAAC,GAAG,CAAC,SAAS,CAAC,CAAC;IACpB,CAAC;IAED,cAAc,CAAC,KAAa;QAC1B,MAAM,MAAM,GAAG,IAAI,CAAC,EAAE,CAAC,OAAO,CAC5B,oFAAoF,CACrF,CAAC,GAAG,CAAC,KAAK,CAAC,CAAC;QACb,OAAO,MAAM,CAAC,OAAO,CAAC;IACxB,CAAC;CACF;AAzDD,wDAyDC"}

package/dist/storage/repositories/tool-chain-detections.d.ts

@@ -0,0 +1,24 @@
+import type Database from 'better-sqlite3';
+export interface ToolChainDetectionRecord {
+    id: string;
+    session_id: string;
+    rule_id: string;
+    matched_sequence: string;
+    action: string;
+    created_at: string;
+}
+export declare class ToolChainDetectionsRepository {
+    private db;
+    constructor(db: Database.Database);
+    insert(record: {
+        id: string;
+        session_id: string;
+        rule_id: string;
+        matched_sequence: string;
+        action: string;
+    }): void;
+    getRecent(limit?: number): ToolChainDetectionRecord[];
+    getBySession(sessionId: string): ToolChainDetectionRecord[];
+    purgeOlderThan(hours: number): number;
+}
+//# sourceMappingURL=tool-chain-detections.d.ts.map

package/dist/storage/repositories/tool-chain-detections.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"tool-chain-detections.d.ts","sourceRoot":"","sources":["../../../src/storage/repositories/tool-chain-detections.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,QAAQ,MAAM,gBAAgB,CAAC;AAE3C,MAAM,WAAW,wBAAwB;IACvC,EAAE,EAAE,MAAM,CAAC;IACX,UAAU,EAAE,MAAM,CAAC;IACnB,OAAO,EAAE,MAAM,CAAC;IAChB,gBAAgB,EAAE,MAAM,CAAC;IACzB,MAAM,EAAE,MAAM,CAAC;IACf,UAAU,EAAE,MAAM,CAAC;CACpB;AAED,qBAAa,6BAA6B;IACxC,OAAO,CAAC,EAAE,CAAoB;gBAElB,EAAE,EAAE,QAAQ,CAAC,QAAQ;IAIjC,MAAM,CAAC,MAAM,EAAE;QACb,EAAE,EAAE,MAAM,CAAC;QACX,UAAU,EAAE,MAAM,CAAC;QACnB,OAAO,EAAE,MAAM,CAAC;QAChB,gBAAgB,EAAE,MAAM,CAAC;QACzB,MAAM,EAAE,MAAM,CAAC;KAChB,GAAG,IAAI;IAOR,SAAS,CAAC,KAAK,GAAE,MAAW,GAAG,wBAAwB,EAAE;IAMzD,YAAY,CAAC,SAAS,EAAE,MAAM,GAAG,wBAAwB,EAAE;IAM3D,cAAc,CAAC,KAAK,EAAE,MAAM,GAAG,MAAM;CAMtC"}

package/dist/storage/repositories/tool-chain-detections.js

@@ -0,0 +1,27 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.ToolChainDetectionsRepository = void 0;
+class ToolChainDetectionsRepository {
+    db;
+    constructor(db) {
+        this.db = db;
+    }
+    insert(record) {
+        this.db.prepare(`
+      INSERT INTO tool_chain_detections (id, session_id, rule_id, matched_sequence, action)
+      VALUES (@id, @session_id, @rule_id, @matched_sequence, @action)
+    `).run(record);
+    }
+    getRecent(limit = 50) {
+        return this.db.prepare('SELECT * FROM tool_chain_detections ORDER BY created_at DESC LIMIT ?').all(limit);
+    }
+    getBySession(sessionId) {
+        return this.db.prepare('SELECT * FROM tool_chain_detections WHERE session_id = ? ORDER BY created_at DESC').all(sessionId);
+    }
+    purgeOlderThan(hours) {
+        const result = this.db.prepare(`DELETE FROM tool_chain_detections WHERE created_at < datetime('now', '-' || ? || ' hours')`).run(hours);
+        return result.changes;
+    }
+}
+exports.ToolChainDetectionsRepository = ToolChainDetectionsRepository;
+//# sourceMappingURL=tool-chain-detections.js.map

package/dist/storage/repositories/tool-chain-detections.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"tool-chain-detections.js","sourceRoot":"","sources":["../../../src/storage/repositories/tool-chain-detections.ts"],"names":[],"mappings":";;;AAWA,MAAa,6BAA6B;IAChC,EAAE,CAAoB;IAE9B,YAAY,EAAqB;QAC/B,IAAI,CAAC,EAAE,GAAG,EAAE,CAAC;IACf,CAAC;IAED,MAAM,CAAC,MAMN;QACC,IAAI,CAAC,EAAE,CAAC,OAAO,CAAC;;;KAGf,CAAC,CAAC,GAAG,CAAC,MAAM,CAAC,CAAC;IACjB,CAAC;IAED,SAAS,CAAC,QAAgB,EAAE;QAC1B,OAAO,IAAI,CAAC,EAAE,CAAC,OAAO,CACpB,sEAAsE,CACvE,CAAC,GAAG,CAAC,KAAK,CAA+B,CAAC;IAC7C,CAAC;IAED,YAAY,CAAC,SAAiB;QAC5B,OAAO,IAAI,CAAC,EAAE,CAAC,OAAO,CACpB,mFAAmF,CACpF,CAAC,GAAG,CAAC,SAAS,CAA+B,CAAC;IACjD,CAAC;IAED,cAAc,CAAC,KAAa;QAC1B,MAAM,MAAM,GAAG,IAAI,CAAC,EAAE,CAAC,OAAO,CAC5B,4FAA4F,CAC7F,CAAC,GAAG,CAAC,KAAK,CAAC,CAAC;QACb,OAAO,MAAM,CAAC,OAAO,CAAC;IACxB,CAAC;CACF;AAtCD,sEAsCC"}

package/dist/tool-guard/chain-detector.d.ts

@@ -0,0 +1,18 @@
+import type { ToolChainRule } from './chain-rules.js';
+export interface ToolCallEntry {
+    category: string;
+    timestamp: number;
+}
+export interface ToolChainMatch {
+    rule: ToolChainRule;
+    matchedSequence: string[];
+}
+export declare class ChainDetector {
+    private sessionWindows;
+    private maxWindowSize;
+    constructor(maxWindowSize?: number);
+    recordToolCall(sessionId: string, category: string): void;
+    checkChains(sessionId: string, rules: ToolChainRule[]): ToolChainMatch | null;
+    cleanup(sessionId: string): void;
+}
+//# sourceMappingURL=chain-detector.d.ts.map

package/dist/tool-guard/chain-detector.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"chain-detector.d.ts","sourceRoot":"","sources":["../../src/tool-guard/chain-detector.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,aAAa,EAAE,MAAM,kBAAkB,CAAC;AAEtD,MAAM,WAAW,aAAa;IAC5B,QAAQ,EAAE,MAAM,CAAC;IACjB,SAAS,EAAE,MAAM,CAAC;CACnB;AAED,MAAM,WAAW,cAAc;IAC7B,IAAI,EAAE,aAAa,CAAC;IACpB,eAAe,EAAE,MAAM,EAAE,CAAC;CAC3B;AAID,qBAAa,aAAa;IACxB,OAAO,CAAC,cAAc,CAAsC;IAC5D,OAAO,CAAC,aAAa,CAAS;gBAElB,aAAa,GAAE,MAAwB;IAInD,cAAc,CAAC,SAAS,EAAE,MAAM,EAAE,QAAQ,EAAE,MAAM,GAAG,IAAI;IAazD,WAAW,CAAC,SAAS,EAAE,MAAM,EAAE,KAAK,EAAE,aAAa,EAAE,GAAG,cAAc,GAAG,IAAI;IAgC7E,OAAO,CAAC,SAAS,EAAE,MAAM,GAAG,IAAI;CAGjC"}

package/dist/tool-guard/chain-detector.js

@@ -0,0 +1,55 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.ChainDetector = void 0;
+const MAX_WINDOW_SIZE = 50;
+class ChainDetector {
+    sessionWindows = new Map();
+    maxWindowSize;
+    constructor(maxWindowSize = MAX_WINDOW_SIZE) {
+        this.maxWindowSize = maxWindowSize;
+    }
+    recordToolCall(sessionId, category) {
+        let window = this.sessionWindows.get(sessionId);
+        if (!window) {
+            window = [];
+            this.sessionWindows.set(sessionId, window);
+        }
+        window.push({ category, timestamp: Date.now() });
+        // Trim to max window size
+        if (window.length > this.maxWindowSize) {
+            window.splice(0, window.length - this.maxWindowSize);
+        }
+    }
+    checkChains(sessionId, rules) {
+        const window = this.sessionWindows.get(sessionId);
+        if (!window || window.length < 2)
+            return null;
+        const now = Date.now();
+        for (const rule of rules) {
+            const windowMs = rule.windowSeconds * 1000;
+            // Walk backward through the window looking for the sequence in order
+            // The last element of the sequence should be the most recent matching entry
+            const seq = rule.sequence;
+            let seqIdx = seq.length - 1;
+            const matched = new Array(seq.length);
+            for (let i = window.length - 1; i >= 0 && seqIdx >= 0; i--) {
+                const entry = window[i];
+                if (now - entry.timestamp > windowMs)
+                    break; // outside time window
+                if (entry.category === seq[seqIdx]) {
+                    matched[seqIdx] = entry.category;
+                    seqIdx--;
+                }
+            }
+            if (seqIdx < 0) {
+                return { rule, matchedSequence: matched };
+            }
+        }
+        return null;
+    }
+    cleanup(sessionId) {
+        this.sessionWindows.delete(sessionId);
+    }
+}
+exports.ChainDetector = ChainDetector;
+//# sourceMappingURL=chain-detector.js.map

package/dist/tool-guard/chain-detector.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"chain-detector.js","sourceRoot":"","sources":["../../src/tool-guard/chain-detector.ts"],"names":[],"mappings":";;;AAYA,MAAM,eAAe,GAAG,EAAE,CAAC;AAE3B,MAAa,aAAa;IAChB,cAAc,GAAG,IAAI,GAAG,EAA2B,CAAC;IACpD,aAAa,CAAS;IAE9B,YAAY,gBAAwB,eAAe;QACjD,IAAI,CAAC,aAAa,GAAG,aAAa,CAAC;IACrC,CAAC;IAED,cAAc,CAAC,SAAiB,EAAE,QAAgB;QAChD,IAAI,MAAM,GAAG,IAAI,CAAC,cAAc,CAAC,GAAG,CAAC,SAAS,CAAC,CAAC;QAChD,IAAI,CAAC,MAAM,EAAE,CAAC;YACZ,MAAM,GAAG,EAAE,CAAC;YACZ,IAAI,CAAC,cAAc,CAAC,GAAG,CAAC,SAAS,EAAE,MAAM,CAAC,CAAC;QAC7C,CAAC;QACD,MAAM,CAAC,IAAI,CAAC,EAAE,QAAQ,EAAE,SAAS,EAAE,IAAI,CAAC,GAAG,EAAE,EAAE,CAAC,CAAC;QACjD,0BAA0B;QAC1B,IAAI,MAAM,CAAC,MAAM,GAAG,IAAI,CAAC,aAAa,EAAE,CAAC;YACvC,MAAM,CAAC,MAAM,CAAC,CAAC,EAAE,MAAM,CAAC,MAAM,GAAG,IAAI,CAAC,aAAa,CAAC,CAAC;QACvD,CAAC;IACH,CAAC;IAED,WAAW,CAAC,SAAiB,EAAE,KAAsB;QACnD,MAAM,MAAM,GAAG,IAAI,CAAC,cAAc,CAAC,GAAG,CAAC,SAAS,CAAC,CAAC;QAClD,IAAI,CAAC,MAAM,IAAI,MAAM,CAAC,MAAM,GAAG,CAAC;YAAE,OAAO,IAAI,CAAC;QAE9C,MAAM,GAAG,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC;QAEvB,KAAK,MAAM,IAAI,IAAI,KAAK,EAAE,CAAC;YACzB,MAAM,QAAQ,GAAG,IAAI,CAAC,aAAa,GAAG,IAAI,CAAC;YAE3C,qEAAqE;YACrE,4EAA4E;YAC5E,MAAM,GAAG,GAAG,IAAI,CAAC,QAAQ,CAAC;YAC1B,IAAI,MAAM,GAAG,GAAG,CAAC,MAAM,GAAG,CAAC,CAAC;YAC5B,MAAM,OAAO,GAAa,IAAI,KAAK,CAAC,GAAG,CAAC,MAAM,CAAC,CAAC;YAEhD,KAAK,IAAI,CAAC,GAAG,MAAM,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC,IAAI,CAAC,IAAI,MAAM,IAAI,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC;gBAC3D,MAAM,KAAK,GAAG,MAAM,CAAC,CAAC,CAAC,CAAC;gBACxB,IAAI,GAAG,GAAG,KAAK,CAAC,SAAS,GAAG,QAAQ;oBAAE,MAAM,CAAC,sBAAsB;gBACnE,IAAI,KAAK,CAAC,QAAQ,KAAK,GAAG,CAAC,MAAM,CAAC,EAAE,CAAC;oBACnC,OAAO,CAAC,MAAM,CAAC,GAAG,KAAK,CAAC,QAAQ,CAAC;oBACjC,MAAM,EAAE,CAAC;gBACX,CAAC;YACH,CAAC;YAED,IAAI,MAAM,GAAG,CAAC,EAAE,CAAC;gBACf,OAAO,EAAE,IAAI,EAAE,eAAe,EAAE,OAAO,EAAE,CAAC;YAC5C,CAAC;QACH,CAAC;QAED,OAAO,IAAI,CAAC;IACd,CAAC;IAED,OAAO,CAAC,SAAiB;QACvB,IAAI,CAAC,cAAc,CAAC,MAAM,CAAC,SAAS,CAAC,CAAC;IACxC,CAAC;CACF;AAxDD,sCAwDC"}

package/dist/tool-guard/chain-rules.d.ts

@@ -0,0 +1,10 @@
+export interface ToolChainRule {
+    id: string;
+    name: string;
+    description: string;
+    sequence: string[];
+    windowSeconds: number;
+    action: 'warn' | 'block';
+}
+export declare const BUILTIN_CHAIN_RULES: ToolChainRule[];
+//# sourceMappingURL=chain-rules.d.ts.map

package/dist/tool-guard/chain-rules.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"chain-rules.d.ts","sourceRoot":"","sources":["../../src/tool-guard/chain-rules.ts"],"names":[],"mappings":"AAAA,MAAM,WAAW,aAAa;IAC5B,EAAE,EAAE,MAAM,CAAC;IACX,IAAI,EAAE,MAAM,CAAC;IACb,WAAW,EAAE,MAAM,CAAC;IACpB,QAAQ,EAAE,MAAM,EAAE,CAAC;IACnB,aAAa,EAAE,MAAM,CAAC;IACtB,MAAM,EAAE,MAAM,GAAG,OAAO,CAAC;CAC1B;AAED,eAAO,MAAM,mBAAmB,EAAE,aAAa,EAyB9C,CAAC"}

package/dist/tool-guard/chain-rules.js

@@ -0,0 +1,30 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.BUILTIN_CHAIN_RULES = void 0;
+exports.BUILTIN_CHAIN_RULES = [
+    {
+        id: 'chain-exfil-after-cred',
+        name: 'Exfiltration after credential access',
+        description: 'Network data transfer detected after credential file access within 5 minutes',
+        sequence: ['credential-access', 'network-exfil'],
+        windowSeconds: 300,
+        action: 'block',
+    },
+    {
+        id: 'chain-destruct-after-exec',
+        name: 'Destructive action after code execution',
+        description: 'Destructive filesystem operation detected after remote code execution within 3 minutes',
+        sequence: ['code-execution', 'destructive-fs'],
+        windowSeconds: 180,
+        action: 'warn',
+    },
+    {
+        id: 'chain-publish-after-cred',
+        name: 'Package publish after credential access',
+        description: 'Package publish detected after credential access within 10 minutes',
+        sequence: ['credential-access', 'package-publish'],
+        windowSeconds: 600,
+        action: 'block',
+    },
+];
+//# sourceMappingURL=chain-rules.js.map

package/dist/tool-guard/chain-rules.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"chain-rules.js","sourceRoot":"","sources":["../../src/tool-guard/chain-rules.ts"],"names":[],"mappings":";;;AASa,QAAA,mBAAmB,GAAoB;IAClD;QACE,EAAE,EAAE,wBAAwB;QAC5B,IAAI,EAAE,sCAAsC;QAC5C,WAAW,EAAE,8EAA8E;QAC3F,QAAQ,EAAE,CAAC,mBAAmB,EAAE,eAAe,CAAC;QAChD,aAAa,EAAE,GAAG;QAClB,MAAM,EAAE,OAAO;KAChB;IACD;QACE,EAAE,EAAE,2BAA2B;QAC/B,IAAI,EAAE,yCAAyC;QAC/C,WAAW,EAAE,wFAAwF;QACrG,QAAQ,EAAE,CAAC,gBAAgB,EAAE,gBAAgB,CAAC;QAC9C,aAAa,EAAE,GAAG;QAClB,MAAM,EAAE,MAAM;KACf;IACD;QACE,EAAE,EAAE,0BAA0B;QAC9B,IAAI,EAAE,yCAAyC;QAC/C,WAAW,EAAE,oEAAoE;QACjF,QAAQ,EAAE,CAAC,mBAAmB,EAAE,iBAAiB,CAAC;QAClD,aAAa,EAAE,GAAG;QAClB,MAAM,EAAE,OAAO;KAChB;CACF,CAAC"}

package/dist/tool-guard/taint-tracker.d.ts

@@ -0,0 +1,24 @@
+export interface TaintMark {
+    sessionId: string;
+    requestId: string;
+    patternName: string;
+    fingerprint: string;
+    timestamp: number;
+}
+export interface TaintMatch {
+    patternName: string;
+    fingerprint: string;
+}
+export declare class TaintTracker {
+    private sessionTaints;
+    private ttlMs;
+    constructor(ttlMinutes?: number);
+    /** Create a fingerprint from matched content: SHA256 first 16 hex chars */
+    static fingerprint(content: string): string;
+    markTaint(sessionId: string, requestId: string, patternName: string, matchedContent: string): string;
+    /** Check if tool input contains any tainted content fingerprints */
+    checkToolInput(sessionId: string, toolInput: string): TaintMatch | null;
+    getActiveTaints(sessionId: string): TaintMark[];
+    cleanup(sessionId: string): void;
+}
+//# sourceMappingURL=taint-tracker.d.ts.map

package/dist/tool-guard/taint-tracker.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"taint-tracker.d.ts","sourceRoot":"","sources":["../../src/tool-guard/taint-tracker.ts"],"names":[],"mappings":"AAEA,MAAM,WAAW,SAAS;IACxB,SAAS,EAAE,MAAM,CAAC;IAClB,SAAS,EAAE,MAAM,CAAC;IAClB,WAAW,EAAE,MAAM,CAAC;IACpB,WAAW,EAAE,MAAM,CAAC;IACpB,SAAS,EAAE,MAAM,CAAC;CACnB;AAED,MAAM,WAAW,UAAU;IACzB,WAAW,EAAE,MAAM,CAAC;IACpB,WAAW,EAAE,MAAM,CAAC;CACrB;AAED,qBAAa,YAAY;IACvB,OAAO,CAAC,aAAa,CAAkC;IACvD,OAAO,CAAC,KAAK,CAAS;gBAEV,UAAU,GAAE,MAAW;IAInC,2EAA2E;IAC3E,MAAM,CAAC,WAAW,CAAC,OAAO,EAAE,MAAM,GAAG,MAAM;IAI3C,SAAS,CAAC,SAAS,EAAE,MAAM,EAAE,SAAS,EAAE,MAAM,EAAE,WAAW,EAAE,MAAM,EAAE,cAAc,EAAE,MAAM,GAAG,MAAM;IAiBpG,oEAAoE;IACpE,cAAc,CAAC,SAAS,EAAE,MAAM,EAAE,SAAS,EAAE,MAAM,GAAG,UAAU,GAAG,IAAI;IAoBvE,eAAe,CAAC,SAAS,EAAE,MAAM,GAAG,SAAS,EAAE;IAa/C,OAAO,CAAC,SAAS,EAAE,MAAM,GAAG,IAAI;CAGjC"}

package/dist/tool-guard/taint-tracker.js

@@ -0,0 +1,70 @@
+"use strict";
+var __importDefault = (this && this.__importDefault) || function (mod) {
+    return (mod && mod.__esModule) ? mod : { "default": mod };
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.TaintTracker = void 0;
+const node_crypto_1 = __importDefault(require("node:crypto"));
+class TaintTracker {
+    sessionTaints = new Map();
+    ttlMs;
+    constructor(ttlMinutes = 60) {
+        this.ttlMs = ttlMinutes * 60 * 1000;
+    }
+    /** Create a fingerprint from matched content: SHA256 first 16 hex chars */
+    static fingerprint(content) {
+        return node_crypto_1.default.createHash('sha256').update(content).digest('hex').slice(0, 16);
+    }
+    markTaint(sessionId, requestId, patternName, matchedContent) {
+        const fingerprint = TaintTracker.fingerprint(matchedContent);
+        let taints = this.sessionTaints.get(sessionId);
+        if (!taints) {
+            taints = [];
+            this.sessionTaints.set(sessionId, taints);
+        }
+        taints.push({
+            sessionId,
+            requestId,
+            patternName,
+            fingerprint,
+            timestamp: Date.now(),
+        });
+        return fingerprint;
+    }
+    /** Check if tool input contains any tainted content fingerprints */
+    checkToolInput(sessionId, toolInput) {
+        const taints = this.getActiveTaints(sessionId);
+        if (taints.length === 0)
+            return null;
+        // Generate sliding-window fingerprints from tool input and check against taints
+        // For efficiency, we check if any taint fingerprint appears as a substring hash
+        for (const taint of taints) {
+            // Check if the fingerprinted content appears in tool input by re-hashing substrings
+            // This is a simplified approach: we hash various substrings of the input
+            // For practical use, we check if the original matched content reappears
+            // by comparing fingerprints of input chunks
+            const inputFingerprint = TaintTracker.fingerprint(toolInput);
+            if (inputFingerprint === taint.fingerprint) {
+                return { patternName: taint.patternName, fingerprint: taint.fingerprint };
+            }
+        }
+        return null;
+    }
+    getActiveTaints(sessionId) {
+        const taints = this.sessionTaints.get(sessionId);
+        if (!taints)
+            return [];
+        const cutoff = Date.now() - this.ttlMs;
+        // Remove expired taints
+        const active = taints.filter(t => t.timestamp > cutoff);
+        if (active.length !== taints.length) {
+            this.sessionTaints.set(sessionId, active);
+        }
+        return active;
+    }
+    cleanup(sessionId) {
+        this.sessionTaints.delete(sessionId);
+    }
+}
+exports.TaintTracker = TaintTracker;
+//# sourceMappingURL=taint-tracker.js.map

package/dist/tool-guard/taint-tracker.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"taint-tracker.js","sourceRoot":"","sources":["../../src/tool-guard/taint-tracker.ts"],"names":[],"mappings":";;;;;;AAAA,8DAAiC;AAejC,MAAa,YAAY;IACf,aAAa,GAAG,IAAI,GAAG,EAAuB,CAAC;IAC/C,KAAK,CAAS;IAEtB,YAAY,aAAqB,EAAE;QACjC,IAAI,CAAC,KAAK,GAAG,UAAU,GAAG,EAAE,GAAG,IAAI,CAAC;IACtC,CAAC;IAED,2EAA2E;IAC3E,MAAM,CAAC,WAAW,CAAC,OAAe;QAChC,OAAO,qBAAM,CAAC,UAAU,CAAC,QAAQ,CAAC,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC,KAAK,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC;IAChF,CAAC;IAED,SAAS,CAAC,SAAiB,EAAE,SAAiB,EAAE,WAAmB,EAAE,cAAsB;QACzF,MAAM,WAAW,GAAG,YAAY,CAAC,WAAW,CAAC,cAAc,CAAC,CAAC;QAC7D,IAAI,MAAM,GAAG,IAAI,CAAC,aAAa,CAAC,GAAG,CAAC,SAAS,CAAC,CAAC;QAC/C,IAAI,CAAC,MAAM,EAAE,CAAC;YACZ,MAAM,GAAG,EAAE,CAAC;YACZ,IAAI,CAAC,aAAa,CAAC,GAAG,CAAC,SAAS,EAAE,MAAM,CAAC,CAAC;QAC5C,CAAC;QACD,MAAM,CAAC,IAAI,CAAC;YACV,SAAS;YACT,SAAS;YACT,WAAW;YACX,WAAW;YACX,SAAS,EAAE,IAAI,CAAC,GAAG,EAAE;SACtB,CAAC,CAAC;QACH,OAAO,WAAW,CAAC;IACrB,CAAC;IAED,oEAAoE;IACpE,cAAc,CAAC,SAAiB,EAAE,SAAiB;QACjD,MAAM,MAAM,GAAG,IAAI,CAAC,eAAe,CAAC,SAAS,CAAC,CAAC;QAC/C,IAAI,MAAM,CAAC,MAAM,KAAK,CAAC;YAAE,OAAO,IAAI,CAAC;QAErC,gFAAgF;QAChF,gFAAgF;QAChF,KAAK,MAAM,KAAK,IAAI,MAAM,EAAE,CAAC;YAC3B,oFAAoF;YACpF,yEAAyE;YACzE,wEAAwE;YACxE,4CAA4C;YAC5C,MAAM,gBAAgB,GAAG,YAAY,CAAC,WAAW,CAAC,SAAS,CAAC,CAAC;YAC7D,IAAI,gBAAgB,KAAK,KAAK,CAAC,WAAW,EAAE,CAAC;gBAC3C,OAAO,EAAE,WAAW,EAAE,KAAK,CAAC,WAAW,EAAE,WAAW,EAAE,KAAK,CAAC,WAAW,EAAE,CAAC;YAC5E,CAAC;QACH,CAAC;QAED,OAAO,IAAI,CAAC;IACd,CAAC;IAED,eAAe,CAAC,SAAiB;QAC/B,MAAM,MAAM,GAAG,IAAI,CAAC,aAAa,CAAC,GAAG,CAAC,SAAS,CAAC,CAAC;QACjD,IAAI,CAAC,MAAM;YAAE,OAAO,EAAE,CAAC;QAEvB,MAAM,MAAM,GAAG,IAAI,CAAC,GAAG,EAAE,GAAG,IAAI,CAAC,KAAK,CAAC;QACvC,wBAAwB;QACxB,MAAM,MAAM,GAAG,MAAM,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,SAAS,GAAG,MAAM,CAAC,CAAC;QACxD,IAAI,MAAM,CAAC,MAAM,KAAK,MAAM,CAAC,MAAM,EAAE,CAAC;YACpC,IAAI,CAAC,aAAa,CAAC,GAAG,CAAC,SAAS,EAAE,MAAM,CAAC,CAAC;QAC5C,CAAC;QACD,OAAO,MAAM,CAAC;IAChB,CAAC;IAED,OAAO,CAAC,SAAiB;QACvB,IAAI,CAAC,aAAa,CAAC,MAAM,CAAC,SAAS,CAAC,CAAC;IACvC,CAAC;CACF;AAnED,oCAmEC"}

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@aion0/bastion",
-  "version": "0.1.12",
+  "version": "0.1.14",
   "description": "Local-first AI gateway for proxying and securing LLM provider requests",
   "main": "dist/index.js",
   "types": "dist/index.d.ts",

package/dist/cli/commands/pro.d.ts

@@ -1,3 +0,0 @@
-import type { Command } from 'commander';
-export declare function registerProCommand(program: Command): void;
-//# sourceMappingURL=pro.d.ts.map

package/dist/cli/commands/pro.d.ts.map

@@ -1 +0,0 @@
-{"version":3,"file":"pro.d.ts","sourceRoot":"","sources":["../../../src/cli/commands/pro.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,OAAO,EAAE,MAAM,WAAW,CAAC;AAuKzC,wBAAgB,kBAAkB,CAAC,OAAO,EAAE,OAAO,GAAG,IAAI,CAkIzD"}