npm - @bluefly/openstandardagents - Versions diffs - 0.4.0 → 0.4.2 - Mend

@bluefly/openstandardagents 0.4.0 → 0.4.2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (517) hide show

package/dist/services/validation/security-validator.js ADDED Viewed

@@ -0,0 +1,328 @@
+/**
+ * Security Validator
+ * Checks OSSA manifests for security vulnerabilities and issues
+ *
+ * SOLID: Single Responsibility - Only handles security validation
+ * DRY: Centralized security rules and patterns
+ */
+/**
+ * Patterns that might indicate API keys or secrets
+ */
+const SECRET_PATTERNS = [
+    /sk-[a-zA-Z0-9]{32,}/i, // OpenAI keys
+    /sk-ant-[a-zA-Z0-9-]{32,}/i, // Anthropic keys
+    /AIza[a-zA-Z0-9_-]{35}/i, // Google API keys
+    /xoxb-[a-zA-Z0-9-]+/i, // Slack bot tokens
+    /ghp_[a-zA-Z0-9]{36}/i, // GitHub personal access tokens
+    /gho_[a-zA-Z0-9]{36}/i, // GitHub OAuth tokens
+    /(?:^|[^a-zA-Z0-9])([a-f0-9]{32})(?:[^a-zA-Z0-9]|$)/i, // Generic 32-char hex
+    /-----BEGIN (RSA |DSA |EC )?PRIVATE KEY-----/i, // Private keys
+    /Bearer\s+[a-zA-Z0-9_-]+/i, // Bearer tokens
+    /Basic\s+[a-zA-Z0-9+/=]+/i, // Basic auth
+];
+/**
+ * Suspicious environment variable names
+ */
+const SUSPICIOUS_ENV_VARS = [
+    'api_key',
+    'apikey',
+    'secret',
+    'password',
+    'token',
+    'credentials',
+    'private_key',
+    'secret_key',
+    'access_token',
+    'refresh_token',
+];
+/**
+ * Security Validator Service
+ */
+export class SecurityValidator {
+    /**
+     * Validate security of an agent manifest
+     */
+    validate(manifest) {
+        const vulnerabilities = [];
+        // Check for exposed secrets
+        vulnerabilities.push(...this.checkForSecrets(manifest));
+        // Check for insecure configurations
+        vulnerabilities.push(...this.checkInsecureConfig(manifest));
+        // Check for missing security controls
+        vulnerabilities.push(...this.checkMissingControls(manifest));
+        // Check for overly permissive settings
+        vulnerabilities.push(...this.checkPermissions(manifest));
+        // Check for insecure dependencies
+        vulnerabilities.push(...this.checkDependencies(manifest));
+        // Calculate security score
+        const score = this.calculateScore(vulnerabilities);
+        return {
+            score,
+            vulnerabilities,
+            passed: score >= 70 && !vulnerabilities.some((v) => v.severity === 'critical'),
+        };
+    }
+    /**
+     * Check for exposed secrets in manifest
+     */
+    checkForSecrets(manifest) {
+        const vulnerabilities = [];
+        const manifestStr = JSON.stringify(manifest);
+        // Check for API key patterns
+        for (const pattern of SECRET_PATTERNS) {
+            if (pattern.test(manifestStr)) {
+                vulnerabilities.push({
+                    severity: 'critical',
+                    category: 'exposed_secret',
+                    message: 'Potential API key or secret found in manifest',
+                    path: 'manifest',
+                    recommendation: 'Use environment variables or secret management system. Never commit secrets to manifests.',
+                    cwe: 'CWE-798',
+                });
+                break; // Only report once per manifest
+            }
+        }
+        // Check for suspicious values in config
+        this.checkObjectForSecrets(manifest, '', vulnerabilities);
+        return vulnerabilities;
+    }
+    /**
+     * Recursively check object for secrets
+     */
+    checkObjectForSecrets(obj, path, vulnerabilities) {
+        if (!obj || typeof obj !== 'object') {
+            return;
+        }
+        for (const [key, value] of Object.entries(obj)) {
+            const currentPath = path ? `${path}.${key}` : key;
+            const lowerKey = key.toLowerCase();
+            // Check if key name suggests it contains a secret
+            if (SUSPICIOUS_ENV_VARS.some((pattern) => lowerKey.includes(pattern))) {
+                if (typeof value === 'string' && value.trim() !== '' && value !== '${...}') {
+                    vulnerabilities.push({
+                        severity: 'high',
+                        category: 'potential_secret',
+                        message: `Field "${currentPath}" may contain sensitive data`,
+                        path: currentPath,
+                        recommendation: `Use environment variable references like "\${${key.toUpperCase()}}" instead of hardcoded values.`,
+                        cwe: 'CWE-798',
+                    });
+                }
+            }
+            // Recurse into nested objects
+            if (typeof value === 'object') {
+                this.checkObjectForSecrets(value, currentPath, vulnerabilities);
+            }
+        }
+    }
+    /**
+     * Check for insecure configurations
+     */
+    checkInsecureConfig(manifest) {
+        const vulnerabilities = [];
+        // Check for missing authentication
+        const tools = manifest.spec?.tools || manifest.agent?.tools || [];
+        for (let i = 0; i < tools.length; i++) {
+            const tool = tools[i];
+            if (tool.endpoint && !tool.auth) {
+                vulnerabilities.push({
+                    severity: 'medium',
+                    category: 'missing_auth',
+                    message: `Tool "${tool.name || `tool[${i}]`}" has endpoint but no authentication configured`,
+                    path: `spec.tools[${i}]`,
+                    recommendation: 'Configure authentication for external tool endpoints using auth.type (apiKey, oauth2, bearer).',
+                    cwe: 'CWE-306',
+                });
+            }
+        }
+        // Check for insecure endpoints (http instead of https)
+        this.checkInsecureEndpoints(manifest, vulnerabilities);
+        return vulnerabilities;
+    }
+    /**
+     * Check for insecure HTTP endpoints
+     */
+    checkInsecureEndpoints(manifest, vulnerabilities) {
+        const tools = manifest.spec?.tools || manifest.agent?.tools || [];
+        for (let i = 0; i < tools.length; i++) {
+            const tool = tools[i];
+            if (tool.endpoint && typeof tool.endpoint === 'string') {
+                if (tool.endpoint.startsWith('http://')) {
+                    vulnerabilities.push({
+                        severity: 'medium',
+                        category: 'insecure_endpoint',
+                        message: `Tool "${tool.name || `tool[${i}]`}" uses insecure HTTP endpoint`,
+                        path: `spec.tools[${i}].endpoint`,
+                        recommendation: 'Use HTTPS instead of HTTP for all external endpoints.',
+                        cwe: 'CWE-319',
+                    });
+                }
+            }
+        }
+        // Check observability endpoints
+        const tracing = manifest.spec?.observability?.tracing;
+        if (tracing?.endpoint && tracing.endpoint.startsWith('http://')) {
+            vulnerabilities.push({
+                severity: 'low',
+                category: 'insecure_endpoint',
+                message: 'Tracing endpoint uses insecure HTTP',
+                path: 'spec.observability.tracing.endpoint',
+                recommendation: 'Use HTTPS for tracing endpoints.',
+                cwe: 'CWE-319',
+            });
+        }
+        const metrics = manifest.spec?.observability?.metrics;
+        if (metrics?.endpoint && metrics.endpoint.startsWith('http://')) {
+            vulnerabilities.push({
+                severity: 'low',
+                category: 'insecure_endpoint',
+                message: 'Metrics endpoint uses insecure HTTP',
+                path: 'spec.observability.metrics.endpoint',
+                recommendation: 'Use HTTPS for metrics endpoints.',
+                cwe: 'CWE-319',
+            });
+        }
+    }
+    /**
+     * Check for missing security controls
+     */
+    checkMissingControls(manifest) {
+        const vulnerabilities = [];
+        // Check for missing autonomy controls
+        if (!manifest.spec?.autonomy) {
+            vulnerabilities.push({
+                severity: 'high',
+                category: 'missing_controls',
+                message: 'No autonomy configuration found',
+                path: 'spec.autonomy',
+                recommendation: 'Define autonomy level and approval requirements to prevent unauthorized actions.',
+                cwe: 'CWE-285',
+            });
+        }
+        else {
+            const autonomy = manifest.spec.autonomy;
+            if (!autonomy.blocked_actions || autonomy.blocked_actions.length === 0) {
+                vulnerabilities.push({
+                    severity: 'medium',
+                    category: 'missing_controls',
+                    message: 'No blocked actions defined in autonomy configuration',
+                    path: 'spec.autonomy.blocked_actions',
+                    recommendation: 'Define blocked_actions to prevent dangerous operations (e.g., file deletion, system commands).',
+                    cwe: 'CWE-285',
+                });
+            }
+        }
+        // Check for missing constraints
+        if (!manifest.spec?.constraints) {
+            vulnerabilities.push({
+                severity: 'medium',
+                category: 'missing_controls',
+                message: 'No constraints configured',
+                path: 'spec.constraints',
+                recommendation: 'Add cost and performance constraints to prevent resource abuse.',
+                cwe: 'CWE-770',
+            });
+        }
+        // Check for missing observability
+        if (!manifest.spec?.observability) {
+            vulnerabilities.push({
+                severity: 'low',
+                category: 'missing_controls',
+                message: 'No observability configured',
+                path: 'spec.observability',
+                recommendation: 'Enable tracing, metrics, and logging for security monitoring and incident response.',
+                cwe: 'CWE-778',
+            });
+        }
+        return vulnerabilities;
+    }
+    /**
+     * Check for overly permissive settings
+     */
+    checkPermissions(manifest) {
+        const vulnerabilities = [];
+        const autonomy = manifest.spec?.autonomy;
+        if (autonomy) {
+            // Check if autonomy level is too high
+            if (autonomy.level === 'full' || autonomy.level === 'high') {
+                if (!autonomy.approval_required) {
+                    vulnerabilities.push({
+                        severity: 'high',
+                        category: 'excessive_permissions',
+                        message: `Autonomy level "${autonomy.level}" without approval requirement`,
+                        path: 'spec.autonomy',
+                        recommendation: 'Enable approval_required for high/full autonomy levels to prevent unauthorized actions.',
+                        cwe: 'CWE-732',
+                    });
+                }
+            }
+            // Check for wildcard allowed actions
+            if (autonomy.allowed_actions) {
+                const hasWildcard = autonomy.allowed_actions.some((action) => action === '*' || action.includes('*'));
+                if (hasWildcard) {
+                    vulnerabilities.push({
+                        severity: 'medium',
+                        category: 'excessive_permissions',
+                        message: 'Wildcard in allowed_actions grants broad permissions',
+                        path: 'spec.autonomy.allowed_actions',
+                        recommendation: 'Use specific action names instead of wildcards. Follow principle of least privilege.',
+                        cwe: 'CWE-732',
+                    });
+                }
+            }
+        }
+        return vulnerabilities;
+    }
+    /**
+     * Check dependencies for security issues
+     */
+    checkDependencies(manifest) {
+        const vulnerabilities = [];
+        const dependencies = manifest.spec?.dependencies?.agents || [];
+        for (let i = 0; i < dependencies.length; i++) {
+            const dep = dependencies[i];
+            // Check for missing version constraints
+            if (!dep.version) {
+                vulnerabilities.push({
+                    severity: 'low',
+                    category: 'dependency_risk',
+                    message: `Dependency "${dep.name}" has no version constraint`,
+                    path: `spec.dependencies.agents[${i}]`,
+                    recommendation: 'Specify version constraints to ensure consistent and secure dependencies.',
+                    cwe: 'CWE-1104',
+                });
+            }
+        }
+        return vulnerabilities;
+    }
+    /**
+     * Calculate security score based on vulnerabilities
+     */
+    calculateScore(vulnerabilities) {
+        let score = 100;
+        const severityPenalties = {
+            critical: 30,
+            high: 20,
+            medium: 10,
+            low: 5,
+            info: 1,
+        };
+        for (const vuln of vulnerabilities) {
+            score -= severityPenalties[vuln.severity];
+        }
+        return Math.max(0, score);
+    }
+    /**
+     * Get vulnerabilities by severity
+     */
+    getBySeverity(vulnerabilities, severity) {
+        return vulnerabilities.filter((v) => v.severity === severity);
+    }
+    /**
+     * Get vulnerabilities by category
+     */
+    getByCategory(vulnerabilities, category) {
+        return vulnerabilities.filter((v) => v.category === category);
+    }
+}
+//# sourceMappingURL=security-validator.js.map

package/dist/services/validation/security-validator.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"security-validator.js","sourceRoot":"","sources":["../../../src/services/validation/security-validator.ts"],"names":[],"mappings":"AAAA;;;;;;GAMG;AA8BH;;GAEG;AACH,MAAM,eAAe,GAAG;IACtB,sBAAsB,EAAE,cAAc;IACtC,2BAA2B,EAAE,iBAAiB;IAC9C,wBAAwB,EAAE,kBAAkB;IAC5C,qBAAqB,EAAE,mBAAmB;IAC1C,sBAAsB,EAAE,gCAAgC;IACxD,sBAAsB,EAAE,sBAAsB;IAC9C,qDAAqD,EAAE,sBAAsB;IAC7E,8CAA8C,EAAE,eAAe;IAC/D,0BAA0B,EAAE,gBAAgB;IAC5C,0BAA0B,EAAE,aAAa;CAC1C,CAAC;AAEF;;GAEG;AACH,MAAM,mBAAmB,GAAG;IAC1B,SAAS;IACT,QAAQ;IACR,QAAQ;IACR,UAAU;IACV,OAAO;IACP,aAAa;IACb,aAAa;IACb,YAAY;IACZ,cAAc;IACd,eAAe;CAChB,CAAC;AAEF;;GAEG;AACH,MAAM,OAAO,iBAAiB;IAC5B;;OAEG;IACH,QAAQ,CAAC,QAAmB;QAC1B,MAAM,eAAe,GAA4B,EAAE,CAAC;QAEpD,4BAA4B;QAC5B,eAAe,CAAC,IAAI,CAAC,GAAG,IAAI,CAAC,eAAe,CAAC,QAAQ,CAAC,CAAC,CAAC;QAExD,oCAAoC;QACpC,eAAe,CAAC,IAAI,CAAC,GAAG,IAAI,CAAC,mBAAmB,CAAC,QAAQ,CAAC,CAAC,CAAC;QAE5D,sCAAsC;QACtC,eAAe,CAAC,IAAI,CAAC,GAAG,IAAI,CAAC,oBAAoB,CAAC,QAAQ,CAAC,CAAC,CAAC;QAE7D,uCAAuC;QACvC,eAAe,CAAC,IAAI,CAAC,GAAG,IAAI,CAAC,gBAAgB,CAAC,QAAQ,CAAC,CAAC,CAAC;QAEzD,kCAAkC;QAClC,eAAe,CAAC,IAAI,CAAC,GAAG,IAAI,CAAC,iBAAiB,CAAC,QAAQ,CAAC,CAAC,CAAC;QAE1D,2BAA2B;QAC3B,MAAM,KAAK,GAAG,IAAI,CAAC,cAAc,CAAC,eAAe,CAAC,CAAC;QAEnD,OAAO;YACL,KAAK;YACL,eAAe;YACf,MAAM,EAAE,KAAK,IAAI,EAAE,IAAI,CAAC,eAAe,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,QAAQ,KAAK,UAAU,CAAC;SAC/E,CAAC;IACJ,CAAC;IAED;;OAEG;IACK,eAAe,CAAC,QAAmB;QACzC,MAAM,eAAe,GAA4B,EAAE,CAAC;QACpD,MAAM,WAAW,GAAG,IAAI,CAAC,SAAS,CAAC,QAAQ,CAAC,CAAC;QAE7C,6BAA6B;QAC7B,KAAK,MAAM,OAAO,IAAI,eAAe,EAAE,CAAC;YACtC,IAAI,OAAO,CAAC,IAAI,CAAC,WAAW,CAAC,EAAE,CAAC;gBAC9B,eAAe,CAAC,IAAI,CAAC;oBACnB,QAAQ,EAAE,UAAU;oBACpB,QAAQ,EAAE,gBAAgB;oBAC1B,OAAO,EAAE,+CAA+C;oBACxD,IAAI,EAAE,UAAU;oBAChB,cAAc,EACZ,2FAA2F;oBAC7F,GAAG,EAAE,SAAS;iBACf,CAAC,CAAC;gBACH,MAAM,CAAC,gCAAgC;YACzC,CAAC;QACH,CAAC;QAED,wCAAwC;QACxC,IAAI,CAAC,qBAAqB,CAAC,QAAQ,EAAE,EAAE,EAAE,eAAe,CAAC,CAAC;QAE1D,OAAO,eAAe,CAAC;IACzB,CAAC;IAED;;OAEG;IACK,qBAAqB,CAC3B,GAAY,EACZ,IAAY,EACZ,eAAwC;QAExC,IAAI,CAAC,GAAG,IAAI,OAAO,GAAG,KAAK,QAAQ,EAAE,CAAC;YACpC,OAAO;QACT,CAAC;QAED,KAAK,MAAM,CAAC,GAAG,EAAE,KAAK,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,GAAG,CAAC,EAAE,CAAC;YAC/C,MAAM,WAAW,GAAG,IAAI,CAAC,CAAC,CAAC,GAAG,IAAI,IAAI,GAAG,EAAE,CAAC,CAAC,CAAC,GAAG,CAAC;YAClD,MAAM,QAAQ,GAAG,GAAG,CAAC,WAAW,EAAE,CAAC;YAEnC,kDAAkD;YAClD,IAAI,mBAAmB,CAAC,IAAI,CAAC,CAAC,OAAO,EAAE,EAAE,CAAC,QAAQ,CAAC,QAAQ,CAAC,OAAO,CAAC,CAAC,EAAE,CAAC;gBACtE,IAAI,OAAO,KAAK,KAAK,QAAQ,IAAI,KAAK,CAAC,IAAI,EAAE,KAAK,EAAE,IAAI,KAAK,KAAK,QAAQ,EAAE,CAAC;oBAC3E,eAAe,CAAC,IAAI,CAAC;wBACnB,QAAQ,EAAE,MAAM;wBAChB,QAAQ,EAAE,kBAAkB;wBAC5B,OAAO,EAAE,UAAU,WAAW,8BAA8B;wBAC5D,IAAI,EAAE,WAAW;wBACjB,cAAc,EAAE,gDAAgD,GAAG,CAAC,WAAW,EAAE,iCAAiC;wBAClH,GAAG,EAAE,SAAS;qBACf,CAAC,CAAC;gBACL,CAAC;YACH,CAAC;YAED,8BAA8B;YAC9B,IAAI,OAAO,KAAK,KAAK,QAAQ,EAAE,CAAC;gBAC9B,IAAI,CAAC,qBAAqB,CAAC,KAAK,EAAE,WAAW,EAAE,eAAe,CAAC,CAAC;YAClE,CAAC;QACH,CAAC;IACH,CAAC;IAED;;OAEG;IACK,mBAAmB,CAAC,QAAmB;QAC7C,MAAM,eAAe,GAA4B,EAAE,CAAC;QAEpD,mCAAmC;QACnC,MAAM,KAAK,GAAG,QAAQ,CAAC,IAAI,EAAE,KAAK,IAAI,QAAQ,CAAC,KAAK,EAAE,KAAK,IAAI,EAAE,CAAC;QAClE,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,KAAK,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;YACtC,MAAM,IAAI,GAAG,KAAK,CAAC,CAAC,CAAC,CAAC;YACtB,IAAI,IAAI,CAAC,QAAQ,IAAI,CAAC,IAAI,CAAC,IAAI,EAAE,CAAC;gBAChC,eAAe,CAAC,IAAI,CAAC;oBACnB,QAAQ,EAAE,QAAQ;oBAClB,QAAQ,EAAE,cAAc;oBACxB,OAAO,EAAE,SAAS,IAAI,CAAC,IAAI,IAAI,QAAQ,CAAC,GAAG,iDAAiD;oBAC5F,IAAI,EAAE,cAAc,CAAC,GAAG;oBACxB,cAAc,EACZ,gGAAgG;oBAClG,GAAG,EAAE,SAAS;iBACf,CAAC,CAAC;YACL,CAAC;QACH,CAAC;QAED,uDAAuD;QACvD,IAAI,CAAC,sBAAsB,CAAC,QAAQ,EAAE,eAAe,CAAC,CAAC;QAEvD,OAAO,eAAe,CAAC;IACzB,CAAC;IAED;;OAEG;IACK,sBAAsB,CAC5B,QAAmB,EACnB,eAAwC;QAExC,MAAM,KAAK,GAAG,QAAQ,CAAC,IAAI,EAAE,KAAK,IAAI,QAAQ,CAAC,KAAK,EAAE,KAAK,IAAI,EAAE,CAAC;QAElE,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,KAAK,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;YACtC,MAAM,IAAI,GAAG,KAAK,CAAC,CAAC,CAAC,CAAC;YACtB,IAAI,IAAI,CAAC,QAAQ,IAAI,OAAO,IAAI,CAAC,QAAQ,KAAK,QAAQ,EAAE,CAAC;gBACvD,IAAI,IAAI,CAAC,QAAQ,CAAC,UAAU,CAAC,SAAS,CAAC,EAAE,CAAC;oBACxC,eAAe,CAAC,IAAI,CAAC;wBACnB,QAAQ,EAAE,QAAQ;wBAClB,QAAQ,EAAE,mBAAmB;wBAC7B,OAAO,EAAE,SAAS,IAAI,CAAC,IAAI,IAAI,QAAQ,CAAC,GAAG,+BAA+B;wBAC1E,IAAI,EAAE,cAAc,CAAC,YAAY;wBACjC,cAAc,EAAE,uDAAuD;wBACvE,GAAG,EAAE,SAAS;qBACf,CAAC,CAAC;gBACL,CAAC;YACH,CAAC;QACH,CAAC;QAED,gCAAgC;QAChC,MAAM,OAAO,GAAG,QAAQ,CAAC,IAAI,EAAE,aAAa,EAAE,OAAO,CAAC;QACtD,IAAI,OAAO,EAAE,QAAQ,IAAI,OAAO,CAAC,QAAQ,CAAC,UAAU,CAAC,SAAS,CAAC,EAAE,CAAC;YAChE,eAAe,CAAC,IAAI,CAAC;gBACnB,QAAQ,EAAE,KAAK;gBACf,QAAQ,EAAE,mBAAmB;gBAC7B,OAAO,EAAE,qCAAqC;gBAC9C,IAAI,EAAE,qCAAqC;gBAC3C,cAAc,EAAE,kCAAkC;gBAClD,GAAG,EAAE,SAAS;aACf,CAAC,CAAC;QACL,CAAC;QAED,MAAM,OAAO,GAAG,QAAQ,CAAC,IAAI,EAAE,aAAa,EAAE,OAAO,CAAC;QACtD,IAAI,OAAO,EAAE,QAAQ,IAAI,OAAO,CAAC,QAAQ,CAAC,UAAU,CAAC,SAAS,CAAC,EAAE,CAAC;YAChE,eAAe,CAAC,IAAI,CAAC;gBACnB,QAAQ,EAAE,KAAK;gBACf,QAAQ,EAAE,mBAAmB;gBAC7B,OAAO,EAAE,qCAAqC;gBAC9C,IAAI,EAAE,qCAAqC;gBAC3C,cAAc,EAAE,kCAAkC;gBAClD,GAAG,EAAE,SAAS;aACf,CAAC,CAAC;QACL,CAAC;IACH,CAAC;IAED;;OAEG;IACK,oBAAoB,CAAC,QAAmB;QAC9C,MAAM,eAAe,GAA4B,EAAE,CAAC;QAEpD,sCAAsC;QACtC,IAAI,CAAC,QAAQ,CAAC,IAAI,EAAE,QAAQ,EAAE,CAAC;YAC7B,eAAe,CAAC,IAAI,CAAC;gBACnB,QAAQ,EAAE,MAAM;gBAChB,QAAQ,EAAE,kBAAkB;gBAC5B,OAAO,EAAE,iCAAiC;gBAC1C,IAAI,EAAE,eAAe;gBACrB,cAAc,EACZ,kFAAkF;gBACpF,GAAG,EAAE,SAAS;aACf,CAAC,CAAC;QACL,CAAC;aAAM,CAAC;YACN,MAAM,QAAQ,GAAG,QAAQ,CAAC,IAAI,CAAC,QAAQ,CAAC;YACxC,IAAI,CAAC,QAAQ,CAAC,eAAe,IAAI,QAAQ,CAAC,eAAe,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;gBACvE,eAAe,CAAC,IAAI,CAAC;oBACnB,QAAQ,EAAE,QAAQ;oBAClB,QAAQ,EAAE,kBAAkB;oBAC5B,OAAO,EAAE,sDAAsD;oBAC/D,IAAI,EAAE,+BAA+B;oBACrC,cAAc,EACZ,gGAAgG;oBAClG,GAAG,EAAE,SAAS;iBACf,CAAC,CAAC;YACL,CAAC;QACH,CAAC;QAED,gCAAgC;QAChC,IAAI,CAAC,QAAQ,CAAC,IAAI,EAAE,WAAW,EAAE,CAAC;YAChC,eAAe,CAAC,IAAI,CAAC;gBACnB,QAAQ,EAAE,QAAQ;gBAClB,QAAQ,EAAE,kBAAkB;gBAC5B,OAAO,EAAE,2BAA2B;gBACpC,IAAI,EAAE,kBAAkB;gBACxB,cAAc,EACZ,iEAAiE;gBACnE,GAAG,EAAE,SAAS;aACf,CAAC,CAAC;QACL,CAAC;QAED,kCAAkC;QAClC,IAAI,CAAC,QAAQ,CAAC,IAAI,EAAE,aAAa,EAAE,CAAC;YAClC,eAAe,CAAC,IAAI,CAAC;gBACnB,QAAQ,EAAE,KAAK;gBACf,QAAQ,EAAE,kBAAkB;gBAC5B,OAAO,EAAE,6BAA6B;gBACtC,IAAI,EAAE,oBAAoB;gBAC1B,cAAc,EACZ,qFAAqF;gBACvF,GAAG,EAAE,SAAS;aACf,CAAC,CAAC;QACL,CAAC;QAED,OAAO,eAAe,CAAC;IACzB,CAAC;IAED;;OAEG;IACK,gBAAgB,CAAC,QAAmB;QAC1C,MAAM,eAAe,GAA4B,EAAE,CAAC;QAEpD,MAAM,QAAQ,GAAG,QAAQ,CAAC,IAAI,EAAE,QAAQ,CAAC;QACzC,IAAI,QAAQ,EAAE,CAAC;YACb,sCAAsC;YACtC,IAAI,QAAQ,CAAC,KAAK,KAAK,MAAM,IAAI,QAAQ,CAAC,KAAK,KAAK,MAAM,EAAE,CAAC;gBAC3D,IAAI,CAAC,QAAQ,CAAC,iBAAiB,EAAE,CAAC;oBAChC,eAAe,CAAC,IAAI,CAAC;wBACnB,QAAQ,EAAE,MAAM;wBAChB,QAAQ,EAAE,uBAAuB;wBACjC,OAAO,EAAE,mBAAmB,QAAQ,CAAC,KAAK,gCAAgC;wBAC1E,IAAI,EAAE,eAAe;wBACrB,cAAc,EACZ,yFAAyF;wBAC3F,GAAG,EAAE,SAAS;qBACf,CAAC,CAAC;gBACL,CAAC;YACH,CAAC;YAED,qCAAqC;YACrC,IAAI,QAAQ,CAAC,eAAe,EAAE,CAAC;gBAC7B,MAAM,WAAW,GAAG,QAAQ,CAAC,eAAe,CAAC,IAAI,CAC/C,CAAC,MAAM,EAAE,EAAE,CAAC,MAAM,KAAK,GAAG,IAAI,MAAM,CAAC,QAAQ,CAAC,GAAG,CAAC,CACnD,CAAC;gBACF,IAAI,WAAW,EAAE,CAAC;oBAChB,eAAe,CAAC,IAAI,CAAC;wBACnB,QAAQ,EAAE,QAAQ;wBAClB,QAAQ,EAAE,uBAAuB;wBACjC,OAAO,EAAE,sDAAsD;wBAC/D,IAAI,EAAE,+BAA+B;wBACrC,cAAc,EACZ,sFAAsF;wBACxF,GAAG,EAAE,SAAS;qBACf,CAAC,CAAC;gBACL,CAAC;YACH,CAAC;QACH,CAAC;QAED,OAAO,eAAe,CAAC;IACzB,CAAC;IAED;;OAEG;IACK,iBAAiB,CAAC,QAAmB;QAC3C,MAAM,eAAe,GAA4B,EAAE,CAAC;QAEpD,MAAM,YAAY,GAAG,QAAQ,CAAC,IAAI,EAAE,YAAY,EAAE,MAAM,IAAI,EAAE,CAAC;QAE/D,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,YAAY,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;YAC7C,MAAM,GAAG,GAAG,YAAY,CAAC,CAAC,CAAC,CAAC;YAE5B,wCAAwC;YACxC,IAAI,CAAC,GAAG,CAAC,OAAO,EAAE,CAAC;gBACjB,eAAe,CAAC,IAAI,CAAC;oBACnB,QAAQ,EAAE,KAAK;oBACf,QAAQ,EAAE,iBAAiB;oBAC3B,OAAO,EAAE,eAAe,GAAG,CAAC,IAAI,6BAA6B;oBAC7D,IAAI,EAAE,4BAA4B,CAAC,GAAG;oBACtC,cAAc,EACZ,2EAA2E;oBAC7E,GAAG,EAAE,UAAU;iBAChB,CAAC,CAAC;YACL,CAAC;QACH,CAAC;QAED,OAAO,eAAe,CAAC;IACzB,CAAC;IAED;;OAEG;IACK,cAAc,CAAC,eAAwC;QAC7D,IAAI,KAAK,GAAG,GAAG,CAAC;QAEhB,MAAM,iBAAiB,GAAqC;YAC1D,QAAQ,EAAE,EAAE;YACZ,IAAI,EAAE,EAAE;YACR,MAAM,EAAE,EAAE;YACV,GAAG,EAAE,CAAC;YACN,IAAI,EAAE,CAAC;SACR,CAAC;QAEF,KAAK,MAAM,IAAI,IAAI,eAAe,EAAE,CAAC;YACnC,KAAK,IAAI,iBAAiB,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC;QAC5C,CAAC;QAED,OAAO,IAAI,CAAC,GAAG,CAAC,CAAC,EAAE,KAAK,CAAC,CAAC;IAC5B,CAAC;IAED;;OAEG;IACH,aAAa,CACX,eAAwC,EACxC,QAA0B;QAE1B,OAAO,eAAe,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,QAAQ,KAAK,QAAQ,CAAC,CAAC;IAChE,CAAC;IAED;;OAEG;IACH,aAAa,CACX,eAAwC,EACxC,QAAgB;QAEhB,OAAO,eAAe,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,QAAQ,KAAK,QAAQ,CAAC,CAAC;IAChE,CAAC;CACF"}

package/dist/services/wizard/prompts.d.ts ADDED Viewed

@@ -0,0 +1,71 @@
+/**
+ * Wizard Prompts
+ * Interactive prompts for agent creation wizard
+ *
+ * SOLID: Single Responsibility - Prompt definitions only
+ * DRY: Centralized prompt configurations
+ */
+import type { QuestionCollection } from 'inquirer';
+export interface WizardAnswers {
+    name: string;
+    displayName?: string;
+    description?: string;
+    version: string;
+    role: string;
+    llm_provider: string;
+    model: string;
+    temperature: number;
+    tools: string[];
+    memory: string;
+    addSafety: boolean;
+    contentFiltering?: boolean;
+    piiDetection?: boolean;
+    configureAutonomy?: boolean;
+    autonomyLevel?: string;
+    addObservability?: boolean;
+    addExtensions?: boolean;
+    platforms?: string[];
+    autoExport?: boolean;
+    exportPlatform?: string;
+}
+/**
+ * Core prompts for basic agent information
+ */
+export declare const corePrompts: QuestionCollection;
+/**
+ * Role and system prompt configuration
+ */
+export declare const rolePrompts: QuestionCollection;
+/**
+ * LLM configuration prompts
+ */
+export declare const llmPrompts: QuestionCollection;
+/**
+ * Tools and capabilities prompts
+ */
+export declare const toolsPrompts: QuestionCollection;
+/**
+ * Safety configuration prompts
+ */
+export declare const safetyPrompts: QuestionCollection;
+/**
+ * Autonomy configuration prompts
+ */
+export declare const autonomyPrompts: QuestionCollection;
+/**
+ * Observability configuration prompts
+ */
+export declare const observabilityPrompts: QuestionCollection;
+/**
+ * Platform extensions prompts
+ */
+export declare const extensionsPrompts: QuestionCollection;
+/**
+ * Export configuration prompts
+ */
+export declare const exportPrompts: QuestionCollection;
+/**
+ * All prompts combined in logical order
+ */
+export declare const allPrompts: QuestionCollection;
+//# sourceMappingURL=prompts.d.ts.map

package/dist/services/wizard/prompts.d.ts.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"prompts.d.ts","sourceRoot":"","sources":["../../../src/services/wizard/prompts.ts"],"names":[],"mappings":"AAAA;;;;;;GAMG;AAEH,OAAO,KAAK,EAAE,kBAAkB,EAAE,MAAM,UAAU,CAAC;AAEnD,MAAM,WAAW,aAAa;IAC5B,IAAI,EAAE,MAAM,CAAC;IACb,WAAW,CAAC,EAAE,MAAM,CAAC;IACrB,WAAW,CAAC,EAAE,MAAM,CAAC;IACrB,OAAO,EAAE,MAAM,CAAC;IAChB,IAAI,EAAE,MAAM,CAAC;IACb,YAAY,EAAE,MAAM,CAAC;IACrB,KAAK,EAAE,MAAM,CAAC;IACd,WAAW,EAAE,MAAM,CAAC;IACpB,KAAK,EAAE,MAAM,EAAE,CAAC;IAChB,MAAM,EAAE,MAAM,CAAC;IACf,SAAS,EAAE,OAAO,CAAC;IACnB,gBAAgB,CAAC,EAAE,OAAO,CAAC;IAC3B,YAAY,CAAC,EAAE,OAAO,CAAC;IACvB,iBAAiB,CAAC,EAAE,OAAO,CAAC;IAC5B,aAAa,CAAC,EAAE,MAAM,CAAC;IACvB,gBAAgB,CAAC,EAAE,OAAO,CAAC;IAC3B,aAAa,CAAC,EAAE,OAAO,CAAC;IACxB,SAAS,CAAC,EAAE,MAAM,EAAE,CAAC;IACrB,UAAU,CAAC,EAAE,OAAO,CAAC;IACrB,cAAc,CAAC,EAAE,MAAM,CAAC;CACzB;AAYD;;GAEG;AACH,eAAO,MAAM,WAAW,EAAE,kBA4CzB,CAAC;AAEF;;GAEG;AACH,eAAO,MAAM,WAAW,EAAE,kBAQzB,CAAC;AAEF;;GAEG;AACH,eAAO,MAAM,UAAU,EAAE,kBAoExB,CAAC;AAEF;;GAEG;AACH,eAAO,MAAM,YAAY,EAAE,kBAoC1B,CAAC;AAEF;;GAEG;AACH,eAAO,MAAM,aAAa,EAAE,kBAqB3B,CAAC;AAEF;;GAEG;AACH,eAAO,MAAM,eAAe,EAAE,kBA4B7B,CAAC;AAEF;;GAEG;AACH,eAAO,MAAM,oBAAoB,EAAE,kBAOlC,CAAC;AAEF;;GAEG;AACH,eAAO,MAAM,iBAAiB,EAAE,kBA2B/B,CAAC;AAEF;;GAEG;AACH,eAAO,MAAM,aAAa,EAAE,kBAoB3B,CAAC;AAEF;;GAEG;AACH,eAAO,MAAM,UAAU,EAAE,kBAUxB,CAAC"}