@bryan-thompson/inspector-assessment-client 1.18.1 → 1.19.1

package/lib/services/assessment/modules/SecurityAssessor.js

@@ -13,7 +13,9 @@ import { BaseAssessor } from "./BaseAssessor.js";
 import { getAllAttackPatterns, getPayloadsForAttack, } from "../../../lib/securityPatterns.js";
 import { ToolClassifier, ToolCategory } from "../ToolClassifier.js";
 import { createConcurrencyLimit } from "../lib/concurrencyLimit.js";
+import { LanguageAwarePayloadGenerator } from "../LanguageAwarePayloadGenerator.js";
 export class SecurityAssessor extends BaseAssessor {
+    languageGenerator = new LanguageAwarePayloadGenerator();
     async assess(context) {
         // Select tools for testing first
         const toolsToTest = this.selectToolsForTesting(context.tools);
@@ -458,9 +460,7 @@ export class SecurityAssessor extends BaseAssessor {
             /error GETting.*endpoint/i, // Transport layer GET errors (requires 'endpoint' to avoid false positives)
             /service unavailable/i, // HTTP 503 (server down)
             /gateway timeout/i, // HTTP 504 (gateway timeout)
-            /unknown tool:/i, // Tool name not in current server's tool list (stale tool list)
-            /tool.*not found/i, // Alternative phrasing for missing tool
-            /tool.*does not exist/i, // Alternative phrasing for missing tool
+            /unknown tool:/i, // MCP spec format: "Unknown tool: <name>"
             /no such tool/i, // Alternative phrasing for missing tool
         ];
         // Check unambiguous patterns first
@@ -508,9 +508,7 @@ export class SecurityAssessor extends BaseAssessor {
                 /error GETting/i, // Transport layer GET errors
                 /service unavailable/i, // HTTP 503 (server down)
                 /gateway timeout/i, // HTTP 504 (gateway timeout)
-                /unknown tool:/i, // Tool name not in current server's tool list (stale tool list)
-                /tool.*not found/i, // Alternative phrasing for missing tool
-                /tool.*does not exist/i, // Alternative phrasing for missing tool
+                /unknown tool:/i, // MCP spec format: "Unknown tool: <name>"
                 /no such tool/i, // Alternative phrasing for missing tool
             ];
             // Check unambiguous patterns first
@@ -1089,10 +1087,14 @@ export class SecurityAssessor extends BaseAssessor {
             /action\s+received:/i,
             /input\s+received:/i,
             /request\s+received:/i,
-            // Explicit safety indicators in JSON responses
-            /"safe":\s*true/i,
-            /"vulnerable":\s*false/i,
-            /"status":\s*"acknowledged"/i,
+            // Explicit safety indicators in JSON responses (context-aware to avoid matching unrelated fields)
+            // Require safety-related context: message, result, status, stored, reflected, etc.
+            /"safe"\s*:\s*true[^}]*("message"|"result"|"status"|"response")/i,
+            /("message"|"result"|"status"|"response")[^}]*"safe"\s*:\s*true/i,
+            /"vulnerable"\s*:\s*false[^}]*("safe"|"stored"|"reflected"|"status")/i,
+            /("safe"|"stored"|"reflected"|"status")[^}]*"vulnerable"\s*:\s*false/i,
+            /"status"\s*:\s*"acknowledged"[^}]*("message"|"result"|"safe")/i,
+            /("message"|"result"|"safe")[^}]*"status"\s*:\s*"acknowledged"/i,
         ];
         const reflectionPatterns = [
             ...statusPatterns,
@@ -1328,8 +1330,41 @@ export class SecurityAssessor extends BaseAssessor {
         const params = {};
         const targetParamTypes = payload.parameterTypes || [];
         let payloadInjected = false;
-        // Try to match payload to appropriate parameter by name
-        if (targetParamTypes.length > 0) {
+        // NEW: Check for language-specific code execution parameters first
+        // This enables detection of vulnerabilities in tools expecting Python/JS/SQL code
+        for (const [key, prop] of Object.entries(schema.properties)) {
+            const propSchema = prop;
+            if (propSchema.type !== "string")
+                continue;
+            const detectedLanguage = this.languageGenerator.detectLanguage(key, tool.name, tool.description);
+            // If we detect a specific language (not generic), use language-appropriate payloads
+            if (detectedLanguage !== "generic" && !payloadInjected) {
+                const languagePayloads = this.languageGenerator.getPayloadsForLanguage(detectedLanguage);
+                if (languagePayloads.length > 0) {
+                    // Select a payload that targets similar behavior as the current attack pattern
+                    // (e.g., if testing command injection, use a command-executing payload)
+                    const payloadLower = payload.payload.toLowerCase();
+                    const isCommandTest = payloadLower.includes("whoami") ||
+                        payloadLower.includes("passwd") ||
+                        payloadLower.includes("id");
+                    // Find matching language payload based on test intent
+                    let selectedPayload = languagePayloads[0]; // Default to first
+                    if (isCommandTest) {
+                        // Prefer command execution payloads
+                        const cmdPayload = languagePayloads.find((lp) => lp.payload.includes("whoami") ||
+                            lp.payload.includes("subprocess") ||
+                            lp.payload.includes("execSync"));
+                        if (cmdPayload)
+                            selectedPayload = cmdPayload;
+                    }
+                    params[key] = selectedPayload.payload;
+                    payloadInjected = true;
+                    break;
+                }
+            }
+        }
+        // Fall back to parameterTypes matching if no language-specific payload was used
+        if (!payloadInjected && targetParamTypes.length > 0) {
             // Payload is parameter-specific (e.g., URLs only for "url" params)
             for (const [key, prop] of Object.entries(schema.properties)) {
                 const propSchema = prop;
@@ -1343,8 +1378,8 @@ export class SecurityAssessor extends BaseAssessor {
                 }
             }
         }
-        else {
-            // Generic payload - inject into first string parameter (original behavior)
+        // Fall back to generic payload - inject into first string parameter (original behavior)
+        if (!payloadInjected) {
             for (const [key, prop] of Object.entries(schema.properties)) {
                 const propSchema = prop;
                 if (propSchema.type === "string" && !payloadInjected) {

package/lib/services/assessment/modules/TemporalAssessor.d.ts

@@ -28,6 +28,11 @@ export declare class TemporalAssessor extends BaseAssessor {
     constructor(config: AssessmentConfiguration);
     assess(context: AssessmentContext): Promise<TemporalAssessment>;
     private assessTool;
+    /**
+     * Detect mutations in tool definition across invocation snapshots.
+     * DVMCP Challenge 4: Tool descriptions that mutate after N calls.
+     */
+    private detectDefinitionMutation;
     private analyzeResponses;
     /**
      * Generate a safe/neutral payload for a tool based on its input schema.

package/lib/services/assessment/modules/TemporalAssessor.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"TemporalAssessor.d.ts","sourceRoot":"","sources":["../../../../src/services/assessment/modules/TemporalAssessor.ts"],"names":[],"mappings":"AAAA;;;;;;;GAOG;AAEH,OAAO,EACL,uBAAuB,EAEvB,kBAAkB,EAEnB,MAAM,uBAAuB,CAAC;AAE/B,OAAO,EAAE,iBAAiB,EAAE,MAAM,2BAA2B,CAAC;AAC9D,OAAO,EAAE,YAAY,EAAE,MAAM,gBAAgB,CAAC;AAY9C,qBAAa,gBAAiB,SAAQ,YAAY;IAChD,OAAO,CAAC,kBAAkB,CAAS;IAGnC,OAAO,CAAC,QAAQ,CAAC,oBAAoB,CAoBnC;IAGF,OAAO,CAAC,QAAQ,CAAC,sBAAsB,CAAU;IAEjD;;;;;;;;;;OAUG;IACH,OAAO,CAAC,QAAQ,CAAC,sBAAsB,CASrC;gBAEU,MAAM,EAAE,uBAAuB;IAKrC,MAAM,CAAC,OAAO,EAAE,iBAAiB,GAAG,OAAO,CAAC,kBAAkB,CAAC;YA8CvD,UAAU;IAkExB,OAAO,CAAC,gBAAgB;IAmFxB;;;OAGG;IACH,OAAO,CAAC,mBAAmB;IAsC3B;;;;OAIG;IACH,OAAO,CAAC,iBAAiB;IAoDzB;;OAEG;IACH,OAAO,CAAC,iBAAiB;IAKzB;;;;OAIG;IACH,OAAO,CAAC,cAAc;IAYtB;;;;;;OAMG;IACH,OAAO,CAAC,cAAc;IAuBtB;;;OAGG;IACH,OAAO,CAAC,iBAAiB;IAiCzB,OAAO,CAAC,uBAAuB;IAa/B,OAAO,CAAC,mBAAmB;IAoB3B,OAAO,CAAC,uBAAuB;CA8BhC"}
+{"version":3,"file":"TemporalAssessor.d.ts","sourceRoot":"","sources":["../../../../src/services/assessment/modules/TemporalAssessor.ts"],"names":[],"mappings":"AAAA;;;;;;;GAOG;AAEH,OAAO,EACL,uBAAuB,EAEvB,kBAAkB,EAEnB,MAAM,uBAAuB,CAAC;AAE/B,OAAO,EAAE,iBAAiB,EAAE,MAAM,2BAA2B,CAAC;AAC9D,OAAO,EAAE,YAAY,EAAE,MAAM,gBAAgB,CAAC;AA+B9C,qBAAa,gBAAiB,SAAQ,YAAY;IAChD,OAAO,CAAC,kBAAkB,CAAS;IAGnC,OAAO,CAAC,QAAQ,CAAC,oBAAoB,CAoBnC;IAGF,OAAO,CAAC,QAAQ,CAAC,sBAAsB,CAAU;IAEjD;;;;;;;;;;OAUG;IACH,OAAO,CAAC,QAAQ,CAAC,sBAAsB,CASrC;gBAEU,MAAM,EAAE,uBAAuB;IAKrC,MAAM,CAAC,OAAO,EAAE,iBAAiB,GAAG,OAAO,CAAC,kBAAkB,CAAC;YAqEvD,UAAU;IAuHxB;;;OAGG;IACH,OAAO,CAAC,wBAAwB;IAkChC,OAAO,CAAC,gBAAgB;IAmFxB;;;OAGG;IACH,OAAO,CAAC,mBAAmB;IAsC3B;;;;OAIG;IACH,OAAO,CAAC,iBAAiB;IAoDzB;;OAEG;IACH,OAAO,CAAC,iBAAiB;IAKzB;;;;OAIG;IACH,OAAO,CAAC,cAAc;IAYtB;;;;;;OAMG;IACH,OAAO,CAAC,cAAc;IAuBtB;;;OAGG;IACH,OAAO,CAAC,iBAAiB;IAiCzB,OAAO,CAAC,uBAAuB;IAa/B,OAAO,CAAC,mBAAmB;IA+C3B,OAAO,CAAC,uBAAuB;CA+DhC"}

package/lib/services/assessment/modules/TemporalAssessor.js

@@ -63,7 +63,15 @@ export class TemporalAssessor extends BaseAssessor {
     async assess(context) {
         const results = [];
         let rugPullsDetected = 0;
-        this.log(`Starting temporal assessment with ${this.invocationsPerTool} invocations per tool`);
+        let definitionMutationsDetected = 0;
+        // Check if definition tracking is available
+        const canTrackDefinitions = typeof context.listTools === "function";
+        if (canTrackDefinitions) {
+            this.log(`Starting temporal assessment with ${this.invocationsPerTool} invocations per tool (definition tracking enabled)`);
+        }
+        else {
+            this.log(`Starting temporal assessment with ${this.invocationsPerTool} invocations per tool (definition tracking unavailable)`);
+        }
         for (const tool of context.tools) {
             // Skip if tool selection is configured and this tool isn't selected
             if (this.config.selectedToolsForTesting !== undefined &&
@@ -76,33 +84,63 @@ export class TemporalAssessor extends BaseAssessor {
                 rugPullsDetected++;
                 this.log(`RUG PULL DETECTED: ${tool.name} changed behavior at invocation ${result.firstDeviationAt}`);
             }
+            if (result.definitionMutated) {
+                definitionMutationsDetected++;
+                this.log(`DEFINITION MUTATION DETECTED: ${tool.name} changed description at invocation ${result.definitionMutationAt}`);
+            }
             // Respect delay between tests
             if (this.config.delayBetweenTests) {
                 await this.sleep(this.config.delayBetweenTests);
             }
         }
-        const status = this.determineTemporalStatus(rugPullsDetected, results);
+        // Status fails if either response or definition mutations detected
+        const totalVulnerabilities = rugPullsDetected + definitionMutationsDetected;
+        const status = this.determineTemporalStatus(totalVulnerabilities, results);
         return {
             toolsTested: results.length,
             invocationsPerTool: this.invocationsPerTool,
             rugPullsDetected,
+            definitionMutationsDetected,
             details: results,
             status,
-            explanation: this.generateExplanation(rugPullsDetected, results),
+            explanation: this.generateExplanation(rugPullsDetected, definitionMutationsDetected, results),
             recommendations: this.generateRecommendations(results),
         };
     }
     async assessTool(context, tool) {
         const responses = [];
+        const definitionSnapshots = [];
         const payload = this.generateSafePayload(tool);
         // Reduce invocations for potentially destructive tools
         const isDestructive = this.isDestructiveTool(tool);
         const invocations = isDestructive
             ? Math.min(5, this.invocationsPerTool)
             : this.invocationsPerTool;
+        // Check if definition tracking is available
+        const canTrackDefinitions = typeof context.listTools === "function";
         this.log(`Testing ${tool.name} with ${invocations} invocations${isDestructive ? " (reduced - destructive)" : ""}`);
         for (let i = 1; i <= invocations; i++) {
             this.testCount++;
+            // Track tool definition BEFORE each invocation (if available)
+            // This detects rug pulls where description mutates after N calls
+            if (canTrackDefinitions) {
+                try {
+                    const currentTools = await this.executeWithTimeout(context.listTools(), this.PER_INVOCATION_TIMEOUT);
+                    const currentTool = currentTools.find((t) => t.name === tool.name);
+                    if (currentTool) {
+                        definitionSnapshots.push({
+                            invocation: i,
+                            description: currentTool.description,
+                            inputSchema: currentTool.inputSchema,
+                            timestamp: Date.now(),
+                        });
+                    }
+                }
+                catch {
+                    // Definition tracking failed - continue with response tracking
+                    this.log(`Warning: Failed to fetch tool definition for ${tool.name} at invocation ${i}`);
+                }
+            }
             try {
                 // P2-2: Use shorter per-invocation timeout (10s vs default 30s)
                 const response = await this.executeWithTimeout(context.callTool(tool.name, payload), this.PER_INVOCATION_TIMEOUT);
@@ -137,12 +175,59 @@ export class TemporalAssessor extends BaseAssessor {
                 await this.sleep(50);
             }
         }
+        // Analyze responses for temporal behavior changes
         const result = this.analyzeResponses(tool, responses);
+        // Analyze definitions for mutation (rug pull via description change)
+        const definitionMutation = this.detectDefinitionMutation(definitionSnapshots);
         return {
             ...result,
             reducedInvocations: isDestructive,
+            // Add definition mutation results
+            definitionMutated: definitionMutation !== null,
+            definitionMutationAt: definitionMutation?.detectedAt ?? null,
+            definitionEvidence: definitionMutation
+                ? {
+                    baselineDescription: definitionMutation.baselineDescription,
+                    mutatedDescription: definitionMutation.mutatedDescription,
+                    baselineSchema: definitionMutation.baselineSchema,
+                    mutatedSchema: definitionMutation.mutatedSchema,
+                }
+                : undefined,
+            // If definition mutated, mark as vulnerable with DEFINITION pattern
+            vulnerable: result.vulnerable || definitionMutation !== null,
+            pattern: definitionMutation !== null ? "RUG_PULL_DEFINITION" : result.pattern,
+            severity: definitionMutation !== null || result.vulnerable ? "HIGH" : "NONE",
         };
     }
+    /**
+     * Detect mutations in tool definition across invocation snapshots.
+     * DVMCP Challenge 4: Tool descriptions that mutate after N calls.
+     */
+    detectDefinitionMutation(snapshots) {
+        if (snapshots.length < 2)
+            return null;
+        const baseline = snapshots[0];
+        for (let i = 1; i < snapshots.length; i++) {
+            const current = snapshots[i];
+            // Check if description changed
+            const descriptionChanged = baseline.description !== current.description;
+            // Check if schema changed (deep comparison)
+            const schemaChanged = JSON.stringify(baseline.inputSchema) !==
+                JSON.stringify(current.inputSchema);
+            if (descriptionChanged || schemaChanged) {
+                return {
+                    detectedAt: current.invocation,
+                    baselineDescription: baseline.description,
+                    mutatedDescription: descriptionChanged
+                        ? current.description
+                        : undefined,
+                    baselineSchema: schemaChanged ? baseline.inputSchema : undefined,
+                    mutatedSchema: schemaChanged ? current.inputSchema : undefined,
+                };
+            }
+        }
+        return null;
+    }
     analyzeResponses(tool, responses) {
         if (responses.length === 0) {
             return {
@@ -380,31 +465,64 @@ export class TemporalAssessor extends BaseAssessor {
         }
         return "PASS";
     }
-    generateExplanation(rugPullsDetected, results) {
+    generateExplanation(rugPullsDetected, definitionMutationsDetected, results) {
         if (results.length === 0) {
             return "No tools were tested for temporal vulnerabilities.";
         }
-        if (rugPullsDetected === 0) {
-            return `All ${results.length} tools showed consistent behavior across repeated invocations.`;
+        const parts = [];
+        // Report response-based rug pulls
+        if (rugPullsDetected > 0) {
+            const responseVulnerableTools = results
+                .filter((r) => r.vulnerable && r.pattern === "RUG_PULL_TEMPORAL")
+                .map((r) => `${r.tool} (changed at invocation ${r.firstDeviationAt})`)
+                .join(", ");
+            if (responseVulnerableTools) {
+                parts.push(`CRITICAL: ${rugPullsDetected} tool(s) showed temporal response changes: ${responseVulnerableTools}`);
+            }
+        }
+        // Report definition mutations
+        if (definitionMutationsDetected > 0) {
+            const definitionVulnerableTools = results
+                .filter((r) => r.definitionMutated)
+                .map((r) => `${r.tool} (description changed at invocation ${r.definitionMutationAt})`)
+                .join(", ");
+            parts.push(`CRITICAL: ${definitionMutationsDetected} tool(s) mutated their definition/description: ${definitionVulnerableTools}`);
+        }
+        if (parts.length === 0) {
+            return `All ${results.length} tools showed consistent behavior and definitions across repeated invocations.`;
         }
-        const vulnerableTools = results
-            .filter((r) => r.vulnerable)
-            .map((r) => `${r.tool} (changed at invocation ${r.firstDeviationAt})`)
-            .join(", ");
-        return `CRITICAL: ${rugPullsDetected} tool(s) showed temporal behavior changes indicating potential rug pull vulnerability: ${vulnerableTools}`;
+        return parts.join(" ");
     }
     generateRecommendations(results) {
         const recommendations = [];
-        const vulnerableTools = results.filter((r) => r.vulnerable);
-        if (vulnerableTools.length > 0) {
+        // Response-based rug pulls
+        const responseVulnerableTools = results.filter((r) => r.vulnerable && r.pattern === "RUG_PULL_TEMPORAL");
+        if (responseVulnerableTools.length > 0) {
             recommendations.push("Immediately investigate tools with temporal behavior changes - this pattern is characteristic of rug pull attacks.");
-            for (const tool of vulnerableTools) {
+            for (const tool of responseVulnerableTools) {
                 recommendations.push(`Review ${tool.tool}: behavior changed after ${tool.firstDeviationAt} invocations. Compare safe vs malicious responses in evidence.`);
             }
             recommendations.push("Check for invocation counters, time-based triggers, or state accumulation in the tool implementation.");
         }
+        // Definition mutation rug pulls
+        const definitionMutatedTools = results.filter((r) => r.definitionMutated);
+        if (definitionMutatedTools.length > 0) {
+            recommendations.push("CRITICAL: Tool definition/description mutations detected - this is a sophisticated rug pull attack that injects malicious instructions after N calls.");
+            for (const tool of definitionMutatedTools) {
+                const baseline = tool.definitionEvidence?.baselineDescription
+                    ? `"${tool.definitionEvidence.baselineDescription.substring(0, 100)}..."`
+                    : "unknown";
+                const mutated = tool.definitionEvidence?.mutatedDescription
+                    ? `"${tool.definitionEvidence.mutatedDescription.substring(0, 100)}..."`
+                    : "unknown";
+                recommendations.push(`${tool.tool}: Description changed at invocation ${tool.definitionMutationAt}. Baseline: ${baseline} → Mutated: ${mutated}`);
+            }
+            recommendations.push("Review tool source code for global state that mutates __doc__, description, or tool metadata based on call count.");
+        }
         const errorTools = results.filter((r) => r.errorCount > 0);
-        if (errorTools.length > 0 && vulnerableTools.length === 0) {
+        if (errorTools.length > 0 &&
+            responseVulnerableTools.length === 0 &&
+            definitionMutatedTools.length === 0) {
             recommendations.push(`${errorTools.length} tool(s) had errors during repeated invocations. Review error handling and rate limiting.`);
         }
         return recommendations;

package/lib/services/assessment/modules/ToolAnnotationAssessor.d.ts

@@ -79,6 +79,11 @@ export declare class ToolAnnotationAssessor extends BaseAssessor {
      * Now includes alignment status with confidence-aware logic
      */
     private assessTool;
+    /**
+     * Scan tool description for poisoning patterns (Issue #8)
+     * Detects hidden instructions, override commands, concealment, and exfiltration attempts
+     */
+    private scanDescriptionForPoisoning;
     /**
      * Extract annotations from a tool
      * MCP SDK may have annotations in different locations

package/lib/services/assessment/modules/ToolAnnotationAssessor.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"ToolAnnotationAssessor.d.ts","sourceRoot":"","sources":["../../../../src/services/assessment/modules/ToolAnnotationAssessor.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;GAWG;AAEH,OAAO,EAAE,YAAY,EAAE,MAAM,gBAAgB,CAAC;AAC9C,OAAO,EAAE,iBAAiB,EAAE,MAAM,2BAA2B,CAAC;AAC9D,OAAO,KAAK,EACV,wBAAwB,EACxB,oBAAoB,EAKpB,uBAAuB,EAExB,MAAM,uBAAuB,CAAC;AAE/B,OAAO,KAAK,EAAE,gBAAgB,EAAE,MAAM,yBAAyB,CAAC;AAChE,OAAO,EACL,KAAK,gBAAgB,EAGtB,MAAM,8BAA8B,CAAC;AAEtC;;GAEG;AACH,MAAM,WAAW,4BAA6B,SAAQ,oBAAoB;IACxE,eAAe,CAAC,EAAE;QAChB,gBAAgB,EAAE,OAAO,CAAC;QAC1B,mBAAmB,EAAE,OAAO,CAAC;QAC7B,UAAU,EAAE,MAAM,CAAC;QACnB,SAAS,EAAE,MAAM,CAAC;QAClB,oBAAoB,EAAE;YACpB,YAAY,CAAC,EAAE,OAAO,CAAC;YACvB,eAAe,CAAC,EAAE,OAAO,CAAC;YAC1B,cAAc,CAAC,EAAE,OAAO,CAAC;SAC1B,CAAC;QACF,oBAAoB,EAAE,OAAO,CAAC;QAC9B,mBAAmB,CAAC,EAAE,MAAM,CAAC;QAC7B,MAAM,EAAE,iBAAiB,GAAG,eAAe,CAAC;KAC7C,CAAC;CACH;AAED;;GAEG;AACH,MAAM,WAAW,gCAAiC,SAAQ,wBAAwB;IAChF,WAAW,EAAE,4BAA4B,EAAE,CAAC;IAC5C,cAAc,EAAE,OAAO,CAAC;IACxB,2BAA2B,EAAE,4BAA4B,EAAE,CAAC;CAC7D;AAKD,qBAAa,sBAAuB,SAAQ,YAAY;IACtD,OAAO,CAAC,YAAY,CAAC,CAAmB;IACxC,OAAO,CAAC,gBAAgB,CAAmB;gBAE/B,MAAM,EAAE,uBAAuB;IAM3C;;OAEG;IACH,WAAW,CAAC,QAAQ,EAAE,gBAAgB,GAAG,IAAI;IAK7C;;OAEG;IACH,eAAe,CAAC,MAAM,EAAE,gBAAgB,GAAG,IAAI;IAK/C;;OAEG;IACH,eAAe,IAAI,OAAO;IAO1B;;OAEG;IACG,MAAM,CACV,OAAO,EAAE,iBAAiB,GACzB,OAAO,CAAC,wBAAwB,GAAG,gCAAgC,CAAC;IA8QvE;;OAEG;YACW,0BAA0B;IA+IxC;;OAEG;IACH,OAAO,CAAC,2BAA2B;IAiCnC;;OAEG;IACH,OAAO,CAAC,+BAA+B;IAoFvC;;;OAGG;IACH,OAAO,CAAC,UAAU;IA+GlB;;;;;;;;;OASG;IACH,OAAO,CAAC,kBAAkB;IAyE1B;;OAEG;IACH,OAAO,CAAC,iBAAiB;IAuBzB;;;OAGG;IACH,OAAO,CAAC,aAAa;IAgGrB;;;OAGG;IACH,OAAO,CAAC,yBAAyB;IAkDjC;;OAEG;IACH,OAAO,CAAC,gBAAgB;IAiDxB;;OAEG;IACH,OAAO,CAAC,mBAAmB;IAmC3B;;OAEG;IACH,OAAO,CAAC,uBAAuB;CA2ChC"}
+{"version":3,"file":"ToolAnnotationAssessor.d.ts","sourceRoot":"","sources":["../../../../src/services/assessment/modules/ToolAnnotationAssessor.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;GAWG;AAEH,OAAO,EAAE,YAAY,EAAE,MAAM,gBAAgB,CAAC;AAC9C,OAAO,EAAE,iBAAiB,EAAE,MAAM,2BAA2B,CAAC;AAC9D,OAAO,KAAK,EACV,wBAAwB,EACxB,oBAAoB,EAKpB,uBAAuB,EAExB,MAAM,uBAAuB,CAAC;AAE/B,OAAO,KAAK,EAAE,gBAAgB,EAAE,MAAM,yBAAyB,CAAC;AAChE,OAAO,EACL,KAAK,gBAAgB,EAGtB,MAAM,8BAA8B,CAAC;AAgNtC;;GAEG;AACH,MAAM,WAAW,4BAA6B,SAAQ,oBAAoB;IACxE,eAAe,CAAC,EAAE;QAChB,gBAAgB,EAAE,OAAO,CAAC;QAC1B,mBAAmB,EAAE,OAAO,CAAC;QAC7B,UAAU,EAAE,MAAM,CAAC;QACnB,SAAS,EAAE,MAAM,CAAC;QAClB,oBAAoB,EAAE;YACpB,YAAY,CAAC,EAAE,OAAO,CAAC;YACvB,eAAe,CAAC,EAAE,OAAO,CAAC;YAC1B,cAAc,CAAC,EAAE,OAAO,CAAC;SAC1B,CAAC;QACF,oBAAoB,EAAE,OAAO,CAAC;QAC9B,mBAAmB,CAAC,EAAE,MAAM,CAAC;QAC7B,MAAM,EAAE,iBAAiB,GAAG,eAAe,CAAC;KAC7C,CAAC;CACH;AAED;;GAEG;AACH,MAAM,WAAW,gCAAiC,SAAQ,wBAAwB;IAChF,WAAW,EAAE,4BAA4B,EAAE,CAAC;IAC5C,cAAc,EAAE,OAAO,CAAC;IACxB,2BAA2B,EAAE,4BAA4B,EAAE,CAAC;CAC7D;AAKD,qBAAa,sBAAuB,SAAQ,YAAY;IACtD,OAAO,CAAC,YAAY,CAAC,CAAmB;IACxC,OAAO,CAAC,gBAAgB,CAAmB;gBAE/B,MAAM,EAAE,uBAAuB;IAM3C;;OAEG;IACH,WAAW,CAAC,QAAQ,EAAE,gBAAgB,GAAG,IAAI;IAK7C;;OAEG;IACH,eAAe,CAAC,MAAM,EAAE,gBAAgB,GAAG,IAAI;IAK/C;;OAEG;IACH,eAAe,IAAI,OAAO;IAO1B;;OAEG;IACG,MAAM,CACV,OAAO,EAAE,iBAAiB,GACzB,OAAO,CAAC,wBAAwB,GAAG,gCAAgC,CAAC;IAkSvE;;OAEG;YACW,0BAA0B;IA+IxC;;OAEG;IACH,OAAO,CAAC,2BAA2B;IAiCnC;;OAEG;IACH,OAAO,CAAC,+BAA+B;IAoFvC;;;OAGG;IACH,OAAO,CAAC,UAAU;IA2HlB;;;OAGG;IACH,OAAO,CAAC,2BAA2B;IA2DnC;;;;;;;;;OASG;IACH,OAAO,CAAC,kBAAkB;IAyE1B;;OAEG;IACH,OAAO,CAAC,iBAAiB;IAuBzB;;;OAGG;IACH,OAAO,CAAC,aAAa;IAgGrB;;;OAGG;IACH,OAAO,CAAC,yBAAyB;IA0DjC;;OAEG;IACH,OAAO,CAAC,gBAAgB;IAiDxB;;OAEG;IACH,OAAO,CAAC,mBAAmB;IAmC3B;;OAEG;IACH,OAAO,CAAC,uBAAuB;CA2ChC"}