@bryan-thompson/inspector-assessment-client 1.22.13 → 1.22.16

package/lib/lib/assessmentTypes.d.ts

@@ -1,1253 +1,25 @@
 /**
  * MCP Directory Review Assessment Types
- * Based on Anthropic's 5 core requirements for MCP directory submission
- */
-export type AssessmentStatus = "PASS" | "FAIL" | "NEED_MORE_INFO";
-export type SecurityRiskLevel = "LOW" | "MEDIUM" | "HIGH";
-/**
- * Alignment status for tool annotations.
- * Extends beyond PASS/FAIL to handle ambiguous cases.
- */
-export type AlignmentStatus = "ALIGNED" | "MISALIGNED" | "REVIEW_RECOMMENDED" | "UNKNOWN";
-/**
- * Confidence level for behavior inference
- */
-export type InferenceConfidence = "high" | "medium" | "low";
-/**
- * Assessment category tier for distinguishing core vs optional assessments.
- * - "core": Always applicable to any MCP server audit
- * - "optional": Contextual assessments (e.g., MCPB bundle-specific)
- */
-export type AssessmentCategoryTier = "core" | "optional";
-/**
- * Metadata for assessment categories including tier and applicability info.
- */
-export interface AssessmentCategoryMetadata {
-    tier: AssessmentCategoryTier;
-    description: string;
-    applicableTo?: string;
-}
-/**
- * Category metadata mapping for all assessment modules.
- * Used for CLI output and downstream consumers to understand category context.
- */
-export declare const ASSESSMENT_CATEGORY_METADATA: Record<string, AssessmentCategoryMetadata>;
-/**
- * Persistence model for MCP servers (Three-Tier Classification).
- * Re-exported from annotationPatterns for backward compatibility.
  *
- * - "immediate": Write operations persist directly to storage (database, file, API)
- * - "deferred": Write operations are in-memory until explicit save operation
- * - "unknown": Cannot determine persistence model
- */
-export type { PersistenceModel, ServerPersistenceContext, } from "../services/assessment/config/annotationPatterns.js";
-export interface TestInputMetadata {
-    toolCategory: string;
-    generationStrategy: string;
-    fieldSources: Record<string, {
-        field: string;
-        value: unknown;
-        source: "category" | "field-name" | "schema-default" | "enum" | "format" | "default";
-        reason: string;
-    }>;
-}
-/**
- * Metadata about the response content types and structure.
- * Tracks what type of content the tool returns for better categorization.
- */
-export interface ResponseMetadata {
-    /** Content types present in the response */
-    contentTypes: Array<"text" | "image" | "resource" | "resource_link" | "audio">;
-    /** True if response includes structuredContent property */
-    hasStructuredContent: boolean;
-    /** True if response includes _meta property */
-    hasMeta: boolean;
-    /** Number of text content blocks */
-    textBlockCount: number;
-    /** Number of image content blocks */
-    imageCount: number;
-    /** Number of resource/resource_link content blocks */
-    resourceCount: number;
-    /** Output schema validation result (if tool has outputSchema) */
-    outputSchemaValidation?: {
-        hasOutputSchema: boolean;
-        isValid: boolean;
-        error?: string;
-    };
-}
-export interface ToolTestResult {
-    toolName: string;
-    tested: boolean;
-    status: "working" | "broken" | "untested";
-    error?: string;
-    executionTime?: number;
-    testParameters?: Record<string, unknown>;
-    response?: unknown;
-    testInputMetadata?: TestInputMetadata;
-    /** Metadata about response content types and structure (optional, backward compatible) */
-    responseMetadata?: ResponseMetadata;
-}
-export interface EnhancedToolTestResult {
-    toolName: string;
-    tested: boolean;
-    status: "fully_working" | "partially_working" | "connectivity_only" | "broken" | "untested";
-    confidence: number;
-    scenariosExecuted: number;
-    scenariosPassed: number;
-    scenariosFailed: number;
-    executionTime: number;
-    validationSummary: {
-        happyPathSuccess: boolean;
-        edgeCasesHandled: number;
-        edgeCasesTotal: number;
-        boundariesRespected: number;
-        boundariesTotal: number;
-        errorHandlingWorks: boolean;
-    };
-    recommendations: string[];
-    detailedResults?: Array<{
-        scenarioName: string;
-        category: "happy_path" | "edge_case" | "boundary" | "error_case";
-        passed: boolean;
-        confidence: number;
-        issues: string[];
-        evidence: string[];
-    }>;
-}
-export interface SecurityTestResult {
-    testName: string;
-    description: string;
-    payload: string;
-    vulnerable: boolean;
-    evidence?: string;
-    riskLevel: SecurityRiskLevel;
-    toolName?: string;
-    response?: string;
-    confidence?: "high" | "medium" | "low";
-    requiresManualReview?: boolean;
-    manualReviewReason?: string;
-    reviewGuidance?: string;
-    connectionError?: boolean;
-    errorType?: "connection" | "server" | "protocol";
-    testReliability?: "completed" | "failed" | "retried";
-}
-export interface CodeExample {
-    code: string;
-    language?: string;
-    description?: string;
-    lineNumber?: number;
-    lineCount?: number;
-    exampleType?: "functional" | "install" | "config" | "implementation";
-}
-/**
- * Represents a tool with missing or inadequate documentation.
- * Used to identify documentation gaps for tool descriptions.
- */
-export interface ToolDocGap {
-    toolName: string;
-    issue: "missing" | "too_short";
-    descriptionLength: number;
-    documentedInReadme: boolean;
-}
-export interface DocumentationMetrics {
-    hasReadme: boolean;
-    exampleCount: number;
-    requiredExamples: number;
-    missingExamples: string[];
-    hasInstallInstructions: boolean;
-    hasUsageGuide: boolean;
-    hasAPIReference: boolean;
-    extractedExamples?: CodeExample[];
-    installInstructions?: string;
-    usageInstructions?: string;
-    readmeLength?: number;
-    readmeWordCount?: number;
-    sectionHeadings?: string[];
-    toolDocumentation?: Array<{
-        name: string;
-        hasDescription: boolean;
-        descriptionLength: number;
-        documentedInReadme: boolean;
-        /** Actual description text (truncated to 200 chars) for Claude analysis */
-        description?: string;
-    }>;
-    readmeContent?: string;
-    /** Count of tools with descriptions >= 50 characters */
-    toolsWithDescriptions: number;
-    /** Total number of tools analyzed */
-    toolsTotal: number;
-    /** Tools with missing or inadequate (<50 chars) descriptions */
-    toolDocGaps: ToolDocGap[];
-}
-export interface ErrorTestDetail {
-    toolName: string;
-    testType: string;
-    testInput: Record<string, unknown>;
-    testDescription?: string;
-    expectedError: string;
-    actualResponse: {
-        isError: boolean;
-        errorCode?: string | number;
-        errorMessage?: string;
-        rawResponse: unknown;
-    };
-    passed: boolean;
-    reason?: string;
-}
-export interface ErrorHandlingMetrics {
-    mcpComplianceScore: number;
-    errorResponseQuality: "excellent" | "good" | "fair" | "poor";
-    hasProperErrorCodes: boolean;
-    hasDescriptiveMessages: boolean;
-    validatesInputs: boolean;
-    validationCoverage?: {
-        wrongType: number;
-        wrongTypeCount?: {
-            passed: number;
-            total: number;
-        };
-        extraParams: number;
-        extraParamsCount?: {
-            passed: number;
-            total: number;
-        };
-        missingRequired: number;
-        missingRequiredCount?: {
-            passed: number;
-            total: number;
-        };
-        nullValues: number;
-        nullValuesCount?: {
-            passed: number;
-            total: number;
-        };
-        totalTests: number;
-        overallPassRate?: number;
-    };
-    testDetails?: ErrorTestDetail[];
-}
-export interface UsabilityMetrics {
-    toolNamingConvention: "consistent" | "inconsistent";
-    parameterClarity: "clear" | "unclear" | "mixed";
-    hasHelpfulDescriptions: boolean;
-    followsBestPractices: boolean;
-    detailedAnalysis?: {
-        tools: Array<{
-            toolName: string;
-            namingPattern: string;
-            description?: string;
-            descriptionLength: number;
-            hasDescription: boolean;
-            parameterCount: number;
-            hasRequiredParams: boolean;
-            hasSchema: boolean;
-            schemaQuality: string;
-            parameters?: Array<{
-                name: string;
-                type?: string;
-                required: boolean;
-                description?: string;
-                hasDescription: boolean;
-            }>;
-        }>;
-        naming: {
-            patterns: string[];
-            breakdown: Record<string, number>;
-            dominant: string;
-        };
-        descriptions: {
-            withDescriptions: number;
-            withoutDescriptions: number;
-            averageLength: number;
-            tooShort: Array<{
-                toolName: string;
-                namingPattern: string;
-                description?: string;
-                descriptionLength: number;
-                hasDescription: boolean;
-                parameterCount: number;
-                hasRequiredParams: boolean;
-                hasSchema: boolean;
-                schemaQuality: string;
-                parameters?: Array<{
-                    name: string;
-                    type?: string;
-                    required: boolean;
-                    description?: string;
-                    hasDescription: boolean;
-                }>;
-            }>;
-            adequate: Array<{
-                toolName: string;
-                namingPattern: string;
-                description?: string;
-                descriptionLength: number;
-                hasDescription: boolean;
-                parameterCount: number;
-                hasRequiredParams: boolean;
-                hasSchema: boolean;
-                schemaQuality: string;
-                parameters?: Array<{
-                    name: string;
-                    type?: string;
-                    required: boolean;
-                    description?: string;
-                    hasDescription: boolean;
-                }>;
-            }>;
-            detailed: Array<{
-                toolName: string;
-                namingPattern: string;
-                description?: string;
-                descriptionLength: number;
-                hasDescription: boolean;
-                parameterCount: number;
-                hasRequiredParams: boolean;
-                hasSchema: boolean;
-                schemaQuality: string;
-                parameters?: Array<{
-                    name: string;
-                    type?: string;
-                    required: boolean;
-                    description?: string;
-                    hasDescription: boolean;
-                }>;
-            }>;
-        };
-        parameterIssues: string[];
-        bestPracticeScore: {
-            naming: number;
-            descriptions: number;
-            schemas: number;
-            clarity: number;
-            total: number;
-        };
-        overallScore: number;
-    };
-}
-/** Tool definition with schema from MCP tools/list response */
-export interface DiscoveredTool {
-    name: string;
-    description?: string;
-    inputSchema?: {
-        type: string;
-        properties?: Record<string, unknown>;
-        required?: string[];
-    };
-}
-export interface FunctionalityAssessment {
-    totalTools: number;
-    testedTools: number;
-    workingTools: number;
-    brokenTools: string[];
-    coveragePercentage: number;
-    status: AssessmentStatus;
-    explanation: string;
-    toolResults: ToolTestResult[];
-    /** Raw tool definitions with inputSchema from MCP server */
-    tools?: DiscoveredTool[];
-}
-export interface SecurityAssessment {
-    promptInjectionTests: SecurityTestResult[];
-    vulnerabilities: string[];
-    overallRiskLevel: SecurityRiskLevel;
-    status: AssessmentStatus;
-    explanation: string;
-}
-export interface DocumentationAssessment {
-    metrics: DocumentationMetrics;
-    status: AssessmentStatus;
-    explanation: string;
-    recommendations: string[];
-}
-export interface ErrorHandlingAssessment {
-    metrics: ErrorHandlingMetrics;
-    /** Raw error handling test results for downstream analysis */
-    errorTests?: ErrorTestDetail[];
-    status: AssessmentStatus;
-    explanation: string;
-    recommendations: string[];
-}
-export interface UsabilityAssessment {
-    metrics: UsabilityMetrics;
-    status: AssessmentStatus;
-    explanation: string;
-    recommendations: string[];
-}
-export interface StructuredRecommendation {
-    id: string;
-    title: string;
-    severity: "critical" | "warning" | "enhancement";
-    confidence: "high" | "medium" | "low";
-    detectionMethod: "automated" | "manual-required";
-    category: string;
-    description: string;
-    requiresManualVerification: boolean;
-    manualVerificationSteps?: string[];
-    contextNote?: string;
-    actionItems: string[];
-}
-/**
- * Individual protocol check result with evidence
- */
-export interface ProtocolCheckResult {
-    passed: boolean;
-    confidence: "high" | "medium" | "low";
-    evidence?: string;
-    warnings?: string[];
-    rawResponse?: unknown;
-}
-/**
- * Protocol checks that are actually tested via MCP calls
- * HIGH CONFIDENCE - these are verified through actual protocol interaction
- */
-export interface ProtocolChecks {
-    jsonRpcCompliance: ProtocolCheckResult;
-    serverInfoValidity: ProtocolCheckResult;
-    schemaCompliance: ProtocolCheckResult;
-    errorResponseCompliance: ProtocolCheckResult;
-    structuredOutputSupport: ProtocolCheckResult;
-    capabilitiesCompliance?: ProtocolCheckResult;
-}
-/**
- * Metadata-based hints parsed from serverInfo
- * LOW CONFIDENCE - these are NOT tested, just parsed from metadata
- */
-export interface MetadataHints {
-    confidence: "low";
-    requiresManualVerification: true;
-    transportHints?: {
-        detectedTransport?: string;
-        supportsStdio: boolean;
-        supportsHTTP: boolean;
-        supportsSSE: boolean;
-        detectionMethod: "metadata" | "assumed";
-    };
-    oauthHints?: {
-        hasOAuthConfig: boolean;
-        supportsOAuth: boolean;
-        supportsPKCE: boolean;
-        resourceIndicators?: string[];
-    };
-    annotationHints?: {
-        supportsReadOnlyHint: boolean;
-        supportsDestructiveHint: boolean;
-        supportsTitleAnnotation: boolean;
-        customAnnotations?: string[];
-    };
-    streamingHints?: {
-        supportsStreaming: boolean;
-        streamingProtocol?: "http-streaming" | "sse" | "websocket";
-    };
-    manualVerificationSteps: string[];
-}
-/**
- * MCP Spec Compliance Assessment - Hybrid Structure
- * Clearly separates verified protocol checks from unverified metadata hints
- */
-export interface MCPSpecComplianceAssessment {
-    protocolVersion: string;
-    protocolChecks: ProtocolChecks;
-    metadataHints?: MetadataHints;
-    status: AssessmentStatus;
-    complianceScore: number;
-    explanation: string;
-    recommendations: string[];
-    /** @deprecated Use protocolChecks and metadataHints instead */
-    transportCompliance?: TransportComplianceMetrics;
-    /** @deprecated Use metadataHints.oauthHints instead */
-    oauthImplementation?: OAuthComplianceMetrics;
-    /** @deprecated Use metadataHints.annotationHints instead */
-    annotationSupport?: AnnotationSupportMetrics;
-    /** @deprecated Use metadataHints.streamingHints instead */
-    streamingSupport?: StreamingSupportMetrics;
-}
-export interface TransportComplianceMetrics {
-    supportsStreamableHTTP: boolean;
-    deprecatedSSE: boolean;
-    transportValidation: "passed" | "failed" | "partial";
-    errors?: string[];
-    supportsStdio?: boolean;
-    supportsSSE?: boolean;
-    confidence?: "high" | "medium" | "low";
-    detectionMethod?: "automated" | "manual-required";
-    requiresManualCheck?: boolean;
-    manualVerificationSteps?: string[];
-}
-export interface OAuthComplianceMetrics {
-    implementsResourceServer: boolean;
-    supportsRFC8707: boolean;
-    resourceIndicators: string[];
-    tokenValidation: boolean;
-    scopeEnforcement: boolean;
-    errors?: string[];
-    supportsOAuth?: boolean;
-    supportsPKCE?: boolean;
-}
-export interface AnnotationSupportMetrics {
-    supportsReadOnlyHint: boolean;
-    supportsDestructiveHint: boolean;
-    supportsTitleAnnotation: boolean;
-    customAnnotations?: string[];
-}
-export interface StreamingSupportMetrics {
-    supportsStreaming: boolean;
-    streamingProtocol?: "http-streaming" | "sse" | "websocket";
-    performanceMetrics?: {
-        latency: number;
-        throughput: number;
-    };
-}
-export interface DependencyAnalysis {
-    totalDependencies: number;
-    directDependencies: number;
-    transitiveDependencies: number;
-    outdatedPackages: number;
-    abandonedPackages: number;
-    riskyLicenses: string[];
-    licenseCompliance?: boolean;
-}
-export interface VulnerabilityReport {
-    packageName: string;
-    version: string;
-    vulnerability: string;
-    severity: "CRITICAL" | "HIGH" | "MEDIUM" | "LOW";
-    cve?: string;
-    fixAvailable: boolean;
-    fixVersion?: string;
-    package?: string;
-}
-export interface SoftwareBillOfMaterials {
-    format: "SPDX" | "CycloneDX";
-    components: number;
-    licenses: string[];
-    attestations?: string[];
-}
-export interface PackageIntegrityMetrics {
-    signedPackages: number;
-    verifiedPublishers: number;
-    integrityChecksPassed: boolean;
-    integrityScore: number;
-    squattingRisk: "HIGH" | "MEDIUM" | "LOW";
-}
-export interface RuntimeTestResult {
-    testName: string;
-    category: "memory" | "filesystem" | "network" | "process";
-    passed: boolean;
-    findings?: string[];
-    severity?: SecurityRiskLevel;
-}
-export interface FuzzingReport {
-    totalInputsTested: number;
-    crashesFound: number;
-    hangsDetected: number;
-    memoryLeaks: number;
-    unexpectedBehaviors: string[];
-    coveragePercentage: number;
-    passed: number;
-    failed: number;
-}
-export interface SandboxTestResult {
-    escapeTechnique: string;
-    successful: boolean;
-    containmentLevel: "full" | "partial" | "none";
-    details?: string;
-}
-export interface BehaviorAnalysisReport {
-    suspiciousBehaviors: string[];
-    networkConnections: string[];
-    fileSystemAccess: string[];
-    processSpawning: boolean;
-    anomalyScore: number;
-}
-export interface MCPDirectoryAssessment {
-    serverName: string;
-    assessmentDate: string;
-    assessorVersion: string;
-    functionality: FunctionalityAssessment;
-    security: SecurityAssessment;
-    documentation: DocumentationAssessment;
-    errorHandling: ErrorHandlingAssessment;
-    usability: UsabilityAssessment;
-    mcpSpecCompliance?: MCPSpecComplianceAssessment;
-    aupCompliance?: AUPComplianceAssessment;
-    toolAnnotations?: ToolAnnotationAssessment;
-    prohibitedLibraries?: ProhibitedLibrariesAssessment;
-    manifestValidation?: ManifestValidationAssessment;
-    portability?: PortabilityAssessment;
-    externalAPIScanner?: ExternalAPIScannerAssessment;
-    authentication?: AuthenticationAssessment;
-    temporal?: TemporalAssessment;
-    /** MCP Resources capability assessment results */
-    resources?: ResourceAssessment;
-    /** MCP Prompts capability assessment results */
-    prompts?: PromptAssessment;
-    /** Cross-capability security assessment (resources x prompts x tools interactions) */
-    crossCapability?: CrossCapabilitySecurityAssessment;
-    overallStatus: AssessmentStatus;
-    summary: string;
-    recommendations: string[];
-    executionTime: number;
-    totalTestsRun: number;
-    evidenceFiles?: string[];
-    mcpProtocolVersion?: string;
-    assessmentMetadata?: {
-        /** Whether source code was available during assessment */
-        sourceCodeAvailable: boolean;
-        /** Transport type used for the assessment */
-        transportType?: "stdio" | "sse" | "streamable-http";
-    };
-}
-/**
- * AUP (Acceptable Use Policy) Compliance Types
- * Based on Anthropic's 14 AUP categories (A-N)
- */
-export type AUPCategory = "A" | "B" | "C" | "D" | "E" | "F" | "G" | "H" | "I" | "J" | "K" | "L" | "M" | "N";
-export type AUPSeverity = "CRITICAL" | "HIGH" | "MEDIUM" | "FLAG";
-export interface AUPViolation {
-    category: AUPCategory;
-    categoryName: string;
-    severity: AUPSeverity;
-    pattern: string;
-    matchedText: string;
-    location: "tool_name" | "tool_description" | "readme" | "source_code";
-    filePath?: string;
-    lineNumber?: number;
-    confidence: "high" | "medium" | "low";
-    requiresHumanReview: boolean;
-    reviewGuidance?: string;
-}
-export interface AUPComplianceAssessment {
-    violations: AUPViolation[];
-    highRiskDomains: string[];
-    scannedLocations: {
-        toolNames: boolean;
-        toolDescriptions: boolean;
-        readme: boolean;
-        sourceCode: boolean;
-    };
-    status: AssessmentStatus;
-    explanation: string;
-    recommendations: string[];
-}
-/**
- * Tool Annotation Types (Policy #17)
- * Verifies readOnlyHint, destructiveHint presence
- */
-/**
- * Source of tool annotations
- */
-export type AnnotationSource = "mcp" | "source-code" | "inferred" | "none";
-export interface ToolAnnotationResult {
-    toolName: string;
-    hasAnnotations: boolean;
-    annotations?: {
-        readOnlyHint?: boolean;
-        destructiveHint?: boolean;
-        title?: string;
-        description?: string;
-        idempotentHint?: boolean;
-        openWorldHint?: boolean;
-    };
-    /** Where the annotations were extracted from */
-    annotationSource?: AnnotationSource;
-    inferredBehavior?: {
-        expectedReadOnly: boolean;
-        expectedDestructive: boolean;
-        reason: string;
-        /** Confidence level of the inference */
-        confidence: InferenceConfidence;
-        /** True if the tool name matches an ambiguous pattern */
-        isAmbiguous: boolean;
-    };
-    /** Alignment status between annotations and inferred behavior */
-    alignmentStatus?: AlignmentStatus;
-    issues: string[];
-    recommendations: string[];
-    /** Description poisoning detection (Issue #8) */
-    descriptionPoisoning?: {
-        detected: boolean;
-        patterns: Array<{
-            name: string;
-            pattern: string;
-            severity: "LOW" | "MEDIUM" | "HIGH";
-            category: string;
-            evidence: string;
-        }>;
-        riskLevel: "NONE" | "LOW" | "MEDIUM" | "HIGH";
-    };
-}
-export interface ToolAnnotationAssessment {
-    toolResults: ToolAnnotationResult[];
-    annotatedCount: number;
-    missingAnnotationsCount: number;
-    /** Count of high-confidence misalignments only (excludes REVIEW_RECOMMENDED) */
-    misalignedAnnotationsCount: number;
-    status: AssessmentStatus;
-    explanation: string;
-    recommendations: string[];
-    /** Detailed metrics for annotation quality */
-    metrics?: {
-        /** Percentage of tools with any annotations (0-100) */
-        coverage: number;
-        /** Percentage of tools without contradictions (0-100) */
-        consistency: number;
-        /** Percentage of high-confidence alignments (0-100) */
-        correctness: number;
-        /** Count of tools needing manual review */
-        reviewRequired: number;
-    };
-    /** Breakdown of tools by alignment status */
-    alignmentBreakdown?: {
-        aligned: number;
-        misaligned: number;
-        reviewRecommended: number;
-        unknown: number;
-    };
-    /** Summary of where annotations were extracted from */
-    annotationSources?: {
-        /** Count from MCP protocol (tools/list response) */
-        mcp: number;
-        /** Count from source code analysis */
-        sourceCode: number;
-        /** Count where behavior was inferred from patterns */
-        inferred: number;
-        /** Count with no annotations found */
-        none: number;
-    };
-    /** Count of tools with poisoned descriptions detected (Issue #8) */
-    poisonedDescriptionsDetected?: number;
-}
-/**
- * Prohibited Libraries Types (Policy #28-30)
- * Detects financial and media processing libraries
- */
-export type ProhibitedLibraryCategory = "financial" | "media" | "payments" | "banking";
-export interface ProhibitedLibraryMatch {
-    name: string;
-    category: ProhibitedLibraryCategory;
-    location: "package.json" | "source_import" | "requirements.txt" | "cargo.toml";
-    filePath?: string;
-    lineNumber?: number;
-    severity: "BLOCKING" | "HIGH" | "MEDIUM";
-    reason: string;
-    policyReference: string;
-}
-export interface ProhibitedLibrariesAssessment {
-    matches: ProhibitedLibraryMatch[];
-    scannedFiles: string[];
-    hasFinancialLibraries: boolean;
-    hasMediaLibraries: boolean;
-    status: AssessmentStatus;
-    explanation: string;
-    recommendations: string[];
-}
-/**
- * MCPB Manifest Validation Types
- * Based on manifest_version 0.3 spec
- */
-export interface ManifestJsonSchema {
-    manifest_version: string;
-    name: string;
-    version: string;
-    description?: string;
-    author?: string;
-    repository?: string;
-    license?: string;
-    mcp_config: {
-        command: string;
-        args?: string[];
-        env?: Record<string, string>;
-    };
-    icon?: string;
-    homepage?: string;
-    keywords?: string[];
-    privacy_policies?: string[];
-}
-/**
- * Privacy Policy URL Validation Result
- * Validates that privacy_policies URLs are accessible
- */
-export interface PrivacyPolicyValidation {
-    url: string;
-    accessible: boolean;
-    statusCode?: number;
-    contentType?: string;
-    error?: string;
-}
-export interface ManifestValidationResult {
-    field: string;
-    valid: boolean;
-    value?: unknown;
-    expectedType?: string;
-    issue?: string;
-    severity: "ERROR" | "WARNING" | "INFO";
-}
-export interface ManifestValidationAssessment {
-    hasManifest: boolean;
-    manifestVersion?: string;
-    validationResults: ManifestValidationResult[];
-    hasIcon: boolean;
-    hasRequiredFields: boolean;
-    missingFields: string[];
-    /** Privacy policy URL validation results */
-    privacyPolicies?: {
-        declared: string[];
-        validationResults: PrivacyPolicyValidation[];
-        allAccessible: boolean;
-    };
-    status: AssessmentStatus;
-    explanation: string;
-    recommendations: string[];
-}
-/**
- * Portability Assessment Types
- * Detects hardcoded paths, platform-specific code
- */
-export interface PortabilityIssue {
-    type: "hardcoded_path" | "platform_specific" | "bundle_root_antipattern" | "absolute_path" | "user_home_path";
-    filePath: string;
-    lineNumber?: number;
-    matchedText: string;
-    severity: "HIGH" | "MEDIUM" | "LOW";
-    recommendation: string;
-}
-export interface PortabilityAssessment {
-    issues: PortabilityIssue[];
-    scannedFiles: number;
-    platformSpecificCount: number;
-    hardcodedPathCount: number;
-    usesDirname: boolean;
-    usesBundleRoot: boolean;
-    status: AssessmentStatus;
-    explanation: string;
-    recommendations: string[];
-    /** Shell command portability analysis */
-    shellCommands?: Array<{
-        command: string;
-        isPortable: boolean;
-        alternativeCommand?: string;
-    }>;
-    /** Platform coverage summary */
-    platformCoverage?: {
-        supported: "all" | "windows" | "macos" | "linux";
-        missing: string[];
-    };
-}
-export interface DetectedAPI {
-    url: string;
-    service: string;
-    filePath: string;
-}
-export interface ExternalAPIScannerAssessment {
-    detectedAPIs: DetectedAPI[];
-    uniqueServices: string[];
-    affiliationWarning?: string;
-    scannedFiles: number;
-    status: AssessmentStatus;
-    explanation: string;
-    recommendations: string[];
-}
-export type AuthMethod = "oauth" | "api_key" | "none" | "unknown";
-export interface AuthAppropriateness {
-    isAppropriate: boolean;
-    concerns: string[];
-    explanation: string;
-}
-export interface TransportSecurityAnalysis {
-    usesTLS: boolean;
-    tlsEnforced: boolean;
-    hasInsecurePatterns: boolean;
-    insecurePatterns: string[];
-    hasSecurePatterns: boolean;
-    securePatterns: string[];
-    corsConfigured: boolean;
-    corsPermissive: boolean;
-    sessionSecure: boolean;
-    recommendations: string[];
-}
-export interface AuthenticationAssessment {
-    authMethod: AuthMethod;
-    hasLocalDependencies: boolean;
-    transportType: string;
-    appropriateness: AuthAppropriateness;
-    recommendation: string;
-    detectedPatterns: {
-        oauthIndicators: string[];
-        localResourceIndicators: string[];
-        apiKeyIndicators: string[];
-    };
-    transportSecurity?: TransportSecurityAnalysis;
-    status: AssessmentStatus;
-    explanation: string;
-    recommendations: string[];
-}
-/**
- * Temporal/Rug Pull Assessment Types
- * Detects tools that change behavior after N invocations
- */
-export interface TemporalToolResult {
-    tool: string;
-    vulnerable: boolean;
-    totalInvocations: number;
-    firstDeviationAt: number | null;
-    deviationCount: number;
-    errorCount: number;
-    pattern: "RUG_PULL_TEMPORAL" | "RUG_PULL_DEFINITION" | null;
-    severity: "HIGH" | "MEDIUM" | "NONE";
-    reducedInvocations?: boolean;
-    note?: string;
-    evidence?: {
-        safeResponseExample: unknown;
-        maliciousResponseExample: unknown;
-    };
-    definitionMutated?: boolean;
-    definitionMutationAt?: number | null;
-    definitionEvidence?: {
-        baselineDescription?: string;
-        mutatedDescription?: string;
-        baselineSchema?: unknown;
-        mutatedSchema?: unknown;
-    };
-}
-export interface TemporalAssessment {
-    toolsTested: number;
-    invocationsPerTool: number;
-    rugPullsDetected: number;
-    definitionMutationsDetected: number;
-    details: TemporalToolResult[];
-    status: AssessmentStatus;
-    explanation: string;
-    recommendations: string[];
-}
-/**
- * Resource Assessment Types
- * Evaluates MCP server resources for security and compliance
- */
-export interface ResourceTestResult {
-    resourceUri: string;
-    resourceName?: string;
-    mimeType?: string;
-    tested: boolean;
-    accessible: boolean;
-    securityIssues: string[];
-    pathTraversalVulnerable: boolean;
-    sensitiveDataExposed: boolean;
-    promptInjectionDetected: boolean;
-    promptInjectionPatterns: string[];
-    validUri: boolean;
-    readTime?: number;
-    contentSizeBytes?: number;
-    error?: string;
-    /** Sensitive data patterns detected in resource content */
-    sensitivePatterns?: Array<{
-        pattern: string;
-        severity: "critical" | "high" | "medium";
-        detected: boolean;
-    }>;
-    /** Access control information */
-    accessControls?: {
-        requiresAuth: boolean;
-        authType?: string;
-    };
-    /** Data classification based on content analysis */
-    dataClassification?: "public" | "internal" | "confidential" | "restricted";
-}
-export interface ResourceAssessment {
-    resourcesTested: number;
-    resourceTemplatesTested: number;
-    accessibleResources: number;
-    securityIssuesFound: number;
-    pathTraversalVulnerabilities: number;
-    sensitiveDataExposures: number;
-    promptInjectionVulnerabilities: number;
-    results: ResourceTestResult[];
-    status: AssessmentStatus;
-    explanation: string;
-    recommendations: string[];
-}
-/**
- * Prompt Assessment Types
- * Evaluates MCP server prompts for security and AUP compliance
- */
-export interface PromptTestResult {
-    promptName: string;
-    description?: string;
-    tested: boolean;
-    hasRequiredArguments: boolean;
-    argumentsValidated: boolean;
-    aupCompliant: boolean;
-    injectionVulnerable: boolean;
-    safetyIssues: string[];
-    argumentCount: number;
-    executionTime?: number;
-    error?: string;
-    /** Template analysis for prompt structure */
-    promptTemplate?: {
-        templateType: string;
-        variables: string[];
-        validated: boolean;
-    };
-    /** Dynamic content analysis */
-    dynamicContent?: {
-        hasInterpolation: boolean;
-        injectionSafe: boolean;
-        escapingApplied: string[];
-    };
-}
-export interface PromptAssessment {
-    promptsTested: number;
-    aupViolations: number;
-    injectionVulnerabilities: number;
-    argumentValidationIssues: number;
-    results: PromptTestResult[];
-    status: AssessmentStatus;
-    explanation: string;
-    recommendations: string[];
-}
-/**
- * Cross-Capability Security Assessment Types
- * Tests interactions between tools, resources, and prompts
- */
-export interface CrossCapabilityTestResult {
-    testType: "tool_to_resource" | "prompt_to_tool" | "resource_to_tool" | "privilege_escalation";
-    sourceCapability: string;
-    targetCapability: string;
-    vulnerable: boolean;
-    evidence?: string;
-    riskLevel: SecurityRiskLevel;
-    description: string;
-    /** Specific privilege escalation vector if detected */
-    privilegeEscalationVector?: string;
-    /** Data exfiltration risk details */
-    dataExfiltrationRisk?: {
-        sensitiveFields: string[];
-        exfiltrationMethod: string;
-    };
-    /** Chain of capabilities that could be exploited together */
-    attackChain?: string[];
-    /** Confidence level in the detection */
-    confidence?: "high" | "medium" | "low";
-}
-export interface CrossCapabilitySecurityAssessment {
-    testsRun: number;
-    vulnerabilitiesFound: number;
-    privilegeEscalationRisks: number;
-    dataFlowViolations: number;
-    results: CrossCapabilityTestResult[];
-    status: AssessmentStatus;
-    explanation: string;
-    recommendations: string[];
-}
-export declare const PROMPT_INJECTION_TESTS: Omit<SecurityTestResult, "vulnerable" | "evidence">[];
-/**
- * Claude Code Bridge Configuration
- * Enables integration with Claude Code CLI for intelligent analysis
- */
-export interface ClaudeCodeConfig {
-    enabled: boolean;
-    features: {
-        intelligentTestGeneration: boolean;
-        aupSemanticAnalysis: boolean;
-        annotationInference: boolean;
-        documentationQuality: boolean;
-    };
-    timeout: number;
-    workingDir?: string;
-    maxRetries?: number;
-}
-export interface AssessmentConfiguration {
-    testTimeout: number;
-    delayBetweenTests?: number;
-    skipBrokenTools: boolean;
-    reviewerMode?: boolean;
-    enableExtendedAssessment?: boolean;
-    documentationVerbosity?: "minimal" | "standard" | "verbose";
-    parallelTesting?: boolean;
-    maxParallelTests?: number;
-    scenariosPerTool?: number;
-    maxToolsToTestForErrors?: number;
-    selectedToolsForTesting?: string[];
-    securityPatternsToTest?: number;
-    enableDomainTesting?: boolean;
-    mcpProtocolVersion?: string;
-    enableSourceCodeAnalysis?: boolean;
-    patternConfigPath?: string;
-    claudeCode?: ClaudeCodeConfig;
-    temporalInvocations?: number;
-    assessmentCategories?: {
-        functionality: boolean;
-        security: boolean;
-        documentation: boolean;
-        errorHandling: boolean;
-        usability: boolean;
-        mcpSpecCompliance?: boolean;
-        aupCompliance?: boolean;
-        toolAnnotations?: boolean;
-        prohibitedLibraries?: boolean;
-        manifestValidation?: boolean;
-        portability?: boolean;
-        externalAPIScanner?: boolean;
-        authentication?: boolean;
-        temporal?: boolean;
-        resources?: boolean;
-        prompts?: boolean;
-        crossCapability?: boolean;
-    };
-}
-/**
- * Progress callback for assessment modules to report test execution progress.
- * Used by CLI to emit batched JSONL events.
- */
-export interface ProgressCallback {
-    (event: ProgressEvent): void;
-}
-/**
- * Union type for all progress events emitted during assessment.
- */
-export type ProgressEvent = ModuleStartedProgress | TestBatchProgress | ModuleCompleteProgress | VulnerabilityFoundProgress | AnnotationMissingProgress | AnnotationMisalignedProgress | AnnotationReviewRecommendedProgress | AnnotationPoisonedProgress | AnnotationAlignedProgress;
-/**
- * Emitted when an assessment module begins execution.
- */
-export interface ModuleStartedProgress {
-    type: "module_started";
-    module: string;
-    estimatedTests: number;
-    toolCount: number;
-}
-/**
- * Emitted periodically during module execution with batched test results.
- * Batching reduces event volume for large assessments.
- */
-export interface TestBatchProgress {
-    type: "test_batch";
-    module: string;
-    completed: number;
-    total: number;
-    batchSize: number;
-    elapsed: number;
-}
-/**
- * Emitted when an assessment module completes with final stats.
- */
-export interface ModuleCompleteProgress {
-    type: "module_complete";
-    module: string;
-    status: AssessmentStatus;
-    score: number;
-    testsRun: number;
-    duration: number;
-}
-/**
- * Emitted when a security vulnerability is detected during assessment.
- * Provides real-time alerts for security findings.
- */
-export interface VulnerabilityFoundProgress {
-    type: "vulnerability_found";
-    tool: string;
-    pattern: string;
-    confidence: "high" | "medium" | "low";
-    evidence: string;
-    riskLevel: "HIGH" | "MEDIUM" | "LOW";
-    requiresReview: boolean;
-    payload?: string;
-}
-/**
- * Tool parameter metadata for annotation events.
- * Reusable type matching jsonl-events.ts ToolParam.
- */
-export interface ToolParamProgress {
-    name: string;
-    type: string;
-    required: boolean;
-    description?: string;
-}
-/**
- * Emitted when a tool is missing required annotations.
- * Provides real-time alerts during annotation assessment.
- */
-export interface AnnotationMissingProgress {
-    type: "annotation_missing";
-    tool: string;
-    title?: string;
-    description?: string;
-    parameters: ToolParamProgress[];
-    inferredBehavior: {
-        expectedReadOnly: boolean;
-        expectedDestructive: boolean;
-        reason: string;
-    };
-}
-/**
- * Emitted when tool annotations don't match inferred behavior.
- * Provides real-time alerts during annotation assessment.
- */
-export interface AnnotationMisalignedProgress {
-    type: "annotation_misaligned";
-    tool: string;
-    title?: string;
-    description?: string;
-    parameters: ToolParamProgress[];
-    field: "readOnlyHint" | "destructiveHint";
-    actual: boolean | undefined;
-    expected: boolean;
-    confidence: number;
-    reason: string;
-}
-/**
- * Emitted when annotation alignment cannot be confidently determined.
- * Used for ambiguous patterns like store_*, queue_*, cache_* where behavior
- * varies by implementation context. Does not indicate a failure - just flags
- * for human review.
- */
-export interface AnnotationReviewRecommendedProgress {
-    type: "annotation_review_recommended";
-    tool: string;
-    title?: string;
-    description?: string;
-    parameters: ToolParamProgress[];
-    field: "readOnlyHint" | "destructiveHint";
-    actual: boolean | undefined;
-    inferred: boolean;
-    confidence: InferenceConfidence;
-    isAmbiguous: boolean;
-    reason: string;
-}
-/**
- * Emitted when tool description contains poisoning patterns (Issue #8).
- * Indicates potential prompt injection or malicious instructions in tool metadata.
- */
-export interface AnnotationPoisonedProgress {
-    type: "annotation_poisoned";
-    tool: string;
-    description?: string;
-    patterns: Array<{
-        name: string;
-        pattern: string;
-        severity: "LOW" | "MEDIUM" | "HIGH";
-        category: string;
-        evidence: string;
-    }>;
-    riskLevel: "NONE" | "LOW" | "MEDIUM" | "HIGH";
-}
-/**
- * Emitted when tool annotations correctly match inferred behavior.
- * Provides real-time confirmation during annotation assessment.
+ * @deprecated This file has been split into focused modules for better maintainability.
+ * All exports are re-exported from the new `assessment/` directory for backward compatibility.
+ *
+ * For new code, prefer importing from specific modules:
+ * - `@/lib/assessment/coreTypes` - AssessmentStatus, SecurityRiskLevel, AlignmentStatus
+ * - `@/lib/assessment/configTypes` - AssessmentConfiguration, config presets
+ * - `@/lib/assessment/resultTypes` - MCPDirectoryAssessment, assessment result types
+ * - `@/lib/assessment/extendedTypes` - AUP, Annotation, Temporal assessment types
+ * - `@/lib/assessment/progressTypes` - Progress event types for JSONL streaming
+ * - `@/lib/assessment/constants` - PROMPT_INJECTION_TESTS constant
+ *
+ * Or import everything from `@/lib/assessment`:
+ * ```typescript
+ * import { MCPDirectoryAssessment, AssessmentConfiguration } from "../lib/assessment/index.js";
+ * ```
+ *
+ * See GitHub Issue #21 for details on this refactoring.
+ *
+ * @module assessmentTypes
  */
-export interface AnnotationAlignedProgress {
-    type: "annotation_aligned";
-    tool: string;
-    confidence: "high" | "medium" | "low";
-    annotations: {
-        readOnlyHint?: boolean;
-        destructiveHint?: boolean;
-        openWorldHint?: boolean;
-        idempotentHint?: boolean;
-    };
-}
-export declare const DEFAULT_ASSESSMENT_CONFIG: AssessmentConfiguration;
-export declare const REVIEWER_MODE_CONFIG: AssessmentConfiguration;
-export declare const DEVELOPER_MODE_CONFIG: AssessmentConfiguration;
-export declare const AUDIT_MODE_CONFIG: AssessmentConfiguration;
-export declare const CLAUDE_ENHANCED_AUDIT_CONFIG: AssessmentConfiguration;
+export * from "./assessment/index.js";
 //# sourceMappingURL=assessmentTypes.d.ts.map