@bryan-thompson/inspector-assessment-client 1.25.4 → 1.25.5

package/lib/services/assessment/modules/annotations/SchemaAnalyzer.d.ts

@@ -0,0 +1,122 @@
+/**
+ * Schema Analyzer
+ *
+ * Analyzes input and output schemas for behavioral hints.
+ * Provides inference signals based on parameter patterns and return types.
+ *
+ * Part of Issue #57: Architecture detection and behavior inference modules
+ */
+import type { InferenceSignal } from "../../../../lib/assessment/extendedTypes.js";
+/**
+ * JSON Schema type definition for tool parameters.
+ * Simplified version for analysis purposes.
+ */
+export interface JSONSchema {
+    type?: string | string[];
+    properties?: Record<string, JSONSchema>;
+    items?: JSONSchema;
+    required?: string[];
+    description?: string;
+    enum?: unknown[];
+    additionalProperties?: boolean | JSONSchema;
+    format?: string;
+    pattern?: string;
+    minimum?: number;
+    maximum?: number;
+    default?: unknown;
+}
+/**
+ * Input schema patterns indicating read-only operations.
+ */
+export declare const INPUT_READONLY_PATTERNS: {
+    /** ID-only parameters suggest retrieval (e.g., { id: string }) */
+    idOnlyParams: RegExp;
+    /** Query/filter parameters suggest search */
+    queryParams: RegExp;
+    /** Pagination parameters suggest list retrieval */
+    paginationParams: RegExp;
+    /** Sort/order parameters suggest list retrieval */
+    sortParams: RegExp;
+    /** Field selection suggests retrieval */
+    fieldSelectionParams: RegExp;
+};
+/**
+ * Input schema patterns indicating destructive operations.
+ */
+export declare const INPUT_DESTRUCTIVE_PATTERNS: {
+    /** Force/confirm flags suggest potentially dangerous operations */
+    forceFlags: RegExp;
+    /** Hard delete indicators */
+    hardDeleteParams: RegExp;
+};
+/**
+ * Input schema patterns indicating write operations.
+ */
+export declare const INPUT_WRITE_PATTERNS: {
+    /** Data payload suggests creation/update */
+    dataPayloads: RegExp;
+    /** Specific update parameters */
+    updateParams: RegExp;
+    /** Creation parameters */
+    createParams: RegExp;
+};
+export declare const OUTPUT_READONLY_PATTERNS: {
+    /** Array return type suggests list/search operation (checks nested schemas) */
+    returnsArray: (schema: JSONSchema) => boolean;
+    /** Object with common read-only fields */
+    hasReadOnlyFields: (schema: JSONSchema) => boolean;
+};
+/**
+ * Output schema patterns indicating destructive operations.
+ */
+export declare const OUTPUT_DESTRUCTIVE_PATTERNS: {
+    /** Returns deleted flag/count */
+    returnsDeletedFlag: (schema: JSONSchema) => boolean;
+    /** Returns void/empty suggests side-effect only */
+    returnsVoid: (schema: JSONSchema) => boolean;
+};
+/**
+ * Output schema patterns indicating write operations.
+ */
+export declare const OUTPUT_WRITE_PATTERNS: {
+    /** Returns created object with id and timestamp */
+    returnsCreatedObject: (schema: JSONSchema) => boolean;
+    /** Returns single object with ID */
+    returnsSingleWithId: (schema: JSONSchema) => boolean;
+};
+/**
+ * Analyze input schema for behavioral signals.
+ *
+ * @param schema - JSON Schema of tool input parameters
+ * @returns InferenceSignal with read-only/destructive expectations
+ */
+export declare function analyzeInputSchema(schema: JSONSchema): InferenceSignal;
+/**
+ * Analyze output schema for behavioral signals.
+ *
+ * @param schema - JSON Schema of tool output
+ * @returns InferenceSignal with read-only/destructive expectations
+ */
+export declare function analyzeOutputSchema(schema: JSONSchema): InferenceSignal;
+/**
+ * Check if schema has bulk operation indicators.
+ *
+ * @param schema - Input schema to check
+ * @returns True if schema suggests bulk operation support
+ */
+export declare function hasBulkOperationIndicators(schema: JSONSchema): boolean;
+/**
+ * Check if schema has pagination parameters.
+ *
+ * @param schema - Input schema to check
+ * @returns True if schema has pagination parameters
+ */
+export declare function hasPaginationParameters(schema: JSONSchema): boolean;
+/**
+ * Check if schema has force/confirm flags.
+ *
+ * @param schema - Input schema to check
+ * @returns True if schema has force/confirm flags
+ */
+export declare function hasForceFlags(schema: JSONSchema): boolean;
+//# sourceMappingURL=SchemaAnalyzer.d.ts.map

package/lib/services/assessment/modules/annotations/SchemaAnalyzer.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"SchemaAnalyzer.d.ts","sourceRoot":"","sources":["../../../../../src/services/assessment/modules/annotations/SchemaAnalyzer.ts"],"names":[],"mappings":"AAAA;;;;;;;GAOG;AAEH,OAAO,KAAK,EAAE,eAAe,EAAE,MAAM,gCAAgC,CAAC;AAEtE;;;GAGG;AACH,MAAM,WAAW,UAAU;IACzB,IAAI,CAAC,EAAE,MAAM,GAAG,MAAM,EAAE,CAAC;IACzB,UAAU,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,UAAU,CAAC,CAAC;IACxC,KAAK,CAAC,EAAE,UAAU,CAAC;IACnB,QAAQ,CAAC,EAAE,MAAM,EAAE,CAAC;IACpB,WAAW,CAAC,EAAE,MAAM,CAAC;IACrB,IAAI,CAAC,EAAE,OAAO,EAAE,CAAC;IACjB,oBAAoB,CAAC,EAAE,OAAO,GAAG,UAAU,CAAC;IAC5C,MAAM,CAAC,EAAE,MAAM,CAAC;IAChB,OAAO,CAAC,EAAE,MAAM,CAAC;IACjB,OAAO,CAAC,EAAE,MAAM,CAAC;IACjB,OAAO,CAAC,EAAE,MAAM,CAAC;IACjB,OAAO,CAAC,EAAE,OAAO,CAAC;CACnB;AAED;;GAEG;AACH,eAAO,MAAM,uBAAuB;IAClC,kEAAkE;;IAElE,6CAA6C;;IAE7C,mDAAmD;;IAGnD,mDAAmD;;IAEnD,yCAAyC;;CAE1C,CAAC;AAEF;;GAEG;AACH,eAAO,MAAM,0BAA0B;IACrC,mEAAmE;;IAGnE,6BAA6B;;CAE9B,CAAC;AAEF;;GAEG;AACH,eAAO,MAAM,oBAAoB;IAC/B,4CAA4C;;IAG5C,iCAAiC;;IAEjC,0BAA0B;;CAE3B,CAAC;AA0CF,eAAO,MAAM,wBAAwB;IACnC,+EAA+E;2BACxD,UAAU,KAAG,OAAO;IAG3C,0CAA0C;gCACd,UAAU,KAAG,OAAO;CAcjD,CAAC;AAEF;;GAEG;AACH,eAAO,MAAM,2BAA2B;IACtC,iCAAiC;iCACJ,UAAU,KAAG,OAAO;IAYjD,mDAAmD;0BAC7B,UAAU,KAAG,OAAO;CAQ3C,CAAC;AAEF;;GAEG;AACH,eAAO,MAAM,qBAAqB;IAChC,mDAAmD;mCACpB,UAAU,KAAG,OAAO;IAUnD,oCAAoC;kCACN,UAAU,KAAG,OAAO;CAKnD,CAAC;AAEF;;;;;GAKG;AACH,wBAAgB,kBAAkB,CAAC,MAAM,EAAE,UAAU,GAAG,eAAe,CAuHtE;AAED;;;;;GAKG;AACH,wBAAgB,mBAAmB,CAAC,MAAM,EAAE,UAAU,GAAG,eAAe,CA6EvE;AAED;;;;;GAKG;AACH,wBAAgB,0BAA0B,CAAC,MAAM,EAAE,UAAU,GAAG,OAAO,CAmBtE;AAED;;;;;GAKG;AACH,wBAAgB,uBAAuB,CAAC,MAAM,EAAE,UAAU,GAAG,OAAO,CAWnE;AAED;;;;;GAKG;AACH,wBAAgB,aAAa,CAAC,MAAM,EAAE,UAAU,GAAG,OAAO,CAWzD"}

package/lib/services/assessment/modules/annotations/SchemaAnalyzer.js

@@ -0,0 +1,388 @@
+/**
+ * Schema Analyzer
+ *
+ * Analyzes input and output schemas for behavioral hints.
+ * Provides inference signals based on parameter patterns and return types.
+ *
+ * Part of Issue #57: Architecture detection and behavior inference modules
+ */
+/**
+ * Input schema patterns indicating read-only operations.
+ */
+export const INPUT_READONLY_PATTERNS = {
+    /** ID-only parameters suggest retrieval (e.g., { id: string }) */
+    idOnlyParams: /^(id|uuid|key|identifier|resource_id|item_id)$/i,
+    /** Query/filter parameters suggest search */
+    queryParams: /^(query|q|filter|search|where|criteria|condition)$/i,
+    /** Pagination parameters suggest list retrieval */
+    paginationParams: /^(limit|offset|page|page_size|pageSize|cursor|skip|take)$/i,
+    /** Sort/order parameters suggest list retrieval */
+    sortParams: /^(sort|order|orderBy|order_by|sortBy|sort_by|direction)$/i,
+    /** Field selection suggests retrieval */
+    fieldSelectionParams: /^(fields|select|include|exclude|projection)$/i,
+};
+/**
+ * Input schema patterns indicating destructive operations.
+ */
+export const INPUT_DESTRUCTIVE_PATTERNS = {
+    /** Force/confirm flags suggest potentially dangerous operations */
+    forceFlags: /^(force|confirm|hard|permanent|cascade|recursive|skip_confirmation)$/i,
+    /** Hard delete indicators */
+    hardDeleteParams: /^(hard_delete|permanent_delete|force_delete|purge)$/i,
+};
+/**
+ * Input schema patterns indicating write operations.
+ */
+export const INPUT_WRITE_PATTERNS = {
+    /** Data payload suggests creation/update */
+    dataPayloads: /^(data|payload|body|content|item|record|document|entity|object)$/i,
+    /** Specific update parameters */
+    updateParams: /^(update|changes|modifications|patch|diff)$/i,
+    /** Creation parameters */
+    createParams: /^(create|new|add|insert|name|title|description)$/i,
+};
+/**
+ * Output schema patterns indicating read-only operations.
+ */
+/**
+ * Recursively check if schema contains array type at any level.
+ * Used to detect list/collection return patterns.
+ */
+function hasArrayTypeRecursive(schema, maxDepth = 3) {
+    if (maxDepth <= 0)
+        return false;
+    // Direct array type
+    if (schema.type === "array" ||
+        (Array.isArray(schema.type) && schema.type.includes("array"))) {
+        return true;
+    }
+    // Check nested properties
+    if (schema.properties) {
+        for (const prop of Object.values(schema.properties)) {
+            if (hasArrayTypeRecursive(prop, maxDepth - 1)) {
+                return true;
+            }
+        }
+    }
+    // Check array items
+    if (schema.items) {
+        if (hasArrayTypeRecursive(schema.items, maxDepth - 1)) {
+            return true;
+        }
+    }
+    return false;
+}
+export const OUTPUT_READONLY_PATTERNS = {
+    /** Array return type suggests list/search operation (checks nested schemas) */
+    returnsArray: (schema) => {
+        return hasArrayTypeRecursive(schema);
+    },
+    /** Object with common read-only fields */
+    hasReadOnlyFields: (schema) => {
+        if (schema.type !== "object" || !schema.properties)
+            return false;
+        const props = Object.keys(schema.properties);
+        const readOnlyIndicators = [
+            "items",
+            "results",
+            "data",
+            "records",
+            "total",
+            "count",
+            "page",
+        ];
+        return props.some((p) => readOnlyIndicators.includes(p.toLowerCase()));
+    },
+};
+/**
+ * Output schema patterns indicating destructive operations.
+ */
+export const OUTPUT_DESTRUCTIVE_PATTERNS = {
+    /** Returns deleted flag/count */
+    returnsDeletedFlag: (schema) => {
+        if (schema.type !== "object" || !schema.properties)
+            return false;
+        const props = Object.keys(schema.properties).map((p) => p.toLowerCase());
+        return (props.includes("deleted") ||
+            props.includes("deletedcount") ||
+            props.includes("deleted_count") ||
+            props.includes("removed") ||
+            props.includes("removedcount") ||
+            props.includes("removed_count"));
+    },
+    /** Returns void/empty suggests side-effect only */
+    returnsVoid: (schema) => {
+        return (schema.type === "null" ||
+            schema.type === "void" ||
+            (schema.type === "object" &&
+                (!schema.properties || Object.keys(schema.properties).length === 0)));
+    },
+};
+/**
+ * Output schema patterns indicating write operations.
+ */
+export const OUTPUT_WRITE_PATTERNS = {
+    /** Returns created object with id and timestamp */
+    returnsCreatedObject: (schema) => {
+        if (schema.type !== "object" || !schema.properties)
+            return false;
+        const props = Object.keys(schema.properties).map((p) => p.toLowerCase());
+        const hasId = props.includes("id") || props.includes("_id");
+        const hasTimestamp = props.includes("createdat") ||
+            props.includes("created_at") ||
+            props.includes("timestamp");
+        return hasId && hasTimestamp;
+    },
+    /** Returns single object with ID */
+    returnsSingleWithId: (schema) => {
+        if (schema.type !== "object" || !schema.properties)
+            return false;
+        const props = Object.keys(schema.properties).map((p) => p.toLowerCase());
+        return props.includes("id") || props.includes("_id");
+    },
+};
+/**
+ * Analyze input schema for behavioral signals.
+ *
+ * @param schema - JSON Schema of tool input parameters
+ * @returns InferenceSignal with read-only/destructive expectations
+ */
+export function analyzeInputSchema(schema) {
+    if (!schema || !schema.properties) {
+        return {
+            expectedReadOnly: false,
+            expectedDestructive: false,
+            confidence: 0,
+            evidence: ["No input schema or properties provided"],
+        };
+    }
+    const paramNames = Object.keys(schema.properties);
+    const evidence = [];
+    let readOnlyScore = 0;
+    let destructiveScore = 0;
+    let writeScore = 0;
+    for (const paramName of paramNames) {
+        const lowerName = paramName.toLowerCase();
+        const paramSchema = schema.properties[paramName];
+        // Check for read-only patterns
+        if (INPUT_READONLY_PATTERNS.idOnlyParams.test(paramName)) {
+            // ID-only params are read-only only if few other params
+            if (paramNames.length <= 2) {
+                readOnlyScore += 70;
+                evidence.push(`ID-only param pattern: ${paramName}`);
+            }
+        }
+        if (INPUT_READONLY_PATTERNS.queryParams.test(paramName)) {
+            readOnlyScore += 80;
+            evidence.push(`Query param pattern: ${paramName}`);
+        }
+        if (INPUT_READONLY_PATTERNS.paginationParams.test(paramName)) {
+            readOnlyScore += 90;
+            evidence.push(`Pagination param pattern: ${paramName}`);
+        }
+        if (INPUT_READONLY_PATTERNS.sortParams.test(paramName)) {
+            readOnlyScore += 70;
+            evidence.push(`Sort param pattern: ${paramName}`);
+        }
+        if (INPUT_READONLY_PATTERNS.fieldSelectionParams.test(paramName)) {
+            readOnlyScore += 70;
+            evidence.push(`Field selection param pattern: ${paramName}`);
+        }
+        // Check for destructive patterns
+        if (INPUT_DESTRUCTIVE_PATTERNS.forceFlags.test(paramName)) {
+            destructiveScore += 90;
+            evidence.push(`Force flag pattern: ${paramName}`);
+        }
+        if (INPUT_DESTRUCTIVE_PATTERNS.hardDeleteParams.test(paramName)) {
+            destructiveScore += 95;
+            evidence.push(`Hard delete param pattern: ${paramName}`);
+        }
+        // Check for write patterns
+        if (INPUT_WRITE_PATTERNS.dataPayloads.test(paramName)) {
+            writeScore += 80;
+            evidence.push(`Data payload param pattern: ${paramName}`);
+        }
+        if (INPUT_WRITE_PATTERNS.updateParams.test(paramName)) {
+            writeScore += 85;
+            evidence.push(`Update param pattern: ${paramName}`);
+        }
+        // Check for array inputs indicating bulk operations
+        if (paramSchema &&
+            paramSchema.type === "array" &&
+            paramSchema.items?.type === "string") {
+            // Bulk ID array for deletion
+            if (lowerName.includes("id") ||
+                paramSchema.items.description?.toLowerCase().includes("id")) {
+                writeScore += 60;
+                evidence.push(`Bulk ID array param: ${paramName}`);
+            }
+        }
+        // Object payload suggests write operation
+        if (paramSchema &&
+            paramSchema.type === "object" &&
+            paramSchema.properties) {
+            writeScore += 70;
+            evidence.push(`Object payload param: ${paramName}`);
+        }
+    }
+    // Determine dominant behavior
+    let expectedReadOnly = false;
+    let expectedDestructive = false;
+    let confidence = 0;
+    // Destructive takes priority
+    if (destructiveScore > 0 && destructiveScore >= readOnlyScore) {
+        expectedDestructive = true;
+        confidence = Math.min(100, destructiveScore);
+    }
+    else if (readOnlyScore > writeScore && readOnlyScore > 0) {
+        expectedReadOnly = true;
+        confidence = Math.min(100, readOnlyScore);
+    }
+    else if (writeScore > 0) {
+        confidence = Math.min(100, writeScore);
+    }
+    if (evidence.length === 0) {
+        evidence.push("No recognizable schema patterns");
+        confidence = 0;
+    }
+    return {
+        expectedReadOnly,
+        expectedDestructive,
+        confidence,
+        evidence,
+    };
+}
+/**
+ * Analyze output schema for behavioral signals.
+ *
+ * @param schema - JSON Schema of tool output
+ * @returns InferenceSignal with read-only/destructive expectations
+ */
+export function analyzeOutputSchema(schema) {
+    if (!schema) {
+        return {
+            expectedReadOnly: false,
+            expectedDestructive: false,
+            confidence: 0,
+            evidence: ["No output schema provided"],
+        };
+    }
+    const evidence = [];
+    let readOnlyScore = 0;
+    let destructiveScore = 0;
+    let writeScore = 0;
+    // Check read-only output patterns
+    if (OUTPUT_READONLY_PATTERNS.returnsArray(schema)) {
+        readOnlyScore += 85;
+        evidence.push("Returns array - suggests list/search operation");
+    }
+    if (OUTPUT_READONLY_PATTERNS.hasReadOnlyFields(schema)) {
+        readOnlyScore += 75;
+        evidence.push("Has read-only field patterns (items, results, data)");
+    }
+    // Check destructive output patterns
+    if (OUTPUT_DESTRUCTIVE_PATTERNS.returnsDeletedFlag(schema)) {
+        destructiveScore += 90;
+        evidence.push("Returns deleted flag/count - suggests deletion");
+    }
+    if (OUTPUT_DESTRUCTIVE_PATTERNS.returnsVoid(schema)) {
+        // Void return could be read-only (status check) or destructive
+        // Only slight indicator without other context
+        destructiveScore += 30;
+        evidence.push("Returns void/empty - possible side-effect operation");
+    }
+    // Check write output patterns
+    if (OUTPUT_WRITE_PATTERNS.returnsCreatedObject(schema)) {
+        writeScore += 90;
+        evidence.push("Returns object with id and created timestamp - suggests creation");
+    }
+    else if (OUTPUT_WRITE_PATTERNS.returnsSingleWithId(schema)) {
+        // Single object with ID could be read (get by id) or write (create/update)
+        // Weak signal without other context
+        writeScore += 40;
+        evidence.push("Returns single object with id");
+    }
+    // Determine dominant behavior
+    let expectedReadOnly = false;
+    let expectedDestructive = false;
+    let confidence = 0;
+    // Destructive takes priority if strong signal
+    if (destructiveScore >= 80) {
+        expectedDestructive = true;
+        confidence = Math.min(100, destructiveScore);
+    }
+    else if (readOnlyScore > writeScore && readOnlyScore > destructiveScore) {
+        expectedReadOnly = true;
+        confidence = Math.min(100, readOnlyScore);
+    }
+    else if (writeScore >= destructiveScore) {
+        confidence = Math.min(100, writeScore);
+    }
+    if (evidence.length === 0) {
+        evidence.push("No recognizable output schema patterns");
+        confidence = 0;
+    }
+    return {
+        expectedReadOnly,
+        expectedDestructive,
+        confidence,
+        evidence,
+    };
+}
+/**
+ * Check if schema has bulk operation indicators.
+ *
+ * @param schema - Input schema to check
+ * @returns True if schema suggests bulk operation support
+ */
+export function hasBulkOperationIndicators(schema) {
+    if (!schema?.properties)
+        return false;
+    const paramNames = Object.keys(schema.properties);
+    for (const paramName of paramNames) {
+        const paramSchema = schema.properties[paramName];
+        // Array parameters often indicate bulk operations
+        if (paramSchema?.type === "array") {
+            return true;
+        }
+        // Common bulk operation parameter names
+        if (/^(ids|items|records|batch|bulk|list)$/i.test(paramName)) {
+            return true;
+        }
+    }
+    return false;
+}
+/**
+ * Check if schema has pagination parameters.
+ *
+ * @param schema - Input schema to check
+ * @returns True if schema has pagination parameters
+ */
+export function hasPaginationParameters(schema) {
+    if (!schema?.properties)
+        return false;
+    const paramNames = Object.keys(schema.properties);
+    for (const paramName of paramNames) {
+        if (INPUT_READONLY_PATTERNS.paginationParams.test(paramName)) {
+            return true;
+        }
+    }
+    return false;
+}
+/**
+ * Check if schema has force/confirm flags.
+ *
+ * @param schema - Input schema to check
+ * @returns True if schema has force/confirm flags
+ */
+export function hasForceFlags(schema) {
+    if (!schema?.properties)
+        return false;
+    const paramNames = Object.keys(schema.properties);
+    for (const paramName of paramNames) {
+        if (INPUT_DESTRUCTIVE_PATTERNS.forceFlags.test(paramName)) {
+            return true;
+        }
+    }
+    return false;
+}

package/lib/services/assessment/modules/annotations/index.d.ts

@@ -0,0 +1,13 @@
+/**
+ * Annotations Assessment Module
+ * Exports all annotation-related components
+ *
+ * Enhanced in Issue #57 with architecture detection and multi-signal behavior inference.
+ */
+export { DESCRIPTION_POISONING_PATTERNS, scanDescriptionForPoisoning, type PoisoningPattern, type PoisoningScanResult, } from "./DescriptionPoisoningDetector.js";
+export { READONLY_CONTRADICTION_KEYWORDS, RUN_READONLY_EXEMPT_SUFFIXES, DESTRUCTIVE_CONTRADICTION_KEYWORDS, containsKeyword, isRunKeywordExempt, isActionableConfidence, detectAnnotationDeception, type DeceptionResult, } from "./AnnotationDeceptionDetector.js";
+export { inferBehavior, inferBehaviorEnhanced, type BehaviorInferenceResult, } from "./BehaviorInference.js";
+export { analyzeDescription, hasReadOnlyIndicators, hasDestructiveIndicators, hasWriteIndicators, DESCRIPTION_BEHAVIOR_KEYWORDS, } from "./DescriptionAnalyzer.js";
+export { analyzeInputSchema, analyzeOutputSchema, hasBulkOperationIndicators, hasPaginationParameters, hasForceFlags, INPUT_READONLY_PATTERNS, INPUT_DESTRUCTIVE_PATTERNS, INPUT_WRITE_PATTERNS, OUTPUT_READONLY_PATTERNS, OUTPUT_DESTRUCTIVE_PATTERNS, OUTPUT_WRITE_PATTERNS, type JSONSchema, } from "./SchemaAnalyzer.js";
+export { detectArchitecture, hasDatabaseToolPatterns, extractDatabasesFromDependencies, type Tool as ArchitectureTool, type ArchitectureContext, } from "./ArchitectureDetector.js";
+//# sourceMappingURL=index.d.ts.map

package/lib/services/assessment/modules/annotations/index.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../../../../src/services/assessment/modules/annotations/index.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;AAEH,OAAO,EACL,8BAA8B,EAC9B,2BAA2B,EAC3B,KAAK,gBAAgB,EACrB,KAAK,mBAAmB,GACzB,MAAM,gCAAgC,CAAC;AAExC,OAAO,EACL,+BAA+B,EAC/B,4BAA4B,EAC5B,kCAAkC,EAClC,eAAe,EACf,kBAAkB,EAClB,sBAAsB,EACtB,yBAAyB,EACzB,KAAK,eAAe,GACrB,MAAM,+BAA+B,CAAC;AAEvC,OAAO,EACL,aAAa,EACb,qBAAqB,EACrB,KAAK,uBAAuB,GAC7B,MAAM,qBAAqB,CAAC;AAG7B,OAAO,EACL,kBAAkB,EAClB,qBAAqB,EACrB,wBAAwB,EACxB,kBAAkB,EAClB,6BAA6B,GAC9B,MAAM,uBAAuB,CAAC;AAG/B,OAAO,EACL,kBAAkB,EAClB,mBAAmB,EACnB,0BAA0B,EAC1B,uBAAuB,EACvB,aAAa,EACb,uBAAuB,EACvB,0BAA0B,EAC1B,oBAAoB,EACpB,wBAAwB,EACxB,2BAA2B,EAC3B,qBAAqB,EACrB,KAAK,UAAU,GAChB,MAAM,kBAAkB,CAAC;AAG1B,OAAO,EACL,kBAAkB,EAClB,uBAAuB,EACvB,gCAAgC,EAChC,KAAK,IAAI,IAAI,gBAAgB,EAC7B,KAAK,mBAAmB,GACzB,MAAM,wBAAwB,CAAC"}

package/lib/services/assessment/modules/annotations/index.js

@@ -0,0 +1,15 @@
+/**
+ * Annotations Assessment Module
+ * Exports all annotation-related components
+ *
+ * Enhanced in Issue #57 with architecture detection and multi-signal behavior inference.
+ */
+export { DESCRIPTION_POISONING_PATTERNS, scanDescriptionForPoisoning, } from "./DescriptionPoisoningDetector.js";
+export { READONLY_CONTRADICTION_KEYWORDS, RUN_READONLY_EXEMPT_SUFFIXES, DESTRUCTIVE_CONTRADICTION_KEYWORDS, containsKeyword, isRunKeywordExempt, isActionableConfidence, detectAnnotationDeception, } from "./AnnotationDeceptionDetector.js";
+export { inferBehavior, inferBehaviorEnhanced, } from "./BehaviorInference.js";
+// Issue #57: Description Analyzer
+export { analyzeDescription, hasReadOnlyIndicators, hasDestructiveIndicators, hasWriteIndicators, DESCRIPTION_BEHAVIOR_KEYWORDS, } from "./DescriptionAnalyzer.js";
+// Issue #57: Schema Analyzer
+export { analyzeInputSchema, analyzeOutputSchema, hasBulkOperationIndicators, hasPaginationParameters, hasForceFlags, INPUT_READONLY_PATTERNS, INPUT_DESTRUCTIVE_PATTERNS, INPUT_WRITE_PATTERNS, OUTPUT_READONLY_PATTERNS, OUTPUT_DESTRUCTIVE_PATTERNS, OUTPUT_WRITE_PATTERNS, } from "./SchemaAnalyzer.js";
+// Issue #57: Architecture Detector
+export { detectArchitecture, hasDatabaseToolPatterns, extractDatabasesFromDependencies, } from "./ArchitectureDetector.js";

package/lib/services/assessment/modules/index.d.ts

@@ -56,6 +56,16 @@ export { CrossCapabilitySecurityAssessor } from "./CrossCapabilitySecurityAssess
 export { DeveloperExperienceAssessor } from "./DeveloperExperienceAssessor.js";
 export { PortabilityAssessor } from "./PortabilityAssessor.js";
 export { ExternalAPIScannerAssessor } from "./ExternalAPIScannerAssessor.js";
+/**
+ * Security testing helper modules - extracted from SecurityAssessor
+ * These are composition helpers, not standalone assessors
+ */
+export * from "./securityTests/index.js";
+/**
+ * Annotation helper modules - extracted from ToolAnnotationAssessor
+ * These are composition helpers, not standalone assessors
+ */
+export * from "./annotations/index.js";
 /**
  * @deprecated Use DeveloperExperienceAssessor instead.
  * DocumentationAssessor has been merged into DeveloperExperienceAssessor.

package/lib/services/assessment/modules/index.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../../../src/services/assessment/modules/index.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GAwCG;AAGH,OAAO,EAAE,YAAY,EAAE,MAAM,gBAAgB,CAAC;AAM9C,OAAO,EAAE,qBAAqB,EAAE,MAAM,yBAAyB,CAAC;AAChE,OAAO,EAAE,gBAAgB,EAAE,MAAM,oBAAoB,CAAC;AACtD,OAAO,EAAE,gBAAgB,EAAE,MAAM,oBAAoB,CAAC;AACtD,OAAO,EAAE,qBAAqB,EAAE,MAAM,yBAAyB,CAAC;AAChE,OAAO,EAAE,0BAA0B,EAAE,MAAM,8BAA8B,CAAC;AAC1E,OAAO,EAAE,qBAAqB,EAAE,MAAM,yBAAyB,CAAC;AAMhE,OAAO,EAAE,sBAAsB,EAAE,MAAM,0BAA0B,CAAC;AAClE,OAAO,EAAE,2BAA2B,EAAE,MAAM,+BAA+B,CAAC;AAC5E,OAAO,EAAE,0BAA0B,EAAE,MAAM,8BAA8B,CAAC;AAC1E,OAAO,EAAE,sBAAsB,EAAE,MAAM,0BAA0B,CAAC;AAMlE,OAAO,EAAE,gBAAgB,EAAE,MAAM,oBAAoB,CAAC;AACtD,OAAO,EAAE,cAAc,EAAE,MAAM,kBAAkB,CAAC;AAClD,OAAO,EAAE,+BAA+B,EAAE,MAAM,mCAAmC,CAAC;AAMpF,OAAO,EAAE,2BAA2B,EAAE,MAAM,+BAA+B,CAAC;AAC5E,OAAO,EAAE,mBAAmB,EAAE,MAAM,uBAAuB,CAAC;AAC5D,OAAO,EAAE,0BAA0B,EAAE,MAAM,8BAA8B,CAAC;AAM1E;;;;GAIG;AACH,OAAO,EAAE,qBAAqB,EAAE,MAAM,yBAAyB,CAAC;AAEhE;;;;GAIG;AACH,OAAO,EAAE,iBAAiB,EAAE,MAAM,qBAAqB,CAAC;AAExD;;;;GAIG;AACH,OAAO,EAAE,yBAAyB,EAAE,MAAM,6BAA6B,CAAC;AAExE;;;;GAIG;AACH,OAAO,EAAE,2BAA2B,EAAE,MAAM,+BAA+B,CAAC"}
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../../../src/services/assessment/modules/index.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GAwCG;AAGH,OAAO,EAAE,YAAY,EAAE,MAAM,gBAAgB,CAAC;AAM9C,OAAO,EAAE,qBAAqB,EAAE,MAAM,yBAAyB,CAAC;AAChE,OAAO,EAAE,gBAAgB,EAAE,MAAM,oBAAoB,CAAC;AACtD,OAAO,EAAE,gBAAgB,EAAE,MAAM,oBAAoB,CAAC;AACtD,OAAO,EAAE,qBAAqB,EAAE,MAAM,yBAAyB,CAAC;AAChE,OAAO,EAAE,0BAA0B,EAAE,MAAM,8BAA8B,CAAC;AAC1E,OAAO,EAAE,qBAAqB,EAAE,MAAM,yBAAyB,CAAC;AAMhE,OAAO,EAAE,sBAAsB,EAAE,MAAM,0BAA0B,CAAC;AAClE,OAAO,EAAE,2BAA2B,EAAE,MAAM,+BAA+B,CAAC;AAC5E,OAAO,EAAE,0BAA0B,EAAE,MAAM,8BAA8B,CAAC;AAC1E,OAAO,EAAE,sBAAsB,EAAE,MAAM,0BAA0B,CAAC;AAMlE,OAAO,EAAE,gBAAgB,EAAE,MAAM,oBAAoB,CAAC;AACtD,OAAO,EAAE,cAAc,EAAE,MAAM,kBAAkB,CAAC;AAClD,OAAO,EAAE,+BAA+B,EAAE,MAAM,mCAAmC,CAAC;AAMpF,OAAO,EAAE,2BAA2B,EAAE,MAAM,+BAA+B,CAAC;AAC5E,OAAO,EAAE,mBAAmB,EAAE,MAAM,uBAAuB,CAAC;AAC5D,OAAO,EAAE,0BAA0B,EAAE,MAAM,8BAA8B,CAAC;AAM1E;;;GAGG;AACH,cAAc,iBAAiB,CAAC;AAEhC;;;GAGG;AACH,cAAc,eAAe,CAAC;AAM9B;;;;GAIG;AACH,OAAO,EAAE,qBAAqB,EAAE,MAAM,yBAAyB,CAAC;AAEhE;;;;GAIG;AACH,OAAO,EAAE,iBAAiB,EAAE,MAAM,qBAAqB,CAAC;AAExD;;;;GAIG;AACH,OAAO,EAAE,yBAAyB,EAAE,MAAM,6BAA6B,CAAC;AAExE;;;;GAIG;AACH,OAAO,EAAE,2BAA2B,EAAE,MAAM,+BAA+B,CAAC"}

package/lib/services/assessment/modules/index.js

@@ -70,6 +70,19 @@ export { DeveloperExperienceAssessor } from "./DeveloperExperienceAssessor.js";
 export { PortabilityAssessor } from "./PortabilityAssessor.js";
 export { ExternalAPIScannerAssessor } from "./ExternalAPIScannerAssessor.js";
 // ============================================================================
+// Helper Modules (Extracted for maintainability)
+// ============================================================================
+/**
+ * Security testing helper modules - extracted from SecurityAssessor
+ * These are composition helpers, not standalone assessors
+ */
+export * from "./securityTests/index.js";
+/**
+ * Annotation helper modules - extracted from ToolAnnotationAssessor
+ * These are composition helpers, not standalone assessors
+ */
+export * from "./annotations/index.js";
+// ============================================================================
 // Deprecated Exports (backward compatibility - will be removed in v2.0.0)
 // ============================================================================
 /**