npm - @bryan-thompson/inspector-assessment-client - Versions diffs - 1.26.7 → 1.28.0 - Mend

@bryan-thompson/inspector-assessment-client 1.26.7 → 1.28.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (32) hide show

package/lib/services/assessment/modules/FileModularizationAssessor.js ADDED Viewed

@@ -0,0 +1,475 @@
+/**
+ * File Modularization Assessor (Issue #104)
+ * Detects large monolithic tool files and recommends modularization
+ *
+ * Checks:
+ * - Single file >1,000 lines (WARNING, MEDIUM severity)
+ * - Single file >2,000 lines (ERROR, HIGH severity)
+ * - Tool file with >10 tools (WARNING, MEDIUM severity)
+ * - Tool file with >20 tools (ERROR, HIGH severity)
+ * - No modular structure (INFO, LOW severity)
+ *
+ * Scoring:
+ * - Starts at 100 points
+ * - -15 per file >2,000 lines
+ * - -8 per file 1,000-2,000 lines
+ * - -12 per file with >20 tools
+ * - -6 per file with 10-20 tools
+ * - -10 for no modular structure
+ * - +5 for tools/ subdirectory
+ * - +3 for multiple tool files (>3)
+ */
+import { BaseAssessor } from "./BaseAssessor.js";
+/**
+ * Tool detection patterns by language
+ */
+const TOOL_PATTERNS = {
+    python: [
+        /@mcp\.tool/g, // FastMCP decorator
+        /(?<!async\s)def\s+\w+_tool\s*\(/g, // Convention: *_tool functions (not async)
+        /async\s+def\s+\w+_tool\s*\(/g, // Async tool functions
+        /@server\.tool/g, // MCP server decorator
+        /@app\.tool/g, // Alternative app-based decorator
+    ],
+    typescript: [
+        /server\.tool\s*\(/g, // MCP SDK tool registration
+        /\.setRequestHandler\s*\(/g, // Request handler pattern
+        /tools\.push\s*\(/g, // Array-based registration
+        /registerTool\s*\(/g, // Common pattern
+        /\.addTool\s*\(/g, // Add tool pattern
+    ],
+    javascript: [
+        /server\.tool\s*\(/g,
+        /\.setRequestHandler\s*\(/g,
+        /tools\.push\s*\(/g,
+        /registerTool\s*\(/g,
+        /\.addTool\s*\(/g,
+    ],
+    go: [
+        /func\s+\w*Tool\s*\(/g, // Go tool functions
+        /mcp\.NewTool\s*\(/g, // MCP Go SDK
+        /tools\.Register\s*\(/g, // Tool registration
+    ],
+    rust: [
+        /fn\s+\w+_tool\s*\(/g, // Rust tool functions
+        /#\[tool\]/g, // Attribute macro
+        /\.register_tool\s*\(/g, // Registration pattern
+    ],
+};
+/**
+ * File extension to language mapping
+ */
+const EXTENSION_TO_LANGUAGE = {
+    ".py": "python",
+    ".ts": "typescript",
+    ".tsx": "typescript",
+    ".js": "javascript",
+    ".jsx": "javascript",
+    ".mjs": "javascript",
+    ".cjs": "javascript",
+    ".go": "go",
+    ".rs": "rust",
+};
+/**
+ * Thresholds for modularization checks
+ */
+const THRESHOLDS = {
+    LINE_WARNING: 1000,
+    LINE_ERROR: 2000,
+    TOOL_COUNT_WARNING: 10,
+    TOOL_COUNT_ERROR: 20,
+};
+export class FileModularizationAssessor extends BaseAssessor {
+    /**
+     * Run file modularization assessment
+     */
+    async assess(context) {
+        this.logger.info("Starting file modularization assessment");
+        this.testCount = 0;
+        // Check if source code analysis is enabled
+        if (!context.sourceCodeFiles || !context.config.enableSourceCodeAnalysis) {
+            this.logger.info("Source code analysis not enabled, returning NEED_MORE_INFO");
+            return this.createSkippedResult();
+        }
+        // Analyze each source file
+        const fileAnalyses = this.analyzeFiles(context.sourceCodeFiles);
+        // Calculate metrics
+        const metrics = this.calculateMetrics(fileAnalyses);
+        // Run checks against thresholds
+        const checks = this.runChecks(metrics, fileAnalyses);
+        // Determine status based on checks
+        const status = this.determineStatusFromChecks(checks);
+        // Generate explanation and recommendations
+        const explanation = this.generateExplanation(metrics, checks);
+        const recommendations = this.generateRecommendations(metrics, fileAnalyses);
+        this.logger.info(`Assessment complete: score=${metrics.modularizationScore}, status=${status}`);
+        return {
+            metrics,
+            checks,
+            status,
+            explanation,
+            recommendations,
+        };
+    }
+    /**
+     * Create result when source code is not available
+     */
+    createSkippedResult() {
+        return {
+            metrics: {
+                totalSourceFiles: 0,
+                totalLines: 0,
+                largestFiles: [],
+                filesOver1000Lines: 0,
+                filesOver2000Lines: 0,
+                filesWithOver10Tools: 0,
+                filesWithOver20Tools: 0,
+                hasModularStructure: false,
+                modularizationScore: 0,
+            },
+            checks: [],
+            status: "NEED_MORE_INFO",
+            explanation: "Source code analysis not enabled. Enable enableSourceCodeAnalysis in config to run file modularization checks.",
+            recommendations: [
+                "Enable source code analysis by setting enableSourceCodeAnalysis: true in assessment config",
+                "Provide sourceCodePath in assessment context to analyze file structure",
+            ],
+        };
+    }
+    /**
+     * Analyze all source files
+     */
+    analyzeFiles(sourceCodeFiles) {
+        const analyses = new Map();
+        for (const [filePath, content] of sourceCodeFiles) {
+            if (!this.isSourceFile(filePath)) {
+                continue;
+            }
+            this.testCount++;
+            const lines = content.split("\n").length;
+            const language = this.detectLanguage(filePath);
+            const toolCount = this.countToolsInFile(content, language);
+            analyses.set(filePath, { lines, toolCount, language });
+        }
+        return analyses;
+    }
+    /**
+     * Check if file is a source file worth scanning
+     */
+    isSourceFile(filePath) {
+        const sourceExtensions = Object.keys(EXTENSION_TO_LANGUAGE);
+        // Skip test files, node_modules, and build artifacts
+        // Check for paths containing these directories or starting with them
+        if (filePath.includes("node_modules") ||
+            filePath.includes(".test.") ||
+            filePath.includes(".spec.") ||
+            filePath.includes("__tests__") ||
+            filePath.includes("__pycache__") ||
+            filePath.includes("/dist/") ||
+            filePath.includes("/build/") ||
+            filePath.includes("/.venv/") ||
+            filePath.includes("/venv/") ||
+            filePath.startsWith("dist/") ||
+            filePath.startsWith("build/") ||
+            filePath.startsWith(".venv/") ||
+            filePath.startsWith("venv/")) {
+            return false;
+        }
+        return sourceExtensions.some((ext) => filePath.endsWith(ext));
+    }
+    /**
+     * Detect language from file extension
+     */
+    detectLanguage(filePath) {
+        for (const [ext, lang] of Object.entries(EXTENSION_TO_LANGUAGE)) {
+            if (filePath.endsWith(ext)) {
+                return lang;
+            }
+        }
+        return null;
+    }
+    /**
+     * Count tool definitions in a file
+     */
+    countToolsInFile(content, language) {
+        if (!language)
+            return 0;
+        const patterns = TOOL_PATTERNS[language] || [];
+        let count = 0;
+        for (const pattern of patterns) {
+            // Reset lastIndex since we're using global flags
+            pattern.lastIndex = 0;
+            const matches = content.match(pattern);
+            if (matches) {
+                count += matches.length;
+            }
+        }
+        return count;
+    }
+    /**
+     * Calculate aggregated metrics
+     */
+    calculateMetrics(fileAnalyses) {
+        const largestFiles = [];
+        let totalLines = 0;
+        let filesOver1000Lines = 0;
+        let filesOver2000Lines = 0;
+        let filesWithOver10Tools = 0;
+        let filesWithOver20Tools = 0;
+        for (const [filePath, analysis] of fileAnalyses) {
+            totalLines += analysis.lines;
+            // Check line count thresholds
+            if (analysis.lines > THRESHOLDS.LINE_ERROR) {
+                filesOver2000Lines++;
+                filesOver1000Lines++; // Also counts for 1000+ threshold
+            }
+            else if (analysis.lines > THRESHOLDS.LINE_WARNING) {
+                filesOver1000Lines++;
+            }
+            // Check tool count thresholds
+            if (analysis.toolCount > THRESHOLDS.TOOL_COUNT_ERROR) {
+                filesWithOver20Tools++;
+                filesWithOver10Tools++; // Also counts for 10+ threshold
+            }
+            else if (analysis.toolCount > THRESHOLDS.TOOL_COUNT_WARNING) {
+                filesWithOver10Tools++;
+            }
+            // Track large files for reporting
+            if (analysis.lines > THRESHOLDS.LINE_WARNING ||
+                analysis.toolCount > THRESHOLDS.TOOL_COUNT_WARNING) {
+                const severity = this.determineSeverity(analysis.lines, analysis.toolCount);
+                const recommendation = this.generateFileRecommendation(filePath, analysis.lines, analysis.toolCount);
+                largestFiles.push({
+                    path: filePath,
+                    lines: analysis.lines,
+                    toolCount: analysis.toolCount,
+                    severity,
+                    recommendation,
+                });
+            }
+        }
+        // Sort by lines descending
+        largestFiles.sort((a, b) => b.lines - a.lines);
+        // Check for modular structure
+        const hasModularStructure = this.checkModularStructure(fileAnalyses);
+        // Calculate modularization score
+        const modularizationScore = this.calculateScore(filesOver1000Lines, filesOver2000Lines, filesWithOver10Tools, filesWithOver20Tools, hasModularStructure, fileAnalyses);
+        return {
+            totalSourceFiles: fileAnalyses.size,
+            totalLines,
+            largestFiles,
+            filesOver1000Lines,
+            filesOver2000Lines,
+            filesWithOver10Tools,
+            filesWithOver20Tools,
+            hasModularStructure,
+            modularizationScore,
+        };
+    }
+    /**
+     * Determine severity for a file
+     */
+    determineSeverity(lines, toolCount) {
+        // HIGH if either threshold is exceeded at error level
+        if (lines > THRESHOLDS.LINE_ERROR ||
+            toolCount > THRESHOLDS.TOOL_COUNT_ERROR) {
+            return "HIGH";
+        }
+        // MEDIUM if warning thresholds are exceeded
+        if (lines > THRESHOLDS.LINE_WARNING ||
+            toolCount > THRESHOLDS.TOOL_COUNT_WARNING) {
+            return "MEDIUM";
+        }
+        return "LOW";
+    }
+    /**
+     * Generate recommendation for a specific file
+     */
+    generateFileRecommendation(filePath, lines, toolCount) {
+        const fileName = filePath.split("/").pop() || filePath;
+        const parts = [];
+        if (lines > THRESHOLDS.LINE_ERROR) {
+            parts.push(`Split ${fileName} (${lines} lines) into smaller modules of <500 lines each`);
+        }
+        else if (lines > THRESHOLDS.LINE_WARNING) {
+            parts.push(`Consider splitting ${fileName} (${lines} lines) to improve maintainability`);
+        }
+        if (toolCount > THRESHOLDS.TOOL_COUNT_ERROR) {
+            parts.push(`Separate ${toolCount} tools into category-based modules (e.g., tools/auth/, tools/data/)`);
+        }
+        else if (toolCount > THRESHOLDS.TOOL_COUNT_WARNING) {
+            parts.push(`Consider grouping ${toolCount} tools into logical categories`);
+        }
+        return parts.join(". ");
+    }
+    /**
+     * Check if codebase has modular structure
+     */
+    checkModularStructure(fileAnalyses) {
+        const filePaths = Array.from(fileAnalyses.keys());
+        // Check for tools/ subdirectory pattern
+        const hasToolsDir = filePaths.some((f) => f.includes("/tools/") || f.includes("\\tools\\"));
+        // Check for multiple tool files (not all tools in one file)
+        const toolFiles = Array.from(fileAnalyses.entries()).filter(([, analysis]) => analysis.toolCount > 0);
+        // Has modular structure if: has tools/ dir OR has 3+ tool files
+        return hasToolsDir || toolFiles.length >= 3;
+    }
+    /**
+     * Calculate modularization score (0-100)
+     */
+    calculateScore(filesOver1000Lines, filesOver2000Lines, filesWithOver10Tools, filesWithOver20Tools, hasModularStructure, fileAnalyses) {
+        let score = 100;
+        // Deductions
+        score -= filesOver2000Lines * 15; // -15 per file >2000 lines
+        score -= (filesOver1000Lines - filesOver2000Lines) * 8; // -8 per file 1000-2000 lines
+        score -= filesWithOver20Tools * 12; // -12 per file with >20 tools
+        score -= (filesWithOver10Tools - filesWithOver20Tools) * 6; // -6 per file 10-20 tools
+        if (!hasModularStructure) {
+            score -= 10; // -10 for no modular structure
+        }
+        // Positive signals (bonuses)
+        const filePaths = Array.from(fileAnalyses.keys());
+        const hasToolsDir = filePaths.some((f) => f.includes("/tools/") || f.includes("\\tools\\"));
+        const hasSharedUtils = filePaths.some((f) => f.includes("_common.") ||
+            f.includes("shared.") ||
+            f.includes("utils.") ||
+            f.includes("helpers."));
+        const toolFilesCount = Array.from(fileAnalyses.values()).filter((a) => a.toolCount > 0).length;
+        if (hasToolsDir)
+            score += 5; // +5 for tools/ subdirectory
+        if (toolFilesCount > 3)
+            score += 3; // +3 for multiple tool files
+        if (hasSharedUtils)
+            score += 2; // +2 for shared utilities
+        // Clamp to 0-100
+        return Math.max(0, Math.min(100, score));
+    }
+    /**
+     * Run threshold checks
+     */
+    runChecks(metrics, _fileAnalyses) {
+        const checks = [];
+        // Check 1: Files over 2000 lines (HIGH severity)
+        checks.push({
+            checkName: "file_line_count_error",
+            passed: metrics.filesOver2000Lines === 0,
+            severity: "HIGH",
+            evidence: metrics.filesOver2000Lines > 0
+                ? `${metrics.filesOver2000Lines} file(s) exceed 2000 lines`
+                : "No files exceed 2000 lines",
+            threshold: THRESHOLDS.LINE_ERROR,
+            actualValue: metrics.filesOver2000Lines,
+        });
+        // Check 2: Files over 1000 lines (MEDIUM severity)
+        const filesOnlyOver1000 = metrics.filesOver1000Lines - metrics.filesOver2000Lines;
+        checks.push({
+            checkName: "file_line_count_warning",
+            passed: filesOnlyOver1000 === 0,
+            severity: "MEDIUM",
+            evidence: filesOnlyOver1000 > 0
+                ? `${filesOnlyOver1000} file(s) exceed 1000 lines`
+                : "No additional files exceed 1000 lines",
+            threshold: THRESHOLDS.LINE_WARNING,
+            actualValue: filesOnlyOver1000,
+        });
+        // Check 3: Files with >20 tools (HIGH severity)
+        checks.push({
+            checkName: "tool_count_error",
+            passed: metrics.filesWithOver20Tools === 0,
+            severity: "HIGH",
+            evidence: metrics.filesWithOver20Tools > 0
+                ? `${metrics.filesWithOver20Tools} file(s) contain more than 20 tools`
+                : "No files contain more than 20 tools",
+            threshold: THRESHOLDS.TOOL_COUNT_ERROR,
+            actualValue: metrics.filesWithOver20Tools,
+        });
+        // Check 4: Files with >10 tools (MEDIUM severity)
+        const filesOnlyOver10Tools = metrics.filesWithOver10Tools - metrics.filesWithOver20Tools;
+        checks.push({
+            checkName: "tool_count_warning",
+            passed: filesOnlyOver10Tools === 0,
+            severity: "MEDIUM",
+            evidence: filesOnlyOver10Tools > 0
+                ? `${filesOnlyOver10Tools} file(s) contain more than 10 tools`
+                : "No additional files contain more than 10 tools",
+            threshold: THRESHOLDS.TOOL_COUNT_WARNING,
+            actualValue: filesOnlyOver10Tools,
+        });
+        // Check 5: Modular structure (LOW severity, info)
+        checks.push({
+            checkName: "modular_structure",
+            passed: metrics.hasModularStructure,
+            severity: "LOW",
+            evidence: metrics.hasModularStructure
+                ? "Codebase has modular structure (tools/ directory or multiple tool files)"
+                : "No modular structure detected - all tools appear to be in single file",
+        });
+        return checks;
+    }
+    /**
+     * Determine status from checks
+     */
+    determineStatusFromChecks(checks) {
+        // FAIL if any HIGH severity check fails
+        const highSeverityFailed = checks.some((c) => !c.passed && c.severity === "HIGH");
+        if (highSeverityFailed) {
+            return "FAIL";
+        }
+        // NEED_MORE_INFO if any MEDIUM severity check fails
+        const mediumSeverityFailed = checks.some((c) => !c.passed && c.severity === "MEDIUM");
+        if (mediumSeverityFailed) {
+            return "NEED_MORE_INFO";
+        }
+        return "PASS";
+    }
+    /**
+     * Generate explanation
+     */
+    generateExplanation(metrics, checks) {
+        const parts = [];
+        parts.push(`Analyzed ${metrics.totalSourceFiles} source files (${metrics.totalLines} total lines).`);
+        parts.push(`Modularization score: ${metrics.modularizationScore}/100.`);
+        const failedChecks = checks.filter((c) => !c.passed);
+        if (failedChecks.length === 0) {
+            parts.push("All modularization checks passed. Code structure appears well-organized.");
+        }
+        else {
+            const highFailed = failedChecks.filter((c) => c.severity === "HIGH");
+            const mediumFailed = failedChecks.filter((c) => c.severity === "MEDIUM");
+            if (highFailed.length > 0) {
+                parts.push(`ERROR: ${highFailed.length} high-severity issue(s) - files are too large or contain too many tools.`);
+            }
+            if (mediumFailed.length > 0) {
+                parts.push(`WARNING: ${mediumFailed.length} medium-severity issue(s) - consider refactoring for better maintainability.`);
+            }
+        }
+        return parts.join(" ");
+    }
+    /**
+     * Generate recommendations
+     */
+    generateRecommendations(metrics, _fileAnalyses) {
+        const recommendations = [];
+        // Add specific file recommendations
+        for (const file of metrics.largestFiles) {
+            if (file.severity === "HIGH") {
+                recommendations.push(`HIGH: ${file.recommendation}`);
+            }
+        }
+        // Add general recommendations based on checks
+        if (metrics.filesOver2000Lines > 0) {
+            recommendations.push("Split large files (>2000 lines) into smaller modules to improve maintainability and IDE performance.");
+        }
+        if (metrics.filesWithOver20Tools > 0) {
+            recommendations.push("Group tools by category (e.g., auth tools, data tools, utility tools) into separate modules.");
+        }
+        if (!metrics.hasModularStructure) {
+            recommendations.push("Create a tools/ subdirectory to organize tool implementations by category.");
+            recommendations.push("Extract shared utilities into a common module (e.g., _common.py, shared.ts).");
+        }
+        if (recommendations.length === 0) {
+            recommendations.push("Code structure is well-modularized. Continue following current patterns.");
+        }
+        return recommendations;
+    }
+}

package/lib/services/assessment/modules/securityTests/SecurityPatternLibrary.d.ts CHANGED Viewed

@@ -334,6 +334,33 @@ export declare const STRUCTURED_DATA_INDICATORS: {
     readonly jsonPattern: RegExp;
     readonly numericMetadataPattern: RegExp;
 };
+/**
+ * Patterns for detecting secret/credential leakage in tool responses
+ * Used by: checkSecretLeakage()
+ */
+export declare const SECRET_LEAKAGE_PATTERNS: {
+    /** Well-known API key formats */
+    readonly apiKeys: readonly [RegExp, RegExp, RegExp, RegExp, RegExp];
+    /** Database connection strings with credentials */
+    readonly connectionStrings: readonly [RegExp];
+    /** Environment variable patterns with values */
+    readonly envVars: readonly [RegExp];
+    /** Partial key exposure patterns */
+    readonly partialKeys: readonly [RegExp];
+    /** Generic credential assignment patterns */
+    readonly credentialAssignment: readonly [RegExp];
+};
+/**
+ * Patterns for detecting tool output injection vulnerabilities
+ * Detects when user content is echoed unsanitized in tool output
+ * Used by: analyzeOutputInjection()
+ */
+export declare const OUTPUT_INJECTION_PATTERNS: {
+    /** LLM control patterns that should be sanitized */
+    readonly llmControl: readonly [RegExp, RegExp, RegExp, RegExp];
+    /** Canary markers for echo detection */
+    readonly canaryMarkers: readonly [RegExp];
+};
 /**
  * Check if any pattern in array matches text
  */

package/lib/services/assessment/modules/securityTests/SecurityPatternLibrary.d.ts.map CHANGED Viewed

	@@ -1 +1 @@
1	- {"version":3,"file":"SecurityPatternLibrary.d.ts","sourceRoot":"","sources":["../../../../../src/services/assessment/modules/securityTests/SecurityPatternLibrary.ts"],"names":[],"mappings":"AAAA;;;;;;GAMG;AAMH;;;GAGG;AACH,eAAO,MAAM,mBAAmB;IAC9B,kEAAkE;;IAIlE,8DAA8D;;IAG9D,kCAAkC;;IAGlC,gCAAgC;;CAExB,CAAC;AAMX;;;;GAIG;AACH,eAAO,MAAM,yBAAyB,2JAmB5B,CAAC;AAMX;;;GAGG;AACH,eAAO,MAAM,oBAAoB,2LAuBvB,CAAC;AAEX;;;GAGG;AACH,eAAO,MAAM,2BAA2B;IACtC,iCAAiC;;IAejC,0DAA0D;;CAElD,CAAC;AAMX;;;GAGG;AACH,eAAO,MAAM,yBAAyB;IACpC,oCAAoC;;IAqBpC,4DAA4D;;IAW5D,+BAA+B;;CAEvB,CAAC;AAEX;;;GAGG;AACH,eAAO,MAAM,6BAA6B;;;;CAMhC,CAAC;AAMX;;;GAGG;AACH,eAAO,MAAM,eAAe,mJAkBlB,CAAC;AAEX;;;GAGG;AACH,eAAO,MAAM,mBAAmB,2rBAwGtB,CAAC;AAMX;;;GAGG;AACH,eAAO,MAAM,uBAAuB;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;EA+B1B,CAAC;AAEX;;;GAGG;AACH,eAAO,MAAM,yBAAyB;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;EAc5B,CAAC;AAMX;;;;GAIG;AACH,eAAO,MAAM,8BAA8B;;;;;;;;;;;;;;;;;;;;;;;;EAiCjC,CAAC;AAEX;;;;GAIG;AACH,eAAO,MAAM,wBAAwB;;;;;;;;;;;;;;;;;;EAyB3B,CAAC;AAMX;;GAEG;AACH,MAAM,WAAW,oBAAoB;IACnC,OAAO,EAAE,MAAM,CAAC;IAChB,MAAM,EAAE,MAAM,CAAC;IACf,QAAQ,EAAE,MAAM,CAAC;IACjB,WAAW,EAAE,MAAM,CAAC;CACrB;AAED;;;;;;;;;GASG;AACH,eAAO,MAAM,iCAAiC,EAAE,oBAAoB,EA0FnE,CAAC;AAEF;;;;;;;;GAQG;AAKH;;;;;;;;;;GAUG;AACH,eAAO,MAAM,0BAA0B,MAAM,CAAC;AAE9C;;;;;;;GAOG;AACH,eAAO,MAAM,oBAAoB,IAAM,CAAC;AAMxC;;;;;GAKG;AACH,eAAO,MAAM,uBAAuB,EAAE,MAAM,CAC1C,MAAM,EACN;IAAE,OAAO,EAAE,MAAM,CAAC;IAAC,QAAQ,EAAE,MAAM,CAAA;CAAE,EAAE,CAgCxC,CAAC;AAEF;;;GAGG;AACH,wBAAgB,6BAA6B,CAAC,YAAY,EAAE,MAAM,GAAG,MAAM,EAAE,CAiB5E;AAED,eAAO,MAAM,2BAA2B,EAAE,oBAAoB,EAuE7D,CAAC;AAMF;;;GAGG;AACH,eAAO,MAAM,sBAAsB,2FAWzB,CAAC;AAEX;;;GAGG;AACH,eAAO,MAAM,iBAAiB,mHAcpB,CAAC;AAMX;;;GAGG;AACH,eAAO,MAAM,uBAAuB,mFAU1B,CAAC;AAEX;;;GAGG;AACH,eAAO,MAAM,2BAA2B,mDAM9B,CAAC;AAMX;;;GAGG;AACH,eAAO,MAAM,uBAAuB,2DAO1B,CAAC;AAEX;;;GAGG;AACH,eAAO,MAAM,yBAAyB,2DAO5B,CAAC;AAEX;;;GAGG;AACH,eAAO,MAAM,6BAA6B,yKAWhC,CAAC;AAMX;;;GAGG;AACH,eAAO,MAAM,kBAAkB,mGAYrB,CAAC;AAEX;;;GAGG;AACH,eAAO,MAAM,2BAA2B,QACO,CAAC;AAMhD;;;GAGG;AACH,eAAO,MAAM,mBAAmB,QAC8B,CAAC;AAE/D;;;GAGG;AACH,eAAO,MAAM,wBAAwB,2EAS3B,CAAC;AAEX;;;GAGG;AACH,eAAO,MAAM,2BAA2B,oRA4B9B,CAAC;AAMX;;;GAGG;AACH,eAAO,MAAM,0BAA0B;;;;;CAK7B,CAAC;AAMX;;GAEG;AACH,wBAAgB,UAAU,CAAC,QAAQ,EAAE,SAAS,MAAM,EAAE,EAAE,IAAI,EAAE,MAAM,GAAG,OAAO,CAE7E;AAED;;GAEG;AACH,wBAAgB,WAAW,CAAC,IAAI,EAAE,MAAM,GAAG,OAAO,CAOjD;AAED;;GAEG;AACH,wBAAgB,iBAAiB,CAAC,IAAI,EAAE,MAAM,GAAG,OAAO,CAEvD"}
1	+ {"version":3,"file":"SecurityPatternLibrary.d.ts","sourceRoot":"","sources":["../../../../../src/services/assessment/modules/securityTests/SecurityPatternLibrary.ts"],"names":[],"mappings":"AAAA;;;;;;GAMG;AAMH;;;GAGG;AACH,eAAO,MAAM,mBAAmB;IAC9B,kEAAkE;;IAIlE,8DAA8D;;IAG9D,kCAAkC;;IAGlC,gCAAgC;;CAExB,CAAC;AAMX;;;;GAIG;AACH,eAAO,MAAM,yBAAyB,2JAmB5B,CAAC;AAMX;;;GAGG;AACH,eAAO,MAAM,oBAAoB,2LAuBvB,CAAC;AAEX;;;GAGG;AACH,eAAO,MAAM,2BAA2B;IACtC,iCAAiC;;IAejC,0DAA0D;;CAElD,CAAC;AAMX;;;GAGG;AACH,eAAO,MAAM,yBAAyB;IACpC,oCAAoC;;IAqBpC,4DAA4D;;IAW5D,+BAA+B;;CAEvB,CAAC;AAEX;;;GAGG;AACH,eAAO,MAAM,6BAA6B;;;;CAMhC,CAAC;AAMX;;;GAGG;AACH,eAAO,MAAM,eAAe,mJAkBlB,CAAC;AAEX;;;GAGG;AACH,eAAO,MAAM,mBAAmB,2rBAwGtB,CAAC;AAMX;;;GAGG;AACH,eAAO,MAAM,uBAAuB;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;EA+B1B,CAAC;AAEX;;;GAGG;AACH,eAAO,MAAM,yBAAyB;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;EAc5B,CAAC;AAMX;;;;GAIG;AACH,eAAO,MAAM,8BAA8B;;;;;;;;;;;;;;;;;;;;;;;;EAiCjC,CAAC;AAEX;;;;GAIG;AACH,eAAO,MAAM,wBAAwB;;;;;;;;;;;;;;;;;;EAyB3B,CAAC;AAMX;;GAEG;AACH,MAAM,WAAW,oBAAoB;IACnC,OAAO,EAAE,MAAM,CAAC;IAChB,MAAM,EAAE,MAAM,CAAC;IACf,QAAQ,EAAE,MAAM,CAAC;IACjB,WAAW,EAAE,MAAM,CAAC;CACrB;AAED;;;;;;;;;GASG;AACH,eAAO,MAAM,iCAAiC,EAAE,oBAAoB,EA0FnE,CAAC;AAEF;;;;;;;;GAQG;AAKH;;;;;;;;;;GAUG;AACH,eAAO,MAAM,0BAA0B,MAAM,CAAC;AAE9C;;;;;;;GAOG;AACH,eAAO,MAAM,oBAAoB,IAAM,CAAC;AAMxC;;;;;GAKG;AACH,eAAO,MAAM,uBAAuB,EAAE,MAAM,CAC1C,MAAM,EACN;IAAE,OAAO,EAAE,MAAM,CAAC;IAAC,QAAQ,EAAE,MAAM,CAAA;CAAE,EAAE,CAgCxC,CAAC;AAEF;;;GAGG;AACH,wBAAgB,6BAA6B,CAAC,YAAY,EAAE,MAAM,GAAG,MAAM,EAAE,CAiB5E;AAED,eAAO,MAAM,2BAA2B,EAAE,oBAAoB,EAuE7D,CAAC;AAMF;;;GAGG;AACH,eAAO,MAAM,sBAAsB,2FAWzB,CAAC;AAEX;;;GAGG;AACH,eAAO,MAAM,iBAAiB,mHAcpB,CAAC;AAMX;;;GAGG;AACH,eAAO,MAAM,uBAAuB,mFAU1B,CAAC;AAEX;;;GAGG;AACH,eAAO,MAAM,2BAA2B,mDAM9B,CAAC;AAMX;;;GAGG;AACH,eAAO,MAAM,uBAAuB,2DAO1B,CAAC;AAEX;;;GAGG;AACH,eAAO,MAAM,yBAAyB,2DAO5B,CAAC;AAEX;;;GAGG;AACH,eAAO,MAAM,6BAA6B,yKAWhC,CAAC;AAMX;;;GAGG;AACH,eAAO,MAAM,kBAAkB,mGAYrB,CAAC;AAEX;;;GAGG;AACH,eAAO,MAAM,2BAA2B,QACO,CAAC;AAMhD;;;GAGG;AACH,eAAO,MAAM,mBAAmB,QAC8B,CAAC;AAE/D;;;GAGG;AACH,eAAO,MAAM,wBAAwB,2EAS3B,CAAC;AAEX;;;GAGG;AACH,eAAO,MAAM,2BAA2B,oRA4B9B,CAAC;AAMX;;;GAGG;AACH,eAAO,MAAM,0BAA0B;;;;;CAK7B,CAAC;AAMX;;;GAGG;AACH,eAAO,MAAM,uBAAuB;IAClC,iCAAiC;;IAQjC,mDAAmD;;IAInD,gDAAgD;;IAIhD,oCAAoC;;IAEpC,6CAA6C;;CAIrC,CAAC;AAMX;;;;GAIG;AACH,eAAO,MAAM,yBAAyB;IACpC,oDAAoD;;IAOpD,wCAAwC;;CAEhC,CAAC;AAMX;;GAEG;AACH,wBAAgB,UAAU,CAAC,QAAQ,EAAE,SAAS,MAAM,EAAE,EAAE,IAAI,EAAE,MAAM,GAAG,OAAO,CAE7E;AAED;;GAEG;AACH,wBAAgB,WAAW,CAAC,IAAI,EAAE,MAAM,GAAG,OAAO,CAOjD;AAED;;GAEG;AACH,wBAAgB,iBAAiB,CAAC,IAAI,EAAE,MAAM,GAAG,OAAO,CAEvD"}

package/lib/services/assessment/modules/securityTests/SecurityPatternLibrary.js CHANGED Viewed

@@ -879,6 +879,56 @@ export const STRUCTURED_DATA_INDICATORS = {
     numericMetadataPattern: /\b(score|count|trust|rating|id|version)\b/i,
 };
 // =============================================================================
+// SECRET LEAKAGE PATTERNS (Issue #103, Challenge #9)
+// =============================================================================
+/**
+ * Patterns for detecting secret/credential leakage in tool responses
+ * Used by: checkSecretLeakage()
+ */
+export const SECRET_LEAKAGE_PATTERNS = {
+    /** Well-known API key formats */
+    apiKeys: [
+        /AKIA[A-Z0-9]{16}/, // AWS Access Key
+        /sk-[a-zA-Z0-9]{20,}/, // OpenAI Key
+        /ghp_[a-zA-Z0-9]{36}/, // GitHub PAT
+        /glpat-[a-zA-Z0-9]{20}/, // GitLab PAT
+        /xox[baprs]-[a-zA-Z0-9-]+/, // Slack tokens
+    ],
+    /** Database connection strings with credentials */
+    connectionStrings: [
+        /(postgresql|mysql|mongodb|redis|mssql):\/\/[^:]+:[^@]+@/i,
+    ],
+    /** Environment variable patterns with values */
+    envVars: [
+        /(SECRET_TOKEN|DATABASE_URL|API_KEY|PRIVATE_KEY|DB_PASSWORD)[^\s]*[:=]/i,
+    ],
+    /** Partial key exposure patterns */
+    partialKeys: [/api_key_preview|key_fragment|partial_key/i],
+    /** Generic credential assignment patterns */
+    credentialAssignment: [
+        /(api[_-]?key|secret|password)[^\s]*[:=]\s*["']?[a-zA-Z0-9_-]{10,}/i,
+    ],
+};
+// =============================================================================
+// OUTPUT INJECTION PATTERNS (Issue #103, Challenge #8)
+// =============================================================================
+/**
+ * Patterns for detecting tool output injection vulnerabilities
+ * Detects when user content is echoed unsanitized in tool output
+ * Used by: analyzeOutputInjection()
+ */
+export const OUTPUT_INJECTION_PATTERNS = {
+    /** LLM control patterns that should be sanitized */
+    llmControl: [
+        /<IMPORTANT>.*<\/IMPORTANT>/is,
+        /\[INST\].*\[\/INST\]/is,
+        /<\|system\|>.*<\|end\|>/is,
+        /\{\{.*\}\}/, // Template vars
+    ],
+    /** Canary markers for echo detection */
+    canaryMarkers: [/SENTINEL_OUTPUT_MARKER_\d+/],
+};
+// =============================================================================
 // HELPER FUNCTIONS
 // =============================================================================
 /**

package/lib/services/assessment/modules/securityTests/SecurityPayloadGenerator.d.ts.map CHANGED Viewed

	@@ -1 +1 @@
1	- {"version":3,"file":"SecurityPayloadGenerator.d.ts","sourceRoot":"","sources":["../../../../../src/services/assessment/modules/securityTests/SecurityPayloadGenerator.ts"],"names":[],"mappings":"AAAA;;;;;;GAMG;AAEH,OAAO,EAAE,IAAI,EAAE,MAAM,oCAAoC,CAAC;AAC1D,OAAO,EAAE,eAAe,EAAE,MAAM,wBAAwB,CAAC;AAIzD;;GAEG;AACH,qBAAa,wBAAwB;IACnC,OAAO,CAAC,iBAAiB,CAAuC;IAEhE;;OAEG;IACH,kBAAkB,CAAC,IAAI,EAAE,IAAI,GAAG,OAAO;IAUvC;;OAEG;IACH,oBAAoB,CAClB,OAAO,EAAE,eAAe,EACxB,IAAI,EAAE,IAAI,GACT,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC;~~IAwJ1B~~;;OAEG;IACH,YAAY,CAAC,IAAI,EAAE,IAAI,GAAG,OAAO;IASjC;;;OAGG;IACH,eAAe,CAAC,UAAU,EAAE,MAAM,GAAG,OAAO;CAQ7C"}
1	+ {"version":3,"file":"SecurityPayloadGenerator.d.ts","sourceRoot":"","sources":["../../../../../src/services/assessment/modules/securityTests/SecurityPayloadGenerator.ts"],"names":[],"mappings":"AAAA;;;;;;GAMG;AAEH,OAAO,EAAE,IAAI,EAAE,MAAM,oCAAoC,CAAC;AAC1D,OAAO,EAAE,eAAe,EAAE,MAAM,wBAAwB,CAAC;AAIzD;;GAEG;AACH,qBAAa,wBAAwB;IACnC,OAAO,CAAC,iBAAiB,CAAuC;IAEhE;;OAEG;IACH,kBAAkB,CAAC,IAAI,EAAE,IAAI,GAAG,OAAO;IAUvC;;OAEG;IACH,oBAAoB,CAClB,OAAO,EAAE,eAAe,EACxB,IAAI,EAAE,IAAI,GACT,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC;IAwK1B;;OAEG;IACH,YAAY,CAAC,IAAI,EAAE,IAAI,GAAG,OAAO;IASjC;;;OAGG;IACH,eAAe,CAAC,UAAU,EAAE,MAAM,GAAG,OAAO;CAQ7C"}

package/lib/services/assessment/modules/securityTests/SecurityPayloadGenerator.js CHANGED Viewed

@@ -130,6 +130,19 @@ export class SecurityPayloadGenerator {
                 }
             }
         }
+        // VERBOSE MODE TESTING (Issue #103, Challenge #9)
+        // For secret_leakage payloads, enable verbose mode to detect additional credential exposure
+        if (payload.payloadType === "secret_leakage") {
+            for (const [key, prop] of Object.entries(schema.properties)) {
+                const propSchema = prop;
+                if (propSchema.type === "boolean" &&
+                    key.toLowerCase() === "verbose" &&
+                    !(key in params)) {
+                    params[key] = true; // Enable verbose mode to test for additional leakage
+                    break;
+                }
+            }
+        }
         // Fill required parameters with safe defaults
         for (const [key, prop] of Object.entries(schema.properties)) {
             const propSchema = prop;

package/lib/services/assessment/modules/securityTests/SecurityResponseAnalyzer.d.ts CHANGED Viewed

@@ -129,6 +129,20 @@ export declare class SecurityResponseAnalyzer {
      * @returns Analysis result with vulnerability status and evidence
      */
     analyzeChainExploitation(response: CompatibilityCallToolResult): ChainExploitationAnalysis;
+    /**
+     * Check for secret leakage in response (Issue #103, Challenge #9)
+     * Scans for credential patterns regardless of payload type.
+     *
+     * This method detects when tools inadvertently expose:
+     * - API keys (AWS, OpenAI, GitHub, GitLab, Slack)
+     * - Database connection strings with credentials
+     * - Environment variable values
+     * - Partial key previews
+     */
+    checkSecretLeakage(response: CompatibilityCallToolResult): {
+        detected: boolean;
+        evidence?: string;
+    };
     /**
      * Check if response indicates connection/server failure
      */

package/lib/services/assessment/modules/securityTests/SecurityResponseAnalyzer.d.ts.map CHANGED Viewed

	@@ -1 +1 @@
1	- {"version":3,"file":"SecurityResponseAnalyzer.d.ts","sourceRoot":"","sources":["../../../../../src/services/assessment/modules/securityTests/SecurityResponseAnalyzer.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;GAaG;AAEH,OAAO,EACL,2BAA2B,EAC3B,IAAI,EACL,MAAM,oCAAoC,CAAC;AAC5C,OAAO,EAAE,eAAe,EAAE,MAAM,wBAAwB,CAAC;AAEzD,OAAO,KAAK,EAAE,2BAA2B,EAAE,MAAM,wBAAwB,CAAC;AAK1E,OAAO,EAAgB,kBAAkB,EAAE,MAAM,gBAAgB,CAAC;AAElE,OAAO,EAAoB,gBAAgB,EAAE,MAAM,oBAAoB,CAAC;AAYxE,YAAY,EAAE,gBAAgB,EAAE,MAAM,oBAAoB,CAAC;AAC3D,YAAY,EAAE,kBAAkB,EAAE,MAAM,gBAAgB,CAAC;AAEzD;;GAEG;AACH,MAAM,WAAW,cAAc;IAC7B,YAAY,EAAE,OAAO,CAAC;IACtB,QAAQ,CAAC,EAAE,MAAM,CAAC;CACnB;AAED;;;GAGG;AACH,MAAM,WAAW,gBAAgB;IAC/B,QAAQ,EAAE,OAAO,CAAC;IAClB,WAAW,EAAE,WAAW,GAAG,aAAa,GAAG,SAAS,CAAC;IACrD,QAAQ,CAAC,EAAE,MAAM,CAAC;CACnB;AAED;;;GAGG;AACH,MAAM,WAAW,oBAAoB;IACnC,UAAU,EAAE,OAAO,CAAC;IACpB,IAAI,EAAE,OAAO,CAAC;IACd,eAAe,EAAE,cAAc,GAAG,aAAa,GAAG,SAAS,CAAC;IAC5D,QAAQ,EAAE,MAAM,CAAC;CAClB;AAED;;GAEG;AACH,MAAM,MAAM,kBAAkB,GAC1B,sBAAsB,GACtB,iBAAiB,GACjB,SAAS,GACT,SAAS,CAAC;AAEd;;GAEG;AACH,MAAM,MAAM,0BAA0B,GAClC,kBAAkB,GAClB,iBAAiB,GACjB,2BAA2B,GAC3B,gBAAgB,GAChB,qBAAqB,GACrB,iBAAiB,CAAC;AAEtB;;;GAGG;AACH,MAAM,WAAW,yBAAyB;IACxC,UAAU,EAAE,OAAO,CAAC;IACpB,IAAI,EAAE,OAAO,CAAC;IACd,SAAS,EAAE,kBAAkB,CAAC;IAC9B,uBAAuB,EAAE,0BAA0B,EAAE,CAAC;IACtD,QAAQ,EAAE;QACR,kBAAkB,EAAE,MAAM,EAAE,CAAC;QAC7B,YAAY,EAAE,MAAM,EAAE,CAAC;QACvB,eAAe,EAAE,MAAM,CAAC;QACxB,SAAS,EAAE,MAAM,CAAC;KACnB,CAAC;CACH;AAED;;GAEG;AACH,MAAM,MAAM,mBAAmB,GAAG,YAAY,GAAG,QAAQ,GAAG,UAAU,CAAC;AAEvE;;;;;;GAMG;AACH,qBAAa,wBAAwB;IAEnC,OAAO,CAAC,eAAe,CAAkB;IACzC,OAAO,CAAC,iBAAiB,CAA4B;IACrD,OAAO,CAAC,YAAY,CAAe;IACnC,OAAO,CAAC,YAAY,CAAuB;IAC3C,OAAO,CAAC,gBAAgB,CAAmB;;IAc3C;;;;;;OAMG;IACH,eAAe,CACb,QAAQ,EAAE,2BAA2B,EACrC,OAAO,EAAE,eAAe,EACxB,IAAI,EAAE,IAAI,GACT,cAAc;IAqBjB;;OAEG;IACH,mBAAmB,CACjB,IAAI,EAAE,IAAI,EACV,YAAY,EAAE,OAAO,EACrB,QAAQ,EAAE,MAAM,EAChB,YAAY,EAAE,MAAM,EACpB,OAAO,EAAE,eAAe,EACxB,kBAAkB,CAAC,EAAE,2BAA2B,GAC/C,gBAAgB;IAWnB;;;OAGG;IACH,yBAAyB,CACvB,QAAQ,EAAE,2BAA2B,GACpC,gBAAgB;IAsFnB;;;;;;;;;OASG;IACH,2BAA2B,CACzB,QAAQ,EAAE,2BAA2B,GACpC,oBAAoB;IAmGvB;;;;;;;;;;;;OAYG;IACH,wBAAwB,CACtB,QAAQ,EAAE,2BAA2B,GACpC,yBAAyB;IA6D5B;;OAEG;IACH,iBAAiB,CAAC,QAAQ,EAAE,2BAA2B,GAAG,OAAO;IAIjE;;OAEG;IACH,8BAA8B,CAAC,KAAK,EAAE,OAAO,GAAG,OAAO;IAIvD;;OAEG;IACH,aAAa,CAAC,QAAQ,EAAE,2BAA2B,GAAG,mBAAmB;IAIzE;;OAEG;IACH,0BAA0B,CAAC,KAAK,EAAE,OAAO,GAAG,mBAAmB;IAI/D;;OAEG;IACH,sBAAsB,CAAC,QAAQ,EAAE,2BAA2B,GAAG,MAAM;IAQrE;;OAEG;IACH,oBAAoB,CAClB,SAAS,EAAE;QAAE,IAAI,CAAC,EAAE,MAAM,GAAG,MAAM,CAAC;QAAC,OAAO,CAAC,EAAE,MAAM,CAAA;KAAE,EACvD,YAAY,EAAE,MAAM,GACnB,OAAO;IAIV;;OAEG;IACH,mBAAmB,CAAC,YAAY,EAAE,MAAM,GAAG,OAAO;IAIlD;;OAEG;IACH,mBAAmB,CAAC,eAAe,EAAE,MAAM,GAAG,OAAO;IAIrD;;OAEG;IACH,oBAAoB,CAAC,YAAY,EAAE,MAAM,GAAG,OAAO;IAInD;;;OAGG;IACH,oBAAoB,CAAC,OAAO,EAAE,MAAM,EAAE,YAAY,EAAE,MAAM,GAAG,OAAO;IAIpE;;OAEG;IACH,qCAAqC,CACnC,MAAM,EAAE,MAAM,EACd,YAAY,EAAE,MAAM,GACnB,OAAO;IAOV;;OAEG;IACH,yBAAyB,CACvB,OAAO,EAAE,MAAM,EACf,YAAY,EAAE,MAAM,EACpB,IAAI,CAAC,EAAE,IAAI,GACV,kBAAkB;IAQrB;;OAEG;IACH,oBAAoB,CAAC,YAAY,EAAE,MAAM,GAAG,OAAO;IAInD;;OAEG;IACH,wBAAwB,CAAC,YAAY,EAAE,MAAM,GAAG,OAAO;IAIvD;;OAEG;IACH,8BAA8B,CAAC,YAAY,EAAE,MAAM,GAAG,OAAO;IAI7D;;OAEG;IACH,qBAAqB,CAAC,QAAQ,EAAE,2BAA2B,GAAG,OAAO;IAIrE;;OAEG;IACH,oBAAoB,CAAC,QAAQ,EAAE,MAAM,EAAE,eAAe,EAAE,MAAM,GAAG,OAAO;IAOxE;;OAEG;IACH,sBAAsB,CAAC,YAAY,EAAE,MAAM,GAAG,OAAO;IAIrD;;OAEG;IACH,kBAAkB,CAAC,YAAY,EAAE,MAAM,GAAG,OAAO;IAQjD;;;OAGG;IACH,OAAO,CAAC,uBAAuB;IAyB/B;;;OAGG;IACH,OAAO,CAAC,qBAAqB;IA+E7B;;;OAGG;IACH,OAAO,CAAC,0BAA0B;IAwClC;;OAEG;IACH,OAAO,CAAC,wBAAwB;CAoBjC"}
1	+ {"version":3,"file":"SecurityResponseAnalyzer.d.ts","sourceRoot":"","sources":["../../../../../src/services/assessment/modules/securityTests/SecurityResponseAnalyzer.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;GAaG;AAEH,OAAO,EACL,2BAA2B,EAC3B,IAAI,EACL,MAAM,oCAAoC,CAAC;AAC5C,OAAO,EAAE,eAAe,EAAE,MAAM,wBAAwB,CAAC;AAEzD,OAAO,KAAK,EAAE,2BAA2B,EAAE,MAAM,wBAAwB,CAAC;AAK1E,OAAO,EAAgB,kBAAkB,EAAE,MAAM,gBAAgB,CAAC;AAElE,OAAO,EAAoB,gBAAgB,EAAE,MAAM,oBAAoB,CAAC;AAYxE,YAAY,EAAE,gBAAgB,EAAE,MAAM,oBAAoB,CAAC;AAC3D,YAAY,EAAE,kBAAkB,EAAE,MAAM,gBAAgB,CAAC;AAEzD;;GAEG;AACH,MAAM,WAAW,cAAc;IAC7B,YAAY,EAAE,OAAO,CAAC;IACtB,QAAQ,CAAC,EAAE,MAAM,CAAC;CACnB;AAED;;;GAGG;AACH,MAAM,WAAW,gBAAgB;IAC/B,QAAQ,EAAE,OAAO,CAAC;IAClB,WAAW,EAAE,WAAW,GAAG,aAAa,GAAG,SAAS,CAAC;IACrD,QAAQ,CAAC,EAAE,MAAM,CAAC;CACnB;AAED;;;GAGG;AACH,MAAM,WAAW,oBAAoB;IACnC,UAAU,EAAE,OAAO,CAAC;IACpB,IAAI,EAAE,OAAO,CAAC;IACd,eAAe,EAAE,cAAc,GAAG,aAAa,GAAG,SAAS,CAAC;IAC5D,QAAQ,EAAE,MAAM,CAAC;CAClB;AAED;;GAEG;AACH,MAAM,MAAM,kBAAkB,GAC1B,sBAAsB,GACtB,iBAAiB,GACjB,SAAS,GACT,SAAS,CAAC;AAEd;;GAEG;AACH,MAAM,MAAM,0BAA0B,GAClC,kBAAkB,GAClB,iBAAiB,GACjB,2BAA2B,GAC3B,gBAAgB,GAChB,qBAAqB,GACrB,iBAAiB,CAAC;AAEtB;;;GAGG;AACH,MAAM,WAAW,yBAAyB;IACxC,UAAU,EAAE,OAAO,CAAC;IACpB,IAAI,EAAE,OAAO,CAAC;IACd,SAAS,EAAE,kBAAkB,CAAC;IAC9B,uBAAuB,EAAE,0BAA0B,EAAE,CAAC;IACtD,QAAQ,EAAE;QACR,kBAAkB,EAAE,MAAM,EAAE,CAAC;QAC7B,YAAY,EAAE,MAAM,EAAE,CAAC;QACvB,eAAe,EAAE,MAAM,CAAC;QACxB,SAAS,EAAE,MAAM,CAAC;KACnB,CAAC;CACH;AAED;;GAEG;AACH,MAAM,MAAM,mBAAmB,GAAG,YAAY,GAAG,QAAQ,GAAG,UAAU,CAAC;AAEvE;;;;;;GAMG;AACH,qBAAa,wBAAwB;IAEnC,OAAO,CAAC,eAAe,CAAkB;IACzC,OAAO,CAAC,iBAAiB,CAA4B;IACrD,OAAO,CAAC,YAAY,CAAe;IACnC,OAAO,CAAC,YAAY,CAAuB;IAC3C,OAAO,CAAC,gBAAgB,CAAmB;;IAc3C;;;;;;OAMG;IACH,eAAe,CACb,QAAQ,EAAE,2BAA2B,EACrC,OAAO,EAAE,eAAe,EACxB,IAAI,EAAE,IAAI,GACT,cAAc;IAqBjB;;OAEG;IACH,mBAAmB,CACjB,IAAI,EAAE,IAAI,EACV,YAAY,EAAE,OAAO,EACrB,QAAQ,EAAE,MAAM,EAChB,YAAY,EAAE,MAAM,EACpB,OAAO,EAAE,eAAe,EACxB,kBAAkB,CAAC,EAAE,2BAA2B,GAC/C,gBAAgB;IAWnB;;;OAGG;IACH,yBAAyB,CACvB,QAAQ,EAAE,2BAA2B,GACpC,gBAAgB;IAsFnB;;;;;;;;;OASG;IACH,2BAA2B,CACzB,QAAQ,EAAE,2BAA2B,GACpC,oBAAoB;IAmGvB;;;;;;;;;;;;OAYG;IACH,wBAAwB,CACtB,QAAQ,EAAE,2BAA2B,GACpC,yBAAyB;IA6D5B;;;;;;;;;OASG;IACH,kBAAkB,CAAC,QAAQ,EAAE,2BAA2B,GAAG;QACzD,QAAQ,EAAE,OAAO,CAAC;QAClB,QAAQ,CAAC,EAAE,MAAM,CAAC;KACnB;IAwCD;;OAEG;IACH,iBAAiB,CAAC,QAAQ,EAAE,2BAA2B,GAAG,OAAO;IAIjE;;OAEG;IACH,8BAA8B,CAAC,KAAK,EAAE,OAAO,GAAG,OAAO;IAIvD;;OAEG;IACH,aAAa,CAAC,QAAQ,EAAE,2BAA2B,GAAG,mBAAmB;IAIzE;;OAEG;IACH,0BAA0B,CAAC,KAAK,EAAE,OAAO,GAAG,mBAAmB;IAI/D;;OAEG;IACH,sBAAsB,CAAC,QAAQ,EAAE,2BAA2B,GAAG,MAAM;IAQrE;;OAEG;IACH,oBAAoB,CAClB,SAAS,EAAE;QAAE,IAAI,CAAC,EAAE,MAAM,GAAG,MAAM,CAAC;QAAC,OAAO,CAAC,EAAE,MAAM,CAAA;KAAE,EACvD,YAAY,EAAE,MAAM,GACnB,OAAO;IAIV;;OAEG;IACH,mBAAmB,CAAC,YAAY,EAAE,MAAM,GAAG,OAAO;IAIlD;;OAEG;IACH,mBAAmB,CAAC,eAAe,EAAE,MAAM,GAAG,OAAO;IAIrD;;OAEG;IACH,oBAAoB,CAAC,YAAY,EAAE,MAAM,GAAG,OAAO;IAInD;;;OAGG;IACH,oBAAoB,CAAC,OAAO,EAAE,MAAM,EAAE,YAAY,EAAE,MAAM,GAAG,OAAO;IAIpE;;OAEG;IACH,qCAAqC,CACnC,MAAM,EAAE,MAAM,EACd,YAAY,EAAE,MAAM,GACnB,OAAO;IAOV;;OAEG;IACH,yBAAyB,CACvB,OAAO,EAAE,MAAM,EACf,YAAY,EAAE,MAAM,EACpB,IAAI,CAAC,EAAE,IAAI,GACV,kBAAkB;IAQrB;;OAEG;IACH,oBAAoB,CAAC,YAAY,EAAE,MAAM,GAAG,OAAO;IAInD;;OAEG;IACH,wBAAwB,CAAC,YAAY,EAAE,MAAM,GAAG,OAAO;IAIvD;;OAEG;IACH,8BAA8B,CAAC,YAAY,EAAE,MAAM,GAAG,OAAO;IAI7D;;OAEG;IACH,qBAAqB,CAAC,QAAQ,EAAE,2BAA2B,GAAG,OAAO;IAIrE;;OAEG;IACH,oBAAoB,CAAC,QAAQ,EAAE,MAAM,EAAE,eAAe,EAAE,MAAM,GAAG,OAAO;IAOxE;;OAEG;IACH,sBAAsB,CAAC,YAAY,EAAE,MAAM,GAAG,OAAO;IAIrD;;OAEG;IACH,kBAAkB,CAAC,YAAY,EAAE,MAAM,GAAG,OAAO;IAQjD;;;OAGG;IACH,OAAO,CAAC,uBAAuB;IAyB/B;;;OAGG;IACH,OAAO,CAAC,qBAAqB;IA+E7B;;;OAGG;IACH,OAAO,CAAC,0BAA0B;IAwClC;;OAEG;IACH,OAAO,CAAC,wBAAwB;CAoBjC"}