@clear-capabilities/agentic-security-scanner 0.78.0 → 0.79.0

package/src/posture/security-trend.js

@@ -6,12 +6,12 @@
 
 import * as fs from 'node:fs';
 import * as path from 'node:path';
+import { statePath, safeWriteState } from './state-dir.js';
 
-const HISTORY_FILE = '.agentic-security/scan-history.json';
 const MAX_HISTORY = 30; // rolling window
 
 function _readHistory(scanRoot) {
-  const histPath = scanRoot ? path.join(scanRoot, HISTORY_FILE) : HISTORY_FILE;
+  const histPath = statePath(scanRoot, 'scan-history.json');
   try {
     return JSON.parse(fs.readFileSync(histPath, 'utf8'));
   } catch {
@@ -20,11 +20,8 @@ function _readHistory(scanRoot) {
 }
 
 function _writeHistory(scanRoot, history) {
-  const histPath = scanRoot ? path.join(scanRoot, HISTORY_FILE) : HISTORY_FILE;
-  try {
-    fs.mkdirSync(path.dirname(histPath), { recursive: true });
-    fs.writeFileSync(histPath, JSON.stringify(history.slice(-MAX_HISTORY), null, 2));
-  } catch {}
+  const histPath = statePath(scanRoot, 'scan-history.json');
+  safeWriteState(histPath, JSON.stringify(history.slice(-MAX_HISTORY), null, 2));
 }
 
 function _snapshotFromScan(scan, label) {

package/src/posture/state-dir.js

@@ -0,0 +1,124 @@
+// Project-root resolver for .agentic-security/ state.
+//
+// BUG HISTORY: Previously, state-writing code used the pattern
+//   `path.join(scanRoot || process.cwd(), '.agentic-security', ...)`
+// When `scanRoot` was null/undefined and the scanner was invoked from
+// a subdirectory (e.g., migrations/, config/), this created
+// `.agentic-security/` folders inside those subdirectories — breaking
+// the user's build (one report: DB migration system saw the folder as
+// a migration file). One user uninstalled the plugin entirely.
+//
+// FIX: All state writes go through this module. process.cwd() is NEVER
+// trusted directly. We walk upward from cwd looking for project markers
+// (.git, package.json, etc.) and write state there. A safety check
+// refuses to write if no marker is found.
+
+import * as fs from 'node:fs';
+import * as path from 'node:path';
+
+const PROJECT_MARKERS = [
+  '.git',
+  'package.json',
+  'pyproject.toml',
+  'go.mod',
+  'Cargo.toml',
+  'pom.xml',
+  'build.gradle',
+  'composer.json',
+  'Gemfile',
+  '.agentic-security',
+];
+
+function _findProjectRoot(startDir) {
+  let dir = path.resolve(startDir);
+  const visited = new Set();
+  while (dir && !visited.has(dir)) {
+    visited.add(dir);
+    for (const m of PROJECT_MARKERS) {
+      try {
+        if (fs.existsSync(path.join(dir, m))) return dir;
+      } catch { /* ignore */ }
+    }
+    const parent = path.dirname(dir);
+    if (parent === dir) break;
+    dir = parent;
+  }
+  return null;
+}
+
+export function resolveProjectRoot(scanRoot) {
+  // Prefer caller-provided scanRoot when it points to an existing directory
+  if (scanRoot && typeof scanRoot === 'string') {
+    try {
+      const resolved = path.resolve(scanRoot);
+      if (fs.existsSync(resolved) && fs.statSync(resolved).isDirectory()) {
+        return resolved;
+      }
+    } catch { /* fall through */ }
+  }
+  // Walk upward from cwd looking for project markers
+  const fromCwd = _findProjectRoot(process.cwd());
+  if (fromCwd) return fromCwd;
+  // No project markers found — return cwd but caller should check via isSafeStateDir
+  return process.cwd();
+}
+
+export function stateDir(scanRoot) {
+  return path.join(resolveProjectRoot(scanRoot), '.agentic-security');
+}
+
+export function statePath(scanRoot, ...parts) {
+  return path.join(stateDir(scanRoot), ...parts);
+}
+
+// Safety check: refuse to create .agentic-security/ unless the parent
+// directory has at least one project marker. Prevents littering when
+// resolution falls through to a non-project directory.
+export function isSafeStateDir(dir) {
+  if (!dir) return false;
+  const parent = path.dirname(dir);
+  for (const m of PROJECT_MARKERS) {
+    if (m === '.agentic-security') continue; // would be circular
+    try {
+      if (fs.existsSync(path.join(parent, m))) return true;
+    } catch { /* ignore */ }
+  }
+  return false;
+}
+
+// Safe mkdir: only creates .agentic-security/ if the parent has a project marker.
+// Returns the dir on success, null if refused. Logs a warning when refused.
+export function ensureStateDir(scanRoot) {
+  const dir = stateDir(scanRoot);
+  if (!isSafeStateDir(dir)) {
+    if (process.env.AGENTIC_SECURITY_DEBUG === '1') {
+      process.stderr.write(`[agentic-security] refusing to create state dir at ${dir} — no project marker in parent\n`);
+    }
+    return null;
+  }
+  try {
+    fs.mkdirSync(dir, { recursive: true });
+    return dir;
+  } catch {
+    return null;
+  }
+}
+
+// Safe write: only writes if isSafeStateDir(parent) returns true.
+// Returns true on success, false if refused or errored.
+export function safeWriteState(filePath, content) {
+  const dir = path.dirname(filePath);
+  if (!isSafeStateDir(dir)) {
+    if (process.env.AGENTIC_SECURITY_DEBUG === '1') {
+      process.stderr.write(`[agentic-security] refusing to write state file at ${filePath} — no project marker in parent of ${dir}\n`);
+    }
+    return false;
+  }
+  try {
+    fs.mkdirSync(dir, { recursive: true });
+    fs.writeFileSync(filePath, content);
+    return true;
+  } catch {
+    return false;
+  }
+}

package/src/posture/streak.js

@@ -11,6 +11,7 @@
 
 import * as fs from 'node:fs';
 import * as path from 'node:path';
+import { isSafeStateDir } from './state-dir.js';
 
 function _streakPath(stateDir) {
   return path.join(stateDir, 'streak.json');
@@ -115,6 +116,7 @@ function _computeAchievements(streak, scan) {
 
 // Public — invoked by the CLI after every full scan.
 export function recordScan(stateDir, scan) {
+  if (!isSafeStateDir(stateDir)) return null;
   try { fs.mkdirSync(stateDir, { recursive: true }); } catch {}
   const prev = loadStreak(stateDir);
   const today = _todayUTC();
@@ -182,6 +184,7 @@ export function recordScan(stateDir, scan) {
 
 // Mark "launch check passed 10/10" — called from /security-launch-check
 export function markLaunchCheckPassed(stateDir) {
+  if (!isSafeStateDir(stateDir)) return null;
   const prev = loadStreak(stateDir);
   const next = { ...prev, launchCheckPassedAt: new Date().toISOString() };
   next.achievements = _computeAchievements(next, { findings: [] });

package/src/posture/suppressions.js

@@ -8,9 +8,7 @@
 import * as fs from 'node:fs';
 import * as path from 'node:path';
 import * as yaml from 'js-yaml';
-
-const VIBECODER_PATH = '.agentic-security/accepted.json';
-const PRO_PATH = '.agentic-security/suppressions.yml';
+import { statePath, safeWriteState } from './state-dir.js';
 
 const MS_PER_DAY = 86400000;
 const SOFT_TTL_DAYS = 30;
@@ -22,7 +20,7 @@ function _dateOnly(iso) {
 }
 
 export function loadSoftAccepted(scanRoot) {
-  const fp = path.join(scanRoot || process.cwd(), VIBECODER_PATH);
+  const fp = statePath(scanRoot, 'accepted.json');
   if (!fs.existsSync(fp)) return [];
   try {
     const raw = JSON.parse(fs.readFileSync(fp, 'utf8'));
@@ -31,9 +29,8 @@ export function loadSoftAccepted(scanRoot) {
 }
 
 export function saveSoftAccepted(scanRoot, items) {
-  const fp = path.join(scanRoot || process.cwd(), VIBECODER_PATH);
-  fs.mkdirSync(path.dirname(fp), { recursive: true });
-  fs.writeFileSync(fp, JSON.stringify({ accepted: items }, null, 2));
+  const fp = statePath(scanRoot, 'accepted.json');
+  safeWriteState(fp, JSON.stringify({ accepted: items }, null, 2));
 }
 
 export function addSoftAcceptance(scanRoot, finding, reason) {
@@ -53,7 +50,7 @@ export function addSoftAcceptance(scanRoot, finding, reason) {
 }
 
 export function loadProSuppressions(scanRoot) {
-  const fp = path.join(scanRoot || process.cwd(), PRO_PATH);
+  const fp = statePath(scanRoot, 'suppressions.yml');
   if (!fs.existsSync(fp)) return [];
   try {
     const parsed = yaml.load(fs.readFileSync(fp, 'utf8'));

package/src/posture/triage.js

@@ -4,13 +4,12 @@
 
 import * as fs from 'node:fs';
 import * as path from 'node:path';
-
-const STORE_PATH = '.agentic-security/triage.json';
+import { statePath, safeWriteState } from './state-dir.js';
 
 export const STATES = ['open', 'in-progress', 'fixed', 'wont-fix', 'false-positive'];
 
 function _storePath(scanRoot) {
-  return path.join(scanRoot || process.cwd(), STORE_PATH);
+  return statePath(scanRoot, 'triage.json');
 }
 
 export function loadTriage(scanRoot) {
@@ -22,8 +21,7 @@ export function loadTriage(scanRoot) {
 
 function _save(scanRoot, data) {
   const fp = _storePath(scanRoot);
-  fs.mkdirSync(path.dirname(fp), { recursive: true });
-  fs.writeFileSync(fp, JSON.stringify(data, null, 2));
+  safeWriteState(fp, JSON.stringify(data, null, 2));
 }
 
 // Sync the triage store with the latest scan: new findings become 'open',

package/src/posture/validator-metrics.js

@@ -24,11 +24,11 @@
 
 import * as fs from 'node:fs';
 import * as path from 'node:path';
+import { statePath, safeWriteState } from './state-dir.js';
 
-const FILE = '.agentic-security/validator-metrics.json';
 const HISTORY_CAP = 100;
 
-function _filePath(scanRoot) { return path.join(scanRoot || process.cwd(), FILE); }
+function _filePath(scanRoot) { return statePath(scanRoot, 'validator-metrics.json'); }
 
 function _read(scanRoot) {
   const fp = _filePath(scanRoot);
@@ -39,10 +39,7 @@ function _read(scanRoot) {
 
 function _write(scanRoot, data) {
   const fp = _filePath(scanRoot);
-  try {
-    fs.mkdirSync(path.dirname(fp), { recursive: true });
-    fs.writeFileSync(fp, JSON.stringify(data, null, 2));
-  } catch { /* swallow — telemetry is best-effort */ }
+  safeWriteState(fp, JSON.stringify(data, null, 2));
 }
 
 function _round(n) { return Math.round(n * 10000) / 10000; }

package/src/sast/db-taint.js

@@ -76,6 +76,30 @@ function _lang(fp) {
  * Walk the file once collecting WRITE pairs (model, field, line) where the
  * written value is a user source.
  */
+function _buildModelTableMap(code, lang) {
+  const map = new Map();
+  if (lang === 'js') {
+    for (const m of code.matchAll(/(?:sequelize\.define|\.init)\s*\(\s*['"](\w+)['"][\s\S]*?tableName\s*:\s*['"](\w+)['"]/g))
+      map.set(m[1], m[2]);
+    for (const m of code.matchAll(/class\s+(\w+)\s+extends\s+Model[\s\S]*?tableName\s*:\s*['"](\w+)['"]/g))
+      map.set(m[1], m[2]);
+    for (const m of code.matchAll(/@@map\s*\(\s*['"](\w+)['"]\s*\)/g))
+      map.set('_prisma_', m[1]);
+  } else if (lang === 'py') {
+    for (const m of code.matchAll(/class\s+(\w+)[\s\S]*?class\s+Meta[\s\S]*?db_table\s*=\s*['"](\w+)['"]/g))
+      map.set(m[1], m[2]);
+    for (const m of code.matchAll(/__tablename__\s*=\s*['"](\w+)['"]/g))
+      map.set('_sqla_', m[1]);
+  }
+  return map;
+}
+
+function _resolveTableName(model, tableMap) {
+  if (!model) return model;
+  if (tableMap.has(model)) return tableMap.get(model);
+  return model.toLowerCase() + 's';
+}
+
 function _findTaintedWrites(code, lang) {
   const writes = [];
   const patterns = lang === 'js' ? WRITE_PATTERNS_JS : WRITE_PATTERNS_PY;

package/src/sast/rust.js

@@ -103,3 +103,29 @@ export function scanRust(fp, raw) {
   }
   return out;
 }
+
+export function extractRustImportMap(code) {
+  const map = new Map();
+  const globs = new Set();
+  const useRe = /\buse\s+([\w_][\w_:]*?)(?:::(\w+|\{[^}]+\}|\*))(?:\s+as\s+(\w+))?/g;
+  for (const m of code.matchAll(useRe)) {
+    const cratePath = m[1];
+    const crate = cratePath.split('::')[0];
+    const imported = m[2];
+    const alias = m[3];
+    if (imported === '*') {
+      globs.add(crate);
+      continue;
+    }
+    if (imported.startsWith('{')) {
+      const items = imported.slice(1, -1).split(',').map(s => s.trim());
+      for (const item of items) {
+        const parts = item.split(/\s+as\s+/);
+        map.set(parts[1] || parts[0], crate);
+      }
+      continue;
+    }
+    map.set(alias || imported, crate);
+  }
+  return { map, globs };
+}

package/src/sca/binary-metadata.js

@@ -0,0 +1,124 @@
+// Binary artifact SCA metadata extraction.
+//
+// Reads dependency information from compiled artifacts:
+//   - Java JAR files: META-INF/MANIFEST.MF for version + classpath
+//   - Go binaries: embedded go.buildinfo for dependency tree
+//
+// Gated behind AGENTIC_SECURITY_BINARY_SCA=1 (opt-in).
+// Does NOT execute binaries — only reads metadata sections.
+
+import * as fs from 'node:fs';
+import * as path from 'node:path';
+import { execFileSync } from 'node:child_process';
+
+export function isBinaryScaEnabled() {
+  return process.env.AGENTIC_SECURITY_BINARY_SCA === '1';
+}
+
+export function extractJarMetadata(jarPath) {
+  if (!jarPath || !jarPath.endsWith('.jar')) return null;
+  try {
+    const out = execFileSync('jar', ['tf', jarPath], { encoding: 'utf8', timeout: 5000 });
+    const hasManifest = out.includes('META-INF/MANIFEST.MF');
+    if (!hasManifest) return null;
+    const manifest = execFileSync('jar', ['xf', jarPath, 'META-INF/MANIFEST.MF', '-C', '/tmp'], {
+      encoding: 'utf8', timeout: 5000, cwd: '/tmp',
+    });
+    const manifestPath = '/tmp/META-INF/MANIFEST.MF';
+    if (!fs.existsSync(manifestPath)) return null;
+    const content = fs.readFileSync(manifestPath, 'utf8');
+    const attrs = {};
+    for (const line of content.split('\n')) {
+      const m = line.match(/^([A-Za-z-]+):\s*(.+)$/);
+      if (m) attrs[m[1].toLowerCase()] = m[2].trim();
+    }
+    const hasPom = out.includes('pom.properties');
+    let groupId = attrs['implementation-vendor-id'] || '';
+    let artifactId = attrs['implementation-title'] || path.basename(jarPath, '.jar');
+    let version = attrs['implementation-version'] || attrs['bundle-version'] || 'unknown';
+    if (hasPom) {
+      try {
+        execFileSync('jar', ['xf', jarPath, '--', ...out.split('\n').filter(l => l.includes('pom.properties'))], {
+          timeout: 5000, cwd: '/tmp',
+        });
+        const pomFiles = out.split('\n').filter(l => l.includes('pom.properties'));
+        for (const pf of pomFiles) {
+          const pfPath = path.join('/tmp', pf);
+          if (!fs.existsSync(pfPath)) continue;
+          const props = fs.readFileSync(pfPath, 'utf8');
+          for (const line of props.split('\n')) {
+            if (line.startsWith('groupId=')) groupId = line.split('=')[1].trim();
+            if (line.startsWith('artifactId=')) artifactId = line.split('=')[1].trim();
+            if (line.startsWith('version=')) version = line.split('=')[1].trim();
+          }
+          break;
+        }
+      } catch { /* pom extraction optional */ }
+    }
+    return {
+      name: artifactId,
+      version,
+      group: groupId,
+      ecosystem: 'maven',
+      filePath: jarPath,
+      scope: 'required',
+      purl: `pkg:maven/${groupId}/${artifactId}@${version}`,
+      isUnpinned: false,
+      _source: 'jar-manifest',
+    };
+  } catch { return null; }
+}
+
+export function extractGoBuildInfo(binPath) {
+  if (!binPath) return [];
+  try {
+    const out = execFileSync('go', ['version', '-m', binPath], { encoding: 'utf8', timeout: 5000 });
+    const deps = [];
+    for (const line of out.split('\n')) {
+      const m = line.match(/^\s*dep\s+([\w./-]+)\s+(v[\d.]+(?:-[\w.]+)?)/);
+      if (m) {
+        deps.push({
+          name: m[1],
+          version: m[2].replace(/^v/, ''),
+          group: '',
+          ecosystem: 'golang',
+          filePath: binPath,
+          scope: 'required',
+          purl: `pkg:golang/${m[1]}@${m[2]}`,
+          isUnpinned: false,
+          _source: 'go-buildinfo',
+        });
+      }
+    }
+    return deps;
+  } catch { return []; }
+}
+
+export function scanBinaryArtifacts(fileContents, scanRoot) {
+  if (!isBinaryScaEnabled()) return [];
+  const components = [];
+  const root = scanRoot || '.';
+  try {
+    const jarFiles = fs.readdirSync(root, { recursive: true })
+      .filter(f => f.endsWith('.jar') && !f.includes('node_modules'))
+      .slice(0, 20);
+    for (const jar of jarFiles) {
+      const meta = extractJarMetadata(path.join(root, jar));
+      if (meta) components.push(meta);
+    }
+  } catch { /* jar scan optional */ }
+  try {
+    const goBins = fs.readdirSync(root, { recursive: true })
+      .filter(f => !f.includes('.') && !f.includes('node_modules') && !f.includes('/'))
+      .slice(0, 10);
+    for (const bin of goBins) {
+      const fp = path.join(root, bin);
+      try {
+        if (fs.statSync(fp).isFile() && (fs.statSync(fp).mode & 0o111)) {
+          components.push(...extractGoBuildInfo(fp));
+        }
+      } catch { /* skip non-executable */ }
+    }
+  } catch { /* go binary scan optional */ }
+  return components;
+}

package/src/sca/py-package-functions.js

@@ -0,0 +1,118 @@
+// Python package function extraction via the CST parser.
+//
+// Locates an installed Python package in site-packages or .venv,
+// parses its source files via the Python CST parser, and returns
+// a map of exported function names. Used by markUsedVulnFunctions
+// to validate that OSV-named vulnerable functions actually exist
+// in the installed version.
+
+import * as fs from 'node:fs';
+import * as path from 'node:path';
+import { execFileSync } from 'node:child_process';
+import { parsePythonFilesBatch, probePythonAvailable } from '../ir/parser-py-cst.js';
+
+const VENV_DIRS = ['.venv', 'venv', '.env', 'env'];
+
+function _findSitePackages(scanRoot) {
+  for (const vdir of VENV_DIRS) {
+    const base = path.join(scanRoot || '.', vdir);
+    if (!fs.existsSync(base)) continue;
+    const lib = path.join(base, 'lib');
+    if (!fs.existsSync(lib)) continue;
+    const pydirs = fs.readdirSync(lib).filter(d => d.startsWith('python'));
+    for (const pydir of pydirs) {
+      const sp = path.join(lib, pydir, 'site-packages');
+      if (fs.existsSync(sp)) return sp;
+    }
+  }
+  // Fallback: ask python3 directly
+  try {
+    const out = execFileSync('python3', ['-c', 'import site; print(site.getsitepackages()[0])'], {
+      encoding: 'utf8', timeout: 5000,
+    }).trim();
+    if (out && fs.existsSync(out)) return out;
+  } catch { /* no python3 or no site-packages */ }
+  return null;
+}
+
+function _findPackageDir(sitePackages, packageName) {
+  if (!sitePackages) return null;
+  const normalized = packageName.replace(/-/g, '_').toLowerCase();
+  const candidates = [
+    normalized,
+    packageName.toLowerCase(),
+    packageName,
+  ];
+  for (const name of candidates) {
+    const dir = path.join(sitePackages, name);
+    if (fs.existsSync(dir) && fs.statSync(dir).isDirectory()) return dir;
+  }
+  return null;
+}
+
+function _readPyFilesFromDir(dir, maxFiles = 50) {
+  const entries = [];
+  try {
+    const files = fs.readdirSync(dir, { recursive: true })
+      .filter(f => f.endsWith('.py'))
+      .slice(0, maxFiles);
+    for (const f of files) {
+      const fp = path.join(dir, f);
+      try {
+        const content = fs.readFileSync(fp, 'utf8');
+        if (content.length < 1_000_000) {
+          entries.push({ file: f, content });
+        }
+      } catch { /* skip unreadable files */ }
+    }
+  } catch { /* dir not readable */ }
+  return entries;
+}
+
+export function extractPythonPackageFunctions(packageName, scanRoot) {
+  const cap = probePythonAvailable();
+  if (!cap.ok) return null;
+
+  const sitePackages = _findSitePackages(scanRoot);
+  const pkgDir = _findPackageDir(sitePackages, packageName);
+  if (!pkgDir) return null;
+
+  const pyFiles = _readPyFilesFromDir(pkgDir);
+  if (!pyFiles.length) return null;
+
+  const batch = parsePythonFilesBatch(pyFiles);
+  if (!batch || !Array.isArray(batch)) return null;
+
+  const functionMap = new Map();
+  for (const fileIR of batch) {
+    if (!fileIR || !fileIR.functions) continue;
+    for (const fn of fileIR.functions) {
+      if (fn.name && !fn.name.startsWith('_')) {
+        functionMap.set(fn.name, {
+          file: fileIR.file,
+          line: fn.line,
+          qid: fn.qid,
+          params: fn.params,
+        });
+      }
+    }
+  }
+  return functionMap;
+}
+
+export function validateOsvFunctionsExist(packageName, osvFunctions, scanRoot) {
+  if (!osvFunctions || !osvFunctions.length) return { validated: [], missing: [] };
+  const fnMap = extractPythonPackageFunctions(packageName, scanRoot);
+  if (!fnMap) return { validated: osvFunctions, missing: [] };
+  const validated = [];
+  const missing = [];
+  for (const fn of osvFunctions) {
+    const shortFn = fn.includes('.') ? fn.split('.').pop() : fn;
+    if (fnMap.has(shortFn) || fnMap.has(fn)) {
+      validated.push(shortFn);
+    } else {
+      missing.push(fn);
+    }
+  }
+  return { validated, missing };
+}

package/src/sca/vendor-detect.js

@@ -87,5 +87,58 @@ export function detectVendoredLibraries(fileContents) {
       }
     }
   }
+  // Pass 2: Function-body structural matching for minified/forked copies
+  const FUNCTION_BODY_SIGS = [
+    { pkg: 'lodash', ecosystem: 'npm', fn: 'merge', paramMin: 1,
+      bodyContains: ['assignValue', 'baseFor', 'isObject', 'baseMerge'] },
+    { pkg: 'lodash', ecosystem: 'npm', fn: 'template', paramMin: 1,
+      bodyContains: ['sourceURL', 'interpolate', 'evaluate', 'escape'] },
+    { pkg: 'lodash', ecosystem: 'npm', fn: 'defaultsDeep', paramMin: 1,
+      bodyContains: ['baseMerge', 'isMergeableObject', 'customDefaultsMerge'] },
+    { pkg: 'jquery', ecosystem: 'npm', fn: 'ajax', paramMin: 1,
+      bodyContains: ['XMLHttpRequest', 'ajaxSettings', 'crossDomain', 'responseFields'] },
+    { pkg: 'handlebars', ecosystem: 'npm', fn: 'compile', paramMin: 1,
+      bodyContains: ['templateSpec', 'container', 'invokePartial', 'blockParams'] },
+    { pkg: 'marked', ecosystem: 'npm', fn: 'parse', paramMin: 1,
+      bodyContains: ['Lexer', 'Parser', 'blockTokens', 'walkTokens'] },
+    { pkg: 'ejs', ecosystem: 'npm', fn: 'render', paramMin: 1,
+      bodyContains: ['includeFile', 'resolveInclude', 'rethrow', 'escapeFn'] },
+    { pkg: 'moment', ecosystem: 'npm', fn: 'format', paramMin: 0,
+      bodyContains: ['formatMoment', 'expandFormat', 'makeFormatFunction', 'localFormattingTokens'] },
+    { pkg: 'underscore', ecosystem: 'npm', fn: 'template', paramMin: 1,
+      bodyContains: ['interpolate', 'evaluate', 'escape', 'templateSettings'] },
+    { pkg: 'minimist', ecosystem: 'npm', fn: 'parse', paramMin: 1,
+      bodyContains: ['boolean', 'alias', 'default', 'stopEarly', 'unknown'] },
+  ];
+
+  for (const [fp, content] of Object.entries(fileContents)) {
+    if (!content || typeof content !== 'string') continue;
+    if (SKIP_DIRS.test(fp)) continue;
+    if (!/\.(?:js|mjs|cjs)$/i.test(fp)) continue;
+    if (content.length < 200 || content.length > 500_000) continue;
+
+    for (const sig of FUNCTION_BODY_SIGS) {
+      const key = `${sig.pkg}:${fp}`;
+      if (seen.has(key)) continue;
+      const fnRe = new RegExp(`(?:function\\s+${sig.fn}|(?:const|let|var)\\s+${sig.fn}\\s*=|${sig.fn}\\s*[:=]\\s*function)\\s*\\(`, 'g');
+      const m = fnRe.exec(content);
+      if (!m) continue;
+      const bodyWindow = content.slice(m.index, m.index + 2000);
+      const matchCount = sig.bodyContains.filter(kw => bodyWindow.includes(kw)).length;
+      if (matchCount < Math.ceil(sig.bodyContains.length * 0.6)) continue;
+      seen.add(key);
+      detected.push({
+        name: sig.pkg,
+        version: 'unknown',
+        ecosystem: sig.ecosystem,
+        file: fp,
+        scope: 'vendored',
+        isVendored: true,
+        _detectionMethod: 'function-body-signature',
+        _matchedKeywords: matchCount,
+      });
+    }
+  }
+
   return detected;
 }