@dotsetlabs/tollgate 0.1.0

package/dist/analyzers/http.js

@@ -0,0 +1,433 @@
+/**
+ * HTTP/API Request Analyzer
+ *
+ * Classifies HTTP requests by risk level based on:
+ * - HTTP method (GET = read, POST/PUT = write, DELETE = destructive)
+ * - Target host (internal IPs, localhost, cloud metadata = dangerous)
+ * - Sensitive headers (Authorization, Cookie, API keys)
+ * - Dangerous protocols (file://, ftp://)
+ *
+ * This analyzer is designed to prevent:
+ * - Server-Side Request Forgery (SSRF) attacks
+ * - Unauthorized access to internal services
+ * - Credential leakage
+ *
+ * @example
+ * ```typescript
+ * const analyzer = new HttpAnalyzer();
+ *
+ * // Analyze a URL string
+ * analyzer.analyze('https://api.example.com/users');
+ * // → { risk: 'read', reason: 'GET request to external host' }
+ *
+ * // Analyze a JSON-encoded request
+ * analyzer.analyze(JSON.stringify({
+ *   url: 'https://api.example.com/users',
+ *   method: 'POST',
+ *   headers: { 'Content-Type': 'application/json' }
+ * }));
+ * // → { risk: 'write', reason: 'POST request to external host' }
+ *
+ * // Dangerous request detection
+ * analyzer.analyze('http://169.254.169.254/latest/meta-data/');
+ * // → { risk: 'dangerous', reason: 'SSRF: AWS metadata endpoint' }
+ * ```
+ */
+// ============================================================================
+// HTTP Analyzer Implementation
+// ============================================================================
+/**
+ * HTTP/API Request Analyzer
+ *
+ * Analyzes HTTP requests and URLs to determine risk levels.
+ * Prevents SSRF attacks, credential leakage, and unauthorized access.
+ */
+export class HttpAnalyzer {
+    name = 'http';
+    // -------------------------------------------------------------------------
+    // SSRF Prevention Patterns
+    // -------------------------------------------------------------------------
+    /**
+     * Cloud metadata endpoints - critical SSRF targets
+     */
+    METADATA_ENDPOINTS = [
+        {
+            pattern: /169\.254\.169\.254/,
+            risk: 'dangerous',
+            reason: 'SSRF: AWS/Azure metadata endpoint detected',
+            category: 'cloud_metadata',
+        },
+        {
+            pattern: /metadata\.google\.internal/i,
+            risk: 'dangerous',
+            reason: 'SSRF: GCP metadata endpoint detected',
+            category: 'cloud_metadata',
+        },
+        {
+            pattern: /100\.100\.100\.200/,
+            risk: 'dangerous',
+            reason: 'SSRF: Alibaba Cloud metadata endpoint detected',
+            category: 'cloud_metadata',
+        },
+        {
+            pattern: /169\.254\.170\.2/,
+            risk: 'dangerous',
+            reason: 'SSRF: AWS ECS container credentials endpoint',
+            category: 'cloud_metadata',
+        },
+    ];
+    /**
+     * Internal/private IP ranges - SSRF and network access control
+     */
+    INTERNAL_IP_PATTERNS = [
+        // Localhost variants
+        {
+            pattern: /^https?:\/\/localhost(:[0-9]+)?/i,
+            risk: 'dangerous',
+            reason: 'SSRF: Request to localhost',
+            category: 'internal_network',
+        },
+        {
+            pattern: /^https?:\/\/127\.[0-9]+\.[0-9]+\.[0-9]+/,
+            risk: 'dangerous',
+            reason: 'SSRF: Request to loopback address (127.x.x.x)',
+            category: 'internal_network',
+        },
+        {
+            pattern: /^https?:\/\/\[::1\]/,
+            risk: 'dangerous',
+            reason: 'SSRF: Request to IPv6 loopback',
+            category: 'internal_network',
+        },
+        // Full IPv6 loopback notation
+        {
+            pattern: /^https?:\/\/\[0:0:0:0:0:0:0:1\]/,
+            risk: 'dangerous',
+            reason: 'SSRF: Request to IPv6 loopback (expanded)',
+            category: 'internal_network',
+        },
+        // Mixed notation IPv6 loopback
+        {
+            pattern: /^https?:\/\/\[::ffff:127\.\d{1,3}\.\d{1,3}\.\d{1,3}\]/,
+            risk: 'dangerous',
+            reason: 'SSRF: Request to IPv4-mapped IPv6 loopback',
+            category: 'internal_network',
+        },
+        {
+            pattern: /^https?:\/\/0\.0\.0\.0/,
+            risk: 'dangerous',
+            reason: 'SSRF: Request to 0.0.0.0',
+            category: 'internal_network',
+        },
+        // Private IP ranges (RFC 1918)
+        {
+            pattern: /^https?:\/\/10\.[0-9]+\.[0-9]+\.[0-9]+/,
+            risk: 'dangerous',
+            reason: 'SSRF: Request to private IP range (10.x.x.x)',
+            category: 'internal_network',
+        },
+        {
+            pattern: /^https?:\/\/172\.(1[6-9]|2[0-9]|3[0-1])\.[0-9]+\.[0-9]+/,
+            risk: 'dangerous',
+            reason: 'SSRF: Request to private IP range (172.16-31.x.x)',
+            category: 'internal_network',
+        },
+        {
+            pattern: /^https?:\/\/192\.168\.[0-9]+\.[0-9]+/,
+            risk: 'dangerous',
+            reason: 'SSRF: Request to private IP range (192.168.x.x)',
+            category: 'internal_network',
+        },
+        // Link-local
+        {
+            pattern: /^https?:\/\/169\.254\.[0-9]+\.[0-9]+/,
+            risk: 'dangerous',
+            reason: 'SSRF: Request to link-local address',
+            category: 'internal_network',
+        },
+        // Octal IP notation (e.g., 0177.0.0.1 = 127.0.0.1)
+        {
+            pattern: /^https?:\/\/0[0-7]+\./,
+            risk: 'dangerous',
+            reason: 'SSRF: Octal IP notation detected (possible bypass attempt)',
+            category: 'internal_network',
+        },
+        // Hex IP notation (e.g., 0x7f.0x0.0x0.0x1 = 127.0.0.1)
+        {
+            pattern: /^https?:\/\/0x[0-9a-fA-F]+/,
+            risk: 'dangerous',
+            reason: 'SSRF: Hexadecimal IP notation detected (possible bypass attempt)',
+            category: 'internal_network',
+        },
+        // Decimal encoded IP (e.g., 2130706433 = 127.0.0.1)
+        {
+            pattern: /^https?:\/\/\d{8,10}(\/|:|$)/,
+            risk: 'dangerous',
+            reason: 'SSRF: Decimal encoded IP detected (possible bypass attempt)',
+            category: 'internal_network',
+        },
+    ];
+    // -------------------------------------------------------------------------
+    // Dangerous Protocol Patterns
+    // -------------------------------------------------------------------------
+    DANGEROUS_PROTOCOLS = [
+        {
+            pattern: /^file:\/\//i,
+            risk: 'dangerous',
+            reason: 'Dangerous protocol: file:// - Local file access attempt',
+            category: 'dangerous_protocol',
+        },
+        {
+            pattern: /^ftp:\/\//i,
+            risk: 'destructive',
+            reason: 'Insecure protocol: ftp:// - Unencrypted file transfer',
+            category: 'dangerous_protocol',
+        },
+        {
+            pattern: /^gopher:\/\//i,
+            risk: 'dangerous',
+            reason: 'Dangerous protocol: gopher:// - Often used in SSRF attacks',
+            category: 'dangerous_protocol',
+        },
+        {
+            pattern: /^dict:\/\//i,
+            risk: 'dangerous',
+            reason: 'Dangerous protocol: dict:// - Often used in SSRF attacks',
+            category: 'dangerous_protocol',
+        },
+        {
+            pattern: /^ldap:\/\//i,
+            risk: 'dangerous',
+            reason: 'Dangerous protocol: ldap:// - Directory access',
+            category: 'dangerous_protocol',
+        },
+    ];
+    // -------------------------------------------------------------------------
+    // Sensitive Header Patterns
+    // -------------------------------------------------------------------------
+    /**
+     * Headers that indicate sensitive operations.
+     * These don't block the request but elevate risk level.
+     */
+    SENSITIVE_HEADERS = [
+        'authorization',
+        'x-api-key',
+        'x-auth-token',
+        'cookie',
+        'x-csrf-token',
+        'x-xsrf-token',
+        'proxy-authorization',
+    ];
+    // -------------------------------------------------------------------------
+    // HTTP Method Risk Classification
+    // -------------------------------------------------------------------------
+    /**
+     * Maps HTTP methods to their base risk level.
+     */
+    METHOD_RISK = {
+        // Safe methods - no side effects
+        OPTIONS: 'safe',
+        HEAD: 'safe',
+        TRACE: 'safe',
+        // Read methods
+        GET: 'read',
+        // Write methods
+        POST: 'write',
+        PUT: 'write',
+        PATCH: 'write',
+        // Destructive methods
+        DELETE: 'destructive',
+    };
+    // -------------------------------------------------------------------------
+    // Main Analysis Method
+    // -------------------------------------------------------------------------
+    analyze(input, context) {
+        // Parse the input (could be URL string or JSON object)
+        const request = this.parseInput(input, context);
+        if (!request.url) {
+            return {
+                risk: 'write',
+                reason: 'Could not parse URL from input',
+            };
+        }
+        // Check for dangerous protocols first
+        for (const { pattern, risk, reason, category } of this.DANGEROUS_PROTOCOLS) {
+            if (pattern.test(request.url)) {
+                return {
+                    risk,
+                    reason,
+                    triggers: [category],
+                    metadata: { category, url: this.sanitizeUrl(request.url) },
+                };
+            }
+        }
+        // Check for cloud metadata endpoints (highest priority SSRF targets)
+        for (const { pattern, risk, reason, category } of this.METADATA_ENDPOINTS) {
+            if (pattern.test(request.url)) {
+                return {
+                    risk,
+                    reason,
+                    triggers: [category],
+                    metadata: { category, url: this.sanitizeUrl(request.url) },
+                };
+            }
+        }
+        // Check for internal/private IPs
+        for (const { pattern, risk, reason, category } of this.INTERNAL_IP_PATTERNS) {
+            if (pattern.test(request.url)) {
+                return {
+                    risk,
+                    reason,
+                    triggers: [category],
+                    metadata: { category, url: this.sanitizeUrl(request.url) },
+                };
+            }
+        }
+        // Get base risk from HTTP method
+        const method = request.method.toUpperCase();
+        let baseRisk = this.METHOD_RISK[method] ?? 'write';
+        const triggers = [];
+        // Check for sensitive headers (elevates risk)
+        const sensitiveHeaders = this.detectSensitiveHeaders(request.headers);
+        if (sensitiveHeaders.length > 0) {
+            triggers.push('sensitive_headers');
+            // Elevate risk if we're sending credentials
+            if (baseRisk === 'safe') {
+                baseRisk = 'read';
+            }
+            else if (baseRisk === 'read') {
+                baseRisk = 'write';
+            }
+        }
+        // Build reason string
+        const hostInfo = this.extractHost(request.url);
+        let reason = `${method} request`;
+        if (hostInfo) {
+            reason += ` to ${hostInfo}`;
+        }
+        if (sensitiveHeaders.length > 0) {
+            reason += ` (includes ${sensitiveHeaders.join(', ')})`;
+        }
+        return {
+            risk: baseRisk,
+            reason,
+            triggers: triggers.length > 0 ? triggers : undefined,
+            metadata: {
+                method,
+                host: hostInfo,
+                hasSensitiveHeaders: sensitiveHeaders.length > 0,
+            },
+        };
+    }
+    // -------------------------------------------------------------------------
+    // Helper Methods
+    // -------------------------------------------------------------------------
+    /**
+     * Parses input into a structured request object.
+     * Accepts either a URL string or a JSON-encoded request object.
+     */
+    parseInput(input, context) {
+        const trimmed = input.trim();
+        // Try to parse as JSON first
+        if (trimmed.startsWith('{')) {
+            try {
+                const parsed = JSON.parse(trimmed);
+                return {
+                    url: String(parsed.url ?? parsed.uri ?? ''),
+                    method: String(parsed.method ?? 'GET').toUpperCase(),
+                    headers: this.normalizeHeaders(parsed.headers),
+                    body: parsed.body ? String(parsed.body) : undefined,
+                };
+            }
+            catch {
+                // Not valid JSON, treat as URL
+            }
+        }
+        // Infer method from context if available
+        const method = this.inferMethod(context?.tool);
+        // Treat as URL string
+        return {
+            url: trimmed,
+            method,
+            headers: {},
+        };
+    }
+    /**
+     * Normalizes headers object to lowercase keys.
+     */
+    normalizeHeaders(headers) {
+        if (!headers || typeof headers !== 'object') {
+            return {};
+        }
+        const normalized = {};
+        for (const [key, value] of Object.entries(headers)) {
+            normalized[key.toLowerCase()] = String(value);
+        }
+        return normalized;
+    }
+    /**
+     * Infers HTTP method from tool name.
+     */
+    inferMethod(tool) {
+        if (!tool)
+            return 'GET';
+        const lowerTool = tool.toLowerCase();
+        if (lowerTool.includes('delete') || lowerTool.includes('remove')) {
+            return 'DELETE';
+        }
+        if (lowerTool.includes('post') || lowerTool.includes('create') || lowerTool.includes('send')) {
+            return 'POST';
+        }
+        if (lowerTool.includes('put') || lowerTool.includes('update') || lowerTool.includes('replace')) {
+            return 'PUT';
+        }
+        if (lowerTool.includes('patch') || lowerTool.includes('modify')) {
+            return 'PATCH';
+        }
+        return 'GET';
+    }
+    /**
+     * Detects sensitive headers in the request.
+     */
+    detectSensitiveHeaders(headers) {
+        const found = [];
+        for (const headerName of Object.keys(headers)) {
+            const lowerName = headerName.toLowerCase();
+            if (this.SENSITIVE_HEADERS.includes(lowerName)) {
+                found.push(headerName);
+            }
+        }
+        return found;
+    }
+    /**
+     * Extracts host from URL for display.
+     */
+    extractHost(url) {
+        try {
+            const parsed = new URL(url);
+            return parsed.host;
+        }
+        catch {
+            // Try to extract host with regex for malformed URLs
+            const match = url.match(/^https?:\/\/([^/:]+)/i);
+            return match?.[1] ?? null;
+        }
+    }
+    /**
+     * Sanitizes URL for safe logging (removes credentials).
+     */
+    sanitizeUrl(url) {
+        try {
+            const parsed = new URL(url);
+            // Remove username and password
+            parsed.username = '';
+            parsed.password = '';
+            return parsed.toString();
+        }
+        catch {
+            // Return as-is if parsing fails
+            return url;
+        }
+    }
+}
+//# sourceMappingURL=http.js.map

package/dist/analyzers/http.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"http.js","sourceRoot":"","sources":["../../src/analyzers/http.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GAkCG;AA4BH,+EAA+E;AAC/E,+BAA+B;AAC/B,+EAA+E;AAE/E;;;;;GAKG;AACH,MAAM,OAAO,YAAY;IACZ,IAAI,GAAG,MAAM,CAAC;IAEvB,4EAA4E;IAC5E,2BAA2B;IAC3B,4EAA4E;IAE5E;;OAEG;IACc,kBAAkB,GAAuB;QACtD;YACI,OAAO,EAAE,oBAAoB;YAC7B,IAAI,EAAE,WAAW;YACjB,MAAM,EAAE,4CAA4C;YACpD,QAAQ,EAAE,gBAAgB;SAC7B;QACD;YACI,OAAO,EAAE,6BAA6B;YACtC,IAAI,EAAE,WAAW;YACjB,MAAM,EAAE,sCAAsC;YAC9C,QAAQ,EAAE,gBAAgB;SAC7B;QACD;YACI,OAAO,EAAE,oBAAoB;YAC7B,IAAI,EAAE,WAAW;YACjB,MAAM,EAAE,gDAAgD;YACxD,QAAQ,EAAE,gBAAgB;SAC7B;QACD;YACI,OAAO,EAAE,kBAAkB;YAC3B,IAAI,EAAE,WAAW;YACjB,MAAM,EAAE,8CAA8C;YACtD,QAAQ,EAAE,gBAAgB;SAC7B;KACJ,CAAC;IAEF;;OAEG;IACc,oBAAoB,GAAuB;QACxD,qBAAqB;QACrB;YACI,OAAO,EAAE,kCAAkC;YAC3C,IAAI,EAAE,WAAW;YACjB,MAAM,EAAE,4BAA4B;YACpC,QAAQ,EAAE,kBAAkB;SAC/B;QACD;YACI,OAAO,EAAE,yCAAyC;YAClD,IAAI,EAAE,WAAW;YACjB,MAAM,EAAE,+CAA+C;YACvD,QAAQ,EAAE,kBAAkB;SAC/B;QACD;YACI,OAAO,EAAE,qBAAqB;YAC9B,IAAI,EAAE,WAAW;YACjB,MAAM,EAAE,gCAAgC;YACxC,QAAQ,EAAE,kBAAkB;SAC/B;QACD,8BAA8B;QAC9B;YACI,OAAO,EAAE,iCAAiC;YAC1C,IAAI,EAAE,WAAW;YACjB,MAAM,EAAE,2CAA2C;YACnD,QAAQ,EAAE,kBAAkB;SAC/B;QACD,+BAA+B;QAC/B;YACI,OAAO,EAAE,uDAAuD;YAChE,IAAI,EAAE,WAAW;YACjB,MAAM,EAAE,4CAA4C;YACpD,QAAQ,EAAE,kBAAkB;SAC/B;QACD;YACI,OAAO,EAAE,wBAAwB;YACjC,IAAI,EAAE,WAAW;YACjB,MAAM,EAAE,0BAA0B;YAClC,QAAQ,EAAE,kBAAkB;SAC/B;QACD,+BAA+B;QAC/B;YACI,OAAO,EAAE,wCAAwC;YACjD,IAAI,EAAE,WAAW;YACjB,MAAM,EAAE,8CAA8C;YACtD,QAAQ,EAAE,kBAAkB;SAC/B;QACD;YACI,OAAO,EAAE,yDAAyD;YAClE,IAAI,EAAE,WAAW;YACjB,MAAM,EAAE,mDAAmD;YAC3D,QAAQ,EAAE,kBAAkB;SAC/B;QACD;YACI,OAAO,EAAE,sCAAsC;YAC/C,IAAI,EAAE,WAAW;YACjB,MAAM,EAAE,iDAAiD;YACzD,QAAQ,EAAE,kBAAkB;SAC/B;QACD,aAAa;QACb;YACI,OAAO,EAAE,sCAAsC;YAC/C,IAAI,EAAE,WAAW;YACjB,MAAM,EAAE,qCAAqC;YAC7C,QAAQ,EAAE,kBAAkB;SAC/B;QACD,mDAAmD;QACnD;YACI,OAAO,EAAE,uBAAuB;YAChC,IAAI,EAAE,WAAW;YACjB,MAAM,EAAE,4DAA4D;YACpE,QAAQ,EAAE,kBAAkB;SAC/B;QACD,uDAAuD;QACvD;YACI,OAAO,EAAE,4BAA4B;YACrC,IAAI,EAAE,WAAW;YACjB,MAAM,EAAE,kEAAkE;YAC1E,QAAQ,EAAE,kBAAkB;SAC/B;QACD,oDAAoD;QACpD;YACI,OAAO,EAAE,8BAA8B;YACvC,IAAI,EAAE,WAAW;YACjB,MAAM,EAAE,6DAA6D;YACrE,QAAQ,EAAE,kBAAkB;SAC/B;KACJ,CAAC;IAEF,4EAA4E;IAC5E,8BAA8B;IAC9B,4EAA4E;IAE3D,mBAAmB,GAAuB;QACvD;YACI,OAAO,EAAE,aAAa;YACtB,IAAI,EAAE,WAAW;YACjB,MAAM,EAAE,yDAAyD;YACjE,QAAQ,EAAE,oBAAoB;SACjC;QACD;YACI,OAAO,EAAE,YAAY;YACrB,IAAI,EAAE,aAAa;YACnB,MAAM,EAAE,uDAAuD;YAC/D,QAAQ,EAAE,oBAAoB;SACjC;QACD;YACI,OAAO,EAAE,eAAe;YACxB,IAAI,EAAE,WAAW;YACjB,MAAM,EAAE,4DAA4D;YACpE,QAAQ,EAAE,oBAAoB;SACjC;QACD;YACI,OAAO,EAAE,aAAa;YACtB,IAAI,EAAE,WAAW;YACjB,MAAM,EAAE,0DAA0D;YAClE,QAAQ,EAAE,oBAAoB;SACjC;QACD;YACI,OAAO,EAAE,aAAa;YACtB,IAAI,EAAE,WAAW;YACjB,MAAM,EAAE,gDAAgD;YACxD,QAAQ,EAAE,oBAAoB;SACjC;KACJ,CAAC;IAEF,4EAA4E;IAC5E,4BAA4B;IAC5B,4EAA4E;IAE5E;;;OAGG;IACc,iBAAiB,GAAG;QACjC,eAAe;QACf,WAAW;QACX,cAAc;QACd,QAAQ;QACR,cAAc;QACd,cAAc;QACd,qBAAqB;KACxB,CAAC;IAEF,4EAA4E;IAC5E,kCAAkC;IAClC,4EAA4E;IAE5E;;OAEG;IACc,WAAW,GAA8D;QACtF,iCAAiC;QACjC,OAAO,EAAE,MAAM;QACf,IAAI,EAAE,MAAM;QACZ,KAAK,EAAE,MAAM;QAEb,eAAe;QACf,GAAG,EAAE,MAAM;QAEX,gBAAgB;QAChB,IAAI,EAAE,OAAO;QACb,GAAG,EAAE,OAAO;QACZ,KAAK,EAAE,OAAO;QAEd,sBAAsB;QACtB,MAAM,EAAE,aAAa;KACxB,CAAC;IAEF,4EAA4E;IAC5E,uBAAuB;IACvB,4EAA4E;IAE5E,OAAO,CAAC,KAAa,EAAE,OAAyB;QAC5C,uDAAuD;QACvD,MAAM,OAAO,GAAG,IAAI,CAAC,UAAU,CAAC,KAAK,EAAE,OAAO,CAAC,CAAC;QAEhD,IAAI,CAAC,OAAO,CAAC,GAAG,EAAE,CAAC;YACf,OAAO;gBACH,IAAI,EAAE,OAAO;gBACb,MAAM,EAAE,gCAAgC;aAC3C,CAAC;QACN,CAAC;QAED,sCAAsC;QACtC,KAAK,MAAM,EAAE,OAAO,EAAE,IAAI,EAAE,MAAM,EAAE,QAAQ,EAAE,IAAI,IAAI,CAAC,mBAAmB,EAAE,CAAC;YACzE,IAAI,OAAO,CAAC,IAAI,CAAC,OAAO,CAAC,GAAG,CAAC,EAAE,CAAC;gBAC5B,OAAO;oBACH,IAAI;oBACJ,MAAM;oBACN,QAAQ,EAAE,CAAC,QAAQ,CAAC;oBACpB,QAAQ,EAAE,EAAE,QAAQ,EAAE,GAAG,EAAE,IAAI,CAAC,WAAW,CAAC,OAAO,CAAC,GAAG,CAAC,EAAE;iBAC7D,CAAC;YACN,CAAC;QACL,CAAC;QAED,qEAAqE;QACrE,KAAK,MAAM,EAAE,OAAO,EAAE,IAAI,EAAE,MAAM,EAAE,QAAQ,EAAE,IAAI,IAAI,CAAC,kBAAkB,EAAE,CAAC;YACxE,IAAI,OAAO,CAAC,IAAI,CAAC,OAAO,CAAC,GAAG,CAAC,EAAE,CAAC;gBAC5B,OAAO;oBACH,IAAI;oBACJ,MAAM;oBACN,QAAQ,EAAE,CAAC,QAAQ,CAAC;oBACpB,QAAQ,EAAE,EAAE,QAAQ,EAAE,GAAG,EAAE,IAAI,CAAC,WAAW,CAAC,OAAO,CAAC,GAAG,CAAC,EAAE;iBAC7D,CAAC;YACN,CAAC;QACL,CAAC;QAED,iCAAiC;QACjC,KAAK,MAAM,EAAE,OAAO,EAAE,IAAI,EAAE,MAAM,EAAE,QAAQ,EAAE,IAAI,IAAI,CAAC,oBAAoB,EAAE,CAAC;YAC1E,IAAI,OAAO,CAAC,IAAI,CAAC,OAAO,CAAC,GAAG,CAAC,EAAE,CAAC;gBAC5B,OAAO;oBACH,IAAI;oBACJ,MAAM;oBACN,QAAQ,EAAE,CAAC,QAAQ,CAAC;oBACpB,QAAQ,EAAE,EAAE,QAAQ,EAAE,GAAG,EAAE,IAAI,CAAC,WAAW,CAAC,OAAO,CAAC,GAAG,CAAC,EAAE;iBAC7D,CAAC;YACN,CAAC;QACL,CAAC;QAED,iCAAiC;QACjC,MAAM,MAAM,GAAG,OAAO,CAAC,MAAM,CAAC,WAAW,EAAE,CAAC;QAC5C,IAAI,QAAQ,GAAG,IAAI,CAAC,WAAW,CAAC,MAAM,CAAC,IAAI,OAAO,CAAC;QACnD,MAAM,QAAQ,GAAa,EAAE,CAAC;QAE9B,8CAA8C;QAC9C,MAAM,gBAAgB,GAAG,IAAI,CAAC,sBAAsB,CAAC,OAAO,CAAC,OAAO,CAAC,CAAC;QACtE,IAAI,gBAAgB,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;YAC9B,QAAQ,CAAC,IAAI,CAAC,mBAAmB,CAAC,CAAC;YACnC,4CAA4C;YAC5C,IAAI,QAAQ,KAAK,MAAM,EAAE,CAAC;gBACtB,QAAQ,GAAG,MAAM,CAAC;YACtB,CAAC;iBAAM,IAAI,QAAQ,KAAK,MAAM,EAAE,CAAC;gBAC7B,QAAQ,GAAG,OAAO,CAAC;YACvB,CAAC;QACL,CAAC;QAED,sBAAsB;QACtB,MAAM,QAAQ,GAAG,IAAI,CAAC,WAAW,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC;QAC/C,IAAI,MAAM,GAAG,GAAG,MAAM,UAAU,CAAC;QACjC,IAAI,QAAQ,EAAE,CAAC;YACX,MAAM,IAAI,OAAO,QAAQ,EAAE,CAAC;QAChC,CAAC;QACD,IAAI,gBAAgB,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;YAC9B,MAAM,IAAI,cAAc,gBAAgB,CAAC,IAAI,CAAC,IAAI,CAAC,GAAG,CAAC;QAC3D,CAAC;QAED,OAAO;YACH,IAAI,EAAE,QAAQ;YACd,MAAM;YACN,QAAQ,EAAE,QAAQ,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC,CAAC,QAAQ,CAAC,CAAC,CAAC,SAAS;YACpD,QAAQ,EAAE;gBACN,MAAM;gBACN,IAAI,EAAE,QAAQ;gBACd,mBAAmB,EAAE,gBAAgB,CAAC,MAAM,GAAG,CAAC;aACnD;SACJ,CAAC;IACN,CAAC;IAED,4EAA4E;IAC5E,iBAAiB;IACjB,4EAA4E;IAE5E;;;OAGG;IACK,UAAU,CAAC,KAAa,EAAE,OAAyB;QACvD,MAAM,OAAO,GAAG,KAAK,CAAC,IAAI,EAAE,CAAC;QAE7B,6BAA6B;QAC7B,IAAI,OAAO,CAAC,UAAU,CAAC,GAAG,CAAC,EAAE,CAAC;YAC1B,IAAI,CAAC;gBACD,MAAM,MAAM,GAAG,IAAI,CAAC,KAAK,CAAC,OAAO,CAA4B,CAAC;gBAC9D,OAAO;oBACH,GAAG,EAAE,MAAM,CAAC,MAAM,CAAC,GAAG,IAAI,MAAM,CAAC,GAAG,IAAI,EAAE,CAAC;oBAC3C,MAAM,EAAE,MAAM,CAAC,MAAM,CAAC,MAAM,IAAI,KAAK,CAAC,CAAC,WAAW,EAAE;oBACpD,OAAO,EAAE,IAAI,CAAC,gBAAgB,CAAC,MAAM,CAAC,OAAO,CAAC;oBAC9C,IAAI,EAAE,MAAM,CAAC,IAAI,CAAC,CAAC,CAAC,MAAM,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,SAAS;iBACtD,CAAC;YACN,CAAC;YAAC,MAAM,CAAC;gBACL,+BAA+B;YACnC,CAAC;QACL,CAAC;QAED,yCAAyC;QACzC,MAAM,MAAM,GAAG,IAAI,CAAC,WAAW,CAAC,OAAO,EAAE,IAAI,CAAC,CAAC;QAE/C,sBAAsB;QACtB,OAAO;YACH,GAAG,EAAE,OAAO;YACZ,MAAM;YACN,OAAO,EAAE,EAAE;SACd,CAAC;IACN,CAAC;IAED;;OAEG;IACK,gBAAgB,CAAC,OAAgB;QACrC,IAAI,CAAC,OAAO,IAAI,OAAO,OAAO,KAAK,QAAQ,EAAE,CAAC;YAC1C,OAAO,EAAE,CAAC;QACd,CAAC;QAED,MAAM,UAAU,GAA2B,EAAE,CAAC;QAC9C,KAAK,MAAM,CAAC,GAAG,EAAE,KAAK,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,OAAkC,CAAC,EAAE,CAAC;YAC5E,UAAU,CAAC,GAAG,CAAC,WAAW,EAAE,CAAC,GAAG,MAAM,CAAC,KAAK,CAAC,CAAC;QAClD,CAAC;QACD,OAAO,UAAU,CAAC;IACtB,CAAC;IAED;;OAEG;IACK,WAAW,CAAC,IAAa;QAC7B,IAAI,CAAC,IAAI;YAAE,OAAO,KAAK,CAAC;QAExB,MAAM,SAAS,GAAG,IAAI,CAAC,WAAW,EAAE,CAAC;QAErC,IAAI,SAAS,CAAC,QAAQ,CAAC,QAAQ,CAAC,IAAI,SAAS,CAAC,QAAQ,CAAC,QAAQ,CAAC,EAAE,CAAC;YAC/D,OAAO,QAAQ,CAAC;QACpB,CAAC;QACD,IAAI,SAAS,CAAC,QAAQ,CAAC,MAAM,CAAC,IAAI,SAAS,CAAC,QAAQ,CAAC,QAAQ,CAAC,IAAI,SAAS,CAAC,QAAQ,CAAC,MAAM,CAAC,EAAE,CAAC;YAC3F,OAAO,MAAM,CAAC;QAClB,CAAC;QACD,IAAI,SAAS,CAAC,QAAQ,CAAC,KAAK,CAAC,IAAI,SAAS,CAAC,QAAQ,CAAC,QAAQ,CAAC,IAAI,SAAS,CAAC,QAAQ,CAAC,SAAS,CAAC,EAAE,CAAC;YAC7F,OAAO,KAAK,CAAC;QACjB,CAAC;QACD,IAAI,SAAS,CAAC,QAAQ,CAAC,OAAO,CAAC,IAAI,SAAS,CAAC,QAAQ,CAAC,QAAQ,CAAC,EAAE,CAAC;YAC9D,OAAO,OAAO,CAAC;QACnB,CAAC;QAED,OAAO,KAAK,CAAC;IACjB,CAAC;IAED;;OAEG;IACK,sBAAsB,CAAC,OAA+B;QAC1D,MAAM,KAAK,GAAa,EAAE,CAAC;QAE3B,KAAK,MAAM,UAAU,IAAI,MAAM,CAAC,IAAI,CAAC,OAAO,CAAC,EAAE,CAAC;YAC5C,MAAM,SAAS,GAAG,UAAU,CAAC,WAAW,EAAE,CAAC;YAC3C,IAAI,IAAI,CAAC,iBAAiB,CAAC,QAAQ,CAAC,SAAS,CAAC,EAAE,CAAC;gBAC7C,KAAK,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC;YAC3B,CAAC;QACL,CAAC;QAED,OAAO,KAAK,CAAC;IACjB,CAAC;IAED;;OAEG;IACK,WAAW,CAAC,GAAW;QAC3B,IAAI,CAAC;YACD,MAAM,MAAM,GAAG,IAAI,GAAG,CAAC,GAAG,CAAC,CAAC;YAC5B,OAAO,MAAM,CAAC,IAAI,CAAC;QACvB,CAAC;QAAC,MAAM,CAAC;YACL,oDAAoD;YACpD,MAAM,KAAK,GAAG,GAAG,CAAC,KAAK,CAAC,uBAAuB,CAAC,CAAC;YACjD,OAAO,KAAK,EAAE,CAAC,CAAC,CAAC,IAAI,IAAI,CAAC;QAC9B,CAAC;IACL,CAAC;IAED;;OAEG;IACK,WAAW,CAAC,GAAW;QAC3B,IAAI,CAAC;YACD,MAAM,MAAM,GAAG,IAAI,GAAG,CAAC,GAAG,CAAC,CAAC;YAC5B,+BAA+B;YAC/B,MAAM,CAAC,QAAQ,GAAG,EAAE,CAAC;YACrB,MAAM,CAAC,QAAQ,GAAG,EAAE,CAAC;YACrB,OAAO,MAAM,CAAC,QAAQ,EAAE,CAAC;QAC7B,CAAC;QAAC,MAAM,CAAC;YACL,gCAAgC;YAChC,OAAO,GAAG,CAAC;QACf,CAAC;IACL,CAAC;CACJ"}

package/dist/analyzers/index.d.ts

@@ -0,0 +1,101 @@
+export * from './types.js';
+export { SqlAnalyzer } from './sql.js';
+export { FilesystemAnalyzer } from './filesystem.js';
+export { ShellAnalyzer } from './shell.js';
+export { HttpAnalyzer } from './http.js';
+export { PromptInjectionAnalyzer } from './prompt-injection.js';
+export { defineAnalyzer, defineAsyncAnalyzer, createPatternAnalyzer, isCustomAnalyzer, isAsyncAnalyzer, type AnalyzerDefinition, type CustomAnalyzer, } from './sdk.js';
+export { loadAnalyzer, loadAnalyzers, loadAnalyzersFromConfig, initializeAnalyzers, cleanupAnalyzers, unloadAnalyzer, listCustomAnalyzers, resolveAnalyzerPath, type LoadResult, type LoaderOptions, } from './loader.js';
+import type { ContentAnalyzer, AnalysisResult, AnalyzerContext, RiskMapping, RiskLevel } from './types.js';
+/** Concrete policy actions (excludes 'smart' which is resolved to one of these) */
+export type ConcreteAction = 'allow' | 'deny' | 'prompt';
+/**
+ * Registry of all available analyzers
+ */
+export declare class AnalyzerRegistry {
+    private analyzers;
+    private customAnalyzers;
+    private timeoutMs;
+    constructor(timeoutMs?: number);
+    /**
+     * Register a new analyzer
+     */
+    register(analyzer: ContentAnalyzer): void;
+    /**
+     * Unregister an analyzer by name
+     */
+    unregister(name: string): boolean;
+    /**
+     * Get an analyzer by name
+     */
+    get(name: string): ContentAnalyzer | undefined;
+    /**
+     * Check if an analyzer exists
+     */
+    has(name: string): boolean;
+    /**
+     * List all registered analyzer names
+     */
+    list(): string[];
+    /**
+     * List only custom (non-built-in) analyzer names
+     */
+    listCustom(): string[];
+    /**
+     * Set the timeout for analyzer operations.
+     */
+    setTimeout(timeoutMs: number): void;
+    /**
+     * Get the current timeout for analyzer operations.
+     */
+    getTimeout(): number;
+    /**
+     * Analyze content with a specific analyzer
+     */
+    analyze(analyzerName: string, content: string, context?: AnalyzerContext): AnalysisResult;
+    /**
+     * Analyze content with a specific analyzer with timeout protection.
+     * Returns a 'dangerous' result if the analysis times out.
+     *
+     * @param analyzerName - Name of the analyzer to use
+     * @param content - Content to analyze
+     * @param context - Optional analyzer context
+     * @param timeoutMs - Optional timeout override (defaults to registry timeout)
+     */
+    analyzeWithTimeout(analyzerName: string, content: string, context?: AnalyzerContext, timeoutMs?: number): Promise<AnalysisResult>;
+    /**
+     * Analyze content with a specific analyzer (async version)
+     * Supports both sync and async analyzers
+     */
+    analyzeAsync(analyzerName: string, content: string, context?: AnalyzerContext): Promise<AnalysisResult>;
+    /**
+     * Initialize all custom analyzers
+     */
+    initializeCustomAnalyzers(): Promise<void>;
+    /**
+     * Cleanup all custom analyzers
+     */
+    cleanupCustomAnalyzers(): Promise<void>;
+    /**
+     * Get custom content extraction function for an analyzer
+     */
+    getContentExtractor(analyzerName: string): ((tool: string, args: Record<string, unknown>) => string | null) | undefined;
+}
+/**
+ * Convert a risk level to a concrete policy action using a risk mapping
+ */
+export declare function riskToAction(risk: RiskLevel, mapping?: RiskMapping): ConcreteAction;
+/**
+ * Global analyzer registry instance
+ */
+export declare const analyzerRegistry: AnalyzerRegistry;
+/**
+ * Helper to determine which analyzer to use based on tool/server
+ */
+export declare function inferAnalyzer(server: string, tool: string, _args?: Record<string, unknown>): string | null;
+/**
+ * Extract the content to analyze from tool arguments.
+ * First checks if the analyzer has a custom extractor, then falls back to built-in extraction.
+ */
+export declare function extractAnalyzableContent(analyzerName: string, tool: string, args: Record<string, unknown>): string | null;
+//# sourceMappingURL=index.d.ts.map

package/dist/analyzers/index.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/analyzers/index.ts"],"names":[],"mappings":"AAAA,cAAc,YAAY,CAAC;AAC3B,OAAO,EAAE,WAAW,EAAE,MAAM,UAAU,CAAC;AACvC,OAAO,EAAE,kBAAkB,EAAE,MAAM,iBAAiB,CAAC;AACrD,OAAO,EAAE,aAAa,EAAE,MAAM,YAAY,CAAC;AAC3C,OAAO,EAAE,YAAY,EAAE,MAAM,WAAW,CAAC;AACzC,OAAO,EAAE,uBAAuB,EAAE,MAAM,uBAAuB,CAAC;AAGhE,OAAO,EACL,cAAc,EACd,mBAAmB,EACnB,qBAAqB,EACrB,gBAAgB,EAChB,eAAe,EACf,KAAK,kBAAkB,EACvB,KAAK,cAAc,GACpB,MAAM,UAAU,CAAC;AAGlB,OAAO,EACL,YAAY,EACZ,aAAa,EACb,uBAAuB,EACvB,mBAAmB,EACnB,gBAAgB,EAChB,cAAc,EACd,mBAAmB,EACnB,mBAAmB,EACnB,KAAK,UAAU,EACf,KAAK,aAAa,GACnB,MAAM,aAAa,CAAC;AAErB,OAAO,KAAK,EAAE,eAAe,EAAE,cAAc,EAAE,eAAe,EAAE,WAAW,EAAE,SAAS,EAAE,MAAM,YAAY,CAAC;AAS3G,mFAAmF;AACnF,MAAM,MAAM,cAAc,GAAG,OAAO,GAAG,MAAM,GAAG,QAAQ,CAAC;AAKzD;;GAEG;AACH,qBAAa,gBAAgB;IAC3B,OAAO,CAAC,SAAS,CAA2C;IAC5D,OAAO,CAAC,eAAe,CAA0C;IACjE,OAAO,CAAC,SAAS,CAAS;gBAEd,SAAS,GAAE,MAAoC;IAU3D;;OAEG;IACH,QAAQ,CAAC,QAAQ,EAAE,eAAe,GAAG,IAAI;IASzC;;OAEG;IACH,UAAU,CAAC,IAAI,EAAE,MAAM,GAAG,OAAO;IAWjC;;OAEG;IACH,GAAG,CAAC,IAAI,EAAE,MAAM,GAAG,eAAe,GAAG,SAAS;IAI9C;;OAEG;IACH,GAAG,CAAC,IAAI,EAAE,MAAM,GAAG,OAAO;IAI1B;;OAEG;IACH,IAAI,IAAI,MAAM,EAAE;IAIhB;;OAEG;IACH,UAAU,IAAI,MAAM,EAAE;IAItB;;OAEG;IACH,UAAU,CAAC,SAAS,EAAE,MAAM,GAAG,IAAI;IAInC;;OAEG;IACH,UAAU,IAAI,MAAM;IAIpB;;OAEG;IACH,OAAO,CACL,YAAY,EAAE,MAAM,EACpB,OAAO,EAAE,MAAM,EACf,OAAO,CAAC,EAAE,eAAe,GACxB,cAAc;IAajB;;;;;;;;OAQG;IACG,kBAAkB,CACtB,YAAY,EAAE,MAAM,EACpB,OAAO,EAAE,MAAM,EACf,OAAO,CAAC,EAAE,eAAe,EACzB,SAAS,CAAC,EAAE,MAAM,GACjB,OAAO,CAAC,cAAc,CAAC;IA6B1B;;;OAGG;IACG,YAAY,CAChB,YAAY,EAAE,MAAM,EACpB,OAAO,EAAE,MAAM,EACf,OAAO,CAAC,EAAE,eAAe,GACxB,OAAO,CAAC,cAAc,CAAC;IAoB1B;;OAEG;IACG,yBAAyB,IAAI,OAAO,CAAC,IAAI,CAAC;IAMhD;;OAEG;IACG,sBAAsB,IAAI,OAAO,CAAC,IAAI,CAAC;IAM7C;;OAEG;IACH,mBAAmB,CAAC,YAAY,EAAE,MAAM,GAAG,CAAC,CAAC,IAAI,EAAE,MAAM,EAAE,IAAI,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,KAAK,MAAM,GAAG,IAAI,CAAC,GAAG,SAAS;CAIxH;AAED;;GAEG;AACH,wBAAgB,YAAY,CAC1B,IAAI,EAAE,SAAS,EACf,OAAO,GAAE,WAAkC,GAC1C,cAAc,CAGhB;AAED;;GAEG;AACH,eAAO,MAAM,gBAAgB,kBAAyB,CAAC;AAEvD;;GAEG;AACH,wBAAgB,aAAa,CAC3B,MAAM,EAAE,MAAM,EACd,IAAI,EAAE,MAAM,EACZ,KAAK,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,GAC9B,MAAM,GAAG,IAAI,CAiEf;AAED;;;GAGG;AACH,wBAAgB,wBAAwB,CACtC,YAAY,EAAE,MAAM,EACpB,IAAI,EAAE,MAAM,EACZ,IAAI,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,GAC5B,MAAM,GAAG,IAAI,CA+Ff"}