npm - @dotsetlabs/tollgate - Versions diffs - 0.1.0 - Mend

@dotsetlabs/tollgate 0.1.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (215) hide show

package/LICENSE +21 -0
package/README.md +885 -0
package/dist/analyzers/filesystem.d.ts +26 -0
package/dist/analyzers/filesystem.d.ts.map +1 -0
package/dist/analyzers/filesystem.js +284 -0
package/dist/analyzers/filesystem.js.map +1 -0
package/dist/analyzers/http.d.ts +90 -0
package/dist/analyzers/http.d.ts.map +1 -0
package/dist/analyzers/http.js +433 -0
package/dist/analyzers/http.js.map +1 -0
package/dist/analyzers/index.d.ts +101 -0
package/dist/analyzers/index.d.ts.map +1 -0
package/dist/analyzers/index.js +342 -0
package/dist/analyzers/index.js.map +1 -0
package/dist/analyzers/loader.d.ts +114 -0
package/dist/analyzers/loader.d.ts.map +1 -0
package/dist/analyzers/loader.js +184 -0
package/dist/analyzers/loader.js.map +1 -0
package/dist/analyzers/prompt-injection.d.ts +95 -0
package/dist/analyzers/prompt-injection.d.ts.map +1 -0
package/dist/analyzers/prompt-injection.js +725 -0
package/dist/analyzers/prompt-injection.js.map +1 -0
package/dist/analyzers/sdk.d.ts +230 -0
package/dist/analyzers/sdk.d.ts.map +1 -0
package/dist/analyzers/sdk.js +283 -0
package/dist/analyzers/sdk.js.map +1 -0
package/dist/analyzers/shell.d.ts +20 -0
package/dist/analyzers/shell.d.ts.map +1 -0
package/dist/analyzers/shell.js +297 -0
package/dist/analyzers/shell.js.map +1 -0
package/dist/analyzers/sql.d.ts +37 -0
package/dist/analyzers/sql.d.ts.map +1 -0
package/dist/analyzers/sql.js +455 -0
package/dist/analyzers/sql.js.map +1 -0
package/dist/analyzers/types.d.ts +117 -0
package/dist/analyzers/types.d.ts.map +1 -0
package/dist/analyzers/types.js +46 -0
package/dist/analyzers/types.js.map +1 -0
package/dist/approval/interactive.d.ts +72 -0
package/dist/approval/interactive.d.ts.map +1 -0
package/dist/approval/interactive.js +550 -0
package/dist/approval/interactive.js.map +1 -0
package/dist/approval/terminal.d.ts +59 -0
package/dist/approval/terminal.d.ts.map +1 -0
package/dist/approval/terminal.js +238 -0
package/dist/approval/terminal.js.map +1 -0
package/dist/approval/types.d.ts +66 -0
package/dist/approval/types.d.ts.map +1 -0
package/dist/approval/types.js +2 -0
package/dist/approval/types.js.map +1 -0
package/dist/audit/exporter.d.ts +138 -0
package/dist/audit/exporter.d.ts.map +1 -0
package/dist/audit/exporter.js +366 -0
package/dist/audit/exporter.js.map +1 -0
package/dist/audit/logger.d.ts +156 -0
package/dist/audit/logger.d.ts.map +1 -0
package/dist/audit/logger.js +406 -0
package/dist/audit/logger.js.map +1 -0
package/dist/audit/redaction.d.ts +110 -0
package/dist/audit/redaction.d.ts.map +1 -0
package/dist/audit/redaction.js +307 -0
package/dist/audit/redaction.js.map +1 -0
package/dist/audit/schema.d.ts +76 -0
package/dist/audit/schema.d.ts.map +1 -0
package/dist/audit/schema.js +122 -0
package/dist/audit/schema.js.map +1 -0
package/dist/cli/commands/doctor.d.ts +34 -0
package/dist/cli/commands/doctor.d.ts.map +1 -0
package/dist/cli/commands/doctor.js +431 -0
package/dist/cli/commands/doctor.js.map +1 -0
package/dist/cli/commands/export.d.ts +18 -0
package/dist/cli/commands/export.d.ts.map +1 -0
package/dist/cli/commands/export.js +63 -0
package/dist/cli/commands/export.js.map +1 -0
package/dist/cli/commands/init.d.ts +12 -0
package/dist/cli/commands/init.d.ts.map +1 -0
package/dist/cli/commands/init.js +102 -0
package/dist/cli/commands/init.js.map +1 -0
package/dist/cli/commands/logs.d.ts +11 -0
package/dist/cli/commands/logs.d.ts.map +1 -0
package/dist/cli/commands/logs.js +60 -0
package/dist/cli/commands/logs.js.map +1 -0
package/dist/cli/commands/scan.d.ts +29 -0
package/dist/cli/commands/scan.d.ts.map +1 -0
package/dist/cli/commands/scan.js +251 -0
package/dist/cli/commands/scan.js.map +1 -0
package/dist/cli/commands/serve.d.ts +26 -0
package/dist/cli/commands/serve.d.ts.map +1 -0
package/dist/cli/commands/serve.js +424 -0
package/dist/cli/commands/serve.js.map +1 -0
package/dist/cli/commands/start.d.ts +20 -0
package/dist/cli/commands/start.d.ts.map +1 -0
package/dist/cli/commands/start.js +82 -0
package/dist/cli/commands/start.js.map +1 -0
package/dist/cli/commands/stats.d.ts +10 -0
package/dist/cli/commands/stats.d.ts.map +1 -0
package/dist/cli/commands/stats.js +42 -0
package/dist/cli/commands/stats.js.map +1 -0
package/dist/cli/commands/templates.d.ts +26 -0
package/dist/cli/commands/templates.d.ts.map +1 -0
package/dist/cli/commands/templates.js +221 -0
package/dist/cli/commands/templates.js.map +1 -0
package/dist/cli/commands/validate.d.ts +12 -0
package/dist/cli/commands/validate.d.ts.map +1 -0
package/dist/cli/commands/validate.js +107 -0
package/dist/cli/commands/validate.js.map +1 -0
package/dist/cli/commands/wrap.d.ts +19 -0
package/dist/cli/commands/wrap.d.ts.map +1 -0
package/dist/cli/commands/wrap.js +59 -0
package/dist/cli/commands/wrap.js.map +1 -0
package/dist/cli/index.d.ts +17 -0
package/dist/cli/index.d.ts.map +1 -0
package/dist/cli/index.js +202 -0
package/dist/cli/index.js.map +1 -0
package/dist/cli/ui.d.ts +139 -0
package/dist/cli/ui.d.ts.map +1 -0
package/dist/cli/ui.js +271 -0
package/dist/cli/ui.js.map +1 -0
package/dist/constants.d.ts +33 -0
package/dist/constants.d.ts.map +1 -0
package/dist/constants.js +54 -0
package/dist/constants.js.map +1 -0
package/dist/errors.d.ts +28 -0
package/dist/errors.d.ts.map +1 -0
package/dist/errors.js +37 -0
package/dist/errors.js.map +1 -0
package/dist/index.d.ts +49 -0
package/dist/index.d.ts.map +1 -0
package/dist/index.js +82 -0
package/dist/index.js.map +1 -0
package/dist/orchestrator/index.d.ts +11 -0
package/dist/orchestrator/index.d.ts.map +1 -0
package/dist/orchestrator/index.js +10 -0
package/dist/orchestrator/index.js.map +1 -0
package/dist/orchestrator/manager.d.ts +127 -0
package/dist/orchestrator/manager.d.ts.map +1 -0
package/dist/orchestrator/manager.js +498 -0
package/dist/orchestrator/manager.js.map +1 -0
package/dist/orchestrator/types.d.ts +141 -0
package/dist/orchestrator/types.d.ts.map +1 -0
package/dist/orchestrator/types.js +9 -0
package/dist/orchestrator/types.js.map +1 -0
package/dist/policy/engine.d.ts +55 -0
package/dist/policy/engine.d.ts.map +1 -0
package/dist/policy/engine.js +288 -0
package/dist/policy/engine.js.map +1 -0
package/dist/policy/natural-language.d.ts +141 -0
package/dist/policy/natural-language.d.ts.map +1 -0
package/dist/policy/natural-language.js +552 -0
package/dist/policy/natural-language.js.map +1 -0
package/dist/policy/parser.d.ts +141 -0
package/dist/policy/parser.d.ts.map +1 -0
package/dist/policy/parser.js +314 -0
package/dist/policy/parser.js.map +1 -0
package/dist/policy/types.d.ts +428 -0
package/dist/policy/types.d.ts.map +1 -0
package/dist/policy/types.js +32 -0
package/dist/policy/types.js.map +1 -0
package/dist/policy/validator.d.ts +72 -0
package/dist/policy/validator.d.ts.map +1 -0
package/dist/policy/validator.js +453 -0
package/dist/policy/validator.js.map +1 -0
package/dist/proxy/bridge.d.ts +84 -0
package/dist/proxy/bridge.d.ts.map +1 -0
package/dist/proxy/bridge.js +217 -0
package/dist/proxy/bridge.js.map +1 -0
package/dist/proxy/client.d.ts +130 -0
package/dist/proxy/client.d.ts.map +1 -0
package/dist/proxy/client.js +290 -0
package/dist/proxy/client.js.map +1 -0
package/dist/proxy/server.d.ts +111 -0
package/dist/proxy/server.d.ts.map +1 -0
package/dist/proxy/server.js +444 -0
package/dist/proxy/server.js.map +1 -0
package/dist/scanner.d.ts +91 -0
package/dist/scanner.d.ts.map +1 -0
package/dist/scanner.js +373 -0
package/dist/scanner.js.map +1 -0
package/dist/session/index.d.ts +32 -0
package/dist/session/index.d.ts.map +1 -0
package/dist/session/index.js +31 -0
package/dist/session/index.js.map +1 -0
package/dist/session/manager.d.ts +166 -0
package/dist/session/manager.d.ts.map +1 -0
package/dist/session/manager.js +454 -0
package/dist/session/manager.js.map +1 -0
package/dist/session/sqlite-store.d.ts +54 -0
package/dist/session/sqlite-store.d.ts.map +1 -0
package/dist/session/sqlite-store.js +209 -0
package/dist/session/sqlite-store.js.map +1 -0
package/dist/session/types.d.ts +179 -0
package/dist/session/types.d.ts.map +1 -0
package/dist/session/types.js +38 -0
package/dist/session/types.js.map +1 -0
package/dist/templates.d.ts +64 -0
package/dist/templates.d.ts.map +1 -0
package/dist/templates.js +451 -0
package/dist/templates.js.map +1 -0
package/dist/utils/config.d.ts +57 -0
package/dist/utils/config.d.ts.map +1 -0
package/dist/utils/config.js +104 -0
package/dist/utils/config.js.map +1 -0
package/dist/utils/errors.d.ts +18 -0
package/dist/utils/errors.d.ts.map +1 -0
package/dist/utils/errors.js +35 -0
package/dist/utils/errors.js.map +1 -0
package/dist/utils/logger.d.ts +144 -0
package/dist/utils/logger.d.ts.map +1 -0
package/dist/utils/logger.js +300 -0
package/dist/utils/logger.js.map +1 -0
package/dist/wizard.d.ts +68 -0
package/dist/wizard.d.ts.map +1 -0
package/dist/wizard.js +395 -0
package/dist/wizard.js.map +1 -0
package/package.json +99 -0

package/dist/analyzers/prompt-injection.d.ts ADDED Viewed

@@ -0,0 +1,95 @@
+/**
+ * Prompt Injection Analyzer
+ *
+ * Detects prompt injection attacks in tool arguments by scanning for common
+ * injection patterns that attempt to manipulate AI behavior or bypass security.
+ *
+ * Detection patterns include:
+ * - "Ignore previous instructions" and variants
+ * - System prompt manipulation attempts
+ * - Role confusion attacks ("You are now...")
+ * - Base64-encoded prompts
+ * - Unicode obfuscation (homoglyphs, invisible characters)
+ * - Markdown/HTML injection (javascript: links, etc.)
+ * - Delimiter injection (trying to break out of context)
+ * - Jailbreak patterns
+ *
+ * @module analyzers/prompt-injection
+ */
+import type { AnalysisResult, ContentAnalyzer, AnalyzerContext } from './types.js';
+/**
+ * Prompt Injection Analyzer
+ *
+ * Classifies content by injection risk:
+ * - safe: No injection patterns detected
+ * - read: Minor suspicious patterns (low confidence)
+ * - write: Moderate injection indicators
+ * - destructive: High-confidence injection patterns
+ * - dangerous: Clear prompt injection attempt
+ */
+export declare class PromptInjectionAnalyzer implements ContentAnalyzer {
+    readonly name = "prompt-injection";
+    /**
+     * Analyze content for prompt injection patterns.
+     */
+    analyze(content: string, _context?: AnalyzerContext): AnalysisResult;
+    /**
+     * Normalize content for pattern matching.
+     * Removes extra whitespace, converts to lowercase, etc.
+     */
+    private normalizeContent;
+    /**
+     * Check for instruction override patterns.
+     * These are the most common prompt injection patterns.
+     */
+    private checkInstructionOverride;
+    /**
+     * Check for system prompt manipulation attempts.
+     */
+    private checkSystemPromptManipulation;
+    /**
+     * Check for role confusion attacks.
+     */
+    private checkRoleConfusion;
+    /**
+     * Check for Base64-encoded content that might hide injection.
+     */
+    private checkBase64Encoding;
+    /**
+     * Check for Unicode obfuscation techniques.
+     */
+    private checkUnicodeObfuscation;
+    /**
+     * Check for Markdown/HTML injection.
+     */
+    private checkMarkdownInjection;
+    /**
+     * Check for delimiter injection attempts.
+     */
+    private checkDelimiterInjection;
+    /**
+     * Check for jailbreak patterns.
+     */
+    private checkJailbreakPatterns;
+    /**
+     * Check for data exfiltration attempts via prompt injection.
+     */
+    private checkDataExfiltration;
+    /**
+     * Helper: Check if decoded content contains injection keywords.
+     */
+    private containsInjectionKeywords;
+    /**
+     * Helper: Get ratio of printable characters.
+     */
+    private getPrintableRatio;
+    /**
+     * Helper: Compare risk levels.
+     */
+    private isHigherRisk;
+    /**
+     * Helper: Get reason string based on risk level and triggers.
+     */
+    private getRiskReason;
+}
+//# sourceMappingURL=prompt-injection.d.ts.map

package/dist/analyzers/prompt-injection.d.ts.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"prompt-injection.d.ts","sourceRoot":"","sources":["../../src/analyzers/prompt-injection.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;GAiBG;AAEH,OAAO,KAAK,EAAE,cAAc,EAAE,eAAe,EAAE,eAAe,EAAE,MAAM,YAAY,CAAC;AAEnF;;;;;;;;;GASG;AACH,qBAAa,uBAAwB,YAAW,eAAe;IAC7D,QAAQ,CAAC,IAAI,sBAAsB;IAEnC;;OAEG;IACH,OAAO,CAAC,OAAO,EAAE,MAAM,EAAE,QAAQ,CAAC,EAAE,eAAe,GAAG,cAAc;IA6GpE;;;OAGG;IACH,OAAO,CAAC,gBAAgB;IAYxB;;;OAGG;IACH,OAAO,CAAC,wBAAwB;IA6DhC;;OAEG;IACH,OAAO,CAAC,6BAA6B;IA4DrC;;OAEG;IACH,OAAO,CAAC,kBAAkB;IA2D1B;;OAEG;IACH,OAAO,CAAC,mBAAmB;IAgD3B;;OAEG;IACH,OAAO,CAAC,uBAAuB;IAuF/B;;OAEG;IACH,OAAO,CAAC,sBAAsB;IAuF9B;;OAEG;IACH,OAAO,CAAC,uBAAuB;IA4D/B;;OAEG;IACH,OAAO,CAAC,sBAAsB;IAmE9B;;OAEG;IACH,OAAO,CAAC,qBAAqB;IAoC7B;;OAEG;IACH,OAAO,CAAC,yBAAyB;IAmBjC;;OAEG;IACH,OAAO,CAAC,iBAAiB;IAYzB;;OAEG;IACH,OAAO,CAAC,YAAY;IAKpB;;OAEG;IACH,OAAO,CAAC,aAAa;CAetB"}