@elliotllliu/agent-shield 0.3.1

package/dist/reporter/terminal.js

@@ -0,0 +1,64 @@
+import chalk from "chalk";
+import { riskLabel } from "../score.js";
+const SEVERITY_ICON = {
+    critical: chalk.red("🔴 CRITICAL"),
+    warning: chalk.yellow("🟡 WARNING"),
+    info: chalk.blue("🟢 INFO"),
+};
+const SEVERITY_LINE = {
+    critical: chalk.red,
+    warning: chalk.yellow,
+    info: chalk.dim,
+};
+export function printReport(result) {
+    const { target, filesScanned, linesScanned, findings, score, duration } = result;
+    console.log();
+    console.log(chalk.bold("🛡️  AgentShield Security Report"));
+    console.log(chalk.dim(`📁 Scanned: ${target} (${filesScanned} files, ${formatLines(linesScanned)})`));
+    console.log();
+    // Group by severity
+    const bySeverity = groupBy(findings, (f) => f.severity);
+    for (const severity of ["critical", "warning", "info"]) {
+        const group = bySeverity[severity];
+        if (!group || group.length === 0)
+            continue;
+        console.log(`${SEVERITY_ICON[severity]} (${group.length})`);
+        for (let i = 0; i < group.length; i++) {
+            const f = group[i];
+            const prefix = i < group.length - 1 ? "  ├─" : "  └─";
+            const loc = f.line ? `${f.file}:${f.line}` : f.file;
+            const colorize = SEVERITY_LINE[f.severity] || chalk.white;
+            console.log(colorize(`${prefix} ${loc} — [${f.rule}] ${f.message}`));
+            if (f.possibleFalsePositive) {
+                const fpPrefix = i < group.length - 1 ? "  │  " : "     ";
+                console.log(chalk.dim(`${fpPrefix}⚠️  Likely false positive: ${f.falsePositiveReason}`));
+            }
+            if (f.evidence) {
+                const ePrefix = i < group.length - 1 ? "  │  " : "     ";
+                console.log(chalk.dim(`${ePrefix}${f.evidence}`));
+            }
+        }
+        console.log();
+    }
+    // Score
+    const scoreColor = score >= 90 ? chalk.green : score >= 70 ? chalk.yellow : score >= 40 ? chalk.hex("#FF8800") : chalk.red;
+    console.log(scoreColor(`✅ Score: ${score}/100 (${riskLabel(score)})`));
+    console.log(chalk.dim(`⏱  ${duration}ms`));
+    console.log();
+}
+function formatLines(n) {
+    if (n >= 1000)
+        return `${(n / 1000).toFixed(1)}K lines`;
+    return `${n} lines`;
+}
+function groupBy(arr, fn) {
+    const result = {};
+    for (const item of arr) {
+        const key = fn(item);
+        if (!result[key])
+            result[key] = [];
+        result[key].push(item);
+    }
+    return result;
+}
+//# sourceMappingURL=terminal.js.map

package/dist/reporter/terminal.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"terminal.js","sourceRoot":"","sources":["../../src/reporter/terminal.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,MAAM,OAAO,CAAC;AAE1B,OAAO,EAAE,SAAS,EAAE,MAAM,aAAa,CAAC;AAExC,MAAM,aAAa,GAA2B;IAC5C,QAAQ,EAAE,KAAK,CAAC,GAAG,CAAC,aAAa,CAAC;IAClC,OAAO,EAAE,KAAK,CAAC,MAAM,CAAC,YAAY,CAAC;IACnC,IAAI,EAAE,KAAK,CAAC,IAAI,CAAC,SAAS,CAAC;CAC5B,CAAC;AAEF,MAAM,aAAa,GAA0C;IAC3D,QAAQ,EAAE,KAAK,CAAC,GAAG;IACnB,OAAO,EAAE,KAAK,CAAC,MAAM;IACrB,IAAI,EAAE,KAAK,CAAC,GAAG;CAChB,CAAC;AAEF,MAAM,UAAU,WAAW,CAAC,MAAkB;IAC5C,MAAM,EAAE,MAAM,EAAE,YAAY,EAAE,YAAY,EAAE,QAAQ,EAAE,KAAK,EAAE,QAAQ,EAAE,GAAG,MAAM,CAAC;IAEjF,OAAO,CAAC,GAAG,EAAE,CAAC;IACd,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,IAAI,CAAC,kCAAkC,CAAC,CAAC,CAAC;IAC5D,OAAO,CAAC,GAAG,CACT,KAAK,CAAC,GAAG,CAAC,eAAe,MAAM,KAAK,YAAY,WAAW,WAAW,CAAC,YAAY,CAAC,GAAG,CAAC,CACzF,CAAC;IACF,OAAO,CAAC,GAAG,EAAE,CAAC;IAEd,oBAAoB;IACpB,MAAM,UAAU,GAAG,OAAO,CAAC,QAAQ,EAAE,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,QAAQ,CAAC,CAAC;IAExD,KAAK,MAAM,QAAQ,IAAI,CAAC,UAAU,EAAE,SAAS,EAAE,MAAM,CAAU,EAAE,CAAC;QAChE,MAAM,KAAK,GAAG,UAAU,CAAC,QAAQ,CAAC,CAAC;QACnC,IAAI,CAAC,KAAK,IAAI,KAAK,CAAC,MAAM,KAAK,CAAC;YAAE,SAAS;QAE3C,OAAO,CAAC,GAAG,CAAC,GAAG,aAAa,CAAC,QAAQ,CAAC,KAAK,KAAK,CAAC,MAAM,GAAG,CAAC,CAAC;QAC5D,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,KAAK,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;YACtC,MAAM,CAAC,GAAG,KAAK,CAAC,CAAC,CAAE,CAAC;YACpB,MAAM,MAAM,GAAG,CAAC,GAAG,KAAK,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,MAAM,CAAC;YACtD,MAAM,GAAG,GAAG,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,IAAI,IAAI,CAAC,CAAC,IAAI,EAAE,CAAC,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC;YACpD,MAAM,QAAQ,GAAG,aAAa,CAAC,CAAC,CAAC,QAAQ,CAAC,IAAI,KAAK,CAAC,KAAK,CAAC;YAC1D,OAAO,CAAC,GAAG,CAAC,QAAQ,CAAC,GAAG,MAAM,IAAI,GAAG,OAAO,CAAC,CAAC,IAAI,KAAK,CAAC,CAAC,OAAO,EAAE,CAAC,CAAC,CAAC;YACrE,IAAI,CAAC,CAAC,qBAAqB,EAAE,CAAC;gBAC5B,MAAM,QAAQ,GAAG,CAAC,GAAG,KAAK,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,OAAO,CAAC;gBAC1D,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,GAAG,CAAC,GAAG,QAAQ,8BAA8B,CAAC,CAAC,mBAAmB,EAAE,CAAC,CAAC,CAAC;YAC3F,CAAC;YACD,IAAI,CAAC,CAAC,QAAQ,EAAE,CAAC;gBACf,MAAM,OAAO,GAAG,CAAC,GAAG,KAAK,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,OAAO,CAAC;gBACzD,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,GAAG,CAAC,GAAG,OAAO,GAAG,CAAC,CAAC,QAAQ,EAAE,CAAC,CAAC,CAAC;YACpD,CAAC;QACH,CAAC;QACD,OAAO,CAAC,GAAG,EAAE,CAAC;IAChB,CAAC;IAED,QAAQ;IACR,MAAM,UAAU,GAAG,KAAK,IAAI,EAAE,CAAC,CAAC,CAAC,KAAK,CAAC,KAAK,CAAC,CAAC,CAAC,KAAK,IAAI,EAAE,CAAC,CAAC,CAAC,KAAK,CAAC,MAAM,CAAC,CAAC,CAAC,KAAK,IAAI,EAAE,CAAC,CAAC,CAAC,KAAK,CAAC,GAAG,CAAC,SAAS,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC,GAAG,CAAC;IAC3H,OAAO,CAAC,GAAG,CAAC,UAAU,CAAC,YAAY,KAAK,SAAS,SAAS,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC;IACvE,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,GAAG,CAAC,MAAM,QAAQ,IAAI,CAAC,CAAC,CAAC;IAC3C,OAAO,CAAC,GAAG,EAAE,CAAC;AAChB,CAAC;AAED,SAAS,WAAW,CAAC,CAAS;IAC5B,IAAI,CAAC,IAAI,IAAI;QAAE,OAAO,GAAG,CAAC,CAAC,GAAG,IAAI,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,SAAS,CAAC;IACxD,OAAO,GAAG,CAAC,QAAQ,CAAC;AACtB,CAAC;AAED,SAAS,OAAO,CAAI,GAAQ,EAAE,EAAuB;IACnD,MAAM,MAAM,GAAwB,EAAE,CAAC;IACvC,KAAK,MAAM,IAAI,IAAI,GAAG,EAAE,CAAC;QACvB,MAAM,GAAG,GAAG,EAAE,CAAC,IAAI,CAAC,CAAC;QACrB,IAAI,CAAC,MAAM,CAAC,GAAG,CAAC;YAAE,MAAM,CAAC,GAAG,CAAC,GAAG,EAAE,CAAC;QACnC,MAAM,CAAC,GAAG,CAAE,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;IAC1B,CAAC;IACD,OAAO,MAAM,CAAC;AAChB,CAAC"}

package/dist/rules/backdoor.d.ts

@@ -0,0 +1,2 @@
+import type { Rule } from "../types.js";
+export declare const backdoorRule: Rule;

package/dist/rules/backdoor.js

@@ -0,0 +1,57 @@
+/**
+ * Rule: backdoor
+ * Detects eval(), new Function(), child_process.exec() with dynamic strings
+ */
+const BACKDOOR_PATTERNS = [
+    // JavaScript/TypeScript
+    { pattern: /\beval\s*\(/, desc: "eval() with dynamic input", severity: "critical" },
+    { pattern: /new\s+Function\s*\(/, desc: "new Function() constructor", severity: "critical" },
+    { pattern: /child_process\s*\.\s*exec\s*\(/, desc: "child_process.exec() — use execFile instead", severity: "critical" },
+    { pattern: /child_process\s*\.\s*spawn\s*\(.*\bshell\s*:\s*true/, desc: "spawn() with shell: true", severity: "critical" },
+    { pattern: /execSync\s*\(\s*`/, desc: "execSync() with template literal", severity: "critical" },
+    { pattern: /execSync\s*\(\s*[^"']/, desc: "execSync() with dynamic string", severity: "warning" },
+    { pattern: /require\s*\(\s*[^"'`]/, desc: "dynamic require()", severity: "warning" },
+    { pattern: /import\s*\(\s*[^"'`]/, desc: "dynamic import()", severity: "warning" },
+    // Python
+    { pattern: /\bexec\s*\(\s*[^"']/, desc: "Python exec() with dynamic input", severity: "critical" },
+    { pattern: /\bos\.system\s*\(/, desc: "os.system() — use subprocess.run instead", severity: "critical" },
+    { pattern: /subprocess\.call\s*\(\s*[^[\]].*shell\s*=\s*True/, desc: "subprocess with shell=True", severity: "critical" },
+    { pattern: /\b__import__\s*\(/, desc: "dynamic __import__()", severity: "warning" },
+    // Shell
+    { pattern: /\$\(curl\s/, desc: "command substitution with curl", severity: "critical" },
+    { pattern: /\beval\s+\$/, desc: "shell eval with variable", severity: "critical" },
+    { pattern: /bash\s+-c\s+\$/, desc: "bash -c with variable", severity: "critical" },
+];
+export const backdoorRule = {
+    id: "backdoor",
+    name: "Dynamic Code Execution",
+    description: "Detects eval(), exec(), and other dynamic code execution patterns",
+    run(files) {
+        const findings = [];
+        for (const file of files) {
+            if (file.ext === ".json" || file.ext === ".yaml" || file.ext === ".yml" || file.ext === ".toml" || file.ext === ".md")
+                continue;
+            for (let i = 0; i < file.lines.length; i++) {
+                const line = file.lines[i];
+                const trimmed = line.trimStart();
+                if (trimmed.startsWith("//") || trimmed.startsWith("#") || trimmed.startsWith("*"))
+                    continue;
+                for (const { pattern, desc, severity } of BACKDOOR_PATTERNS) {
+                    if (pattern.test(line)) {
+                        findings.push({
+                            rule: "backdoor",
+                            severity,
+                            file: file.relativePath,
+                            line: i + 1,
+                            message: desc,
+                            evidence: line.trim().slice(0, 120),
+                        });
+                        break; // one finding per line
+                    }
+                }
+            }
+        }
+        return findings;
+    },
+};
+//# sourceMappingURL=backdoor.js.map

package/dist/rules/backdoor.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"backdoor.js","sourceRoot":"","sources":["../../src/rules/backdoor.ts"],"names":[],"mappings":"AAEA;;;GAGG;AAEH,MAAM,iBAAiB,GAIlB;IACH,wBAAwB;IACxB,EAAE,OAAO,EAAE,aAAa,EAAE,IAAI,EAAE,2BAA2B,EAAE,QAAQ,EAAE,UAAU,EAAE;IACnF,EAAE,OAAO,EAAE,qBAAqB,EAAE,IAAI,EAAE,4BAA4B,EAAE,QAAQ,EAAE,UAAU,EAAE;IAC5F,EAAE,OAAO,EAAE,gCAAgC,EAAE,IAAI,EAAE,6CAA6C,EAAE,QAAQ,EAAE,UAAU,EAAE;IACxH,EAAE,OAAO,EAAE,qDAAqD,EAAE,IAAI,EAAE,0BAA0B,EAAE,QAAQ,EAAE,UAAU,EAAE;IAC1H,EAAE,OAAO,EAAE,mBAAmB,EAAE,IAAI,EAAE,kCAAkC,EAAE,QAAQ,EAAE,UAAU,EAAE;IAChG,EAAE,OAAO,EAAE,uBAAuB,EAAE,IAAI,EAAE,gCAAgC,EAAE,QAAQ,EAAE,SAAS,EAAE;IACjG,EAAE,OAAO,EAAE,uBAAuB,EAAE,IAAI,EAAE,mBAAmB,EAAE,QAAQ,EAAE,SAAS,EAAE;IACpF,EAAE,OAAO,EAAE,sBAAsB,EAAE,IAAI,EAAE,kBAAkB,EAAE,QAAQ,EAAE,SAAS,EAAE;IAElF,SAAS;IACT,EAAE,OAAO,EAAE,qBAAqB,EAAE,IAAI,EAAE,kCAAkC,EAAE,QAAQ,EAAE,UAAU,EAAE;IAClG,EAAE,OAAO,EAAE,mBAAmB,EAAE,IAAI,EAAE,0CAA0C,EAAE,QAAQ,EAAE,UAAU,EAAE;IACxG,EAAE,OAAO,EAAE,kDAAkD,EAAE,IAAI,EAAE,4BAA4B,EAAE,QAAQ,EAAE,UAAU,EAAE;IACzH,EAAE,OAAO,EAAE,mBAAmB,EAAE,IAAI,EAAE,sBAAsB,EAAE,QAAQ,EAAE,SAAS,EAAE;IAEnF,QAAQ;IACR,EAAE,OAAO,EAAE,YAAY,EAAE,IAAI,EAAE,gCAAgC,EAAE,QAAQ,EAAE,UAAU,EAAE;IACvF,EAAE,OAAO,EAAE,aAAa,EAAE,IAAI,EAAE,0BAA0B,EAAE,QAAQ,EAAE,UAAU,EAAE;IAClF,EAAE,OAAO,EAAE,gBAAgB,EAAE,IAAI,EAAE,uBAAuB,EAAE,QAAQ,EAAE,UAAU,EAAE;CACnF,CAAC;AAEF,MAAM,CAAC,MAAM,YAAY,GAAS;IAChC,EAAE,EAAE,UAAU;IACd,IAAI,EAAE,wBAAwB;IAC9B,WAAW,EAAE,mEAAmE;IAEhF,GAAG,CAAC,KAAoB;QACtB,MAAM,QAAQ,GAAc,EAAE,CAAC;QAE/B,KAAK,MAAM,IAAI,IAAI,KAAK,EAAE,CAAC;YACzB,IAAI,IAAI,CAAC,GAAG,KAAK,OAAO,IAAI,IAAI,CAAC,GAAG,KAAK,OAAO,IAAI,IAAI,CAAC,GAAG,KAAK,MAAM,IAAI,IAAI,CAAC,GAAG,KAAK,OAAO,IAAI,IAAI,CAAC,GAAG,KAAK,KAAK;gBAAE,SAAS;YAEhI,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,IAAI,CAAC,KAAK,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;gBAC3C,MAAM,IAAI,GAAG,IAAI,CAAC,KAAK,CAAC,CAAC,CAAE,CAAC;gBAC5B,MAAM,OAAO,GAAG,IAAI,CAAC,SAAS,EAAE,CAAC;gBACjC,IAAI,OAAO,CAAC,UAAU,CAAC,IAAI,CAAC,IAAI,OAAO,CAAC,UAAU,CAAC,GAAG,CAAC,IAAI,OAAO,CAAC,UAAU,CAAC,GAAG,CAAC;oBAAE,SAAS;gBAE7F,KAAK,MAAM,EAAE,OAAO,EAAE,IAAI,EAAE,QAAQ,EAAE,IAAI,iBAAiB,EAAE,CAAC;oBAC5D,IAAI,OAAO,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC;wBACvB,QAAQ,CAAC,IAAI,CAAC;4BACZ,IAAI,EAAE,UAAU;4BAChB,QAAQ;4BACR,IAAI,EAAE,IAAI,CAAC,YAAY;4BACvB,IAAI,EAAE,CAAC,GAAG,CAAC;4BACX,OAAO,EAAE,IAAI;4BACb,QAAQ,EAAE,IAAI,CAAC,IAAI,EAAE,CAAC,KAAK,CAAC,CAAC,EAAE,GAAG,CAAC;yBACpC,CAAC,CAAC;wBACH,MAAM,CAAC,uBAAuB;oBAChC,CAAC;gBACH,CAAC;YACH,CAAC;QACH,CAAC;QAED,OAAO,QAAQ,CAAC;IAClB,CAAC;CACF,CAAC"}

package/dist/rules/credential-hardcode.d.ts

@@ -0,0 +1,2 @@
+import type { Rule } from "../types.js";
+export declare const credentialHardcodeRule: Rule;

package/dist/rules/credential-hardcode.js

@@ -0,0 +1,57 @@
+/**
+ * Rule: credential-hardcode
+ * Detects hardcoded API keys, tokens, and passwords in source code.
+ */
+const CREDENTIAL_PATTERNS = [
+    // Generic API keys / tokens
+    { pattern: /["'](?:sk|pk|api[_-]?key|token|secret)[_-]?[a-zA-Z]*["']\s*[:=]\s*["'][a-zA-Z0-9_\-/.]{20,}["']/, desc: "Hardcoded API key/token" },
+    // AWS
+    { pattern: /AKIA[0-9A-Z]{16}/, desc: "Hardcoded AWS Access Key ID" },
+    // GitHub
+    { pattern: /ghp_[a-zA-Z0-9]{36}/, desc: "Hardcoded GitHub personal access token" },
+    { pattern: /github_pat_[a-zA-Z0-9]{22}_[a-zA-Z0-9]{59}/, desc: "Hardcoded GitHub fine-grained token" },
+    // Slack
+    { pattern: /xoxb-[0-9]{10,}-[0-9]{10,}-[a-zA-Z0-9]{24}/, desc: "Hardcoded Slack bot token" },
+    { pattern: /xoxp-[0-9]{10,}-[0-9]{10,}-[0-9]{10,}-[a-f0-9]{32}/, desc: "Hardcoded Slack user token" },
+    // OpenAI
+    { pattern: /sk-[a-zA-Z0-9]{20,}T3BlbkFJ[a-zA-Z0-9]{20,}/, desc: "Hardcoded OpenAI API key" },
+    // Stripe
+    { pattern: /sk_live_[a-zA-Z0-9]{24,}/, desc: "Hardcoded Stripe live key" },
+    // Generic password assignment
+    { pattern: /(?:password|passwd|pwd)\s*[:=]\s*["'][^"']{8,}["']/i, desc: "Hardcoded password" },
+    // Private key block
+    { pattern: /-----BEGIN (?:RSA |EC |DSA )?PRIVATE KEY-----/, desc: "Embedded private key" },
+];
+export const credentialHardcodeRule = {
+    id: "credential-hardcode",
+    name: "Hardcoded Credentials",
+    description: "Detects API keys, tokens, passwords, and private keys in source code",
+    run(files) {
+        const findings = [];
+        for (const file of files) {
+            if (file.ext === ".md")
+                continue;
+            for (let i = 0; i < file.lines.length; i++) {
+                const line = file.lines[i];
+                const trimmed = line.trimStart();
+                if (trimmed.startsWith("//") || trimmed.startsWith("#") || trimmed.startsWith("*"))
+                    continue;
+                for (const { pattern, desc } of CREDENTIAL_PATTERNS) {
+                    if (pattern.test(line)) {
+                        findings.push({
+                            rule: "credential-hardcode",
+                            severity: "critical",
+                            file: file.relativePath,
+                            line: i + 1,
+                            message: desc,
+                            evidence: line.trim().replace(/["'][a-zA-Z0-9_\-/.]{10,}["']/g, '"***"').slice(0, 120),
+                        });
+                        break;
+                    }
+                }
+            }
+        }
+        return findings;
+    },
+};
+//# sourceMappingURL=credential-hardcode.js.map

package/dist/rules/credential-hardcode.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"credential-hardcode.js","sourceRoot":"","sources":["../../src/rules/credential-hardcode.ts"],"names":[],"mappings":"AAEA;;;GAGG;AAEH,MAAM,mBAAmB,GAA6C;IACpE,4BAA4B;IAC5B,EAAE,OAAO,EAAE,iGAAiG,EAAE,IAAI,EAAE,yBAAyB,EAAE;IAC/I,MAAM;IACN,EAAE,OAAO,EAAE,kBAAkB,EAAE,IAAI,EAAE,6BAA6B,EAAE;IACpE,SAAS;IACT,EAAE,OAAO,EAAE,qBAAqB,EAAE,IAAI,EAAE,wCAAwC,EAAE;IAClF,EAAE,OAAO,EAAE,4CAA4C,EAAE,IAAI,EAAE,qCAAqC,EAAE;IACtG,QAAQ;IACR,EAAE,OAAO,EAAE,4CAA4C,EAAE,IAAI,EAAE,2BAA2B,EAAE;IAC5F,EAAE,OAAO,EAAE,oDAAoD,EAAE,IAAI,EAAE,4BAA4B,EAAE;IACrG,SAAS;IACT,EAAE,OAAO,EAAE,6CAA6C,EAAE,IAAI,EAAE,0BAA0B,EAAE;IAC5F,SAAS;IACT,EAAE,OAAO,EAAE,0BAA0B,EAAE,IAAI,EAAE,2BAA2B,EAAE;IAC1E,8BAA8B;IAC9B,EAAE,OAAO,EAAE,qDAAqD,EAAE,IAAI,EAAE,oBAAoB,EAAE;IAC9F,oBAAoB;IACpB,EAAE,OAAO,EAAE,+CAA+C,EAAE,IAAI,EAAE,sBAAsB,EAAE;CAC3F,CAAC;AAEF,MAAM,CAAC,MAAM,sBAAsB,GAAS;IAC1C,EAAE,EAAE,qBAAqB;IACzB,IAAI,EAAE,uBAAuB;IAC7B,WAAW,EAAE,sEAAsE;IAEnF,GAAG,CAAC,KAAoB;QACtB,MAAM,QAAQ,GAAc,EAAE,CAAC;QAE/B,KAAK,MAAM,IAAI,IAAI,KAAK,EAAE,CAAC;YACzB,IAAI,IAAI,CAAC,GAAG,KAAK,KAAK;gBAAE,SAAS;YAEjC,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,IAAI,CAAC,KAAK,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;gBAC3C,MAAM,IAAI,GAAG,IAAI,CAAC,KAAK,CAAC,CAAC,CAAE,CAAC;gBAC5B,MAAM,OAAO,GAAG,IAAI,CAAC,SAAS,EAAE,CAAC;gBACjC,IAAI,OAAO,CAAC,UAAU,CAAC,IAAI,CAAC,IAAI,OAAO,CAAC,UAAU,CAAC,GAAG,CAAC,IAAI,OAAO,CAAC,UAAU,CAAC,GAAG,CAAC;oBAAE,SAAS;gBAE7F,KAAK,MAAM,EAAE,OAAO,EAAE,IAAI,EAAE,IAAI,mBAAmB,EAAE,CAAC;oBACpD,IAAI,OAAO,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC;wBACvB,QAAQ,CAAC,IAAI,CAAC;4BACZ,IAAI,EAAE,qBAAqB;4BAC3B,QAAQ,EAAE,UAAU;4BACpB,IAAI,EAAE,IAAI,CAAC,YAAY;4BACvB,IAAI,EAAE,CAAC,GAAG,CAAC;4BACX,OAAO,EAAE,IAAI;4BACb,QAAQ,EAAE,IAAI,CAAC,IAAI,EAAE,CAAC,OAAO,CAAC,gCAAgC,EAAE,OAAO,CAAC,CAAC,KAAK,CAAC,CAAC,EAAE,GAAG,CAAC;yBACvF,CAAC,CAAC;wBACH,MAAM;oBACR,CAAC;gBACH,CAAC;YACH,CAAC;QACH,CAAC;QAED,OAAO,QAAQ,CAAC;IAClB,CAAC;CACF,CAAC"}

package/dist/rules/crypto-mining.d.ts

@@ -0,0 +1,2 @@
+import type { Rule } from "../types.js";
+export declare const cryptoMiningRule: Rule;

package/dist/rules/crypto-mining.js

@@ -0,0 +1,41 @@
+/**
+ * Rule: crypto-mining
+ * Detects cryptocurrency mining patterns.
+ */
+const MINING_PATTERNS = [
+    { pattern: /stratum\+tcp:\/\/|stratum\+ssl:\/\//, desc: "Stratum mining protocol URL" },
+    { pattern: /xmrig|cpuminer|minerd|minergate|coinhive|cryptonight/i, desc: "Known mining software reference" },
+    { pattern: /\bmining_pool\b|\bpool_url\b|\bpool_address\b/i, desc: "Mining pool configuration" },
+    { pattern: /\bmonero\b.*\bwallet\b|\bwallet\b.*\bmonero\b/i, desc: "Monero wallet reference" },
+    { pattern: /crypto\.createHash.*\bwhile\b.*true|for\s*\(\s*;\s*;\s*\).*hash/i, desc: "Infinite loop with hashing — potential mining" },
+];
+export const cryptoMiningRule = {
+    id: "crypto-mining",
+    name: "Cryptocurrency Mining",
+    description: "Detects mining pool connections, known miners, and mining-related patterns",
+    run(files) {
+        const findings = [];
+        for (const file of files) {
+            if (file.ext === ".md")
+                continue;
+            for (let i = 0; i < file.lines.length; i++) {
+                const line = file.lines[i];
+                for (const { pattern, desc } of MINING_PATTERNS) {
+                    if (pattern.test(line)) {
+                        findings.push({
+                            rule: "crypto-mining",
+                            severity: "critical",
+                            file: file.relativePath,
+                            line: i + 1,
+                            message: desc,
+                            evidence: line.trim().slice(0, 120),
+                        });
+                        break;
+                    }
+                }
+            }
+        }
+        return findings;
+    },
+};
+//# sourceMappingURL=crypto-mining.js.map

package/dist/rules/crypto-mining.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"crypto-mining.js","sourceRoot":"","sources":["../../src/rules/crypto-mining.ts"],"names":[],"mappings":"AAEA;;;GAGG;AAEH,MAAM,eAAe,GAA6C;IAChE,EAAE,OAAO,EAAE,qCAAqC,EAAE,IAAI,EAAE,6BAA6B,EAAE;IACvF,EAAE,OAAO,EAAE,uDAAuD,EAAE,IAAI,EAAE,iCAAiC,EAAE;IAC7G,EAAE,OAAO,EAAE,gDAAgD,EAAE,IAAI,EAAE,2BAA2B,EAAE;IAChG,EAAE,OAAO,EAAE,gDAAgD,EAAE,IAAI,EAAE,yBAAyB,EAAE;IAC9F,EAAE,OAAO,EAAE,kEAAkE,EAAE,IAAI,EAAE,+CAA+C,EAAE;CACvI,CAAC;AAEF,MAAM,CAAC,MAAM,gBAAgB,GAAS;IACpC,EAAE,EAAE,eAAe;IACnB,IAAI,EAAE,uBAAuB;IAC7B,WAAW,EAAE,4EAA4E;IAEzF,GAAG,CAAC,KAAoB;QACtB,MAAM,QAAQ,GAAc,EAAE,CAAC;QAE/B,KAAK,MAAM,IAAI,IAAI,KAAK,EAAE,CAAC;YACzB,IAAI,IAAI,CAAC,GAAG,KAAK,KAAK;gBAAE,SAAS;YAEjC,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,IAAI,CAAC,KAAK,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;gBAC3C,MAAM,IAAI,GAAG,IAAI,CAAC,KAAK,CAAC,CAAC,CAAE,CAAC;gBAE5B,KAAK,MAAM,EAAE,OAAO,EAAE,IAAI,EAAE,IAAI,eAAe,EAAE,CAAC;oBAChD,IAAI,OAAO,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC;wBACvB,QAAQ,CAAC,IAAI,CAAC;4BACZ,IAAI,EAAE,eAAe;4BACrB,QAAQ,EAAE,UAAU;4BACpB,IAAI,EAAE,IAAI,CAAC,YAAY;4BACvB,IAAI,EAAE,CAAC,GAAG,CAAC;4BACX,OAAO,EAAE,IAAI;4BACb,QAAQ,EAAE,IAAI,CAAC,IAAI,EAAE,CAAC,KAAK,CAAC,CAAC,EAAE,GAAG,CAAC;yBACpC,CAAC,CAAC;wBACH,MAAM;oBACR,CAAC;gBACH,CAAC;YACH,CAAC;QACH,CAAC;QAED,OAAO,QAAQ,CAAC;IAClB,CAAC;CACF,CAAC"}

package/dist/rules/data-exfil.d.ts

@@ -0,0 +1,2 @@
+import type { Rule } from "../types.js";
+export declare const dataExfilRule: Rule;

package/dist/rules/data-exfil.js

@@ -0,0 +1,61 @@
+/**
+ * Rule: data-exfil
+ * Detects code that reads sensitive files AND sends HTTP requests — a classic exfiltration pattern.
+ */
+const SENSITIVE_READ_RE = /readFile|readFileSync|fs\.read|open\(|\.ssh|\.env|credentials|\.aws|\.kube|\.npmrc|\.gitconfig|\.openclaw/i;
+const HTTP_SEND_RE = /fetch\s*\(|axios\.|http\.request|https\.request|XMLHttpRequest|\.post\s*\(|\.put\s*\(|urllib|requests\.(post|put|patch)|curl\s/i;
+const DYNAMIC_URL_RE = /fetch\s*\(\s*`[^`]*\$\{|fetch\s*\(\s*[a-zA-Z_]\w*\s*[+,)]/;
+export const dataExfilRule = {
+    id: "data-exfil",
+    name: "Data Exfiltration",
+    description: "Detects patterns where sensitive data is read and sent over HTTP",
+    run(files) {
+        const findings = [];
+        for (const file of files) {
+            if (file.ext === ".json" || file.ext === ".yaml" || file.ext === ".yml" || file.ext === ".toml" || file.ext === ".md")
+                continue;
+            const content = file.content;
+            const hasSensitiveRead = SENSITIVE_READ_RE.test(content);
+            const hasHttpSend = HTTP_SEND_RE.test(content);
+            // Critical: same file reads sensitive data AND sends it out
+            if (hasSensitiveRead && hasHttpSend) {
+                // Find the specific lines
+                const readLines = [];
+                const sendLines = [];
+                for (let i = 0; i < file.lines.length; i++) {
+                    const line = file.lines[i];
+                    if (SENSITIVE_READ_RE.test(line))
+                        readLines.push(i + 1);
+                    if (HTTP_SEND_RE.test(line))
+                        sendLines.push(i + 1);
+                }
+                if (readLines.length > 0 && sendLines.length > 0) {
+                    findings.push({
+                        rule: "data-exfil",
+                        severity: "critical",
+                        file: file.relativePath,
+                        line: sendLines[0],
+                        message: `Reads sensitive data (line ${readLines.join(",")}) and sends HTTP request (line ${sendLines.join(",")}) — possible exfiltration`,
+                        evidence: file.lines[sendLines[0] - 1]?.trim().slice(0, 120),
+                    });
+                }
+            }
+            // Warning: dynamic URL construction in fetch/request calls
+            for (let i = 0; i < file.lines.length; i++) {
+                const line = file.lines[i];
+                if (DYNAMIC_URL_RE.test(line)) {
+                    findings.push({
+                        rule: "data-exfil",
+                        severity: "warning",
+                        file: file.relativePath,
+                        line: i + 1,
+                        message: "Dynamic URL construction in HTTP request — potential SSRF",
+                        evidence: line.trim().slice(0, 120),
+                    });
+                }
+            }
+        }
+        return findings;
+    },
+};
+//# sourceMappingURL=data-exfil.js.map

package/dist/rules/data-exfil.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"data-exfil.js","sourceRoot":"","sources":["../../src/rules/data-exfil.ts"],"names":[],"mappings":"AAEA;;;GAGG;AAEH,MAAM,iBAAiB,GACrB,4GAA4G,CAAC;AAE/G,MAAM,YAAY,GAChB,iIAAiI,CAAC;AAEpI,MAAM,cAAc,GAClB,2DAA2D,CAAC;AAE9D,MAAM,CAAC,MAAM,aAAa,GAAS;IACjC,EAAE,EAAE,YAAY;IAChB,IAAI,EAAE,mBAAmB;IACzB,WAAW,EAAE,kEAAkE;IAE/E,GAAG,CAAC,KAAoB;QACtB,MAAM,QAAQ,GAAc,EAAE,CAAC;QAE/B,KAAK,MAAM,IAAI,IAAI,KAAK,EAAE,CAAC;YACzB,IAAI,IAAI,CAAC,GAAG,KAAK,OAAO,IAAI,IAAI,CAAC,GAAG,KAAK,OAAO,IAAI,IAAI,CAAC,GAAG,KAAK,MAAM,IAAI,IAAI,CAAC,GAAG,KAAK,OAAO,IAAI,IAAI,CAAC,GAAG,KAAK,KAAK;gBAAE,SAAS;YAEhI,MAAM,OAAO,GAAG,IAAI,CAAC,OAAO,CAAC;YAC7B,MAAM,gBAAgB,GAAG,iBAAiB,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC;YACzD,MAAM,WAAW,GAAG,YAAY,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC;YAE/C,4DAA4D;YAC5D,IAAI,gBAAgB,IAAI,WAAW,EAAE,CAAC;gBACpC,0BAA0B;gBAC1B,MAAM,SAAS,GAAa,EAAE,CAAC;gBAC/B,MAAM,SAAS,GAAa,EAAE,CAAC;gBAE/B,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,IAAI,CAAC,KAAK,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;oBAC3C,MAAM,IAAI,GAAG,IAAI,CAAC,KAAK,CAAC,CAAC,CAAE,CAAC;oBAC5B,IAAI,iBAAiB,CAAC,IAAI,CAAC,IAAI,CAAC;wBAAE,SAAS,CAAC,IAAI,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC;oBACxD,IAAI,YAAY,CAAC,IAAI,CAAC,IAAI,CAAC;wBAAE,SAAS,CAAC,IAAI,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC;gBACrD,CAAC;gBAED,IAAI,SAAS,CAAC,MAAM,GAAG,CAAC,IAAI,SAAS,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;oBACjD,QAAQ,CAAC,IAAI,CAAC;wBACZ,IAAI,EAAE,YAAY;wBAClB,QAAQ,EAAE,UAAU;wBACpB,IAAI,EAAE,IAAI,CAAC,YAAY;wBACvB,IAAI,EAAE,SAAS,CAAC,CAAC,CAAC;wBAClB,OAAO,EAAE,8BAA8B,SAAS,CAAC,IAAI,CAAC,GAAG,CAAC,kCAAkC,SAAS,CAAC,IAAI,CAAC,GAAG,CAAC,2BAA2B;wBAC1I,QAAQ,EAAE,IAAI,CAAC,KAAK,CAAC,SAAS,CAAC,CAAC,CAAE,GAAG,CAAC,CAAC,EAAE,IAAI,EAAE,CAAC,KAAK,CAAC,CAAC,EAAE,GAAG,CAAC;qBAC9D,CAAC,CAAC;gBACL,CAAC;YACH,CAAC;YAED,2DAA2D;YAC3D,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,IAAI,CAAC,KAAK,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;gBAC3C,MAAM,IAAI,GAAG,IAAI,CAAC,KAAK,CAAC,CAAC,CAAE,CAAC;gBAC5B,IAAI,cAAc,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC;oBAC9B,QAAQ,CAAC,IAAI,CAAC;wBACZ,IAAI,EAAE,YAAY;wBAClB,QAAQ,EAAE,SAAS;wBACnB,IAAI,EAAE,IAAI,CAAC,YAAY;wBACvB,IAAI,EAAE,CAAC,GAAG,CAAC;wBACX,OAAO,EAAE,2DAA2D;wBACpE,QAAQ,EAAE,IAAI,CAAC,IAAI,EAAE,CAAC,KAAK,CAAC,CAAC,EAAE,GAAG,CAAC;qBACpC,CAAC,CAAC;gBACL,CAAC;YACH,CAAC;QACH,CAAC;QAED,OAAO,QAAQ,CAAC;IAClB,CAAC;CACF,CAAC"}

package/dist/rules/env-leak.d.ts

@@ -0,0 +1,2 @@
+import type { Rule } from "../types.js";
+export declare const envLeakRule: Rule;

package/dist/rules/env-leak.js

@@ -0,0 +1,43 @@
+/**
+ * Rule: env-leak
+ * Detects process.env access combined with HTTP send — leaking environment variables.
+ */
+const ENV_ACCESS_RE = /process\.env\b|os\.environ|getenv\s*\(/i;
+const HTTP_SEND_RE = /fetch\s*\(|axios\.|http\.request|https\.request|requests\.(post|put|patch)|\.post\s*\(|curl\s/i;
+export const envLeakRule = {
+    id: "env-leak",
+    name: "Environment Variable Leak",
+    description: "Detects process.env access combined with outbound HTTP requests",
+    run(files) {
+        const findings = [];
+        for (const file of files) {
+            if (file.ext === ".json" || file.ext === ".yaml" || file.ext === ".yml" || file.ext === ".md")
+                continue;
+            const hasEnvAccess = ENV_ACCESS_RE.test(file.content);
+            const hasHttpSend = HTTP_SEND_RE.test(file.content);
+            if (hasEnvAccess && hasHttpSend) {
+                const envLines = [];
+                const sendLines = [];
+                for (let i = 0; i < file.lines.length; i++) {
+                    const line = file.lines[i];
+                    if (ENV_ACCESS_RE.test(line))
+                        envLines.push(i + 1);
+                    if (HTTP_SEND_RE.test(line))
+                        sendLines.push(i + 1);
+                }
+                if (envLines.length > 0 && sendLines.length > 0) {
+                    findings.push({
+                        rule: "env-leak",
+                        severity: "critical",
+                        file: file.relativePath,
+                        line: sendLines[0],
+                        message: `Reads environment variables (line ${envLines.join(",")}) and sends HTTP request (line ${sendLines.join(",")}) — possible env leak`,
+                        evidence: file.lines[sendLines[0] - 1]?.trim().slice(0, 120),
+                    });
+                }
+            }
+        }
+        return findings;
+    },
+};
+//# sourceMappingURL=env-leak.js.map

package/dist/rules/env-leak.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"env-leak.js","sourceRoot":"","sources":["../../src/rules/env-leak.ts"],"names":[],"mappings":"AAEA;;;GAGG;AAEH,MAAM,aAAa,GAAG,yCAAyC,CAAC;AAChE,MAAM,YAAY,GAAG,gGAAgG,CAAC;AAEtH,MAAM,CAAC,MAAM,WAAW,GAAS;IAC/B,EAAE,EAAE,UAAU;IACd,IAAI,EAAE,2BAA2B;IACjC,WAAW,EAAE,iEAAiE;IAE9E,GAAG,CAAC,KAAoB;QACtB,MAAM,QAAQ,GAAc,EAAE,CAAC;QAE/B,KAAK,MAAM,IAAI,IAAI,KAAK,EAAE,CAAC;YACzB,IAAI,IAAI,CAAC,GAAG,KAAK,OAAO,IAAI,IAAI,CAAC,GAAG,KAAK,OAAO,IAAI,IAAI,CAAC,GAAG,KAAK,MAAM,IAAI,IAAI,CAAC,GAAG,KAAK,KAAK;gBAAE,SAAS;YAExG,MAAM,YAAY,GAAG,aAAa,CAAC,IAAI,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC;YACtD,MAAM,WAAW,GAAG,YAAY,CAAC,IAAI,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC;YAEpD,IAAI,YAAY,IAAI,WAAW,EAAE,CAAC;gBAChC,MAAM,QAAQ,GAAa,EAAE,CAAC;gBAC9B,MAAM,SAAS,GAAa,EAAE,CAAC;gBAE/B,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,IAAI,CAAC,KAAK,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;oBAC3C,MAAM,IAAI,GAAG,IAAI,CAAC,KAAK,CAAC,CAAC,CAAE,CAAC;oBAC5B,IAAI,aAAa,CAAC,IAAI,CAAC,IAAI,CAAC;wBAAE,QAAQ,CAAC,IAAI,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC;oBACnD,IAAI,YAAY,CAAC,IAAI,CAAC,IAAI,CAAC;wBAAE,SAAS,CAAC,IAAI,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC;gBACrD,CAAC;gBAED,IAAI,QAAQ,CAAC,MAAM,GAAG,CAAC,IAAI,SAAS,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;oBAChD,QAAQ,CAAC,IAAI,CAAC;wBACZ,IAAI,EAAE,UAAU;wBAChB,QAAQ,EAAE,UAAU;wBACpB,IAAI,EAAE,IAAI,CAAC,YAAY;wBACvB,IAAI,EAAE,SAAS,CAAC,CAAC,CAAC;wBAClB,OAAO,EAAE,qCAAqC,QAAQ,CAAC,IAAI,CAAC,GAAG,CAAC,kCAAkC,SAAS,CAAC,IAAI,CAAC,GAAG,CAAC,uBAAuB;wBAC5I,QAAQ,EAAE,IAAI,CAAC,KAAK,CAAC,SAAS,CAAC,CAAC,CAAE,GAAG,CAAC,CAAC,EAAE,IAAI,EAAE,CAAC,KAAK,CAAC,CAAC,EAAE,GAAG,CAAC;qBAC9D,CAAC,CAAC;gBACL,CAAC;YACH,CAAC;QACH,CAAC;QAED,OAAO,QAAQ,CAAC;IAClB,CAAC;CACF,CAAC"}

package/dist/rules/excessive-perms.d.ts

@@ -0,0 +1,2 @@
+import type { Rule } from "../types.js";
+export declare const excessivePermsRule: Rule;

package/dist/rules/excessive-perms.js

@@ -0,0 +1,50 @@
+import matter from "gray-matter";
+/**
+ * Rule: excessive-perms
+ * Detects skills that request too many or dangerous permissions.
+ */
+const DANGEROUS_PERMS = new Set(["exec", "admin", "root", "sudo", "network", "browser"]);
+const MAX_REASONABLE_PERMS = 5;
+export const excessivePermsRule = {
+    id: "excessive-perms",
+    name: "Excessive Permissions",
+    description: "Detects skills requesting too many or dangerous permissions",
+    run(files) {
+        const findings = [];
+        const skillMd = files.find((f) => f.relativePath === "SKILL.md" || f.relativePath.endsWith("/SKILL.md"));
+        if (!skillMd)
+            return findings;
+        let permissions = [];
+        try {
+            const { data } = matter(skillMd.content);
+            if (Array.isArray(data.permissions)) {
+                permissions = data.permissions.filter((p) => typeof p === "string");
+            }
+        }
+        catch {
+            return findings;
+        }
+        // Check for dangerous permissions
+        for (const perm of permissions) {
+            if (DANGEROUS_PERMS.has(perm.toLowerCase())) {
+                findings.push({
+                    rule: "excessive-perms",
+                    severity: "warning",
+                    file: skillMd.relativePath,
+                    message: `Requests dangerous permission: '${perm}'`,
+                });
+            }
+        }
+        // Check for excessive number of permissions
+        if (permissions.length > MAX_REASONABLE_PERMS) {
+            findings.push({
+                rule: "excessive-perms",
+                severity: "warning",
+                file: skillMd.relativePath,
+                message: `Requests ${permissions.length} permissions (threshold: ${MAX_REASONABLE_PERMS}) — review if all are necessary`,
+            });
+        }
+        return findings;
+    },
+};
+//# sourceMappingURL=excessive-perms.js.map

package/dist/rules/excessive-perms.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"excessive-perms.js","sourceRoot":"","sources":["../../src/rules/excessive-perms.ts"],"names":[],"mappings":"AAAA,OAAO,MAAM,MAAM,aAAa,CAAC;AAGjC;;;GAGG;AAEH,MAAM,eAAe,GAAG,IAAI,GAAG,CAAC,CAAC,MAAM,EAAE,OAAO,EAAE,MAAM,EAAE,MAAM,EAAE,SAAS,EAAE,SAAS,CAAC,CAAC,CAAC;AACzF,MAAM,oBAAoB,GAAG,CAAC,CAAC;AAE/B,MAAM,CAAC,MAAM,kBAAkB,GAAS;IACtC,EAAE,EAAE,iBAAiB;IACrB,IAAI,EAAE,uBAAuB;IAC7B,WAAW,EAAE,6DAA6D;IAE1E,GAAG,CAAC,KAAoB;QACtB,MAAM,QAAQ,GAAc,EAAE,CAAC;QAE/B,MAAM,OAAO,GAAG,KAAK,CAAC,IAAI,CACxB,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,YAAY,KAAK,UAAU,IAAI,CAAC,CAAC,YAAY,CAAC,QAAQ,CAAC,WAAW,CAAC,CAC7E,CAAC;QACF,IAAI,CAAC,OAAO;YAAE,OAAO,QAAQ,CAAC;QAE9B,IAAI,WAAW,GAAa,EAAE,CAAC;QAC/B,IAAI,CAAC;YACH,MAAM,EAAE,IAAI,EAAE,GAAG,MAAM,CAAC,OAAO,CAAC,OAAO,CAAC,CAAC;YACzC,IAAI,KAAK,CAAC,OAAO,CAAC,IAAI,CAAC,WAAW,CAAC,EAAE,CAAC;gBACpC,WAAW,GAAG,IAAI,CAAC,WAAW,CAAC,MAAM,CAAC,CAAC,CAAU,EAAE,EAAE,CAAC,OAAO,CAAC,KAAK,QAAQ,CAAC,CAAC;YAC/E,CAAC;QACH,CAAC;QAAC,MAAM,CAAC;YACP,OAAO,QAAQ,CAAC;QAClB,CAAC;QAED,kCAAkC;QAClC,KAAK,MAAM,IAAI,IAAI,WAAW,EAAE,CAAC;YAC/B,IAAI,eAAe,CAAC,GAAG,CAAC,IAAI,CAAC,WAAW,EAAE,CAAC,EAAE,CAAC;gBAC5C,QAAQ,CAAC,IAAI,CAAC;oBACZ,IAAI,EAAE,iBAAiB;oBACvB,QAAQ,EAAE,SAAS;oBACnB,IAAI,EAAE,OAAO,CAAC,YAAY;oBAC1B,OAAO,EAAE,mCAAmC,IAAI,GAAG;iBACpD,CAAC,CAAC;YACL,CAAC;QACH,CAAC;QAED,4CAA4C;QAC5C,IAAI,WAAW,CAAC,MAAM,GAAG,oBAAoB,EAAE,CAAC;YAC9C,QAAQ,CAAC,IAAI,CAAC;gBACZ,IAAI,EAAE,iBAAiB;gBACvB,QAAQ,EAAE,SAAS;gBACnB,IAAI,EAAE,OAAO,CAAC,YAAY;gBAC1B,OAAO,EAAE,YAAY,WAAW,CAAC,MAAM,4BAA4B,oBAAoB,iCAAiC;aACzH,CAAC,CAAC;QACL,CAAC;QAED,OAAO,QAAQ,CAAC;IAClB,CAAC;CACF,CAAC"}

package/dist/rules/hidden-files.d.ts

@@ -0,0 +1,2 @@
+import type { Rule } from "../types.js";
+export declare const hiddenFilesRule: Rule;

package/dist/rules/hidden-files.js

@@ -0,0 +1,52 @@
+/**
+ * Rule: hidden-files
+ * Detects exposed .env files and other hidden config files that shouldn't be committed.
+ */
+const DANGEROUS_FILES = [
+    { pattern: /^\.env($|\.)/, desc: "Environment file with secrets" },
+    { pattern: /^\.env\.local$/, desc: "Local environment file" },
+    { pattern: /^\.env\.production$/, desc: "Production environment file" },
+    { pattern: /^\.htpasswd$/, desc: "Apache password file" },
+    { pattern: /^\.htaccess$/, desc: "Apache config file" },
+    { pattern: /^\.pgpass$/, desc: "PostgreSQL password file" },
+    { pattern: /^\.netrc$/, desc: "Network credentials file" },
+];
+const SECRET_IN_ENV_RE = /^[A-Z_]+=(?!$).*(?:key|secret|token|password|credential|auth)/i;
+export const hiddenFilesRule = {
+    id: "hidden-files",
+    name: "Hidden/Secret Files",
+    description: "Detects .env files and other hidden configs that may leak secrets",
+    run(files) {
+        const findings = [];
+        for (const file of files) {
+            const basename = file.relativePath.split("/").pop() || "";
+            for (const { pattern, desc } of DANGEROUS_FILES) {
+                if (pattern.test(basename)) {
+                    findings.push({
+                        rule: "hidden-files",
+                        severity: "critical",
+                        file: file.relativePath,
+                        message: `${desc} found in repository — should be in .gitignore`,
+                    });
+                    // Check for actual secrets in the file
+                    for (let i = 0; i < file.lines.length; i++) {
+                        const line = file.lines[i];
+                        if (SECRET_IN_ENV_RE.test(line) && !line.trimStart().startsWith("#")) {
+                            findings.push({
+                                rule: "hidden-files",
+                                severity: "critical",
+                                file: file.relativePath,
+                                line: i + 1,
+                                message: "Hardcoded secret in environment file",
+                                evidence: line.replace(/=.*/, "=***").slice(0, 80),
+                            });
+                        }
+                    }
+                    break;
+                }
+            }
+        }
+        return findings;
+    },
+};
+//# sourceMappingURL=hidden-files.js.map

package/dist/rules/hidden-files.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"hidden-files.js","sourceRoot":"","sources":["../../src/rules/hidden-files.ts"],"names":[],"mappings":"AAEA;;;GAGG;AAEH,MAAM,eAAe,GAAG;IACtB,EAAE,OAAO,EAAE,cAAc,EAAE,IAAI,EAAE,+BAA+B,EAAE;IAClE,EAAE,OAAO,EAAE,gBAAgB,EAAE,IAAI,EAAE,wBAAwB,EAAE;IAC7D,EAAE,OAAO,EAAE,qBAAqB,EAAE,IAAI,EAAE,6BAA6B,EAAE;IACvE,EAAE,OAAO,EAAE,cAAc,EAAE,IAAI,EAAE,sBAAsB,EAAE;IACzD,EAAE,OAAO,EAAE,cAAc,EAAE,IAAI,EAAE,oBAAoB,EAAE;IACvD,EAAE,OAAO,EAAE,YAAY,EAAE,IAAI,EAAE,0BAA0B,EAAE;IAC3D,EAAE,OAAO,EAAE,WAAW,EAAE,IAAI,EAAE,0BAA0B,EAAE;CAC3D,CAAC;AAEF,MAAM,gBAAgB,GACpB,gEAAgE,CAAC;AAEnE,MAAM,CAAC,MAAM,eAAe,GAAS;IACnC,EAAE,EAAE,cAAc;IAClB,IAAI,EAAE,qBAAqB;IAC3B,WAAW,EAAE,mEAAmE;IAEhF,GAAG,CAAC,KAAoB;QACtB,MAAM,QAAQ,GAAc,EAAE,CAAC;QAE/B,KAAK,MAAM,IAAI,IAAI,KAAK,EAAE,CAAC;YACzB,MAAM,QAAQ,GAAG,IAAI,CAAC,YAAY,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,GAAG,EAAE,IAAI,EAAE,CAAC;YAE1D,KAAK,MAAM,EAAE,OAAO,EAAE,IAAI,EAAE,IAAI,eAAe,EAAE,CAAC;gBAChD,IAAI,OAAO,CAAC,IAAI,CAAC,QAAQ,CAAC,EAAE,CAAC;oBAC3B,QAAQ,CAAC,IAAI,CAAC;wBACZ,IAAI,EAAE,cAAc;wBACpB,QAAQ,EAAE,UAAU;wBACpB,IAAI,EAAE,IAAI,CAAC,YAAY;wBACvB,OAAO,EAAE,GAAG,IAAI,gDAAgD;qBACjE,CAAC,CAAC;oBAEH,uCAAuC;oBACvC,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,IAAI,CAAC,KAAK,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;wBAC3C,MAAM,IAAI,GAAG,IAAI,CAAC,KAAK,CAAC,CAAC,CAAE,CAAC;wBAC5B,IAAI,gBAAgB,CAAC,IAAI,CAAC,IAAI,CAAC,IAAI,CAAC,IAAI,CAAC,SAAS,EAAE,CAAC,UAAU,CAAC,GAAG,CAAC,EAAE,CAAC;4BACrE,QAAQ,CAAC,IAAI,CAAC;gCACZ,IAAI,EAAE,cAAc;gCACpB,QAAQ,EAAE,UAAU;gCACpB,IAAI,EAAE,IAAI,CAAC,YAAY;gCACvB,IAAI,EAAE,CAAC,GAAG,CAAC;gCACX,OAAO,EAAE,sCAAsC;gCAC/C,QAAQ,EAAE,IAAI,CAAC,OAAO,CAAC,KAAK,EAAE,MAAM,CAAC,CAAC,KAAK,CAAC,CAAC,EAAE,EAAE,CAAC;6BACnD,CAAC,CAAC;wBACL,CAAC;oBACH,CAAC;oBACD,MAAM;gBACR,CAAC;YACH,CAAC;QACH,CAAC;QAED,OAAO,QAAQ,CAAC;IAClB,CAAC;CACF,CAAC"}

package/dist/rules/index.d.ts

@@ -0,0 +1,5 @@
+import type { Rule } from "../types.js";
+/** All registered rules */
+export declare const rules: Rule[];
+/** Get a rule by ID */
+export declare function getRule(id: string): Rule | undefined;

package/dist/rules/index.js

@@ -0,0 +1,53 @@
+import { sensitiveReadRule } from "./sensitive-read.js";
+import { backdoorRule } from "./backdoor.js";
+import { dataExfilRule } from "./data-exfil.js";
+import { privilegeRule } from "./privilege.js";
+import { supplyChainRule } from "./supply-chain.js";
+import { obfuscationRule } from "./obfuscation.js";
+import { envLeakRule } from "./env-leak.js";
+import { cryptoMiningRule } from "./crypto-mining.js";
+import { reverseShellRule } from "./reverse-shell.js";
+import { typosquattingRule } from "./typosquatting.js";
+import { hiddenFilesRule } from "./hidden-files.js";
+import { excessivePermsRule } from "./excessive-perms.js";
+import { phoneHomeRule } from "./phone-home.js";
+import { credentialHardcodeRule } from "./credential-hardcode.js";
+import { networkSsrfRule } from "./network-ssrf.js";
+import { mcpManifestRule } from "./mcp-manifest.js";
+import { promptInjection } from "./prompt-injection.js";
+import { toolShadowing } from "./tool-shadowing.js";
+import { skillRisks } from "./skill-risks.js";
+import { toxicFlow } from "./toxic-flow.js";
+/** All registered rules */
+export const rules = [
+    // Original 5
+    dataExfilRule,
+    backdoorRule,
+    privilegeRule,
+    supplyChainRule,
+    sensitiveReadRule,
+    // New 10
+    obfuscationRule,
+    envLeakRule,
+    cryptoMiningRule,
+    reverseShellRule,
+    typosquattingRule,
+    hiddenFilesRule,
+    excessivePermsRule,
+    phoneHomeRule,
+    credentialHardcodeRule,
+    networkSsrfRule,
+    mcpManifestRule,
+    // Prompt injection & tool shadowing
+    promptInjection,
+    toolShadowing,
+    // Skill risk assessment
+    skillRisks,
+    // Toxic flow analysis
+    toxicFlow,
+];
+/** Get a rule by ID */
+export function getRule(id) {
+    return rules.find((r) => r.id === id);
+}
+//# sourceMappingURL=index.js.map

package/dist/rules/index.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.js","sourceRoot":"","sources":["../../src/rules/index.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,iBAAiB,EAAE,MAAM,qBAAqB,CAAC;AACxD,OAAO,EAAE,YAAY,EAAE,MAAM,eAAe,CAAC;AAC7C,OAAO,EAAE,aAAa,EAAE,MAAM,iBAAiB,CAAC;AAChD,OAAO,EAAE,aAAa,EAAE,MAAM,gBAAgB,CAAC;AAC/C,OAAO,EAAE,eAAe,EAAE,MAAM,mBAAmB,CAAC;AACpD,OAAO,EAAE,eAAe,EAAE,MAAM,kBAAkB,CAAC;AACnD,OAAO,EAAE,WAAW,EAAE,MAAM,eAAe,CAAC;AAC5C,OAAO,EAAE,gBAAgB,EAAE,MAAM,oBAAoB,CAAC;AACtD,OAAO,EAAE,gBAAgB,EAAE,MAAM,oBAAoB,CAAC;AACtD,OAAO,EAAE,iBAAiB,EAAE,MAAM,oBAAoB,CAAC;AACvD,OAAO,EAAE,eAAe,EAAE,MAAM,mBAAmB,CAAC;AACpD,OAAO,EAAE,kBAAkB,EAAE,MAAM,sBAAsB,CAAC;AAC1D,OAAO,EAAE,aAAa,EAAE,MAAM,iBAAiB,CAAC;AAChD,OAAO,EAAE,sBAAsB,EAAE,MAAM,0BAA0B,CAAC;AAClE,OAAO,EAAE,eAAe,EAAE,MAAM,mBAAmB,CAAC;AACpD,OAAO,EAAE,eAAe,EAAE,MAAM,mBAAmB,CAAC;AACpD,OAAO,EAAE,eAAe,EAAE,MAAM,uBAAuB,CAAC;AACxD,OAAO,EAAE,aAAa,EAAE,MAAM,qBAAqB,CAAC;AACpD,OAAO,EAAE,UAAU,EAAE,MAAM,kBAAkB,CAAC;AAC9C,OAAO,EAAE,SAAS,EAAE,MAAM,iBAAiB,CAAC;AAE5C,2BAA2B;AAC3B,MAAM,CAAC,MAAM,KAAK,GAAW;IAC3B,aAAa;IACb,aAAa;IACb,YAAY;IACZ,aAAa;IACb,eAAe;IACf,iBAAiB;IACjB,SAAS;IACT,eAAe;IACf,WAAW;IACX,gBAAgB;IAChB,gBAAgB;IAChB,iBAAiB;IACjB,eAAe;IACf,kBAAkB;IAClB,aAAa;IACb,sBAAsB;IACtB,eAAe;IACf,eAAe;IACf,oCAAoC;IACpC,eAAe;IACf,aAAa;IACb,wBAAwB;IACxB,UAAU;IACV,sBAAsB;IACtB,SAAS;CACV,CAAC;AAEF,uBAAuB;AACvB,MAAM,UAAU,OAAO,CAAC,EAAU;IAChC,OAAO,KAAK,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,EAAE,KAAK,EAAE,CAAC,CAAC;AACxC,CAAC"}

package/dist/rules/mcp-manifest.d.ts

@@ -0,0 +1,2 @@
+import type { Rule } from "../types.js";
+export declare const mcpManifestRule: Rule;