npm - @elliotllliu/agentshield - Versions diffs - 0.1.0 - Mend

@elliotllliu/agentshield 0.1.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (72) hide show

package/LICENSE +21 -0
package/README.md +115 -0
package/dist/cli.d.ts +2 -0
package/dist/cli.js +43 -0
package/dist/cli.js.map +1 -0
package/dist/reporter/json.d.ts +3 -0
package/dist/reporter/json.js +5 -0
package/dist/reporter/json.js.map +1 -0
package/dist/reporter/terminal.d.ts +2 -0
package/dist/reporter/terminal.js +60 -0
package/dist/reporter/terminal.js.map +1 -0
package/dist/rules/backdoor.d.ts +2 -0
package/dist/rules/backdoor.js +57 -0
package/dist/rules/backdoor.js.map +1 -0
package/dist/rules/credential-hardcode.d.ts +2 -0
package/dist/rules/credential-hardcode.js +57 -0
package/dist/rules/credential-hardcode.js.map +1 -0
package/dist/rules/crypto-mining.d.ts +2 -0
package/dist/rules/crypto-mining.js +41 -0
package/dist/rules/crypto-mining.js.map +1 -0
package/dist/rules/data-exfil.d.ts +2 -0
package/dist/rules/data-exfil.js +61 -0
package/dist/rules/data-exfil.js.map +1 -0
package/dist/rules/env-leak.d.ts +2 -0
package/dist/rules/env-leak.js +43 -0
package/dist/rules/env-leak.js.map +1 -0
package/dist/rules/excessive-perms.d.ts +2 -0
package/dist/rules/excessive-perms.js +50 -0
package/dist/rules/excessive-perms.js.map +1 -0
package/dist/rules/hidden-files.d.ts +2 -0
package/dist/rules/hidden-files.js +52 -0
package/dist/rules/hidden-files.js.map +1 -0
package/dist/rules/index.d.ts +5 -0
package/dist/rules/index.js +40 -0
package/dist/rules/index.js.map +1 -0
package/dist/rules/network-ssrf.d.ts +2 -0
package/dist/rules/network-ssrf.js +51 -0
package/dist/rules/network-ssrf.js.map +1 -0
package/dist/rules/obfuscation.d.ts +2 -0
package/dist/rules/obfuscation.js +51 -0
package/dist/rules/obfuscation.js.map +1 -0
package/dist/rules/phone-home.d.ts +2 -0
package/dist/rules/phone-home.js +38 -0
package/dist/rules/phone-home.js.map +1 -0
package/dist/rules/privilege.d.ts +2 -0
package/dist/rules/privilege.js +111 -0
package/dist/rules/privilege.js.map +1 -0
package/dist/rules/reverse-shell.d.ts +2 -0
package/dist/rules/reverse-shell.js +53 -0
package/dist/rules/reverse-shell.js.map +1 -0
package/dist/rules/sensitive-read.d.ts +2 -0
package/dist/rules/sensitive-read.js +53 -0
package/dist/rules/sensitive-read.js.map +1 -0
package/dist/rules/supply-chain.d.ts +6 -0
package/dist/rules/supply-chain.js +105 -0
package/dist/rules/supply-chain.js.map +1 -0
package/dist/rules/typosquatting.d.ts +2 -0
package/dist/rules/typosquatting.js +56 -0
package/dist/rules/typosquatting.js.map +1 -0
package/dist/scanner/files.d.ts +5 -0
package/dist/scanner/files.js +67 -0
package/dist/scanner/files.js.map +1 -0
package/dist/scanner/index.d.ts +3 -0
package/dist/scanner/index.js +24 -0
package/dist/scanner/index.js.map +1 -0
package/dist/score.d.ts +14 -0
package/dist/score.js +35 -0
package/dist/score.js.map +1 -0
package/dist/types.d.ts +42 -0
package/dist/types.js +2 -0
package/dist/types.js.map +1 -0
package/package.json +33 -0

package/LICENSE ADDED Viewed

@@ -0,0 +1,21 @@
+MIT License
+Copyright (c) 2026 Elliot Liu
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+SOFTWARE.

package/README.md ADDED Viewed

@@ -0,0 +1,115 @@
+# 🛡️ AgentShield
+Security scanner for AI agent skills, MCP servers, and plugins.
+Catch data exfiltration, backdoors, privilege escalation, and supply chain vulnerabilities **before** they reach your agents.
+## Quick Start
+```bash
+npx agentshield scan ./my-skill/
+```
+## What It Detects
+| Rule | Severity | Description |
+|------|----------|-------------|
+| `data-exfil` | 🔴 Critical | Reads sensitive files (SSH keys, credentials) + sends HTTP requests |
+| `backdoor` | 🔴 Critical | `eval()`, `new Function()`, `child_process.exec()` with dynamic input |
+| `reverse-shell` | 🔴 Critical | Outbound socket connections piped to shell |
+| `crypto-mining` | 🔴 Critical | Mining pool connections, known miners (xmrig, coinhive) |
+| `credential-hardcode` | 🔴 Critical | Hardcoded AWS keys, GitHub PATs, Stripe keys, private keys |
+| `env-leak` | 🔴 Critical | `process.env` access + outbound HTTP (environment variable exfil) |
+| `obfuscation` | 🔴 Critical | base64 + eval combos, hex-encoded strings, `String.fromCharCode` |
+| `typosquatting` | 🔴 Critical | Suspicious npm package names (e.g. `1odash` instead of `lodash`) |
+| `hidden-files` | 🔴 Critical | `.env` files with secrets committed to repo |
+| `network-ssrf` | 🟡 Warning | User-controlled URLs in fetch, AWS metadata endpoint access |
+| `privilege` | 🟡 Warning | SKILL.md declares `read` but code calls `exec` |
+| `supply-chain` | 🟡 Warning | Known CVEs in npm dependencies (`npm audit`) |
+| `sensitive-read` | 🟡 Warning | Accesses `~/.ssh/id_rsa`, `~/.aws/credentials`, etc. |
+| `excessive-perms` | 🟡 Warning | Too many or dangerous permissions in SKILL.md |
+| `phone-home` | 🟡 Warning | Periodic timers + HTTP requests (beacon/heartbeat pattern) |
+## Example Output
+```
+🛡️  AgentShield Security Report
+📁 Scanned: ./my-skill/ (3 files, 44 lines)
+🔴 CRITICAL (3)
+  ├─ index.ts:13 — [data-exfil] Reads sensitive data and sends HTTP request — possible exfiltration
+  ├─ index.ts:20 — [backdoor] eval() with dynamic input
+  └─ index.ts:25 — [backdoor] child_process.exec() — use execFile instead
+🟡 WARNING (2)
+  ├─ index.ts:23 — [privilege] Code uses 'exec' but SKILL.md doesn't declare it
+  └─ index.ts:6  — [sensitive-read] Accesses SSH private key
+🟢 INFO (1)
+  └─ SKILL.md — [privilege] Detected capabilities: exec, read, web_fetch
+✅ Score: 0/100 (Critical Risk)
+```
+## Usage
+```bash
+# Scan a directory
+agentshield scan ./path/to/skill/
+# JSON output (for CI/CD)
+agentshield scan ./skill/ --json
+# Fail CI if score is below threshold
+agentshield scan ./skill/ --fail-under 70
+# Shorthand (directory as first arg)
+agentshield ./skill/
+```
+## CI Integration
+```yaml
+# GitHub Actions
+- name: Security scan
+  run: npx agentshield scan ./skills/ --fail-under 70
+```
+## Scoring
+Starts at 100, deducts per finding:
+| Severity | Deduction |
+|----------|-----------|
+| Critical | -25 |
+| Warning | -10 |
+| Info | 0 |
+| Score | Risk Level |
+|-------|------------|
+| 90-100 | Low Risk ✅ |
+| 70-89 | Moderate Risk 🟡 |
+| 40-69 | High Risk 🟠 |
+| 0-39 | Critical Risk 🔴 |
+## Supported File Types
+- **JavaScript/TypeScript**: `.js`, `.ts`, `.mjs`, `.cjs`, `.tsx`, `.jsx`
+- **Python**: `.py`
+- **Shell**: `.sh`, `.bash`, `.zsh`
+- **Config**: `.json`, `.yaml`, `.yml`, `.toml`
+- **Docs**: `SKILL.md` (permission analysis)
+## Roadmap
+- [ ] AST-based analysis (tree-sitter for multi-language support)
+- [ ] MCP server manifest validation
+- [ ] Custom rule plugins
+- [ ] `agentshield init` — generate security policy
+- [ ] Sarif output for GitHub Code Scanning
+- [ ] Python `pip-audit` integration
+- [ ] Watch mode for development
+## License
+MIT

package/dist/cli.d.ts ADDED Viewed

	@@ -0,0 +1,2 @@
1	+ #!/usr/bin/env node
2	+ export {};

package/dist/cli.js ADDED Viewed

@@ -0,0 +1,43 @@
+#!/usr/bin/env node
+import { Command } from "commander";
+import { resolve } from "path";
+import { existsSync, statSync } from "fs";
+import { scan } from "./scanner/index.js";
+import { printReport } from "./reporter/terminal.js";
+import { printJsonReport } from "./reporter/json.js";
+const program = new Command();
+program
+    .name("agentshield")
+    .description("Security scanner for AI agent skills, MCP servers, and plugins")
+    .version("0.1.0");
+program
+    .command("scan")
+    .description("Scan a skill/plugin directory for security issues")
+    .argument("<directory>", "Target directory to scan")
+    .option("--json", "Output results as JSON")
+    .option("--fail-under <score>", "Exit with code 1 if score is below threshold", parseInt)
+    .action((directory, options) => {
+    const target = resolve(directory);
+    if (!existsSync(target) || !statSync(target).isDirectory()) {
+        console.error(`Error: "${directory}" is not a valid directory`);
+        process.exit(1);
+    }
+    const result = scan(target);
+    if (options.json) {
+        printJsonReport(result);
+    }
+    else {
+        printReport(result);
+    }
+    if (options.failUnder !== undefined && result.score < options.failUnder) {
+        process.exit(1);
+    }
+});
+// Default: if first arg looks like a directory, treat as scan
+const args = process.argv.slice(2);
+if (args.length > 0 && !args[0].startsWith("-") && args[0] !== "scan" && args[0] !== "help") {
+    // Rewrite: `agentshield ./dir` → `agentshield scan ./dir`
+    process.argv.splice(2, 0, "scan");
+}
+program.parse();
+//# sourceMappingURL=cli.js.map

package/dist/cli.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"cli.js","sourceRoot":"","sources":["../src/cli.ts"],"names":[],"mappings":";AAEA,OAAO,EAAE,OAAO,EAAE,MAAM,WAAW,CAAC;AACpC,OAAO,EAAE,OAAO,EAAE,MAAM,MAAM,CAAC;AAC/B,OAAO,EAAE,UAAU,EAAE,QAAQ,EAAE,MAAM,IAAI,CAAC;AAC1C,OAAO,EAAE,IAAI,EAAE,MAAM,oBAAoB,CAAC;AAC1C,OAAO,EAAE,WAAW,EAAE,MAAM,wBAAwB,CAAC;AACrD,OAAO,EAAE,eAAe,EAAE,MAAM,oBAAoB,CAAC;AAErD,MAAM,OAAO,GAAG,IAAI,OAAO,EAAE,CAAC;AAE9B,OAAO;KACJ,IAAI,CAAC,aAAa,CAAC;KACnB,WAAW,CAAC,gEAAgE,CAAC;KAC7E,OAAO,CAAC,OAAO,CAAC,CAAC;AAEpB,OAAO;KACJ,OAAO,CAAC,MAAM,CAAC;KACf,WAAW,CAAC,mDAAmD,CAAC;KAChE,QAAQ,CAAC,aAAa,EAAE,0BAA0B,CAAC;KACnD,MAAM,CAAC,QAAQ,EAAE,wBAAwB,CAAC;KAC1C,MAAM,CAAC,sBAAsB,EAAE,8CAA8C,EAAE,QAAQ,CAAC;KACxF,MAAM,CAAC,CAAC,SAAiB,EAAE,OAA+C,EAAE,EAAE;IAC7E,MAAM,MAAM,GAAG,OAAO,CAAC,SAAS,CAAC,CAAC;IAElC,IAAI,CAAC,UAAU,CAAC,MAAM,CAAC,IAAI,CAAC,QAAQ,CAAC,MAAM,CAAC,CAAC,WAAW,EAAE,EAAE,CAAC;QAC3D,OAAO,CAAC,KAAK,CAAC,WAAW,SAAS,4BAA4B,CAAC,CAAC;QAChE,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IAClB,CAAC;IAED,MAAM,MAAM,GAAG,IAAI,CAAC,MAAM,CAAC,CAAC;IAE5B,IAAI,OAAO,CAAC,IAAI,EAAE,CAAC;QACjB,eAAe,CAAC,MAAM,CAAC,CAAC;IAC1B,CAAC;SAAM,CAAC;QACN,WAAW,CAAC,MAAM,CAAC,CAAC;IACtB,CAAC;IAED,IAAI,OAAO,CAAC,SAAS,KAAK,SAAS,IAAI,MAAM,CAAC,KAAK,GAAG,OAAO,CAAC,SAAS,EAAE,CAAC;QACxE,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IAClB,CAAC;AACH,CAAC,CAAC,CAAC;AAEL,8DAA8D;AAC9D,MAAM,IAAI,GAAG,OAAO,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC;AACnC,IAAI,IAAI,CAAC,MAAM,GAAG,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,CAAE,CAAC,UAAU,CAAC,GAAG,CAAC,IAAI,IAAI,CAAC,CAAC,CAAC,KAAK,MAAM,IAAI,IAAI,CAAC,CAAC,CAAC,KAAK,MAAM,EAAE,CAAC;IAC7F,0DAA0D;IAC1D,OAAO,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC,EAAE,CAAC,EAAE,MAAM,CAAC,CAAC;AACpC,CAAC;AAED,OAAO,CAAC,KAAK,EAAE,CAAC"}

package/dist/reporter/json.d.ts ADDED Viewed

@@ -0,0 +1,3 @@
+import type { ScanResult } from "../types.js";
+/** Output scan result as JSON */
+export declare function printJsonReport(result: ScanResult): void;

package/dist/reporter/json.js ADDED Viewed

@@ -0,0 +1,5 @@
+/** Output scan result as JSON */
+export function printJsonReport(result) {
+    console.log(JSON.stringify(result, null, 2));
+}
+//# sourceMappingURL=json.js.map

package/dist/reporter/json.js.map ADDED Viewed

	@@ -0,0 +1 @@
1	+ {"version":3,"file":"json.js","sourceRoot":"","sources":["../../src/reporter/json.ts"],"names":[],"mappings":"AAEA,iCAAiC;AACjC,MAAM,UAAU,eAAe,CAAC,MAAkB;IAChD,OAAO,CAAC,GAAG,CAAC,IAAI,CAAC,SAAS,CAAC,MAAM,EAAE,IAAI,EAAE,CAAC,CAAC,CAAC,CAAC;AAC/C,CAAC"}

package/dist/reporter/terminal.d.ts ADDED Viewed

	@@ -0,0 +1,2 @@
1	+ import type { ScanResult } from "../types.js";
2	+ export declare function printReport(result: ScanResult): void;

package/dist/reporter/terminal.js ADDED Viewed

@@ -0,0 +1,60 @@
+import chalk from "chalk";
+import { riskLabel } from "../score.js";
+const SEVERITY_ICON = {
+    critical: chalk.red("🔴 CRITICAL"),
+    warning: chalk.yellow("🟡 WARNING"),
+    info: chalk.blue("🟢 INFO"),
+};
+const SEVERITY_LINE = {
+    critical: chalk.red,
+    warning: chalk.yellow,
+    info: chalk.dim,
+};
+export function printReport(result) {
+    const { target, filesScanned, linesScanned, findings, score, duration } = result;
+    console.log();
+    console.log(chalk.bold("🛡️  AgentShield Security Report"));
+    console.log(chalk.dim(`📁 Scanned: ${target} (${filesScanned} files, ${formatLines(linesScanned)})`));
+    console.log();
+    // Group by severity
+    const bySeverity = groupBy(findings, (f) => f.severity);
+    for (const severity of ["critical", "warning", "info"]) {
+        const group = bySeverity[severity];
+        if (!group || group.length === 0)
+            continue;
+        console.log(`${SEVERITY_ICON[severity]} (${group.length})`);
+        for (let i = 0; i < group.length; i++) {
+            const f = group[i];
+            const prefix = i < group.length - 1 ? "  ├─" : "  └─";
+            const loc = f.line ? `${f.file}:${f.line}` : f.file;
+            const colorize = SEVERITY_LINE[f.severity] || chalk.white;
+            console.log(colorize(`${prefix} ${loc} — [${f.rule}] ${f.message}`));
+            if (f.evidence) {
+                const ePrefix = i < group.length - 1 ? "  │  " : "     ";
+                console.log(chalk.dim(`${ePrefix}${f.evidence}`));
+            }
+        }
+        console.log();
+    }
+    // Score
+    const scoreColor = score >= 90 ? chalk.green : score >= 70 ? chalk.yellow : score >= 40 ? chalk.hex("#FF8800") : chalk.red;
+    console.log(scoreColor(`✅ Score: ${score}/100 (${riskLabel(score)})`));
+    console.log(chalk.dim(`⏱  ${duration}ms`));
+    console.log();
+}
+function formatLines(n) {
+    if (n >= 1000)
+        return `${(n / 1000).toFixed(1)}K lines`;
+    return `${n} lines`;
+}
+function groupBy(arr, fn) {
+    const result = {};
+    for (const item of arr) {
+        const key = fn(item);
+        if (!result[key])
+            result[key] = [];
+        result[key].push(item);
+    }
+    return result;
+}
+//# sourceMappingURL=terminal.js.map

package/dist/reporter/terminal.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"terminal.js","sourceRoot":"","sources":["../../src/reporter/terminal.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,MAAM,OAAO,CAAC;AAE1B,OAAO,EAAE,SAAS,EAAE,MAAM,aAAa,CAAC;AAExC,MAAM,aAAa,GAA2B;IAC5C,QAAQ,EAAE,KAAK,CAAC,GAAG,CAAC,aAAa,CAAC;IAClC,OAAO,EAAE,KAAK,CAAC,MAAM,CAAC,YAAY,CAAC;IACnC,IAAI,EAAE,KAAK,CAAC,IAAI,CAAC,SAAS,CAAC;CAC5B,CAAC;AAEF,MAAM,aAAa,GAA0C;IAC3D,QAAQ,EAAE,KAAK,CAAC,GAAG;IACnB,OAAO,EAAE,KAAK,CAAC,MAAM;IACrB,IAAI,EAAE,KAAK,CAAC,GAAG;CAChB,CAAC;AAEF,MAAM,UAAU,WAAW,CAAC,MAAkB;IAC5C,MAAM,EAAE,MAAM,EAAE,YAAY,EAAE,YAAY,EAAE,QAAQ,EAAE,KAAK,EAAE,QAAQ,EAAE,GAAG,MAAM,CAAC;IAEjF,OAAO,CAAC,GAAG,EAAE,CAAC;IACd,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,IAAI,CAAC,kCAAkC,CAAC,CAAC,CAAC;IAC5D,OAAO,CAAC,GAAG,CACT,KAAK,CAAC,GAAG,CAAC,eAAe,MAAM,KAAK,YAAY,WAAW,WAAW,CAAC,YAAY,CAAC,GAAG,CAAC,CACzF,CAAC;IACF,OAAO,CAAC,GAAG,EAAE,CAAC;IAEd,oBAAoB;IACpB,MAAM,UAAU,GAAG,OAAO,CAAC,QAAQ,EAAE,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,QAAQ,CAAC,CAAC;IAExD,KAAK,MAAM,QAAQ,IAAI,CAAC,UAAU,EAAE,SAAS,EAAE,MAAM,CAAU,EAAE,CAAC;QAChE,MAAM,KAAK,GAAG,UAAU,CAAC,QAAQ,CAAC,CAAC;QACnC,IAAI,CAAC,KAAK,IAAI,KAAK,CAAC,MAAM,KAAK,CAAC;YAAE,SAAS;QAE3C,OAAO,CAAC,GAAG,CAAC,GAAG,aAAa,CAAC,QAAQ,CAAC,KAAK,KAAK,CAAC,MAAM,GAAG,CAAC,CAAC;QAC5D,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,KAAK,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;YACtC,MAAM,CAAC,GAAG,KAAK,CAAC,CAAC,CAAE,CAAC;YACpB,MAAM,MAAM,GAAG,CAAC,GAAG,KAAK,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,MAAM,CAAC;YACtD,MAAM,GAAG,GAAG,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,IAAI,IAAI,CAAC,CAAC,IAAI,EAAE,CAAC,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC;YACpD,MAAM,QAAQ,GAAG,aAAa,CAAC,CAAC,CAAC,QAAQ,CAAC,IAAI,KAAK,CAAC,KAAK,CAAC;YAC1D,OAAO,CAAC,GAAG,CAAC,QAAQ,CAAC,GAAG,MAAM,IAAI,GAAG,OAAO,CAAC,CAAC,IAAI,KAAK,CAAC,CAAC,OAAO,EAAE,CAAC,CAAC,CAAC;YACrE,IAAI,CAAC,CAAC,QAAQ,EAAE,CAAC;gBACf,MAAM,OAAO,GAAG,CAAC,GAAG,KAAK,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,OAAO,CAAC;gBACzD,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,GAAG,CAAC,GAAG,OAAO,GAAG,CAAC,CAAC,QAAQ,EAAE,CAAC,CAAC,CAAC;YACpD,CAAC;QACH,CAAC;QACD,OAAO,CAAC,GAAG,EAAE,CAAC;IAChB,CAAC;IAED,QAAQ;IACR,MAAM,UAAU,GAAG,KAAK,IAAI,EAAE,CAAC,CAAC,CAAC,KAAK,CAAC,KAAK,CAAC,CAAC,CAAC,KAAK,IAAI,EAAE,CAAC,CAAC,CAAC,KAAK,CAAC,MAAM,CAAC,CAAC,CAAC,KAAK,IAAI,EAAE,CAAC,CAAC,CAAC,KAAK,CAAC,GAAG,CAAC,SAAS,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC,GAAG,CAAC;IAC3H,OAAO,CAAC,GAAG,CAAC,UAAU,CAAC,YAAY,KAAK,SAAS,SAAS,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC;IACvE,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,GAAG,CAAC,MAAM,QAAQ,IAAI,CAAC,CAAC,CAAC;IAC3C,OAAO,CAAC,GAAG,EAAE,CAAC;AAChB,CAAC;AAED,SAAS,WAAW,CAAC,CAAS;IAC5B,IAAI,CAAC,IAAI,IAAI;QAAE,OAAO,GAAG,CAAC,CAAC,GAAG,IAAI,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,SAAS,CAAC;IACxD,OAAO,GAAG,CAAC,QAAQ,CAAC;AACtB,CAAC;AAED,SAAS,OAAO,CAAI,GAAQ,EAAE,EAAuB;IACnD,MAAM,MAAM,GAAwB,EAAE,CAAC;IACvC,KAAK,MAAM,IAAI,IAAI,GAAG,EAAE,CAAC;QACvB,MAAM,GAAG,GAAG,EAAE,CAAC,IAAI,CAAC,CAAC;QACrB,IAAI,CAAC,MAAM,CAAC,GAAG,CAAC;YAAE,MAAM,CAAC,GAAG,CAAC,GAAG,EAAE,CAAC;QACnC,MAAM,CAAC,GAAG,CAAE,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;IAC1B,CAAC;IACD,OAAO,MAAM,CAAC;AAChB,CAAC"}

package/dist/rules/backdoor.d.ts ADDED Viewed

	@@ -0,0 +1,2 @@
1	+ import type { Rule } from "../types.js";
2	+ export declare const backdoorRule: Rule;

package/dist/rules/backdoor.js ADDED Viewed

@@ -0,0 +1,57 @@
+/**
+ * Rule: backdoor
+ * Detects eval(), new Function(), child_process.exec() with dynamic strings
+ */
+const BACKDOOR_PATTERNS = [
+    // JavaScript/TypeScript
+    { pattern: /\beval\s*\(/, desc: "eval() with dynamic input", severity: "critical" },
+    { pattern: /new\s+Function\s*\(/, desc: "new Function() constructor", severity: "critical" },
+    { pattern: /child_process\s*\.\s*exec\s*\(/, desc: "child_process.exec() — use execFile instead", severity: "critical" },
+    { pattern: /child_process\s*\.\s*spawn\s*\(.*\bshell\s*:\s*true/, desc: "spawn() with shell: true", severity: "critical" },
+    { pattern: /execSync\s*\(\s*`/, desc: "execSync() with template literal", severity: "critical" },
+    { pattern: /execSync\s*\(\s*[^"']/, desc: "execSync() with dynamic string", severity: "warning" },
+    { pattern: /require\s*\(\s*[^"'`]/, desc: "dynamic require()", severity: "warning" },
+    { pattern: /import\s*\(\s*[^"'`]/, desc: "dynamic import()", severity: "warning" },
+    // Python
+    { pattern: /\bexec\s*\(\s*[^"']/, desc: "Python exec() with dynamic input", severity: "critical" },
+    { pattern: /\bos\.system\s*\(/, desc: "os.system() — use subprocess.run instead", severity: "critical" },
+    { pattern: /subprocess\.call\s*\(\s*[^[\]].*shell\s*=\s*True/, desc: "subprocess with shell=True", severity: "critical" },
+    { pattern: /\b__import__\s*\(/, desc: "dynamic __import__()", severity: "warning" },
+    // Shell
+    { pattern: /\$\(curl\s/, desc: "command substitution with curl", severity: "critical" },
+    { pattern: /\beval\s+\$/, desc: "shell eval with variable", severity: "critical" },
+    { pattern: /bash\s+-c\s+\$/, desc: "bash -c with variable", severity: "critical" },
+];
+export const backdoorRule = {
+    id: "backdoor",
+    name: "Dynamic Code Execution",
+    description: "Detects eval(), exec(), and other dynamic code execution patterns",
+    run(files) {
+        const findings = [];
+        for (const file of files) {
+            if (file.ext === ".json" || file.ext === ".yaml" || file.ext === ".yml" || file.ext === ".toml" || file.ext === ".md")
+                continue;
+            for (let i = 0; i < file.lines.length; i++) {
+                const line = file.lines[i];
+                const trimmed = line.trimStart();
+                if (trimmed.startsWith("//") || trimmed.startsWith("#") || trimmed.startsWith("*"))
+                    continue;
+                for (const { pattern, desc, severity } of BACKDOOR_PATTERNS) {
+                    if (pattern.test(line)) {
+                        findings.push({
+                            rule: "backdoor",
+                            severity,
+                            file: file.relativePath,
+                            line: i + 1,
+                            message: desc,
+                            evidence: line.trim().slice(0, 120),
+                        });
+                        break; // one finding per line
+                    }
+                }
+            }
+        }
+        return findings;
+    },
+};
+//# sourceMappingURL=backdoor.js.map

package/dist/rules/backdoor.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"backdoor.js","sourceRoot":"","sources":["../../src/rules/backdoor.ts"],"names":[],"mappings":"AAEA;;;GAGG;AAEH,MAAM,iBAAiB,GAIlB;IACH,wBAAwB;IACxB,EAAE,OAAO,EAAE,aAAa,EAAE,IAAI,EAAE,2BAA2B,EAAE,QAAQ,EAAE,UAAU,EAAE;IACnF,EAAE,OAAO,EAAE,qBAAqB,EAAE,IAAI,EAAE,4BAA4B,EAAE,QAAQ,EAAE,UAAU,EAAE;IAC5F,EAAE,OAAO,EAAE,gCAAgC,EAAE,IAAI,EAAE,6CAA6C,EAAE,QAAQ,EAAE,UAAU,EAAE;IACxH,EAAE,OAAO,EAAE,qDAAqD,EAAE,IAAI,EAAE,0BAA0B,EAAE,QAAQ,EAAE,UAAU,EAAE;IAC1H,EAAE,OAAO,EAAE,mBAAmB,EAAE,IAAI,EAAE,kCAAkC,EAAE,QAAQ,EAAE,UAAU,EAAE;IAChG,EAAE,OAAO,EAAE,uBAAuB,EAAE,IAAI,EAAE,gCAAgC,EAAE,QAAQ,EAAE,SAAS,EAAE;IACjG,EAAE,OAAO,EAAE,uBAAuB,EAAE,IAAI,EAAE,mBAAmB,EAAE,QAAQ,EAAE,SAAS,EAAE;IACpF,EAAE,OAAO,EAAE,sBAAsB,EAAE,IAAI,EAAE,kBAAkB,EAAE,QAAQ,EAAE,SAAS,EAAE;IAElF,SAAS;IACT,EAAE,OAAO,EAAE,qBAAqB,EAAE,IAAI,EAAE,kCAAkC,EAAE,QAAQ,EAAE,UAAU,EAAE;IAClG,EAAE,OAAO,EAAE,mBAAmB,EAAE,IAAI,EAAE,0CAA0C,EAAE,QAAQ,EAAE,UAAU,EAAE;IACxG,EAAE,OAAO,EAAE,kDAAkD,EAAE,IAAI,EAAE,4BAA4B,EAAE,QAAQ,EAAE,UAAU,EAAE;IACzH,EAAE,OAAO,EAAE,mBAAmB,EAAE,IAAI,EAAE,sBAAsB,EAAE,QAAQ,EAAE,SAAS,EAAE;IAEnF,QAAQ;IACR,EAAE,OAAO,EAAE,YAAY,EAAE,IAAI,EAAE,gCAAgC,EAAE,QAAQ,EAAE,UAAU,EAAE;IACvF,EAAE,OAAO,EAAE,aAAa,EAAE,IAAI,EAAE,0BAA0B,EAAE,QAAQ,EAAE,UAAU,EAAE;IAClF,EAAE,OAAO,EAAE,gBAAgB,EAAE,IAAI,EAAE,uBAAuB,EAAE,QAAQ,EAAE,UAAU,EAAE;CACnF,CAAC;AAEF,MAAM,CAAC,MAAM,YAAY,GAAS;IAChC,EAAE,EAAE,UAAU;IACd,IAAI,EAAE,wBAAwB;IAC9B,WAAW,EAAE,mEAAmE;IAEhF,GAAG,CAAC,KAAoB;QACtB,MAAM,QAAQ,GAAc,EAAE,CAAC;QAE/B,KAAK,MAAM,IAAI,IAAI,KAAK,EAAE,CAAC;YACzB,IAAI,IAAI,CAAC,GAAG,KAAK,OAAO,IAAI,IAAI,CAAC,GAAG,KAAK,OAAO,IAAI,IAAI,CAAC,GAAG,KAAK,MAAM,IAAI,IAAI,CAAC,GAAG,KAAK,OAAO,IAAI,IAAI,CAAC,GAAG,KAAK,KAAK;gBAAE,SAAS;YAEhI,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,IAAI,CAAC,KAAK,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;gBAC3C,MAAM,IAAI,GAAG,IAAI,CAAC,KAAK,CAAC,CAAC,CAAE,CAAC;gBAC5B,MAAM,OAAO,GAAG,IAAI,CAAC,SAAS,EAAE,CAAC;gBACjC,IAAI,OAAO,CAAC,UAAU,CAAC,IAAI,CAAC,IAAI,OAAO,CAAC,UAAU,CAAC,GAAG,CAAC,IAAI,OAAO,CAAC,UAAU,CAAC,GAAG,CAAC;oBAAE,SAAS;gBAE7F,KAAK,MAAM,EAAE,OAAO,EAAE,IAAI,EAAE,QAAQ,EAAE,IAAI,iBAAiB,EAAE,CAAC;oBAC5D,IAAI,OAAO,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC;wBACvB,QAAQ,CAAC,IAAI,CAAC;4BACZ,IAAI,EAAE,UAAU;4BAChB,QAAQ;4BACR,IAAI,EAAE,IAAI,CAAC,YAAY;4BACvB,IAAI,EAAE,CAAC,GAAG,CAAC;4BACX,OAAO,EAAE,IAAI;4BACb,QAAQ,EAAE,IAAI,CAAC,IAAI,EAAE,CAAC,KAAK,CAAC,CAAC,EAAE,GAAG,CAAC;yBACpC,CAAC,CAAC;wBACH,MAAM,CAAC,uBAAuB;oBAChC,CAAC;gBACH,CAAC;YACH,CAAC;QACH,CAAC;QAED,OAAO,QAAQ,CAAC;IAClB,CAAC;CACF,CAAC"}

package/dist/rules/credential-hardcode.d.ts ADDED Viewed

	@@ -0,0 +1,2 @@
1	+ import type { Rule } from "../types.js";
2	+ export declare const credentialHardcodeRule: Rule;

package/dist/rules/credential-hardcode.js ADDED Viewed

@@ -0,0 +1,57 @@
+/**
+ * Rule: credential-hardcode
+ * Detects hardcoded API keys, tokens, and passwords in source code.
+ */
+const CREDENTIAL_PATTERNS = [
+    // Generic API keys / tokens
+    { pattern: /["'](?:sk|pk|api[_-]?key|token|secret)[_-]?[a-zA-Z]*["']\s*[:=]\s*["'][a-zA-Z0-9_\-/.]{20,}["']/, desc: "Hardcoded API key/token" },
+    // AWS
+    { pattern: /AKIA[0-9A-Z]{16}/, desc: "Hardcoded AWS Access Key ID" },
+    // GitHub
+    { pattern: /ghp_[a-zA-Z0-9]{36}/, desc: "Hardcoded GitHub personal access token" },
+    { pattern: /github_pat_[a-zA-Z0-9]{22}_[a-zA-Z0-9]{59}/, desc: "Hardcoded GitHub fine-grained token" },
+    // Slack
+    { pattern: /xoxb-[0-9]{10,}-[0-9]{10,}-[a-zA-Z0-9]{24}/, desc: "Hardcoded Slack bot token" },
+    { pattern: /xoxp-[0-9]{10,}-[0-9]{10,}-[0-9]{10,}-[a-f0-9]{32}/, desc: "Hardcoded Slack user token" },
+    // OpenAI
+    { pattern: /sk-[a-zA-Z0-9]{20,}T3BlbkFJ[a-zA-Z0-9]{20,}/, desc: "Hardcoded OpenAI API key" },
+    // Stripe
+    { pattern: /sk_live_[a-zA-Z0-9]{24,}/, desc: "Hardcoded Stripe live key" },
+    // Generic password assignment
+    { pattern: /(?:password|passwd|pwd)\s*[:=]\s*["'][^"']{8,}["']/i, desc: "Hardcoded password" },
+    // Private key block
+    { pattern: /-----BEGIN (?:RSA |EC |DSA )?PRIVATE KEY-----/, desc: "Embedded private key" },
+];
+export const credentialHardcodeRule = {
+    id: "credential-hardcode",
+    name: "Hardcoded Credentials",
+    description: "Detects API keys, tokens, passwords, and private keys in source code",
+    run(files) {
+        const findings = [];
+        for (const file of files) {
+            if (file.ext === ".md")
+                continue;
+            for (let i = 0; i < file.lines.length; i++) {
+                const line = file.lines[i];
+                const trimmed = line.trimStart();
+                if (trimmed.startsWith("//") || trimmed.startsWith("#") || trimmed.startsWith("*"))
+                    continue;
+                for (const { pattern, desc } of CREDENTIAL_PATTERNS) {
+                    if (pattern.test(line)) {
+                        findings.push({
+                            rule: "credential-hardcode",
+                            severity: "critical",
+                            file: file.relativePath,
+                            line: i + 1,
+                            message: desc,
+                            evidence: line.trim().replace(/["'][a-zA-Z0-9_\-/.]{10,}["']/g, '"***"').slice(0, 120),
+                        });
+                        break;
+                    }
+                }
+            }
+        }
+        return findings;
+    },
+};
+//# sourceMappingURL=credential-hardcode.js.map

package/dist/rules/credential-hardcode.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"credential-hardcode.js","sourceRoot":"","sources":["../../src/rules/credential-hardcode.ts"],"names":[],"mappings":"AAEA;;;GAGG;AAEH,MAAM,mBAAmB,GAA6C;IACpE,4BAA4B;IAC5B,EAAE,OAAO,EAAE,iGAAiG,EAAE,IAAI,EAAE,yBAAyB,EAAE;IAC/I,MAAM;IACN,EAAE,OAAO,EAAE,kBAAkB,EAAE,IAAI,EAAE,6BAA6B,EAAE;IACpE,SAAS;IACT,EAAE,OAAO,EAAE,qBAAqB,EAAE,IAAI,EAAE,wCAAwC,EAAE;IAClF,EAAE,OAAO,EAAE,4CAA4C,EAAE,IAAI,EAAE,qCAAqC,EAAE;IACtG,QAAQ;IACR,EAAE,OAAO,EAAE,4CAA4C,EAAE,IAAI,EAAE,2BAA2B,EAAE;IAC5F,EAAE,OAAO,EAAE,oDAAoD,EAAE,IAAI,EAAE,4BAA4B,EAAE;IACrG,SAAS;IACT,EAAE,OAAO,EAAE,6CAA6C,EAAE,IAAI,EAAE,0BAA0B,EAAE;IAC5F,SAAS;IACT,EAAE,OAAO,EAAE,0BAA0B,EAAE,IAAI,EAAE,2BAA2B,EAAE;IAC1E,8BAA8B;IAC9B,EAAE,OAAO,EAAE,qDAAqD,EAAE,IAAI,EAAE,oBAAoB,EAAE;IAC9F,oBAAoB;IACpB,EAAE,OAAO,EAAE,+CAA+C,EAAE,IAAI,EAAE,sBAAsB,EAAE;CAC3F,CAAC;AAEF,MAAM,CAAC,MAAM,sBAAsB,GAAS;IAC1C,EAAE,EAAE,qBAAqB;IACzB,IAAI,EAAE,uBAAuB;IAC7B,WAAW,EAAE,sEAAsE;IAEnF,GAAG,CAAC,KAAoB;QACtB,MAAM,QAAQ,GAAc,EAAE,CAAC;QAE/B,KAAK,MAAM,IAAI,IAAI,KAAK,EAAE,CAAC;YACzB,IAAI,IAAI,CAAC,GAAG,KAAK,KAAK;gBAAE,SAAS;YAEjC,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,IAAI,CAAC,KAAK,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;gBAC3C,MAAM,IAAI,GAAG,IAAI,CAAC,KAAK,CAAC,CAAC,CAAE,CAAC;gBAC5B,MAAM,OAAO,GAAG,IAAI,CAAC,SAAS,EAAE,CAAC;gBACjC,IAAI,OAAO,CAAC,UAAU,CAAC,IAAI,CAAC,IAAI,OAAO,CAAC,UAAU,CAAC,GAAG,CAAC,IAAI,OAAO,CAAC,UAAU,CAAC,GAAG,CAAC;oBAAE,SAAS;gBAE7F,KAAK,MAAM,EAAE,OAAO,EAAE,IAAI,EAAE,IAAI,mBAAmB,EAAE,CAAC;oBACpD,IAAI,OAAO,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC;wBACvB,QAAQ,CAAC,IAAI,CAAC;4BACZ,IAAI,EAAE,qBAAqB;4BAC3B,QAAQ,EAAE,UAAU;4BACpB,IAAI,EAAE,IAAI,CAAC,YAAY;4BACvB,IAAI,EAAE,CAAC,GAAG,CAAC;4BACX,OAAO,EAAE,IAAI;4BACb,QAAQ,EAAE,IAAI,CAAC,IAAI,EAAE,CAAC,OAAO,CAAC,gCAAgC,EAAE,OAAO,CAAC,CAAC,KAAK,CAAC,CAAC,EAAE,GAAG,CAAC;yBACvF,CAAC,CAAC;wBACH,MAAM;oBACR,CAAC;gBACH,CAAC;YACH,CAAC;QACH,CAAC;QAED,OAAO,QAAQ,CAAC;IAClB,CAAC;CACF,CAAC"}

package/dist/rules/crypto-mining.d.ts ADDED Viewed

	@@ -0,0 +1,2 @@
1	+ import type { Rule } from "../types.js";
2	+ export declare const cryptoMiningRule: Rule;

package/dist/rules/crypto-mining.js ADDED Viewed

@@ -0,0 +1,41 @@
+/**
+ * Rule: crypto-mining
+ * Detects cryptocurrency mining patterns.
+ */
+const MINING_PATTERNS = [
+    { pattern: /stratum\+tcp:\/\/|stratum\+ssl:\/\//, desc: "Stratum mining protocol URL" },
+    { pattern: /xmrig|cpuminer|minerd|minergate|coinhive|cryptonight/i, desc: "Known mining software reference" },
+    { pattern: /\bmining_pool\b|\bpool_url\b|\bpool_address\b/i, desc: "Mining pool configuration" },
+    { pattern: /\bmonero\b.*\bwallet\b|\bwallet\b.*\bmonero\b/i, desc: "Monero wallet reference" },
+    { pattern: /crypto\.createHash.*\bwhile\b.*true|for\s*\(\s*;\s*;\s*\).*hash/i, desc: "Infinite loop with hashing — potential mining" },
+];
+export const cryptoMiningRule = {
+    id: "crypto-mining",
+    name: "Cryptocurrency Mining",
+    description: "Detects mining pool connections, known miners, and mining-related patterns",
+    run(files) {
+        const findings = [];
+        for (const file of files) {
+            if (file.ext === ".md")
+                continue;
+            for (let i = 0; i < file.lines.length; i++) {
+                const line = file.lines[i];
+                for (const { pattern, desc } of MINING_PATTERNS) {
+                    if (pattern.test(line)) {
+                        findings.push({
+                            rule: "crypto-mining",
+                            severity: "critical",
+                            file: file.relativePath,
+                            line: i + 1,
+                            message: desc,
+                            evidence: line.trim().slice(0, 120),
+                        });
+                        break;
+                    }
+                }
+            }
+        }
+        return findings;
+    },
+};
+//# sourceMappingURL=crypto-mining.js.map

package/dist/rules/crypto-mining.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"crypto-mining.js","sourceRoot":"","sources":["../../src/rules/crypto-mining.ts"],"names":[],"mappings":"AAEA;;;GAGG;AAEH,MAAM,eAAe,GAA6C;IAChE,EAAE,OAAO,EAAE,qCAAqC,EAAE,IAAI,EAAE,6BAA6B,EAAE;IACvF,EAAE,OAAO,EAAE,uDAAuD,EAAE,IAAI,EAAE,iCAAiC,EAAE;IAC7G,EAAE,OAAO,EAAE,gDAAgD,EAAE,IAAI,EAAE,2BAA2B,EAAE;IAChG,EAAE,OAAO,EAAE,gDAAgD,EAAE,IAAI,EAAE,yBAAyB,EAAE;IAC9F,EAAE,OAAO,EAAE,kEAAkE,EAAE,IAAI,EAAE,+CAA+C,EAAE;CACvI,CAAC;AAEF,MAAM,CAAC,MAAM,gBAAgB,GAAS;IACpC,EAAE,EAAE,eAAe;IACnB,IAAI,EAAE,uBAAuB;IAC7B,WAAW,EAAE,4EAA4E;IAEzF,GAAG,CAAC,KAAoB;QACtB,MAAM,QAAQ,GAAc,EAAE,CAAC;QAE/B,KAAK,MAAM,IAAI,IAAI,KAAK,EAAE,CAAC;YACzB,IAAI,IAAI,CAAC,GAAG,KAAK,KAAK;gBAAE,SAAS;YAEjC,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,IAAI,CAAC,KAAK,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;gBAC3C,MAAM,IAAI,GAAG,IAAI,CAAC,KAAK,CAAC,CAAC,CAAE,CAAC;gBAE5B,KAAK,MAAM,EAAE,OAAO,EAAE,IAAI,EAAE,IAAI,eAAe,EAAE,CAAC;oBAChD,IAAI,OAAO,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC;wBACvB,QAAQ,CAAC,IAAI,CAAC;4BACZ,IAAI,EAAE,eAAe;4BACrB,QAAQ,EAAE,UAAU;4BACpB,IAAI,EAAE,IAAI,CAAC,YAAY;4BACvB,IAAI,EAAE,CAAC,GAAG,CAAC;4BACX,OAAO,EAAE,IAAI;4BACb,QAAQ,EAAE,IAAI,CAAC,IAAI,EAAE,CAAC,KAAK,CAAC,CAAC,EAAE,GAAG,CAAC;yBACpC,CAAC,CAAC;wBACH,MAAM;oBACR,CAAC;gBACH,CAAC;YACH,CAAC;QACH,CAAC;QAED,OAAO,QAAQ,CAAC;IAClB,CAAC;CACF,CAAC"}

package/dist/rules/data-exfil.d.ts ADDED Viewed

	@@ -0,0 +1,2 @@
1	+ import type { Rule } from "../types.js";
2	+ export declare const dataExfilRule: Rule;

package/dist/rules/data-exfil.js ADDED Viewed

@@ -0,0 +1,61 @@
+/**
+ * Rule: data-exfil
+ * Detects code that reads sensitive files AND sends HTTP requests — a classic exfiltration pattern.
+ */
+const SENSITIVE_READ_RE = /readFile|readFileSync|fs\.read|open\(|\.ssh|\.env|credentials|\.aws|\.kube|\.npmrc|\.gitconfig|\.openclaw/i;
+const HTTP_SEND_RE = /fetch\s*\(|axios\.|http\.request|https\.request|XMLHttpRequest|\.post\s*\(|\.put\s*\(|urllib|requests\.(post|put|patch)|curl\s/i;
+const DYNAMIC_URL_RE = /fetch\s*\(\s*`[^`]*\$\{|fetch\s*\(\s*[a-zA-Z_]\w*\s*[+,)]/;
+export const dataExfilRule = {
+    id: "data-exfil",
+    name: "Data Exfiltration",
+    description: "Detects patterns where sensitive data is read and sent over HTTP",
+    run(files) {
+        const findings = [];
+        for (const file of files) {
+            if (file.ext === ".json" || file.ext === ".yaml" || file.ext === ".yml" || file.ext === ".toml" || file.ext === ".md")
+                continue;
+            const content = file.content;
+            const hasSensitiveRead = SENSITIVE_READ_RE.test(content);
+            const hasHttpSend = HTTP_SEND_RE.test(content);
+            // Critical: same file reads sensitive data AND sends it out
+            if (hasSensitiveRead && hasHttpSend) {
+                // Find the specific lines
+                const readLines = [];
+                const sendLines = [];
+                for (let i = 0; i < file.lines.length; i++) {
+                    const line = file.lines[i];
+                    if (SENSITIVE_READ_RE.test(line))
+                        readLines.push(i + 1);
+                    if (HTTP_SEND_RE.test(line))
+                        sendLines.push(i + 1);
+                }
+                if (readLines.length > 0 && sendLines.length > 0) {
+                    findings.push({
+                        rule: "data-exfil",
+                        severity: "critical",
+                        file: file.relativePath,
+                        line: sendLines[0],
+                        message: `Reads sensitive data (line ${readLines.join(",")}) and sends HTTP request (line ${sendLines.join(",")}) — possible exfiltration`,
+                        evidence: file.lines[sendLines[0] - 1]?.trim().slice(0, 120),
+                    });
+                }
+            }
+            // Warning: dynamic URL construction in fetch/request calls
+            for (let i = 0; i < file.lines.length; i++) {
+                const line = file.lines[i];
+                if (DYNAMIC_URL_RE.test(line)) {
+                    findings.push({
+                        rule: "data-exfil",
+                        severity: "warning",
+                        file: file.relativePath,
+                        line: i + 1,
+                        message: "Dynamic URL construction in HTTP request — potential SSRF",
+                        evidence: line.trim().slice(0, 120),
+                    });
+                }
+            }
+        }
+        return findings;
+    },
+};
+//# sourceMappingURL=data-exfil.js.map

package/dist/rules/data-exfil.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"data-exfil.js","sourceRoot":"","sources":["../../src/rules/data-exfil.ts"],"names":[],"mappings":"AAEA;;;GAGG;AAEH,MAAM,iBAAiB,GACrB,4GAA4G,CAAC;AAE/G,MAAM,YAAY,GAChB,iIAAiI,CAAC;AAEpI,MAAM,cAAc,GAClB,2DAA2D,CAAC;AAE9D,MAAM,CAAC,MAAM,aAAa,GAAS;IACjC,EAAE,EAAE,YAAY;IAChB,IAAI,EAAE,mBAAmB;IACzB,WAAW,EAAE,kEAAkE;IAE/E,GAAG,CAAC,KAAoB;QACtB,MAAM,QAAQ,GAAc,EAAE,CAAC;QAE/B,KAAK,MAAM,IAAI,IAAI,KAAK,EAAE,CAAC;YACzB,IAAI,IAAI,CAAC,GAAG,KAAK,OAAO,IAAI,IAAI,CAAC,GAAG,KAAK,OAAO,IAAI,IAAI,CAAC,GAAG,KAAK,MAAM,IAAI,IAAI,CAAC,GAAG,KAAK,OAAO,IAAI,IAAI,CAAC,GAAG,KAAK,KAAK;gBAAE,SAAS;YAEhI,MAAM,OAAO,GAAG,IAAI,CAAC,OAAO,CAAC;YAC7B,MAAM,gBAAgB,GAAG,iBAAiB,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC;YACzD,MAAM,WAAW,GAAG,YAAY,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC;YAE/C,4DAA4D;YAC5D,IAAI,gBAAgB,IAAI,WAAW,EAAE,CAAC;gBACpC,0BAA0B;gBAC1B,MAAM,SAAS,GAAa,EAAE,CAAC;gBAC/B,MAAM,SAAS,GAAa,EAAE,CAAC;gBAE/B,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,IAAI,CAAC,KAAK,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;oBAC3C,MAAM,IAAI,GAAG,IAAI,CAAC,KAAK,CAAC,CAAC,CAAE,CAAC;oBAC5B,IAAI,iBAAiB,CAAC,IAAI,CAAC,IAAI,CAAC;wBAAE,SAAS,CAAC,IAAI,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC;oBACxD,IAAI,YAAY,CAAC,IAAI,CAAC,IAAI,CAAC;wBAAE,SAAS,CAAC,IAAI,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC;gBACrD,CAAC;gBAED,IAAI,SAAS,CAAC,MAAM,GAAG,CAAC,IAAI,SAAS,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;oBACjD,QAAQ,CAAC,IAAI,CAAC;wBACZ,IAAI,EAAE,YAAY;wBAClB,QAAQ,EAAE,UAAU;wBACpB,IAAI,EAAE,IAAI,CAAC,YAAY;wBACvB,IAAI,EAAE,SAAS,CAAC,CAAC,CAAC;wBAClB,OAAO,EAAE,8BAA8B,SAAS,CAAC,IAAI,CAAC,GAAG,CAAC,kCAAkC,SAAS,CAAC,IAAI,CAAC,GAAG,CAAC,2BAA2B;wBAC1I,QAAQ,EAAE,IAAI,CAAC,KAAK,CAAC,SAAS,CAAC,CAAC,CAAE,GAAG,CAAC,CAAC,EAAE,IAAI,EAAE,CAAC,KAAK,CAAC,CAAC,EAAE,GAAG,CAAC;qBAC9D,CAAC,CAAC;gBACL,CAAC;YACH,CAAC;YAED,2DAA2D;YAC3D,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,IAAI,CAAC,KAAK,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;gBAC3C,MAAM,IAAI,GAAG,IAAI,CAAC,KAAK,CAAC,CAAC,CAAE,CAAC;gBAC5B,IAAI,cAAc,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC;oBAC9B,QAAQ,CAAC,IAAI,CAAC;wBACZ,IAAI,EAAE,YAAY;wBAClB,QAAQ,EAAE,SAAS;wBACnB,IAAI,EAAE,IAAI,CAAC,YAAY;wBACvB,IAAI,EAAE,CAAC,GAAG,CAAC;wBACX,OAAO,EAAE,2DAA2D;wBACpE,QAAQ,EAAE,IAAI,CAAC,IAAI,EAAE,CAAC,KAAK,CAAC,CAAC,EAAE,GAAG,CAAC;qBACpC,CAAC,CAAC;gBACL,CAAC;YACH,CAAC;QACH,CAAC;QAED,OAAO,QAAQ,CAAC;IAClB,CAAC;CACF,CAAC"}

package/dist/rules/env-leak.d.ts ADDED Viewed

	@@ -0,0 +1,2 @@
1	+ import type { Rule } from "../types.js";
2	+ export declare const envLeakRule: Rule;

package/dist/rules/env-leak.js ADDED Viewed

@@ -0,0 +1,43 @@
+/**
+ * Rule: env-leak
+ * Detects process.env access combined with HTTP send — leaking environment variables.
+ */
+const ENV_ACCESS_RE = /process\.env\b|os\.environ|getenv\s*\(/i;
+const HTTP_SEND_RE = /fetch\s*\(|axios\.|http\.request|https\.request|requests\.(post|put|patch)|\.post\s*\(|curl\s/i;
+export const envLeakRule = {
+    id: "env-leak",
+    name: "Environment Variable Leak",
+    description: "Detects process.env access combined with outbound HTTP requests",
+    run(files) {
+        const findings = [];
+        for (const file of files) {
+            if (file.ext === ".json" || file.ext === ".yaml" || file.ext === ".yml" || file.ext === ".md")
+                continue;
+            const hasEnvAccess = ENV_ACCESS_RE.test(file.content);
+            const hasHttpSend = HTTP_SEND_RE.test(file.content);
+            if (hasEnvAccess && hasHttpSend) {
+                const envLines = [];
+                const sendLines = [];
+                for (let i = 0; i < file.lines.length; i++) {
+                    const line = file.lines[i];
+                    if (ENV_ACCESS_RE.test(line))
+                        envLines.push(i + 1);
+                    if (HTTP_SEND_RE.test(line))
+                        sendLines.push(i + 1);
+                }
+                if (envLines.length > 0 && sendLines.length > 0) {
+                    findings.push({
+                        rule: "env-leak",
+                        severity: "critical",
+                        file: file.relativePath,
+                        line: sendLines[0],
+                        message: `Reads environment variables (line ${envLines.join(",")}) and sends HTTP request (line ${sendLines.join(",")}) — possible env leak`,
+                        evidence: file.lines[sendLines[0] - 1]?.trim().slice(0, 120),
+                    });
+                }
+            }
+        }
+        return findings;
+    },
+};
+//# sourceMappingURL=env-leak.js.map

package/dist/rules/env-leak.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"env-leak.js","sourceRoot":"","sources":["../../src/rules/env-leak.ts"],"names":[],"mappings":"AAEA;;;GAGG;AAEH,MAAM,aAAa,GAAG,yCAAyC,CAAC;AAChE,MAAM,YAAY,GAAG,gGAAgG,CAAC;AAEtH,MAAM,CAAC,MAAM,WAAW,GAAS;IAC/B,EAAE,EAAE,UAAU;IACd,IAAI,EAAE,2BAA2B;IACjC,WAAW,EAAE,iEAAiE;IAE9E,GAAG,CAAC,KAAoB;QACtB,MAAM,QAAQ,GAAc,EAAE,CAAC;QAE/B,KAAK,MAAM,IAAI,IAAI,KAAK,EAAE,CAAC;YACzB,IAAI,IAAI,CAAC,GAAG,KAAK,OAAO,IAAI,IAAI,CAAC,GAAG,KAAK,OAAO,IAAI,IAAI,CAAC,GAAG,KAAK,MAAM,IAAI,IAAI,CAAC,GAAG,KAAK,KAAK;gBAAE,SAAS;YAExG,MAAM,YAAY,GAAG,aAAa,CAAC,IAAI,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC;YACtD,MAAM,WAAW,GAAG,YAAY,CAAC,IAAI,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC;YAEpD,IAAI,YAAY,IAAI,WAAW,EAAE,CAAC;gBAChC,MAAM,QAAQ,GAAa,EAAE,CAAC;gBAC9B,MAAM,SAAS,GAAa,EAAE,CAAC;gBAE/B,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,IAAI,CAAC,KAAK,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;oBAC3C,MAAM,IAAI,GAAG,IAAI,CAAC,KAAK,CAAC,CAAC,CAAE,CAAC;oBAC5B,IAAI,aAAa,CAAC,IAAI,CAAC,IAAI,CAAC;wBAAE,QAAQ,CAAC,IAAI,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC;oBACnD,IAAI,YAAY,CAAC,IAAI,CAAC,IAAI,CAAC;wBAAE,SAAS,CAAC,IAAI,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC;gBACrD,CAAC;gBAED,IAAI,QAAQ,CAAC,MAAM,GAAG,CAAC,IAAI,SAAS,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;oBAChD,QAAQ,CAAC,IAAI,CAAC;wBACZ,IAAI,EAAE,UAAU;wBAChB,QAAQ,EAAE,UAAU;wBACpB,IAAI,EAAE,IAAI,CAAC,YAAY;wBACvB,IAAI,EAAE,SAAS,CAAC,CAAC,CAAC;wBAClB,OAAO,EAAE,qCAAqC,QAAQ,CAAC,IAAI,CAAC,GAAG,CAAC,kCAAkC,SAAS,CAAC,IAAI,CAAC,GAAG,CAAC,uBAAuB;wBAC5I,QAAQ,EAAE,IAAI,CAAC,KAAK,CAAC,SAAS,CAAC,CAAC,CAAE,GAAG,CAAC,CAAC,EAAE,IAAI,EAAE,CAAC,KAAK,CAAC,CAAC,EAAE,GAAG,CAAC;qBAC9D,CAAC,CAAC;gBACL,CAAC;YACH,CAAC;QACH,CAAC;QAED,OAAO,QAAQ,CAAC;IAClB,CAAC;CACF,CAAC"}

package/dist/rules/excessive-perms.d.ts ADDED Viewed

	@@ -0,0 +1,2 @@
1	+ import type { Rule } from "../types.js";
2	+ export declare const excessivePermsRule: Rule;