@elytrasec/engine 0.3.0 → 0.3.2

package/dist/index.d.ts

@@ -218,6 +218,23 @@ declare const ReviewResultSchema: z.ZodObject<{
             deducted: number;
         }>>;
     }>>;
+    /** keyed by "${ruleId}:${filePath}:${startLine}" — only present when runPoc=true */
+    pocs: z.ZodOptional<z.ZodRecord<z.ZodString, z.ZodObject<{
+        status: z.ZodEnum<["confirmed", "not-exploitable", "generated", "error"]>;
+        pocCode: z.ZodString;
+        output: z.ZodString;
+        rpcUrl: z.ZodOptional<z.ZodString>;
+    }, "strip", z.ZodTypeAny, {
+        status: "confirmed" | "not-exploitable" | "generated" | "error";
+        pocCode: string;
+        output: string;
+        rpcUrl?: string | undefined;
+    }, {
+        status: "confirmed" | "not-exploitable" | "generated" | "error";
+        pocCode: string;
+        output: string;
+        rpcUrl?: string | undefined;
+    }>>>;
 }, "strip", z.ZodTypeAny, {
     findings: {
         severity: "critical" | "high" | "medium" | "low" | "info";
@@ -244,6 +261,12 @@ declare const ReviewResultSchema: z.ZodObject<{
             deducted: number;
         }>>;
     } | undefined;
+    pocs?: Record<string, {
+        status: "confirmed" | "not-exploitable" | "generated" | "error";
+        pocCode: string;
+        output: string;
+        rpcUrl?: string | undefined;
+    }> | undefined;
 }, {
     findings: {
         severity: "critical" | "high" | "medium" | "low" | "info";
@@ -270,6 +293,12 @@ declare const ReviewResultSchema: z.ZodObject<{
             deducted: number;
         }>>;
     } | undefined;
+    pocs?: Record<string, {
+        status: "confirmed" | "not-exploitable" | "generated" | "error";
+        pocCode: string;
+        output: string;
+        rpcUrl?: string | undefined;
+    }> | undefined;
 }>;
 type ReviewResult = z.infer<typeof ReviewResultSchema>;
 
@@ -1213,6 +1242,14 @@ interface AnalyzeParams {
     skipStatic?: boolean;
     /** AI concurrency limit. Defaults to AI_CONCURRENCY env var or 3. */
     aiConcurrency?: number;
+    /**
+     * Run agentic PoC generation on critical/high Solidity findings.
+     * Requires an AI provider. If forge is installed, attempts to confirm
+     * exploitability by running the generated test against Anvil.
+     */
+    runPoc?: boolean;
+    /** Optional RPC URL for forked Anvil PoC execution (e.g. Base/mainnet). */
+    pocRpcUrl?: string;
 }
 /**
  * Deduplicate findings by (filePath, startLine, ruleId).
@@ -1291,4 +1328,31 @@ interface DiscoverOptions {
  */
 declare function discoverFiles(targetPath: string, opts?: DiscoverOptions): DiscoveredFile[];
 
-export { AIClient, type AICompleteParams, type AICompleteResult, type AIMessage, type AIProvider, type AnalyzeCodeParams, type AnalyzeFileParams, type AnalyzeParams, AnthropicProvider, type ApplyFixesResult, type AuditIssue, type AuditReport, CWE_OWASP_MAP, type Chain, type ChangeType, type CreateProviderOptions, type CweOwaspEntry, type DepInfo, type DepVulnerability, type DependencyReport, type DiffChange, type DiffChunk, type DiffFile, type DiffHunk, type DiscoverOptions, type DiscoveredFile, type Ecosystem, type ElytraConfig, type FileClassification, type FileFixInput, type FileFixResult, type FileStatus, type FileTransform, type Finding, FindingSchema, type Framework, type FullScanParams, type GitHubReviewComment, type HardenResult, type HardenSuggestion, type IssueCategory, type Language, MockProvider, OllamaProvider, OpenAIProvider, type ParsedDiff, type PatternRule, type ProjectFile, type ProjectSummary, type ReportOptions, type ReviewResult, ReviewResultSchema, type RewriteResult, type Rule, type SecurityScore, type SecurityScoreOutput, SecurityScoreSchema, type Severity, SeveritySchema, type StaticAnalysisOptions, type StaticAnalysisResult, type StaticFinding, type ToolRunner, type ToolRunnerOptions, type TransformResult, type UpgradeItem, type UpgradeOptions, type UpgradePlan, type UpgradeResult, type UpgradeType, ALL_RULES as _ALL_RULES, scanFile as _scanFile, analyze, analyzeDependencies, analyzeFullScan, apiRules, applyFixes, applyHardenFix, auditCodebase, authRules, bestPracticeRules, classifyFile, complexityRules, computeScore, createProvider, deadCodeRules, dedupeFindings, discoverFiles, filterByConfig, formatAsReviewComments, formatStaticFindingsForAI, gasRules, generalRules, generateFallbackPlan, generateMarkdownReport, generateUpgradePlan, getAllRules, getCweOwasp, getRulesForChains, getSystemPrompt, gitleaksRunner, ingestRepo, injectionRules, loadConfig, logger, namingRules, parseDiff, patternScannerRunner, readRepoFile, readRepoFiles, reconRules, rewriteFile, rewriteFiles, runHarden, runStaticAnalysis, runUpgrade, semgrepRunner, slitherRunner, solidityRules, splitIntoChunks, transformFiles, validateFixedSyntax };
+/**
+ * Agentic PoC generator.
+ *
+ * Given a Finding from our scanner and the vulnerable contract source,
+ * asks Claude to write a Foundry exploit test, then tries to run it
+ * against an Anvil fork to confirm the vulnerability is actually exploitable.
+ *
+ * Returns a PocResult indicating whether the finding was confirmed, along
+ * with the generated test and execution output.
+ *
+ * Degrades gracefully when forge/anvil are not installed — the PoC code
+ * is still generated, status is "generated" rather than "confirmed".
+ */
+
+type PocStatus = "confirmed" | "not-exploitable" | "generated" | "error";
+interface PocResult {
+    status: PocStatus;
+    pocCode: string;
+    output: string;
+    rpcUrl?: string;
+}
+declare class PocGenerator {
+    private provider;
+    constructor(provider: AIProvider);
+    generate(finding: Finding, contractSource: string, rpcUrl?: string): Promise<PocResult>;
+}
+
+export { AIClient, type AICompleteParams, type AICompleteResult, type AIMessage, type AIProvider, type AnalyzeCodeParams, type AnalyzeFileParams, type AnalyzeParams, AnthropicProvider, type ApplyFixesResult, type AuditIssue, type AuditReport, CWE_OWASP_MAP, type Chain, type ChangeType, type CreateProviderOptions, type CweOwaspEntry, type DepInfo, type DepVulnerability, type DependencyReport, type DiffChange, type DiffChunk, type DiffFile, type DiffHunk, type DiscoverOptions, type DiscoveredFile, type Ecosystem, type ElytraConfig, type FileClassification, type FileFixInput, type FileFixResult, type FileStatus, type FileTransform, type Finding, FindingSchema, type Framework, type FullScanParams, type GitHubReviewComment, type HardenResult, type HardenSuggestion, type IssueCategory, type Language, MockProvider, OllamaProvider, OpenAIProvider, type ParsedDiff, type PatternRule, PocGenerator, type PocResult, type PocStatus, type ProjectFile, type ProjectSummary, type ReportOptions, type ReviewResult, ReviewResultSchema, type RewriteResult, type Rule, type SecurityScore, type SecurityScoreOutput, SecurityScoreSchema, type Severity, SeveritySchema, type StaticAnalysisOptions, type StaticAnalysisResult, type StaticFinding, type ToolRunner, type ToolRunnerOptions, type TransformResult, type UpgradeItem, type UpgradeOptions, type UpgradePlan, type UpgradeResult, type UpgradeType, ALL_RULES as _ALL_RULES, scanFile as _scanFile, analyze, analyzeDependencies, analyzeFullScan, apiRules, applyFixes, applyHardenFix, auditCodebase, authRules, bestPracticeRules, classifyFile, complexityRules, computeScore, createProvider, deadCodeRules, dedupeFindings, discoverFiles, filterByConfig, formatAsReviewComments, formatStaticFindingsForAI, gasRules, generalRules, generateFallbackPlan, generateMarkdownReport, generateUpgradePlan, getAllRules, getCweOwasp, getRulesForChains, getSystemPrompt, gitleaksRunner, ingestRepo, injectionRules, loadConfig, logger, namingRules, parseDiff, patternScannerRunner, readRepoFile, readRepoFiles, reconRules, rewriteFile, rewriteFiles, runHarden, runStaticAnalysis, runUpgrade, semgrepRunner, slitherRunner, solidityRules, splitIntoChunks, transformFiles, validateFixedSyntax };

package/dist/index.js

@@ -251,10 +251,18 @@ var SecurityScoreSchema = z.object({
     z.object({ count: z.number(), deducted: z.number() })
   )
 });
+var PocResultSchema = z.object({
+  status: z.enum(["confirmed", "not-exploitable", "generated", "error"]),
+  pocCode: z.string(),
+  output: z.string(),
+  rpcUrl: z.string().optional()
+});
 var ReviewResultSchema = z.object({
   findings: z.array(FindingSchema),
   summary: z.string(),
-  score: SecurityScoreSchema.optional()
+  score: SecurityScoreSchema.optional(),
+  /** keyed by "${ruleId}:${filePath}:${startLine}" — only present when runPoc=true */
+  pocs: z.record(PocResultSchema).optional()
 });
 
 // src/logger.ts
@@ -4603,6 +4611,112 @@ var iacRules = [
     pathPattern: /\.github[/\\]workflows[/\\]/
   }
 ];
+var eip7702Rules = [
+  {
+    id: "cp-sol-7702-unguarded-init",
+    title: "EIP-7702 delegation: unguarded initializer",
+    description: "Contracts used as EIP-7702 delegation targets must guard initializers \u2014 constructors don't run on delegated EOAs. An unguarded `initialize()` can be front-run, letting an attacker take ownership of the delegated account.",
+    suggestion: "Add an `initializer` modifier (OpenZeppelin) or an `initialized` flag checked at the top of every init function. Ensure no init path is callable twice.",
+    pattern: /function\s+initialize\s*\([^)]*\)\s*(?:external|public)(?!\s+\w*[Ii]nitializer)/,
+    severity: "critical",
+    category: "solidity",
+    confidence: "medium",
+    languages: SOL
+  },
+  {
+    id: "cp-sol-7702-nonce-race",
+    title: "EIP-7702 delegation: nonce race condition",
+    description: "EIP-7702 authorization tuples share the EOA nonce space with regular transactions. A pending delegation can be invalidated or front-run by submitting a regular transaction that increments the nonce before the authorization is mined.",
+    suggestion: "Always set `nonce` explicitly in authorization tuples. Do not rely on mempool ordering for security-sensitive delegations \u2014 use a commit-reveal or atomic multicall pattern.",
+    pattern: /authorization\s*=\s*\{[^}]*nonce\s*:\s*0[^x]/i,
+    severity: "high",
+    category: "solidity",
+    confidence: "medium",
+    languages: SOL
+  }
+];
+var tstoreRules = [
+  {
+    id: "cp-sol-tstore-reentrancy",
+    title: "Transient storage (TSTORE) used \u2014 verify reentrancy safety",
+    description: "Transient storage (EIP-1153, live since Cancun) does not impose the 2300 gas minimum of SSTORE-based guards. If this contract also uses `transfer()` or `send()` for ETH, those calls are no longer reentrancy-safe \u2014 the callee has enough gas to re-enter via TLOAD/TSTORE paths.",
+    suggestion: 'Audit every ETH transfer in this contract. Replace `transfer()`/`send()` with `call{value:}("")` + explicit reentrancy check. Ensure TSTORE lock is written before any external call.',
+    pattern: /assembly\s*\{[^}]*tstore\s*\(|TransientSlot|tstore\s*\(/i,
+    severity: "high",
+    category: "solidity",
+    confidence: "medium",
+    languages: SOL
+  },
+  {
+    id: "cp-sol-tstore-lock-pattern",
+    title: "Transient storage lock: verify all entry points are guarded",
+    description: "TSTORE-based reentrancy locks reset at transaction end (not call end). A lock set in `functionA` does NOT protect `functionB` called in a separate transaction, and a lock set mid-call does NOT protect earlier entry points in the same call chain.",
+    suggestion: "Apply the TSTORE lock modifier to every external/public function that modifies state, not just the function that initiates the ETH transfer.",
+    pattern: /assembly\s*\{[^}]*tload\s*\([^}]*\)[^}]*tstore\s*\(/is,
+    severity: "medium",
+    category: "solidity",
+    confidence: "low",
+    languages: SOL
+  }
+];
+var uniswapV4Rules = [
+  {
+    id: "cp-sol-v4hook-missing-sender-check",
+    title: "Uniswap v4 hook: missing PoolManager sender validation",
+    description: "Hook callbacks (`beforeSwap`, `afterSwap`, `beforeAddLiquidity`, etc.) must verify `msg.sender == address(poolManager)`. Without this check, any address can call the hook directly and manipulate its state.",
+    suggestion: 'Add `require(msg.sender == address(poolManager), "not PoolManager");` as the first line of every hook callback, or inherit from `BaseHook` which enforces this automatically.',
+    pattern: /function\s+(?:before|after)(?:Swap|AddLiquidity|RemoveLiquidity|Initialize|Donate)\s*\(/,
+    severity: "critical",
+    category: "solidity",
+    confidence: "medium",
+    languages: SOL
+  },
+  {
+    id: "cp-sol-v4hook-reentrancy-callback",
+    title: "Uniswap v4 hook: external call inside hook callback",
+    description: "Making external calls from within a hook callback (beforeSwap, afterSwap, etc.) while the PoolManager lock is held can trigger reentrancy into the pool. The singleton PoolManager uses a transient-storage lock that is bypassable via hooks that call back into the pool.",
+    suggestion: "Avoid external calls in hook callbacks. If you must call out, use the `unlockCallback` pattern to queue actions and execute them after the current lock cycle completes.",
+    pattern: /function\s+(?:before|after)(?:Swap|AddLiquidity|RemoveLiquidity|Initialize|Donate)[\s\S]{0,500}?\.call\s*\{/,
+    multilinePattern: /function\s+(before|after)(Swap|AddLiquidity|RemoveLiquidity|Initialize|Donate)\s*\([^)]*\)[^{]*\{[\s\S]{0,800}?(?:\.call\s*\{|\.transfer\s*\(|\.send\s*\()/gm,
+    severity: "critical",
+    category: "solidity",
+    confidence: "medium",
+    languages: SOL
+  },
+  {
+    id: "cp-sol-v4hook-delta-not-consumed",
+    title: "Uniswap v4 hook: BalanceDelta returned without settle/take",
+    description: "Hooks that return a modified `BalanceDelta` must ensure the delta is fully consumed (settled or taken) within the same unlock cycle. An unconsumed delta causes `CurrencyNotSettled` revert; partial consumption can silently strand tokens.",
+    suggestion: "Ensure `poolManager.settle()` or `poolManager.take()` is called for both currency0 and currency1 before returning from the unlock callback.",
+    pattern: /returns\s*\([^)]*BalanceDelta[^)]*\)(?![\s\S]{0,800}?(?:settle|\.take)\s*\()/,
+    severity: "high",
+    category: "solidity",
+    confidence: "low",
+    languages: SOL
+  },
+  {
+    id: "cp-sol-v4hook-unrestricted-permissions",
+    title: "Uniswap v4 hook: overly broad hook permissions",
+    description: "Hook permissions are set at deployment via the address bit-flags and cannot be changed. Requesting permissions you don't need (e.g. `BEFORE_SWAP_RETURNS_DELTA` when you never return a delta) increases attack surface and gas costs for every pool interaction.",
+    suggestion: "Return only the minimum required `Hooks.Permissions` from `getHookPermissions()`. Audit each permission flag against your actual callback implementations.",
+    pattern: /getHookPermissions\s*\(\s*\)\s*(?:public|external|override)[^{]*\{[\s\S]{0,300}?true/,
+    severity: "medium",
+    category: "solidity",
+    confidence: "low",
+    languages: SOL
+  },
+  {
+    id: "cp-sol-v4hook-sqrt-price-manipulation",
+    title: "Uniswap v4 hook: spot sqrtPriceX96 used for pricing without limit",
+    description: "Using spot `sqrtPriceX96` read from pool state inside a hook callback for pricing decisions without a `sqrtPriceLimitX96` bound is sandwich-attackable. The price reflects post-swap state which may be manipulated.",
+    suggestion: "Pass `sqrtPriceLimitX96` to all swap calls from hooks. Use a TWAP oracle for pricing rather than spot price.",
+    pattern: /sqrtPriceX96\s*[*/+-]\s*\w|sqrtPriceX96\s*=\s*(?!.*[Ll]imit)/,
+    severity: "high",
+    category: "solidity",
+    confidence: "low",
+    languages: SOL
+  }
+];
 var ALL_RULES2 = [
   ...securityRules,
   ...solidityRules2,
@@ -4613,7 +4727,10 @@ var ALL_RULES2 = [
   ...performanceRules,
   ...cleaningRules,
   ...reactRules,
-  ...iacRules
+  ...iacRules,
+  ...eip7702Rules,
+  ...tstoreRules,
+  ...uniswapV4Rules
 ];
 
 // src/static/pattern-scanner.ts
@@ -5015,6 +5132,175 @@ var patternScannerRunner = {
   }
 };
 
+// src/ai/poc-generator.ts
+import { execFile as execFile4 } from "child_process";
+import { writeFile as writeFile2, mkdir as mkdir2 } from "fs/promises";
+import { promisify as promisify4 } from "util";
+import { tmpdir } from "os";
+import { join } from "path";
+import { randomBytes } from "crypto";
+var exec4 = promisify4(execFile4);
+var SYSTEM_PROMPT = `You are an expert smart contract security researcher who writes Foundry (forge) exploit tests to demonstrate vulnerabilities.
+
+Given a security finding and the vulnerable contract source code, write a minimal Foundry test that:
+1. Deploys the vulnerable contract (or a minimal reproduction of the vulnerable pattern)
+2. Demonstrates the exploit in a test function named test_exploit()
+3. Uses vm.expectRevert() or assertions to show the vulnerability is real
+4. Includes a brief comment explaining the attack vector
+
+Rules:
+- Use Solidity ^0.8.20 and Foundry's Test base
+- Import only from forge-std (available: Test, console, Vm, StdCheats)
+- If the contract needs an RPC fork (e.g. for on-chain state), emit a // @fork-required comment on line 1
+- Keep it minimal \u2014 prove the bug, nothing else
+- Return ONLY valid Solidity, no markdown fences, no explanation outside comments
+
+Format:
+\`\`\`solidity
+// SPDX-License-Identifier: MIT
+pragma solidity ^0.8.20;
+
+import "forge-std/Test.sol";
+
+contract ExploitTest is Test {
+    // ...setup...
+
+    function test_exploit() public {
+        // ...exploit...
+    }
+}
+\`\`\``;
+function buildUserMessage(finding, contractSource) {
+  return `## Vulnerability Finding
+
+Rule ID: ${finding.ruleId}
+Title: ${finding.title}
+Severity: ${finding.severity}
+File: ${finding.filePath} (lines ${finding.startLine}\u2013${finding.endLine})
+Description: ${finding.description}
+
+Vulnerable code snippet:
+\`\`\`solidity
+${finding.codeSnippet}
+\`\`\`
+
+Fix suggestion: ${finding.suggestion}
+
+## Full Contract Source
+
+\`\`\`solidity
+${contractSource}
+\`\`\`
+
+Write the Foundry exploit test now.`;
+}
+function extractSolidity(text) {
+  const fenceMatch = text.match(/```(?:solidity)?\s*([\s\S]*?)```/);
+  if (fenceMatch) return fenceMatch[1].trim();
+  return text.trim();
+}
+async function forgeAvailable() {
+  try {
+    await exec4("forge", ["--version"], { timeout: 5e3 });
+    return true;
+  } catch {
+    return false;
+  }
+}
+async function runForgeTest(pocCode, rpcUrl) {
+  const id = randomBytes(6).toString("hex");
+  const dir = join(tmpdir(), `elytra-poc-${id}`);
+  const srcDir = join(dir, "src");
+  const testDir = join(dir, "test");
+  const libDir = join(dir, "lib");
+  try {
+    await mkdir2(srcDir, { recursive: true });
+    await mkdir2(testDir, { recursive: true });
+    await mkdir2(libDir, { recursive: true });
+    await writeFile2(
+      join(dir, "foundry.toml"),
+      `[profile.default]
+src = "src"
+out = "out"
+libs = ["lib"]
+`
+    );
+    const testFile = join(testDir, "Exploit.t.sol");
+    await writeFile2(testFile, pocCode);
+    const args = ["test", "--match-contract", "ExploitTest", "--no-match-coverage", "-vv"];
+    if (rpcUrl) {
+      args.push("--fork-url", rpcUrl);
+    }
+    const { stdout, stderr } = await exec4("forge", args, {
+      cwd: dir,
+      timeout: 6e4,
+      env: { ...process.env, FOUNDRY_PROFILE: "default" }
+    });
+    const output = [stdout, stderr].filter(Boolean).join("\n");
+    const passed = output.includes("PASS") || output.includes("ok");
+    return { success: passed, output };
+  } catch (err) {
+    const output = err.stdout ?? err.stderr ?? String(err);
+    return { success: false, output };
+  } finally {
+    exec4("rm", ["-rf", dir]).catch(() => {
+    });
+  }
+}
+var PocGenerator = class {
+  provider;
+  constructor(provider) {
+    this.provider = provider;
+  }
+  async generate(finding, contractSource, rpcUrl) {
+    if (finding.category !== "solidity" && !finding.ruleId.startsWith("cp-sol")) {
+      return {
+        status: "error",
+        pocCode: "",
+        output: "PoC generation only supported for Solidity findings"
+      };
+    }
+    let pocCode = "";
+    try {
+      const response = await this.provider.complete({
+        messages: [
+          { role: "system", content: SYSTEM_PROMPT },
+          { role: "user", content: buildUserMessage(finding, contractSource) }
+        ],
+        maxTokens: 4096
+      });
+      pocCode = extractSolidity(response.text);
+      if (!pocCode) {
+        return { status: "error", pocCode: "", output: "AI returned empty response" };
+      }
+    } catch (err) {
+      logger.error(`PocGenerator: AI call failed: ${err}`);
+      return { status: "error", pocCode: "", output: String(err) };
+    }
+    const hasForge = await forgeAvailable();
+    if (!hasForge) {
+      logger.info("PocGenerator: forge not available, returning generated code only");
+      return {
+        status: "generated",
+        pocCode,
+        output: "forge not installed \u2014 PoC generated but not executed",
+        rpcUrl
+      };
+    }
+    const forkRequired = pocCode.includes("@fork-required");
+    const { success, output } = await runForgeTest(
+      pocCode,
+      forkRequired ? rpcUrl : void 0
+    );
+    return {
+      status: success ? "confirmed" : "not-exploitable",
+      pocCode,
+      output,
+      rpcUrl: forkRequired ? rpcUrl : void 0
+    };
+  }
+};
+
 // src/analyzer.ts
 var SEVERITY_ORDER2 = {
   critical: 0,
@@ -5119,7 +5405,9 @@ async function analyze(params) {
     repoPath,
     staticOnly = false,
     skipStatic = false,
-    aiConcurrency
+    aiConcurrency,
+    runPoc = false,
+    pocRpcUrl
   } = params;
   const parsed = parseDiff(diff);
   if (parsed.files.length === 0) {
@@ -5237,7 +5525,38 @@ async function analyze(params) {
   const enriched = enrichFindings(sorted);
   const score = computeScore(enriched, parsed.files.length);
   const summary = buildSummary(enriched, parsed.files.length, staticResult?.toolsRan);
-  return { findings: enriched, summary, score };
+  let pocs;
+  if (runPoc && (provider || apiKey)) {
+    const pocProvider = provider ?? {
+      name: "anthropic-poc",
+      async complete(p) {
+        const { AnthropicProvider: AnthropicProvider2 } = await import("./anthropic-PRRF4E3I.js");
+        return new AnthropicProvider2(apiKey).complete(p);
+      }
+    };
+    const pocGen = new PocGenerator(pocProvider);
+    const solFindings = enriched.filter(
+      (f) => (f.severity === "critical" || f.severity === "high") && (f.category === "solidity" || f.ruleId.startsWith("cp-sol"))
+    );
+    const fileContents = /* @__PURE__ */ new Map();
+    for (const file of parsed.files) {
+      fileContents.set(file.path, reconstructContent(file));
+    }
+    pocs = {};
+    await Promise.all(
+      solFindings.map(async (finding) => {
+        const src = fileContents.get(finding.filePath) ?? finding.codeSnippet;
+        const key = `${finding.ruleId}:${finding.filePath}:${finding.startLine}`;
+        try {
+          pocs[key] = await pocGen.generate(finding, src, pocRpcUrl);
+        } catch (err) {
+          logger.error(`[analyzer] PoC generation failed for ${key}: ${err}`);
+          pocs[key] = { status: "error", pocCode: "", output: String(err) };
+        }
+      })
+    );
+  }
+  return { findings: enriched, summary, score, ...pocs ? { pocs } : {} };
 }
 function enrichFindings(findings) {
   return findings.map((f) => {
@@ -5373,12 +5692,12 @@ function formatStaticFindingsForAI(rawFindings) {
 import { rm as rm2 } from "fs/promises";
 
 // src/upgrade/ingest.ts
-import { execFile as execFile4 } from "child_process";
-import { promisify as promisify4 } from "util";
+import { execFile as execFile5 } from "child_process";
+import { promisify as promisify5 } from "util";
 import { readdir, stat, readFile as readFile2, mkdtemp } from "fs/promises";
 import path4 from "path";
 import os2 from "os";
-var exec4 = promisify4(execFile4);
+var exec5 = promisify5(execFile5);
 var EXT_TO_LANG = {
   ".ts": "typescript",
   ".tsx": "typescript",
@@ -5599,7 +5918,7 @@ async function ingestRepo(repoUrl, branch) {
   if (branch) {
     cloneArgs.splice(2, 0, "--branch", branch);
   }
-  await exec4("git", cloneArgs, {
+  await exec5("git", cloneArgs, {
     timeout: 12e4,
     maxBuffer: 200 * 1024 * 1024
   });
@@ -5661,11 +5980,11 @@ async function readRepoFiles(repoPath, filePaths, maxTotalSize = 5e5) {
 }
 
 // src/upgrade/deps.ts
-import { execFile as execFile5 } from "child_process";
-import { promisify as promisify5 } from "util";
+import { execFile as execFile6 } from "child_process";
+import { promisify as promisify6 } from "util";
 import { readFile as readFile3, access } from "fs/promises";
 import path5 from "path";
-var exec5 = promisify5(execFile5);
+var exec6 = promisify6(execFile6);
 var DEPRECATED_REPLACEMENTS = {
   "moment": "dayjs or date-fns",
   "request": "node-fetch or axios or undici",
@@ -5719,7 +6038,7 @@ async function analyzeNodeDeps(repoPath) {
   let vulnerableCount = 0;
   let auditResults = {};
   try {
-    const { stdout } = await exec5("npm", ["audit", "--json"], {
+    const { stdout } = await exec6("npm", ["audit", "--json"], {
       cwd: repoPath,
       timeout: 6e4,
       maxBuffer: 20 * 1024 * 1024
@@ -5744,7 +6063,7 @@ async function analyzeNodeDeps(repoPath) {
   }
   let outdatedResults = {};
   try {
-    const { stdout } = await exec5("npm", ["outdated", "--json"], {
+    const { stdout } = await exec6("npm", ["outdated", "--json"], {
       cwd: repoPath,
       timeout: 3e4,
       maxBuffer: 10 * 1024 * 1024
@@ -5804,7 +6123,7 @@ async function analyzeRustDeps(repoPath) {
   const deps = [];
   let vulnerableCount = 0;
   try {
-    const { stdout } = await exec5("cargo", ["audit", "--json"], {
+    const { stdout } = await exec6("cargo", ["audit", "--json"], {
       cwd: repoPath,
       timeout: 6e4,
       maxBuffer: 20 * 1024 * 1024
@@ -5862,7 +6181,7 @@ async function analyzePythonDeps(repoPath) {
   const deps = [];
   let vulnerableCount = 0;
   try {
-    const { stdout } = await exec5(
+    const { stdout } = await exec6(
       "pip-audit",
       ["-r", path5.join(repoPath, "requirements.txt"), "--format", "json"],
       { cwd: repoPath, timeout: 6e4, maxBuffer: 20 * 1024 * 1024 }
@@ -5944,10 +6263,10 @@ async function analyzeDependencies(repoPath, ecosystems) {
 }
 
 // src/upgrade/audit.ts
-import { execFile as execFile6 } from "child_process";
-import { promisify as promisify6 } from "util";
+import { execFile as execFile7 } from "child_process";
+import { promisify as promisify7 } from "util";
 import path6 from "path";
-var exec6 = promisify6(execFile6);
+var exec7 = promisify7(execFile7);
 async function runSlitherFullScan(repoPath, solFiles) {
   if (solFiles.length === 0) return [];
   const IMPACT_MAP2 = {
@@ -5960,7 +6279,7 @@ async function runSlitherFullScan(repoPath, solFiles) {
   try {
     let stdout;
     try {
-      const result = await exec6("slither", [repoPath, "--json", "-", "--no-fail"], {
+      const result = await exec7("slither", [repoPath, "--json", "-", "--no-fail"], {
         timeout: 18e4,
         maxBuffer: 50 * 1024 * 1024,
         cwd: repoPath
@@ -6001,7 +6320,7 @@ async function runSemgrepFullScan(repoPath) {
   try {
     let stdout;
     try {
-      const result = await exec6(
+      const result = await exec7(
         "semgrep",
         ["--config", "p/security-audit", "--json", "--timeout", "30", repoPath],
         { timeout: 18e4, maxBuffer: 50 * 1024 * 1024, cwd: repoPath }
@@ -6032,7 +6351,7 @@ async function runGitleaksFullScan(repoPath) {
   try {
     let stdout;
     try {
-      const result = await exec6(
+      const result = await exec7(
         "gitleaks",
         ["detect", "--source", repoPath, "--report-format", "json", "--report-path", "/dev/stdout", "--no-git", "--no-banner"],
         { timeout: 6e4, maxBuffer: 20 * 1024 * 1024, cwd: repoPath }
@@ -6858,7 +7177,7 @@ async function rewriteFiles(params) {
 
 // src/config.ts
 import { readFileSync, existsSync } from "fs";
-import { resolve, join } from "path";
+import { resolve, join as join2 } from "path";
 import yaml from "js-yaml";
 import { z as z3 } from "zod";
 var DEFAULT_CONFIG = {
@@ -6901,7 +7220,7 @@ function levenshtein(a, b) {
   return dp[m][n];
 }
 function loadConfig(dir) {
-  const configPath = resolve(join(dir, ".elytra.yml"));
+  const configPath = resolve(join2(dir, ".elytra.yml"));
   if (!existsSync(configPath)) return null;
   let raw;
   try {
@@ -6996,7 +7315,7 @@ function filterByConfig(findings, config) {
 
 // src/harden/harden.ts
 import { readFileSync as readFileSync2, writeFileSync, existsSync as existsSync2, readdirSync, statSync } from "fs";
-import { join as join2, relative } from "path";
+import { join as join3, relative } from "path";
 function readJson(filePath) {
   try {
     return JSON.parse(readFileSync2(filePath, "utf-8"));
@@ -7015,7 +7334,7 @@ function walkFiles(dir, exts, maxDepth = 6, depth = 0) {
   }
   for (const entry of entries) {
     if (entry === "node_modules" || entry === ".git" || entry === "dist" || entry === ".next") continue;
-    const full = join2(dir, entry);
+    const full = join3(dir, entry);
     let stat2;
     try {
       stat2 = statSync(full);
@@ -7062,7 +7381,7 @@ function checkHelmet(projectPath, sourceFiles, frameworks) {
   if (!frameworks.includes("express")) return null;
   const helmetFile = anyFileContains(sourceFiles, /\bhelmet\s*\(/);
   if (helmetFile) return null;
-  const pkgJson = readJson(join2(projectPath, "package.json"));
+  const pkgJson = readJson(join3(projectPath, "package.json"));
   const deps = {
     ...pkgJson?.dependencies ?? {},
     ...pkgJson?.devDependencies ?? {}
@@ -7203,9 +7522,9 @@ app.use(cors({
   return null;
 }
 function checkEnvLeakage(projectPath) {
-  const gitignorePath = join2(projectPath, ".gitignore");
+  const gitignorePath = join3(projectPath, ".gitignore");
   if (!existsSync2(gitignorePath)) {
-    const hasEnvFile = existsSync2(join2(projectPath, ".env")) || existsSync2(join2(projectPath, ".env.local"));
+    const hasEnvFile = existsSync2(join3(projectPath, ".env")) || existsSync2(join3(projectPath, ".env.local"));
     if (!hasEnvFile) return null;
     return {
       id: "harden-env-no-gitignore",
@@ -7224,7 +7543,7 @@ function checkEnvLeakage(projectPath) {
     const gitignore = readFileSync2(gitignorePath, "utf-8");
     const hasEnvRule = /^\.env$/m.test(gitignore) || /^\.env\.\*$/m.test(gitignore) || /^\.env\*$/m.test(gitignore) || /^\.env\.local$/m.test(gitignore);
     if (hasEnvRule) return null;
-    const hasEnvFile = existsSync2(join2(projectPath, ".env")) || existsSync2(join2(projectPath, ".env.local")) || existsSync2(join2(projectPath, ".env.production"));
+    const hasEnvFile = existsSync2(join3(projectPath, ".env")) || existsSync2(join3(projectPath, ".env.local")) || existsSync2(join3(projectPath, ".env.production"));
     if (!hasEnvFile) return null;
     return {
       id: "harden-env-not-gitignored",
@@ -7332,7 +7651,7 @@ res.cookie("token", value, {
   };
 }
 function checkTsStrict(projectPath) {
-  const tsconfigPath = join2(projectPath, "tsconfig.json");
+  const tsconfigPath = join3(projectPath, "tsconfig.json");
   if (!existsSync2(tsconfigPath)) return null;
   const tsconfig = readJson(tsconfigPath);
   if (!tsconfig) return null;
@@ -7352,7 +7671,7 @@ function checkTsStrict(projectPath) {
 function applyHardenFix(projectPath, suggestion) {
   if (!suggestion.autoFixable) return false;
   if (suggestion.id === "harden-ts-no-strict") {
-    const tsconfigPath = join2(projectPath, "tsconfig.json");
+    const tsconfigPath = join3(projectPath, "tsconfig.json");
     const tsconfig = readJson(tsconfigPath);
     if (!tsconfig) return false;
     const compilerOptions = tsconfig.compilerOptions ?? {};
@@ -7368,7 +7687,7 @@ function applyHardenFix(projectPath, suggestion) {
   return false;
 }
 function runHarden(projectPath) {
-  const pkgJsonPath = join2(projectPath, "package.json");
+  const pkgJsonPath = join3(projectPath, "package.json");
   const pkgJson = readJson(pkgJsonPath);
   if (!pkgJson) {
     return { suggestions: [], projectPath, frameworksDetected: [] };
@@ -7479,7 +7798,7 @@ Respond with a valid JSON object:
 // src/full-scan-discovery.ts
 import { execSync } from "child_process";
 import { readdirSync as readdirSync2, statSync as statSync2 } from "fs";
-import { join as join3, relative as relative2, extname } from "path";
+import { join as join4, relative as relative2, extname } from "path";
 var SOURCE_EXTENSIONS = /* @__PURE__ */ new Set([
   ".ts",
   ".tsx",
@@ -7608,7 +7927,7 @@ function discoverViaGit(targetPath, maxFileSizeKB) {
   for (const line of raw.split("\n")) {
     const rel = line.trim();
     if (!rel || !isSourceFile(rel)) continue;
-    const abs = join3(targetPath, rel);
+    const abs = join4(targetPath, rel);
     try {
       const stat2 = statSync2(abs);
       if (!stat2.isFile()) continue;
@@ -7640,9 +7959,9 @@ function discoverViaWalk(targetPath, maxFileSizeKB) {
       if (entry.isDirectory()) {
         if (SKIP_DIRS.has(entry.name)) continue;
         if (entry.name.startsWith(".") && !ALLOWED_HIDDEN_DIRS.has(entry.name)) continue;
-        walk(join3(dir, entry.name));
+        walk(join4(dir, entry.name));
       } else if (entry.isFile()) {
-        const abs = join3(dir, entry.name);
+        const abs = join4(dir, entry.name);
         const rel = relative2(targetPath, abs);
         if (!isSourceFile(rel)) continue;
         try {
@@ -7922,6 +8241,7 @@ export {
   MockProvider,
   OllamaProvider,
   OpenAIProvider,
+  PocGenerator,
   ReviewResultSchema,
   SecurityScoreSchema,
   SeveritySchema,

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@elytrasec/engine",
-  "version": "0.3.0",
+  "version": "0.3.2",
   "description": "Core analysis engine for Elytra — 120+ detection rules, static + AI scanning, scoring",
   "license": "MIT",
   "author": "ElytraSec <hello@elytrasec.io>",