@empowered-humanity/agent-security 1.0.0

package/dist/patterns/types.d.ts

@@ -0,0 +1,134 @@
+/**
+ * Agent Security Pattern Types
+ *
+ * Defines the core interfaces for detection patterns used throughout
+ * the agent-security scanner.
+ */
+/**
+ * Severity levels for security findings
+ */
+export type Severity = 'critical' | 'high' | 'medium' | 'low';
+/**
+ * Finding classification — WHY this finding exists
+ */
+export type FindingClassification = 'test_payload' | 'live_vulnerability' | 'credential_exposure' | 'configuration_risk' | 'architectural_weakness' | 'supply_chain_risk' | 'unclassified';
+/**
+ * Taint proximity — how close a dangerous sink is to untrusted input
+ */
+export type TaintProximity = 'direct' | 'nearby' | 'distant' | 'unknown';
+/**
+ * Attack categories based on research sources
+ */
+export type AttackCategory = 'instruction_override' | 'role_manipulation' | 'boundary_escape' | 'data_exfiltration' | 'dangerous_commands' | 'hidden_injection' | 'stealth_instruction' | 'url_reconstruction' | 'credential_theft' | 'credential_exposure' | 'cross_agent_escalation' | 'mcp_attack' | 'rag_poisoning' | 'persistence' | 'goal_hijacking' | 'session_smuggling' | 'argument_injection' | 'code_injection' | 'ssrf' | 'reconnaissance' | 'prompt_extraction' | 'defense_evasion' | 'hierarchy_violation' | 'adversarial_suffix' | 'ASI01_goal_hijack' | 'ASI02_tool_misuse' | 'ASI03_privilege_abuse' | 'ASI04_supply_chain' | 'ASI05_rce' | 'ASI06_memory_poisoning' | 'ASI07_insecure_comms' | 'ASI08_cascading_failures' | 'ASI09_trust_exploitation' | 'ASI10_rogue_agents' | 'config_vulnerability' | 'permission_escalation' | 'behavior_manipulation' | 'platform_specific' | 'rendering_exfil' | 'path_traversal';
+/**
+ * Research source identifiers
+ */
+export type SourceId = 'ai-assistant' | 'ACAD-001' | 'ACAD-004' | 'PII-001' | 'PII-002' | 'PII-004' | 'PIC-001' | 'PIC-004' | 'PIC-005' | 'FND-001' | 'THR-002' | 'THR-003' | 'THR-004' | 'THR-005' | 'THR-006' | 'FRM-002' | 'VND-005' | 'CMP-002' | 'SLOWMIST-MCP' | 'custom';
+/**
+ * Context where the pattern should be matched
+ */
+export type MatchContext = 'any' | 'prompt' | 'code' | 'config' | 'file_path' | 'file_write_operation' | 'file_create' | 'outbound_request' | 'email_operation' | 'url_parameter' | 'generated_code' | 'command_template' | 'user_input' | 'dependency_version';
+/**
+ * A detection pattern for security scanning
+ */
+export interface DetectionPattern {
+    /** Unique identifier for this pattern */
+    name: string;
+    /** Regular expression to match */
+    pattern: RegExp;
+    /** Severity of a match */
+    severity: Severity;
+    /** Attack category */
+    category: AttackCategory;
+    /** Research source this pattern came from */
+    source: SourceId;
+    /** Human-readable description */
+    description: string;
+    /** Context where this pattern is most relevant */
+    context?: MatchContext;
+    /** Tags for filtering */
+    tags?: string[];
+    /** OWASP ASI ID if applicable */
+    owaspAsi?: string;
+    /** CVE reference if applicable */
+    cve?: string;
+    /** Example of what this pattern catches */
+    example?: string;
+    /** Remediation guidance */
+    remediation?: string;
+}
+/**
+ * A security finding from pattern matching
+ */
+export interface Finding {
+    /** Pattern that matched */
+    pattern: DetectionPattern;
+    /** File where finding occurred */
+    file: string;
+    /** Line number (1-indexed) */
+    line: number;
+    /** Column number (1-indexed) */
+    column: number;
+    /** The matched text */
+    match: string;
+    /** Surrounding context */
+    context: string;
+    /** Timestamp */
+    timestamp: Date;
+    /** Auto-classification of why this finding exists */
+    classification: FindingClassification;
+    /** Original severity before any contextual adjustment */
+    originalSeverity: Severity;
+    /** Whether severity was downgraded (e.g., test file) */
+    severityDowngraded: boolean;
+    /** Whether this finding is in a test file */
+    isTestFile: boolean;
+    /** Taint proximity for dangerous sink patterns */
+    taintProximity?: TaintProximity;
+    /** Context flow chain (for architectural findings) */
+    contextFlowChain?: string[];
+}
+/**
+ * Risk score calculation result
+ */
+export interface RiskScore {
+    /** Total score 0-100 (higher is safer) */
+    total: number;
+    /** Risk level */
+    level: 'critical' | 'high' | 'moderate' | 'low';
+    /** Count by severity */
+    counts: {
+        critical: number;
+        high: number;
+        medium: number;
+        low: number;
+    };
+    /** OWASP ASI compliance percentage */
+    owaspCompliance: number;
+}
+/**
+ * Scan result
+ */
+export interface ScanResult {
+    /** Files scanned */
+    filesScanned: number;
+    /** Total patterns checked */
+    patternsChecked: number;
+    /** All findings */
+    findings: Finding[];
+    /** Risk score */
+    riskScore: RiskScore;
+    /** Scan duration in ms */
+    duration: number;
+    /** Timestamp */
+    timestamp: Date;
+}
+/**
+ * Pattern category grouping for organization
+ */
+export interface PatternCategory {
+    name: string;
+    description: string;
+    patterns: DetectionPattern[];
+}
+//# sourceMappingURL=types.d.ts.map

package/dist/patterns/types.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"types.d.ts","sourceRoot":"","sources":["../../src/patterns/types.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;AAEH;;GAEG;AACH,MAAM,MAAM,QAAQ,GAAG,UAAU,GAAG,MAAM,GAAG,QAAQ,GAAG,KAAK,CAAC;AAE9D;;GAEG;AACH,MAAM,MAAM,qBAAqB,GAC7B,cAAc,GACd,oBAAoB,GACpB,qBAAqB,GACrB,oBAAoB,GACpB,wBAAwB,GACxB,mBAAmB,GACnB,cAAc,CAAC;AAEnB;;GAEG;AACH,MAAM,MAAM,cAAc,GACtB,QAAQ,GACR,QAAQ,GACR,SAAS,GACT,SAAS,CAAC;AAEd;;GAEG;AACH,MAAM,MAAM,cAAc,GAEtB,sBAAsB,GACtB,mBAAmB,GACnB,iBAAiB,GACjB,mBAAmB,GACnB,oBAAoB,GAEpB,kBAAkB,GAClB,qBAAqB,GACrB,oBAAoB,GAEpB,kBAAkB,GAClB,qBAAqB,GAErB,wBAAwB,GACxB,YAAY,GACZ,eAAe,GACf,aAAa,GACb,gBAAgB,GAChB,mBAAmB,GAEnB,oBAAoB,GACpB,gBAAgB,GAChB,MAAM,GAEN,gBAAgB,GAChB,mBAAmB,GAEnB,iBAAiB,GACjB,qBAAqB,GACrB,oBAAoB,GAEpB,mBAAmB,GACnB,mBAAmB,GACnB,uBAAuB,GACvB,oBAAoB,GACpB,WAAW,GACX,wBAAwB,GACxB,sBAAsB,GACtB,0BAA0B,GAC1B,0BAA0B,GAC1B,oBAAoB,GAEpB,sBAAsB,GACtB,uBAAuB,GAEvB,uBAAuB,GACvB,mBAAmB,GACnB,iBAAiB,GACjB,gBAAgB,CAAC;AAErB;;GAEG;AACH,MAAM,MAAM,QAAQ,GAChB,cAAc,GACd,UAAU,GACV,UAAU,GACV,SAAS,GACT,SAAS,GACT,SAAS,GACT,SAAS,GACT,SAAS,GACT,SAAS,GACT,SAAS,GACT,SAAS,GACT,SAAS,GACT,SAAS,GACT,SAAS,GACT,SAAS,GACT,SAAS,GACT,SAAS,GACT,SAAS,GACT,cAAc,GACd,QAAQ,CAAC;AAEb;;GAEG;AACH,MAAM,MAAM,YAAY,GACpB,KAAK,GACL,QAAQ,GACR,MAAM,GACN,QAAQ,GACR,WAAW,GACX,sBAAsB,GACtB,aAAa,GACb,kBAAkB,GAClB,iBAAiB,GACjB,eAAe,GACf,gBAAgB,GAChB,kBAAkB,GAClB,YAAY,GACZ,oBAAoB,CAAC;AAEzB;;GAEG;AACH,MAAM,WAAW,gBAAgB;IAC/B,yCAAyC;IACzC,IAAI,EAAE,MAAM,CAAC;IACb,kCAAkC;IAClC,OAAO,EAAE,MAAM,CAAC;IAChB,0BAA0B;IAC1B,QAAQ,EAAE,QAAQ,CAAC;IACnB,sBAAsB;IACtB,QAAQ,EAAE,cAAc,CAAC;IACzB,6CAA6C;IAC7C,MAAM,EAAE,QAAQ,CAAC;IACjB,iCAAiC;IACjC,WAAW,EAAE,MAAM,CAAC;IACpB,kDAAkD;IAClD,OAAO,CAAC,EAAE,YAAY,CAAC;IACvB,yBAAyB;IACzB,IAAI,CAAC,EAAE,MAAM,EAAE,CAAC;IAChB,iCAAiC;IACjC,QAAQ,CAAC,EAAE,MAAM,CAAC;IAClB,kCAAkC;IAClC,GAAG,CAAC,EAAE,MAAM,CAAC;IACb,2CAA2C;IAC3C,OAAO,CAAC,EAAE,MAAM,CAAC;IACjB,2BAA2B;IAC3B,WAAW,CAAC,EAAE,MAAM,CAAC;CACtB;AAED;;GAEG;AACH,MAAM,WAAW,OAAO;IACtB,2BAA2B;IAC3B,OAAO,EAAE,gBAAgB,CAAC;IAC1B,kCAAkC;IAClC,IAAI,EAAE,MAAM,CAAC;IACb,8BAA8B;IAC9B,IAAI,EAAE,MAAM,CAAC;IACb,gCAAgC;IAChC,MAAM,EAAE,MAAM,CAAC;IACf,uBAAuB;IACvB,KAAK,EAAE,MAAM,CAAC;IACd,0BAA0B;IAC1B,OAAO,EAAE,MAAM,CAAC;IAChB,gBAAgB;IAChB,SAAS,EAAE,IAAI,CAAC;IAChB,qDAAqD;IACrD,cAAc,EAAE,qBAAqB,CAAC;IACtC,yDAAyD;IACzD,gBAAgB,EAAE,QAAQ,CAAC;IAC3B,wDAAwD;IACxD,kBAAkB,EAAE,OAAO,CAAC;IAC5B,6CAA6C;IAC7C,UAAU,EAAE,OAAO,CAAC;IACpB,kDAAkD;IAClD,cAAc,CAAC,EAAE,cAAc,CAAC;IAChC,sDAAsD;IACtD,gBAAgB,CAAC,EAAE,MAAM,EAAE,CAAC;CAC7B;AAED;;GAEG;AACH,MAAM,WAAW,SAAS;IACxB,0CAA0C;IAC1C,KAAK,EAAE,MAAM,CAAC;IACd,iBAAiB;IACjB,KAAK,EAAE,UAAU,GAAG,MAAM,GAAG,UAAU,GAAG,KAAK,CAAC;IAChD,wBAAwB;IACxB,MAAM,EAAE;QACN,QAAQ,EAAE,MAAM,CAAC;QACjB,IAAI,EAAE,MAAM,CAAC;QACb,MAAM,EAAE,MAAM,CAAC;QACf,GAAG,EAAE,MAAM,CAAC;KACb,CAAC;IACF,sCAAsC;IACtC,eAAe,EAAE,MAAM,CAAC;CACzB;AAED;;GAEG;AACH,MAAM,WAAW,UAAU;IACzB,oBAAoB;IACpB,YAAY,EAAE,MAAM,CAAC;IACrB,6BAA6B;IAC7B,eAAe,EAAE,MAAM,CAAC;IACxB,mBAAmB;IACnB,QAAQ,EAAE,OAAO,EAAE,CAAC;IACpB,iBAAiB;IACjB,SAAS,EAAE,SAAS,CAAC;IACrB,0BAA0B;IAC1B,QAAQ,EAAE,MAAM,CAAC;IACjB,gBAAgB;IAChB,SAAS,EAAE,IAAI,CAAC;CACjB;AAED;;GAEG;AACH,MAAM,WAAW,eAAe;IAC9B,IAAI,EAAE,MAAM,CAAC;IACb,WAAW,EAAE,MAAM,CAAC;IACpB,QAAQ,EAAE,gBAAgB,EAAE,CAAC;CAC9B"}

package/dist/patterns/types.js

@@ -0,0 +1,8 @@
+/**
+ * Agent Security Pattern Types
+ *
+ * Defines the core interfaces for detection patterns used throughout
+ * the agent-security scanner.
+ */
+export {};
+//# sourceMappingURL=types.js.map

package/dist/patterns/types.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"types.js","sourceRoot":"","sources":["../../src/patterns/types.ts"],"names":[],"mappings":"AAAA;;;;;GAKG"}

package/dist/reporters/console.d.ts

@@ -0,0 +1,31 @@
+/**
+ * Console Reporter
+ *
+ * Formats scan results for terminal output with colors.
+ */
+import type { Finding, ScanResult } from '../patterns/types.js';
+/**
+ * Format a single finding for console output
+ */
+export declare function formatFinding(finding: Finding, showContext?: boolean): string;
+/**
+ * Format the risk score for console output
+ */
+export declare function formatRiskScore(result: ScanResult): string;
+/**
+ * Format the full scan result for console output
+ */
+export declare function formatScanResult(result: ScanResult, options?: {
+    showContext?: boolean;
+    groupBy?: 'file' | 'category' | 'severity';
+    verbose?: boolean;
+}): string;
+/**
+ * Print scan result to console
+ */
+export declare function printScanResult(result: ScanResult, options?: {
+    showContext?: boolean;
+    groupBy?: 'file' | 'category' | 'severity';
+    verbose?: boolean;
+}): void;
+//# sourceMappingURL=console.d.ts.map

package/dist/reporters/console.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"console.d.ts","sourceRoot":"","sources":["../../src/reporters/console.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AAGH,OAAO,KAAK,EAAE,OAAO,EAAE,UAAU,EAAY,MAAM,sBAAsB,CAAC;AAiB1E;;GAEG;AACH,wBAAgB,aAAa,CAAC,OAAO,EAAE,OAAO,EAAE,WAAW,UAAQ,GAAG,MAAM,CA+B3E;AAED;;GAEG;AACH,wBAAgB,eAAe,CAAC,MAAM,EAAE,UAAU,GAAG,MAAM,CA+B1D;AAED;;GAEG;AACH,wBAAgB,gBAAgB,CAAC,MAAM,EAAE,UAAU,EAAE,OAAO,GAAE;IAC5D,WAAW,CAAC,EAAE,OAAO,CAAC;IACtB,OAAO,CAAC,EAAE,MAAM,GAAG,UAAU,GAAG,UAAU,CAAC;IAC3C,OAAO,CAAC,EAAE,OAAO,CAAC;CACd,GAAG,MAAM,CAgEd;AAED;;GAEG;AACH,wBAAgB,eAAe,CAAC,MAAM,EAAE,UAAU,EAAE,OAAO,GAAE;IAC3D,WAAW,CAAC,EAAE,OAAO,CAAC;IACtB,OAAO,CAAC,EAAE,MAAM,GAAG,UAAU,GAAG,UAAU,CAAC;IAC3C,OAAO,CAAC,EAAE,OAAO,CAAC;CACd,GAAG,IAAI,CAEZ"}

package/dist/reporters/console.js

@@ -0,0 +1,147 @@
+/**
+ * Console Reporter
+ *
+ * Formats scan results for terminal output with colors.
+ */
+import chalk from 'chalk';
+import { groupFindingsByFile, groupFindingsByCategory } from '../scanner/engine.js';
+const SEVERITY_COLORS = {
+    critical: chalk.bgRed.white.bold,
+    high: chalk.red.bold,
+    medium: chalk.yellow,
+    low: chalk.blue,
+};
+const SEVERITY_ICONS = {
+    critical: '🚨',
+    high: '❌',
+    medium: '⚠️',
+    low: 'ℹ️',
+};
+/**
+ * Format a single finding for console output
+ */
+export function formatFinding(finding, showContext = false) {
+    const { pattern, file, line, column, match } = finding;
+    const severityColor = SEVERITY_COLORS[pattern.severity];
+    const icon = SEVERITY_ICONS[pattern.severity];
+    let output = `${icon} ${severityColor(`[${pattern.severity.toUpperCase()}]`)} ${chalk.cyan(pattern.name)}\n`;
+    output += `   ${chalk.gray('File:')} ${file}:${line}:${column}\n`;
+    output += `   ${chalk.gray('Match:')} ${chalk.white(match)}\n`;
+    output += `   ${chalk.gray('Description:')} ${pattern.description}\n`;
+    if (pattern.owaspAsi) {
+        output += `   ${chalk.gray('OWASP ASI:')} ${chalk.magenta(pattern.owaspAsi)}\n`;
+    }
+    if (pattern.cve) {
+        output += `   ${chalk.gray('CVE:')} ${chalk.red(pattern.cve)}\n`;
+    }
+    if (pattern.remediation) {
+        output += `   ${chalk.gray('Remediation:')} ${chalk.green(pattern.remediation)}\n`;
+    }
+    if (showContext && finding.context) {
+        output += `   ${chalk.gray('Context:')}\n`;
+        const lines = finding.context.split('\n');
+        for (const contextLine of lines) {
+            output += `   ${chalk.dim('│')} ${contextLine}\n`;
+        }
+    }
+    return output;
+}
+/**
+ * Format the risk score for console output
+ */
+export function formatRiskScore(result) {
+    const { riskScore } = result;
+    let levelColor;
+    switch (riskScore.level) {
+        case 'critical':
+            levelColor = chalk.bgRed.white.bold;
+            break;
+        case 'high':
+            levelColor = chalk.red.bold;
+            break;
+        case 'moderate':
+            levelColor = chalk.yellow.bold;
+            break;
+        case 'low':
+            levelColor = chalk.green.bold;
+            break;
+    }
+    let output = chalk.bold('\n📊 Risk Assessment\n');
+    output += `${chalk.gray('═'.repeat(40))}\n`;
+    output += `Risk Score: ${levelColor(`${riskScore.total}/100`)} (${levelColor(riskScore.level.toUpperCase())})\n`;
+    output += `OWASP Compliance: ${riskScore.owaspCompliance >= 80 ? chalk.green : chalk.red}(${riskScore.owaspCompliance}%)\n\n`;
+    output += chalk.bold('Findings by Severity:\n');
+    output += `  ${SEVERITY_ICONS.critical} Critical: ${chalk.red.bold(riskScore.counts.critical.toString())}\n`;
+    output += `  ${SEVERITY_ICONS.high} High: ${chalk.red(riskScore.counts.high.toString())}\n`;
+    output += `  ${SEVERITY_ICONS.medium} Medium: ${chalk.yellow(riskScore.counts.medium.toString())}\n`;
+    output += `  ${SEVERITY_ICONS.low} Low: ${chalk.blue(riskScore.counts.low.toString())}\n`;
+    return output;
+}
+/**
+ * Format the full scan result for console output
+ */
+export function formatScanResult(result, options = {}) {
+    const { showContext = false, groupBy = 'severity', verbose = false } = options;
+    let output = '';
+    // Header
+    output += chalk.bold.cyan('\n🔍 Agent Security Scan Results\n');
+    output += chalk.gray('═'.repeat(50)) + '\n\n';
+    // Summary
+    output += `Files scanned: ${chalk.cyan(result.filesScanned.toString())}\n`;
+    output += `Patterns checked: ${chalk.cyan(result.patternsChecked.toString())}\n`;
+    output += `Duration: ${chalk.cyan(`${result.duration}ms`)}\n`;
+    output += `Total findings: ${chalk.cyan(result.findings.length.toString())}\n\n`;
+    if (result.findings.length === 0) {
+        output += chalk.green.bold('✅ No security issues found!\n');
+        return output;
+    }
+    // Findings
+    output += chalk.bold('📋 Findings\n');
+    output += chalk.gray('─'.repeat(40)) + '\n\n';
+    if (groupBy === 'file') {
+        const byFile = groupFindingsByFile(result.findings);
+        for (const [file, findings] of byFile) {
+            output += chalk.bold.underline(`\n${file}\n`);
+            for (const finding of findings) {
+                output += formatFinding(finding, showContext) + '\n';
+            }
+        }
+    }
+    else if (groupBy === 'category') {
+        const byCategory = groupFindingsByCategory(result.findings);
+        for (const [category, findings] of byCategory) {
+            output += chalk.bold.underline(`\n${category} (${findings.length})\n`);
+            for (const finding of findings) {
+                output += formatFinding(finding, showContext) + '\n';
+            }
+        }
+    }
+    else {
+        // Group by severity (default)
+        for (const severity of ['critical', 'high', 'medium', 'low']) {
+            const findings = result.findings.filter((f) => f.pattern.severity === severity);
+            if (findings.length > 0) {
+                output += chalk.bold(`\n${SEVERITY_COLORS[severity](severity.toUpperCase())} (${findings.length})\n`);
+                for (const finding of findings) {
+                    output += formatFinding(finding, showContext) + '\n';
+                }
+            }
+        }
+    }
+    // Risk score
+    output += formatRiskScore(result);
+    // Recommendations
+    if (result.riskScore.level === 'critical' || result.riskScore.level === 'high') {
+        output += chalk.bold.red('\n⚠️  Action Required\n');
+        output += chalk.red('This codebase has significant security vulnerabilities.\n');
+        output += chalk.red('Address critical and high severity findings before deployment.\n');
+    }
+    return output;
+}
+/**
+ * Print scan result to console
+ */
+export function printScanResult(result, options = {}) {
+    console.log(formatScanResult(result, options));
+}
+//# sourceMappingURL=console.js.map

package/dist/reporters/console.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"console.js","sourceRoot":"","sources":["../../src/reporters/console.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AAEH,OAAO,KAAK,MAAM,OAAO,CAAC;AAE1B,OAAO,EAAE,mBAAmB,EAAE,uBAAuB,EAAE,MAAM,sBAAsB,CAAC;AAEpF,MAAM,eAAe,GAA+C;IAClE,QAAQ,EAAE,KAAK,CAAC,KAAK,CAAC,KAAK,CAAC,IAAI;IAChC,IAAI,EAAE,KAAK,CAAC,GAAG,CAAC,IAAI;IACpB,MAAM,EAAE,KAAK,CAAC,MAAM;IACpB,GAAG,EAAE,KAAK,CAAC,IAAI;CAChB,CAAC;AAEF,MAAM,cAAc,GAA6B;IAC/C,QAAQ,EAAE,IAAI;IACd,IAAI,EAAE,GAAG;IACT,MAAM,EAAE,IAAI;IACZ,GAAG,EAAE,IAAI;CACV,CAAC;AAEF;;GAEG;AACH,MAAM,UAAU,aAAa,CAAC,OAAgB,EAAE,WAAW,GAAG,KAAK;IACjE,MAAM,EAAE,OAAO,EAAE,IAAI,EAAE,IAAI,EAAE,MAAM,EAAE,KAAK,EAAE,GAAG,OAAO,CAAC;IACvD,MAAM,aAAa,GAAG,eAAe,CAAC,OAAO,CAAC,QAAQ,CAAC,CAAC;IACxD,MAAM,IAAI,GAAG,cAAc,CAAC,OAAO,CAAC,QAAQ,CAAC,CAAC;IAE9C,IAAI,MAAM,GAAG,GAAG,IAAI,IAAI,aAAa,CAAC,IAAI,OAAO,CAAC,QAAQ,CAAC,WAAW,EAAE,GAAG,CAAC,IAAI,KAAK,CAAC,IAAI,CAAC,OAAO,CAAC,IAAI,CAAC,IAAI,CAAC;IAC7G,MAAM,IAAI,MAAM,KAAK,CAAC,IAAI,CAAC,OAAO,CAAC,IAAI,IAAI,IAAI,IAAI,IAAI,MAAM,IAAI,CAAC;IAClE,MAAM,IAAI,MAAM,KAAK,CAAC,IAAI,CAAC,QAAQ,CAAC,IAAI,KAAK,CAAC,KAAK,CAAC,KAAK,CAAC,IAAI,CAAC;IAC/D,MAAM,IAAI,MAAM,KAAK,CAAC,IAAI,CAAC,cAAc,CAAC,IAAI,OAAO,CAAC,WAAW,IAAI,CAAC;IAEtE,IAAI,OAAO,CAAC,QAAQ,EAAE,CAAC;QACrB,MAAM,IAAI,MAAM,KAAK,CAAC,IAAI,CAAC,YAAY,CAAC,IAAI,KAAK,CAAC,OAAO,CAAC,OAAO,CAAC,QAAQ,CAAC,IAAI,CAAC;IAClF,CAAC;IAED,IAAI,OAAO,CAAC,GAAG,EAAE,CAAC;QAChB,MAAM,IAAI,MAAM,KAAK,CAAC,IAAI,CAAC,MAAM,CAAC,IAAI,KAAK,CAAC,GAAG,CAAC,OAAO,CAAC,GAAG,CAAC,IAAI,CAAC;IACnE,CAAC;IAED,IAAI,OAAO,CAAC,WAAW,EAAE,CAAC;QACxB,MAAM,IAAI,MAAM,KAAK,CAAC,IAAI,CAAC,cAAc,CAAC,IAAI,KAAK,CAAC,KAAK,CAAC,OAAO,CAAC,WAAW,CAAC,IAAI,CAAC;IACrF,CAAC;IAED,IAAI,WAAW,IAAI,OAAO,CAAC,OAAO,EAAE,CAAC;QACnC,MAAM,IAAI,MAAM,KAAK,CAAC,IAAI,CAAC,UAAU,CAAC,IAAI,CAAC;QAC3C,MAAM,KAAK,GAAG,OAAO,CAAC,OAAO,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;QAC1C,KAAK,MAAM,WAAW,IAAI,KAAK,EAAE,CAAC;YAChC,MAAM,IAAI,MAAM,KAAK,CAAC,GAAG,CAAC,GAAG,CAAC,IAAI,WAAW,IAAI,CAAC;QACpD,CAAC;IACH,CAAC;IAED,OAAO,MAAM,CAAC;AAChB,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,eAAe,CAAC,MAAkB;IAChD,MAAM,EAAE,SAAS,EAAE,GAAG,MAAM,CAAC;IAC7B,IAAI,UAAoC,CAAC;IAEzC,QAAQ,SAAS,CAAC,KAAK,EAAE,CAAC;QACxB,KAAK,UAAU;YACb,UAAU,GAAG,KAAK,CAAC,KAAK,CAAC,KAAK,CAAC,IAAI,CAAC;YACpC,MAAM;QACR,KAAK,MAAM;YACT,UAAU,GAAG,KAAK,CAAC,GAAG,CAAC,IAAI,CAAC;YAC5B,MAAM;QACR,KAAK,UAAU;YACb,UAAU,GAAG,KAAK,CAAC,MAAM,CAAC,IAAI,CAAC;YAC/B,MAAM;QACR,KAAK,KAAK;YACR,UAAU,GAAG,KAAK,CAAC,KAAK,CAAC,IAAI,CAAC;YAC9B,MAAM;IACV,CAAC;IAED,IAAI,MAAM,GAAG,KAAK,CAAC,IAAI,CAAC,wBAAwB,CAAC,CAAC;IAClD,MAAM,IAAI,GAAG,KAAK,CAAC,IAAI,CAAC,GAAG,CAAC,MAAM,CAAC,EAAE,CAAC,CAAC,IAAI,CAAC;IAC5C,MAAM,IAAI,eAAe,UAAU,CAAC,GAAG,SAAS,CAAC,KAAK,MAAM,CAAC,KAAK,UAAU,CAAC,SAAS,CAAC,KAAK,CAAC,WAAW,EAAE,CAAC,KAAK,CAAC;IACjH,MAAM,IAAI,qBAAqB,SAAS,CAAC,eAAe,IAAI,EAAE,CAAC,CAAC,CAAC,KAAK,CAAC,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,GAAG,IAAI,SAAS,CAAC,eAAe,QAAQ,CAAC;IAE9H,MAAM,IAAI,KAAK,CAAC,IAAI,CAAC,yBAAyB,CAAC,CAAC;IAChD,MAAM,IAAI,KAAK,cAAc,CAAC,QAAQ,cAAc,KAAK,CAAC,GAAG,CAAC,IAAI,CAAC,SAAS,CAAC,MAAM,CAAC,QAAQ,CAAC,QAAQ,EAAE,CAAC,IAAI,CAAC;IAC7G,MAAM,IAAI,KAAK,cAAc,CAAC,IAAI,UAAU,KAAK,CAAC,GAAG,CAAC,SAAS,CAAC,MAAM,CAAC,IAAI,CAAC,QAAQ,EAAE,CAAC,IAAI,CAAC;IAC5F,MAAM,IAAI,KAAK,cAAc,CAAC,MAAM,YAAY,KAAK,CAAC,MAAM,CAAC,SAAS,CAAC,MAAM,CAAC,MAAM,CAAC,QAAQ,EAAE,CAAC,IAAI,CAAC;IACrG,MAAM,IAAI,KAAK,cAAc,CAAC,GAAG,SAAS,KAAK,CAAC,IAAI,CAAC,SAAS,CAAC,MAAM,CAAC,GAAG,CAAC,QAAQ,EAAE,CAAC,IAAI,CAAC;IAE1F,OAAO,MAAM,CAAC;AAChB,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,gBAAgB,CAAC,MAAkB,EAAE,UAIjD,EAAE;IACJ,MAAM,EAAE,WAAW,GAAG,KAAK,EAAE,OAAO,GAAG,UAAU,EAAE,OAAO,GAAG,KAAK,EAAE,GAAG,OAAO,CAAC;IAE/E,IAAI,MAAM,GAAG,EAAE,CAAC;IAEhB,SAAS;IACT,MAAM,IAAI,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,oCAAoC,CAAC,CAAC;IAChE,MAAM,IAAI,KAAK,CAAC,IAAI,CAAC,GAAG,CAAC,MAAM,CAAC,EAAE,CAAC,CAAC,GAAG,MAAM,CAAC;IAE9C,UAAU;IACV,MAAM,IAAI,kBAAkB,KAAK,CAAC,IAAI,CAAC,MAAM,CAAC,YAAY,CAAC,QAAQ,EAAE,CAAC,IAAI,CAAC;IAC3E,MAAM,IAAI,qBAAqB,KAAK,CAAC,IAAI,CAAC,MAAM,CAAC,eAAe,CAAC,QAAQ,EAAE,CAAC,IAAI,CAAC;IACjF,MAAM,IAAI,aAAa,KAAK,CAAC,IAAI,CAAC,GAAG,MAAM,CAAC,QAAQ,IAAI,CAAC,IAAI,CAAC;IAC9D,MAAM,IAAI,mBAAmB,KAAK,CAAC,IAAI,CAAC,MAAM,CAAC,QAAQ,CAAC,MAAM,CAAC,QAAQ,EAAE,CAAC,MAAM,CAAC;IAEjF,IAAI,MAAM,CAAC,QAAQ,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;QACjC,MAAM,IAAI,KAAK,CAAC,KAAK,CAAC,IAAI,CAAC,+BAA+B,CAAC,CAAC;QAC5D,OAAO,MAAM,CAAC;IAChB,CAAC;IAED,WAAW;IACX,MAAM,IAAI,KAAK,CAAC,IAAI,CAAC,eAAe,CAAC,CAAC;IACtC,MAAM,IAAI,KAAK,CAAC,IAAI,CAAC,GAAG,CAAC,MAAM,CAAC,EAAE,CAAC,CAAC,GAAG,MAAM,CAAC;IAE9C,IAAI,OAAO,KAAK,MAAM,EAAE,CAAC;QACvB,MAAM,MAAM,GAAG,mBAAmB,CAAC,MAAM,CAAC,QAAQ,CAAC,CAAC;QACpD,KAAK,MAAM,CAAC,IAAI,EAAE,QAAQ,CAAC,IAAI,MAAM,EAAE,CAAC;YACtC,MAAM,IAAI,KAAK,CAAC,IAAI,CAAC,SAAS,CAAC,KAAK,IAAI,IAAI,CAAC,CAAC;YAC9C,KAAK,MAAM,OAAO,IAAI,QAAQ,EAAE,CAAC;gBAC/B,MAAM,IAAI,aAAa,CAAC,OAAO,EAAE,WAAW,CAAC,GAAG,IAAI,CAAC;YACvD,CAAC;QACH,CAAC;IACH,CAAC;SAAM,IAAI,OAAO,KAAK,UAAU,EAAE,CAAC;QAClC,MAAM,UAAU,GAAG,uBAAuB,CAAC,MAAM,CAAC,QAAQ,CAAC,CAAC;QAC5D,KAAK,MAAM,CAAC,QAAQ,EAAE,QAAQ,CAAC,IAAI,UAAU,EAAE,CAAC;YAC9C,MAAM,IAAI,KAAK,CAAC,IAAI,CAAC,SAAS,CAAC,KAAK,QAAQ,KAAK,QAAQ,CAAC,MAAM,KAAK,CAAC,CAAC;YACvE,KAAK,MAAM,OAAO,IAAI,QAAQ,EAAE,CAAC;gBAC/B,MAAM,IAAI,aAAa,CAAC,OAAO,EAAE,WAAW,CAAC,GAAG,IAAI,CAAC;YACvD,CAAC;QACH,CAAC;IACH,CAAC;SAAM,CAAC;QACN,8BAA8B;QAC9B,KAAK,MAAM,QAAQ,IAAI,CAAC,UAAU,EAAE,MAAM,EAAE,QAAQ,EAAE,KAAK,CAAe,EAAE,CAAC;YAC3E,MAAM,QAAQ,GAAG,MAAM,CAAC,QAAQ,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,OAAO,CAAC,QAAQ,KAAK,QAAQ,CAAC,CAAC;YAChF,IAAI,QAAQ,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;gBACxB,MAAM,IAAI,KAAK,CAAC,IAAI,CAAC,KAAK,eAAe,CAAC,QAAQ,CAAC,CAAC,QAAQ,CAAC,WAAW,EAAE,CAAC,KAAK,QAAQ,CAAC,MAAM,KAAK,CAAC,CAAC;gBACtG,KAAK,MAAM,OAAO,IAAI,QAAQ,EAAE,CAAC;oBAC/B,MAAM,IAAI,aAAa,CAAC,OAAO,EAAE,WAAW,CAAC,GAAG,IAAI,CAAC;gBACvD,CAAC;YACH,CAAC;QACH,CAAC;IACH,CAAC;IAED,aAAa;IACb,MAAM,IAAI,eAAe,CAAC,MAAM,CAAC,CAAC;IAElC,kBAAkB;IAClB,IAAI,MAAM,CAAC,SAAS,CAAC,KAAK,KAAK,UAAU,IAAI,MAAM,CAAC,SAAS,CAAC,KAAK,KAAK,MAAM,EAAE,CAAC;QAC/E,MAAM,IAAI,KAAK,CAAC,IAAI,CAAC,GAAG,CAAC,yBAAyB,CAAC,CAAC;QACpD,MAAM,IAAI,KAAK,CAAC,GAAG,CAAC,2DAA2D,CAAC,CAAC;QACjF,MAAM,IAAI,KAAK,CAAC,GAAG,CAAC,kEAAkE,CAAC,CAAC;IAC1F,CAAC;IAED,OAAO,MAAM,CAAC;AAChB,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,eAAe,CAAC,MAAkB,EAAE,UAIhD,EAAE;IACJ,OAAO,CAAC,GAAG,CAAC,gBAAgB,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC,CAAC;AACjD,CAAC"}

package/dist/reporters/index.d.ts

@@ -0,0 +1,6 @@
+/**
+ * Reporter Module Exports
+ */
+export * from './console.js';
+export * from './json.js';
+//# sourceMappingURL=index.d.ts.map

package/dist/reporters/index.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/reporters/index.ts"],"names":[],"mappings":"AAAA;;GAEG;AAEH,cAAc,cAAc,CAAC;AAC7B,cAAc,WAAW,CAAC"}

package/dist/reporters/index.js

@@ -0,0 +1,6 @@
+/**
+ * Reporter Module Exports
+ */
+export * from './console.js';
+export * from './json.js';
+//# sourceMappingURL=index.js.map

package/dist/reporters/index.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.js","sourceRoot":"","sources":["../../src/reporters/index.ts"],"names":[],"mappings":"AAAA;;GAEG;AAEH,cAAc,cAAc,CAAC;AAC7B,cAAc,WAAW,CAAC"}

package/dist/reporters/json.d.ts

@@ -0,0 +1,19 @@
+/**
+ * JSON Reporter
+ *
+ * Outputs scan results in JSON format for programmatic consumption.
+ */
+import type { ScanResult } from '../patterns/types.js';
+/**
+ * Format scan result as JSON string
+ */
+export declare function formatAsJson(result: ScanResult, pretty?: boolean): string;
+/**
+ * Get findings summary as JSON object
+ */
+export declare function getFindingsSummary(result: ScanResult): object;
+/**
+ * Print JSON to console
+ */
+export declare function printJson(result: ScanResult, pretty?: boolean): void;
+//# sourceMappingURL=json.d.ts.map

package/dist/reporters/json.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"json.d.ts","sourceRoot":"","sources":["../../src/reporters/json.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AAEH,OAAO,KAAK,EAAW,UAAU,EAAE,MAAM,sBAAsB,CAAC;AAwBhE;;GAEG;AACH,wBAAgB,YAAY,CAAC,MAAM,EAAE,UAAU,EAAE,MAAM,UAAO,GAAG,MAAM,CAmBtE;AAED;;GAEG;AACH,wBAAgB,kBAAkB,CAAC,MAAM,EAAE,UAAU,GAAG,MAAM,CAiB7D;AAED;;GAEG;AACH,wBAAgB,SAAS,CAAC,MAAM,EAAE,UAAU,EAAE,MAAM,UAAO,GAAG,IAAI,CAEjE"}

package/dist/reporters/json.js

@@ -0,0 +1,74 @@
+/**
+ * JSON Reporter
+ *
+ * Outputs scan results in JSON format for programmatic consumption.
+ */
+/**
+ * Serialize a finding to JSON-safe object
+ */
+function serializeFinding(finding) {
+    return {
+        patternName: finding.pattern.name,
+        severity: finding.pattern.severity,
+        category: finding.pattern.category,
+        description: finding.pattern.description,
+        file: finding.file,
+        line: finding.line,
+        column: finding.column,
+        match: finding.match,
+        context: finding.context,
+        source: finding.pattern.source,
+        owaspAsi: finding.pattern.owaspAsi || null,
+        cve: finding.pattern.cve || null,
+        remediation: finding.pattern.remediation || null,
+        timestamp: finding.timestamp.toISOString(),
+    };
+}
+/**
+ * Format scan result as JSON string
+ */
+export function formatAsJson(result, pretty = true) {
+    const output = {
+        summary: {
+            filesScanned: result.filesScanned,
+            patternsChecked: result.patternsChecked,
+            totalFindings: result.findings.length,
+            duration: result.duration,
+            timestamp: result.timestamp.toISOString(),
+        },
+        riskScore: {
+            score: result.riskScore.total,
+            level: result.riskScore.level,
+            owaspCompliance: result.riskScore.owaspCompliance,
+            counts: result.riskScore.counts,
+        },
+        findings: result.findings.map(serializeFinding),
+    };
+    return pretty ? JSON.stringify(output, null, 2) : JSON.stringify(output);
+}
+/**
+ * Get findings summary as JSON object
+ */
+export function getFindingsSummary(result) {
+    const byCategory = {};
+    const bySeverity = {};
+    const byFile = {};
+    for (const finding of result.findings) {
+        byCategory[finding.pattern.category] = (byCategory[finding.pattern.category] || 0) + 1;
+        bySeverity[finding.pattern.severity] = (bySeverity[finding.pattern.severity] || 0) + 1;
+        byFile[finding.file] = (byFile[finding.file] || 0) + 1;
+    }
+    return {
+        total: result.findings.length,
+        byCategory,
+        bySeverity,
+        byFile,
+    };
+}
+/**
+ * Print JSON to console
+ */
+export function printJson(result, pretty = true) {
+    console.log(formatAsJson(result, pretty));
+}
+//# sourceMappingURL=json.js.map

package/dist/reporters/json.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"json.js","sourceRoot":"","sources":["../../src/reporters/json.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AAIH;;GAEG;AACH,SAAS,gBAAgB,CAAC,OAAgB;IACxC,OAAO;QACL,WAAW,EAAE,OAAO,CAAC,OAAO,CAAC,IAAI;QACjC,QAAQ,EAAE,OAAO,CAAC,OAAO,CAAC,QAAQ;QAClC,QAAQ,EAAE,OAAO,CAAC,OAAO,CAAC,QAAQ;QAClC,WAAW,EAAE,OAAO,CAAC,OAAO,CAAC,WAAW;QACxC,IAAI,EAAE,OAAO,CAAC,IAAI;QAClB,IAAI,EAAE,OAAO,CAAC,IAAI;QAClB,MAAM,EAAE,OAAO,CAAC,MAAM;QACtB,KAAK,EAAE,OAAO,CAAC,KAAK;QACpB,OAAO,EAAE,OAAO,CAAC,OAAO;QACxB,MAAM,EAAE,OAAO,CAAC,OAAO,CAAC,MAAM;QAC9B,QAAQ,EAAE,OAAO,CAAC,OAAO,CAAC,QAAQ,IAAI,IAAI;QAC1C,GAAG,EAAE,OAAO,CAAC,OAAO,CAAC,GAAG,IAAI,IAAI;QAChC,WAAW,EAAE,OAAO,CAAC,OAAO,CAAC,WAAW,IAAI,IAAI;QAChD,SAAS,EAAE,OAAO,CAAC,SAAS,CAAC,WAAW,EAAE;KAC3C,CAAC;AACJ,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,YAAY,CAAC,MAAkB,EAAE,MAAM,GAAG,IAAI;IAC5D,MAAM,MAAM,GAAG;QACb,OAAO,EAAE;YACP,YAAY,EAAE,MAAM,CAAC,YAAY;YACjC,eAAe,EAAE,MAAM,CAAC,eAAe;YACvC,aAAa,EAAE,MAAM,CAAC,QAAQ,CAAC,MAAM;YACrC,QAAQ,EAAE,MAAM,CAAC,QAAQ;YACzB,SAAS,EAAE,MAAM,CAAC,SAAS,CAAC,WAAW,EAAE;SAC1C;QACD,SAAS,EAAE;YACT,KAAK,EAAE,MAAM,CAAC,SAAS,CAAC,KAAK;YAC7B,KAAK,EAAE,MAAM,CAAC,SAAS,CAAC,KAAK;YAC7B,eAAe,EAAE,MAAM,CAAC,SAAS,CAAC,eAAe;YACjD,MAAM,EAAE,MAAM,CAAC,SAAS,CAAC,MAAM;SAChC;QACD,QAAQ,EAAE,MAAM,CAAC,QAAQ,CAAC,GAAG,CAAC,gBAAgB,CAAC;KAChD,CAAC;IAEF,OAAO,MAAM,CAAC,CAAC,CAAC,IAAI,CAAC,SAAS,CAAC,MAAM,EAAE,IAAI,EAAE,CAAC,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,SAAS,CAAC,MAAM,CAAC,CAAC;AAC3E,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,kBAAkB,CAAC,MAAkB;IACnD,MAAM,UAAU,GAA2B,EAAE,CAAC;IAC9C,MAAM,UAAU,GAA2B,EAAE,CAAC;IAC9C,MAAM,MAAM,GAA2B,EAAE,CAAC;IAE1C,KAAK,MAAM,OAAO,IAAI,MAAM,CAAC,QAAQ,EAAE,CAAC;QACtC,UAAU,CAAC,OAAO,CAAC,OAAO,CAAC,QAAQ,CAAC,GAAG,CAAC,UAAU,CAAC,OAAO,CAAC,OAAO,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAC,GAAG,CAAC,CAAC;QACvF,UAAU,CAAC,OAAO,CAAC,OAAO,CAAC,QAAQ,CAAC,GAAG,CAAC,UAAU,CAAC,OAAO,CAAC,OAAO,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAC,GAAG,CAAC,CAAC;QACvF,MAAM,CAAC,OAAO,CAAC,IAAI,CAAC,GAAG,CAAC,MAAM,CAAC,OAAO,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,GAAG,CAAC,CAAC;IACzD,CAAC;IAED,OAAO;QACL,KAAK,EAAE,MAAM,CAAC,QAAQ,CAAC,MAAM;QAC7B,UAAU;QACV,UAAU;QACV,MAAM;KACP,CAAC;AACJ,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,SAAS,CAAC,MAAkB,EAAE,MAAM,GAAG,IAAI;IACzD,OAAO,CAAC,GAAG,CAAC,YAAY,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC,CAAC;AAC5C,CAAC"}

package/dist/scanner/content-scanner.d.ts

@@ -0,0 +1,40 @@
+/**
+ * Content Scanner
+ *
+ * Scans text content (prompts, configs, code) for security patterns.
+ */
+import type { DetectionPattern, Finding, ScanResult } from '../patterns/types.js';
+export interface ScanOptions {
+    /** Patterns to use (defaults to all) */
+    patterns?: DetectionPattern[];
+    /** Minimum severity to report */
+    minSeverity?: 'critical' | 'high' | 'medium' | 'low';
+    /** File patterns to include */
+    include?: string[];
+    /** File patterns to exclude */
+    exclude?: string[];
+}
+declare const DEFAULT_INCLUDE: string[];
+declare const DEFAULT_EXCLUDE: string[];
+/**
+ * Scan a single file for security patterns
+ */
+export declare function scanFile(filePath: string, options?: ScanOptions): Promise<Finding[]>;
+/**
+ * Scan content string directly
+ */
+export declare function scanContent(content: string, source?: string, options?: ScanOptions): Finding[];
+/**
+ * Scan a directory for security patterns
+ */
+export declare function scanDirectory(dirPath: string, options?: ScanOptions): Promise<ScanResult>;
+/**
+ * Quick scan - only critical and high severity
+ */
+export declare function quickScan(dirPath: string): Promise<ScanResult>;
+/**
+ * Full scan - all severities
+ */
+export declare function fullScan(dirPath: string): Promise<ScanResult>;
+export { DEFAULT_INCLUDE, DEFAULT_EXCLUDE };
+//# sourceMappingURL=content-scanner.d.ts.map

package/dist/scanner/content-scanner.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"content-scanner.d.ts","sourceRoot":"","sources":["../../src/scanner/content-scanner.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AAIH,OAAO,KAAK,EAAE,gBAAgB,EAAE,OAAO,EAAE,UAAU,EAAE,MAAM,sBAAsB,CAAC;AAIlF,MAAM,WAAW,WAAW;IAC1B,wCAAwC;IACxC,QAAQ,CAAC,EAAE,gBAAgB,EAAE,CAAC;IAC9B,iCAAiC;IACjC,WAAW,CAAC,EAAE,UAAU,GAAG,MAAM,GAAG,QAAQ,GAAG,KAAK,CAAC;IACrD,+BAA+B;IAC/B,OAAO,CAAC,EAAE,MAAM,EAAE,CAAC;IACnB,+BAA+B;IAC/B,OAAO,CAAC,EAAE,MAAM,EAAE,CAAC;CACpB;AAED,QAAA,MAAM,eAAe,UAapB,CAAC;AAEF,QAAA,MAAM,eAAe,UAUpB,CAAC;AAEF;;GAEG;AACH,wBAAsB,QAAQ,CAC5B,QAAQ,EAAE,MAAM,EAChB,OAAO,GAAE,WAAgB,GACxB,OAAO,CAAC,OAAO,EAAE,CAAC,CAWpB;AAED;;GAEG;AACH,wBAAgB,WAAW,CACzB,OAAO,EAAE,MAAM,EACf,MAAM,GAAE,MAAkB,EAC1B,OAAO,GAAE,WAAgB,GACxB,OAAO,EAAE,CAKX;AAED;;GAEG;AACH,wBAAsB,aAAa,CACjC,OAAO,EAAE,MAAM,EACf,OAAO,GAAE,WAAgB,GACxB,OAAO,CAAC,UAAU,CAAC,CAgCrB;AAED;;GAEG;AACH,wBAAsB,SAAS,CAAC,OAAO,EAAE,MAAM,GAAG,OAAO,CAAC,UAAU,CAAC,CAEpE;AAED;;GAEG;AACH,wBAAsB,QAAQ,CAAC,OAAO,EAAE,MAAM,GAAG,OAAO,CAAC,UAAU,CAAC,CAEnE;AAED,OAAO,EAAE,eAAe,EAAE,eAAe,EAAE,CAAC"}

package/dist/scanner/content-scanner.js

@@ -0,0 +1,101 @@
+/**
+ * Content Scanner
+ *
+ * Scans text content (prompts, configs, code) for security patterns.
+ */
+import { readFile } from 'fs/promises';
+import { glob } from 'glob';
+import { matchPatterns, createScanResult } from './engine.js';
+import { ALL_PATTERNS, getPatternsMinSeverity } from '../patterns/index.js';
+const DEFAULT_INCLUDE = [
+    '**/*.ts',
+    '**/*.tsx',
+    '**/*.js',
+    '**/*.jsx',
+    '**/*.py',
+    '**/*.md',
+    '**/*.txt',
+    '**/*.xml',
+    '**/*.yaml',
+    '**/*.yml',
+    '**/*.json',
+    '**/*.env*',
+];
+const DEFAULT_EXCLUDE = [
+    '**/node_modules/**',
+    '**/dist/**',
+    '**/build/**',
+    '**/.git/**',
+    '**/coverage/**',
+    '**/*.min.js',
+    '**/package-lock.json',
+    '**/pnpm-lock.yaml',
+    '**/yarn.lock',
+];
+/**
+ * Scan a single file for security patterns
+ */
+export async function scanFile(filePath, options = {}) {
+    const patterns = options.patterns ||
+        (options.minSeverity ? getPatternsMinSeverity(options.minSeverity) : ALL_PATTERNS);
+    try {
+        const content = await readFile(filePath, 'utf-8');
+        return matchPatterns(patterns, content, filePath);
+    }
+    catch (error) {
+        // File couldn't be read (binary, permission, etc.)
+        return [];
+    }
+}
+/**
+ * Scan content string directly
+ */
+export function scanContent(content, source = '<input>', options = {}) {
+    const patterns = options.patterns ||
+        (options.minSeverity ? getPatternsMinSeverity(options.minSeverity) : ALL_PATTERNS);
+    return matchPatterns(patterns, content, source);
+}
+/**
+ * Scan a directory for security patterns
+ */
+export async function scanDirectory(dirPath, options = {}) {
+    const startTime = Date.now();
+    const patterns = options.patterns ||
+        (options.minSeverity ? getPatternsMinSeverity(options.minSeverity) : ALL_PATTERNS);
+    const include = options.include || DEFAULT_INCLUDE;
+    const exclude = options.exclude || DEFAULT_EXCLUDE;
+    // Find all matching files
+    const files = [];
+    for (const pattern of include) {
+        const matches = await glob(pattern, {
+            cwd: dirPath,
+            absolute: true,
+            ignore: exclude,
+            nodir: true,
+        });
+        files.push(...matches);
+    }
+    // Deduplicate files
+    const uniqueFiles = [...new Set(files)];
+    // Scan all files
+    const allFindings = [];
+    for (const file of uniqueFiles) {
+        const findings = await scanFile(file, { patterns });
+        allFindings.push(...findings);
+    }
+    return createScanResult(uniqueFiles.length, patterns.length, allFindings, startTime);
+}
+/**
+ * Quick scan - only critical and high severity
+ */
+export async function quickScan(dirPath) {
+    return scanDirectory(dirPath, { minSeverity: 'high' });
+}
+/**
+ * Full scan - all severities
+ */
+export async function fullScan(dirPath) {
+    return scanDirectory(dirPath, { minSeverity: 'low' });
+}
+export { DEFAULT_INCLUDE, DEFAULT_EXCLUDE };
+//# sourceMappingURL=content-scanner.js.map

package/dist/scanner/content-scanner.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"content-scanner.js","sourceRoot":"","sources":["../../src/scanner/content-scanner.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AAEH,OAAO,EAAE,QAAQ,EAAE,MAAM,aAAa,CAAC;AACvC,OAAO,EAAE,IAAI,EAAE,MAAM,MAAM,CAAC;AAE5B,OAAO,EAAE,aAAa,EAAE,gBAAgB,EAAE,MAAM,aAAa,CAAC;AAC9D,OAAO,EAAE,YAAY,EAAE,sBAAsB,EAAE,MAAM,sBAAsB,CAAC;AAa5E,MAAM,eAAe,GAAG;IACtB,SAAS;IACT,UAAU;IACV,SAAS;IACT,UAAU;IACV,SAAS;IACT,SAAS;IACT,UAAU;IACV,UAAU;IACV,WAAW;IACX,UAAU;IACV,WAAW;IACX,WAAW;CACZ,CAAC;AAEF,MAAM,eAAe,GAAG;IACtB,oBAAoB;IACpB,YAAY;IACZ,aAAa;IACb,YAAY;IACZ,gBAAgB;IAChB,aAAa;IACb,sBAAsB;IACtB,mBAAmB;IACnB,cAAc;CACf,CAAC;AAEF;;GAEG;AACH,MAAM,CAAC,KAAK,UAAU,QAAQ,CAC5B,QAAgB,EAChB,UAAuB,EAAE;IAEzB,MAAM,QAAQ,GAAG,OAAO,CAAC,QAAQ;QAC/B,CAAC,OAAO,CAAC,WAAW,CAAC,CAAC,CAAC,sBAAsB,CAAC,OAAO,CAAC,WAAW,CAAC,CAAC,CAAC,CAAC,YAAY,CAAC,CAAC;IAErF,IAAI,CAAC;QACH,MAAM,OAAO,GAAG,MAAM,QAAQ,CAAC,QAAQ,EAAE,OAAO,CAAC,CAAC;QAClD,OAAO,aAAa,CAAC,QAAQ,EAAE,OAAO,EAAE,QAAQ,CAAC,CAAC;IACpD,CAAC;IAAC,OAAO,KAAK,EAAE,CAAC;QACf,mDAAmD;QACnD,OAAO,EAAE,CAAC;IACZ,CAAC;AACH,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,WAAW,CACzB,OAAe,EACf,SAAiB,SAAS,EAC1B,UAAuB,EAAE;IAEzB,MAAM,QAAQ,GAAG,OAAO,CAAC,QAAQ;QAC/B,CAAC,OAAO,CAAC,WAAW,CAAC,CAAC,CAAC,sBAAsB,CAAC,OAAO,CAAC,WAAW,CAAC,CAAC,CAAC,CAAC,YAAY,CAAC,CAAC;IAErF,OAAO,aAAa,CAAC,QAAQ,EAAE,OAAO,EAAE,MAAM,CAAC,CAAC;AAClD,CAAC;AAED;;GAEG;AACH,MAAM,CAAC,KAAK,UAAU,aAAa,CACjC,OAAe,EACf,UAAuB,EAAE;IAEzB,MAAM,SAAS,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC;IAE7B,MAAM,QAAQ,GAAG,OAAO,CAAC,QAAQ;QAC/B,CAAC,OAAO,CAAC,WAAW,CAAC,CAAC,CAAC,sBAAsB,CAAC,OAAO,CAAC,WAAW,CAAC,CAAC,CAAC,CAAC,YAAY,CAAC,CAAC;IAErF,MAAM,OAAO,GAAG,OAAO,CAAC,OAAO,IAAI,eAAe,CAAC;IACnD,MAAM,OAAO,GAAG,OAAO,CAAC,OAAO,IAAI,eAAe,CAAC;IAEnD,0BAA0B;IAC1B,MAAM,KAAK,GAAa,EAAE,CAAC;IAC3B,KAAK,MAAM,OAAO,IAAI,OAAO,EAAE,CAAC;QAC9B,MAAM,OAAO,GAAG,MAAM,IAAI,CAAC,OAAO,EAAE;YAClC,GAAG,EAAE,OAAO;YACZ,QAAQ,EAAE,IAAI;YACd,MAAM,EAAE,OAAO;YACf,KAAK,EAAE,IAAI;SACZ,CAAC,CAAC;QACH,KAAK,CAAC,IAAI,CAAC,GAAG,OAAO,CAAC,CAAC;IACzB,CAAC;IAED,oBAAoB;IACpB,MAAM,WAAW,GAAG,CAAC,GAAG,IAAI,GAAG,CAAC,KAAK,CAAC,CAAC,CAAC;IAExC,iBAAiB;IACjB,MAAM,WAAW,GAAc,EAAE,CAAC;IAClC,KAAK,MAAM,IAAI,IAAI,WAAW,EAAE,CAAC;QAC/B,MAAM,QAAQ,GAAG,MAAM,QAAQ,CAAC,IAAI,EAAE,EAAE,QAAQ,EAAE,CAAC,CAAC;QACpD,WAAW,CAAC,IAAI,CAAC,GAAG,QAAQ,CAAC,CAAC;IAChC,CAAC;IAED,OAAO,gBAAgB,CAAC,WAAW,CAAC,MAAM,EAAE,QAAQ,CAAC,MAAM,EAAE,WAAW,EAAE,SAAS,CAAC,CAAC;AACvF,CAAC;AAED;;GAEG;AACH,MAAM,CAAC,KAAK,UAAU,SAAS,CAAC,OAAe;IAC7C,OAAO,aAAa,CAAC,OAAO,EAAE,EAAE,WAAW,EAAE,MAAM,EAAE,CAAC,CAAC;AACzD,CAAC;AAED;;GAEG;AACH,MAAM,CAAC,KAAK,UAAU,QAAQ,CAAC,OAAe;IAC5C,OAAO,aAAa,CAAC,OAAO,EAAE,EAAE,WAAW,EAAE,KAAK,EAAE,CAAC,CAAC;AACxD,CAAC;AAED,OAAO,EAAE,eAAe,EAAE,eAAe,EAAE,CAAC"}