@feiyoug/skill-lab 0.0.0 → 0.0.2

package/script/analyzer/steps/002-permissions/scan-file.js

@@ -38,7 +38,7 @@ const SHELL_RESERVED_WORDS = new Set([
 /**
  * Scans a text-like file and returns updated state with permissions and findings.
  */
-function scanFileForPermissions(context, input) {
+async function scanFileForPermissions(context, input) {
     const { state, fileRef, scanPath, content, lineOffset = 0, referenceType = "content", } = input;
     const permissions = [];
     const findings = [...state.findings];
@@ -49,15 +49,16 @@ function scanFileForPermissions(context, input) {
             ...state,
             metadata: {
                 ...state.metadata,
-                scannedFiles: [...state.metadata.scannedFiles, scanPath],
+                scannedFiles: new Set([...state.metadata.scannedFiles, scanPath]),
             },
         };
     }
     const scanLanguage = rules[0].grammar;
-    const matches = context.astgrepClient.scanWithRules(content, scanLanguage, rules);
+    const matches = await context.astgrepClient.scanWithRules(content, scanLanguage, rules);
     const lines = content.split("\n");
     const filteredMatches = matches.filter((match) => shouldKeepMatchForBlock(match, lineOffset + 1, lines));
-    const blockFindings = context.astgrepClient.matchesToFindings(scanPath, referenceType, filteredMatches.map((match) => ({
+    const deconflictedMatches = dropGenericShellDuplicates(filteredMatches, rules);
+    const blockFindings = context.astgrepClient.matchesToFindings(scanPath, referenceType, deconflictedMatches.map((match) => ({
         ...match,
         line: match.line + lineOffset,
         lineEnd: (match.lineEnd ?? match.line) + lineOffset,
@@ -94,7 +95,7 @@ function scanFileForPermissions(context, input) {
         metadata: {
             ...state.metadata,
             rulesUsed,
-            scannedFiles: [...state.metadata.scannedFiles, scanPath],
+            scannedFiles: new Set([...state.metadata.scannedFiles, scanPath]),
         },
     };
 }
@@ -190,3 +191,37 @@ function buildPermissionArgs(metadata, detectedTool) {
     }
     return args;
 }
+function dropGenericShellDuplicates(matches, rules) {
+    const ruleById = new Map(rules.map((rule) => [rule.id, rule]));
+    const specificToolAtLine = new Set();
+    for (const match of matches) {
+        if (match.ruleId === GENERIC_SHELL_RULE_ID)
+            continue;
+        const rule = ruleById.get(match.ruleId);
+        if (!rule)
+            continue;
+        const tool = resolveToolForMatch(rule.permission.tool, match.extracted);
+        if (!tool)
+            continue;
+        specificToolAtLine.add(`${match.line}:${tool}`);
+    }
+    return matches.filter((match) => {
+        if (match.ruleId !== GENERIC_SHELL_RULE_ID)
+            return true;
+        const rule = ruleById.get(match.ruleId);
+        if (!rule)
+            return true;
+        const tool = resolveToolForMatch(rule.permission.tool, match.extracted);
+        if (!tool)
+            return true;
+        return !specificToolAtLine.has(`${match.line}:${tool}`);
+    });
+}
+function resolveToolForMatch(ruleTool, extracted) {
+    if (ruleTool !== "detected")
+        return ruleTool.toLowerCase();
+    const tool = extracted.tool;
+    if (typeof tool !== "string" || !tool.trim())
+        return null;
+    return tool.trim().toLowerCase();
+}

package/script/analyzer/steps/002-permissions/seed-frontmatter.js

@@ -1,7 +1,7 @@
 "use strict";
 Object.defineProperty(exports, "__esModule", { value: true });
 exports.seedPermissionsFromFrontmatter = seedPermissionsFromFrontmatter;
-const config_js_1 = require("../../config.js");
+const mod_js_1 = require("../../config/mod.js");
 const id_generator_js_1 = require("../../utils/id-generator.js");
 function seedPermissionsFromFrontmatter(state, skillMdPath) {
     const rawAllowed = state.frontmatter["allowed-tools"];
@@ -12,11 +12,11 @@ function seedPermissionsFromFrontmatter(state, skillMdPath) {
     const baseRef = {
         file: skillMdPath,
         line: 1,
-        lineEnd: state.frontmatter.endLineNumer,
+        lineEnd: state.frontmatter.endLineNumber,
         type: "frontmatter",
     };
     const permissions = parsed.map((tool) => {
-        const mapping = config_js_1.ALLOWED_TOOLS_MAPPING[tool.name] ?? {
+        const mapping = mod_js_1.ALLOWED_TOOLS_MAPPING[tool.name] ?? {
             tool: tool.name.toLowerCase(),
             scope: "sys",
             permission: "shell",

package/script/analyzer/steps/003-risks/dep-risks.d.ts

@@ -0,0 +1,3 @@
+import type { AnalyzerContext, AnalyzerState } from "../../types.js";
+export declare function analyzeDependencyRisks(state: AnalyzerState, context: Pick<AnalyzerContext, "config">): AnalyzerState;
+//# sourceMappingURL=dep-risks.d.ts.map

package/script/analyzer/steps/003-risks/dep-risks.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"dep-risks.d.ts","sourceRoot":"","sources":["../../../../src/analyzer/steps/003-risks/dep-risks.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,eAAe,EAAE,aAAa,EAAE,MAAM,gBAAgB,CAAC;AAOrE,wBAAgB,sBAAsB,CAClC,KAAK,EAAE,aAAa,EACpB,OAAO,EAAE,IAAI,CAAC,eAAe,EAAE,QAAQ,CAAC,GACzC,aAAa,CAgEf"}

package/script/analyzer/steps/003-risks/dep-risks.js

@@ -0,0 +1,77 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.analyzeDependencyRisks = analyzeDependencyRisks;
+const helpers_js_1 = require("./helpers.js");
+const policy_js_1 = require("./policy.js");
+const registry_js_1 = require("../../treesitter/registry.js");
+function analyzeDependencyRisks(state, context) {
+    let next = state;
+    for (const permission of next.permissions) {
+        if (permission.scope !== "dep")
+            continue;
+        if (permission.permission === "import") {
+            const grammar = resolveGrammar(permission.tool);
+            const importName = permission.args?.[0]?.trim();
+            if (!importName)
+                continue;
+            const groupKey = `DEPENDENCY:external_import:${grammar ?? "unknown"}`;
+            if (grammar && (0, policy_js_1.isDenied)(context.config, grammar, importName)) {
+                next = (0, helpers_js_1.addRisk)(next, {
+                    type: "DEPENDENCY:external_import",
+                    groupKey,
+                    severity: "critical",
+                    message: `Import '${importName}' is denied by config for ${grammar} and may execute untrusted dependency code.`,
+                    permissionIds: [permission.id],
+                    reference: resolvePrimaryReference(permission),
+                    metadata: { policy: { language: { grammar, importName, source: "denylist" } } },
+                });
+                continue;
+            }
+            if (grammar && (0, policy_js_1.isAllowed)(context.config, grammar, importName)) {
+                continue;
+            }
+            next = (0, helpers_js_1.addRisk)(next, {
+                type: "DEPENDENCY:external_import",
+                groupKey,
+                severity: "warning",
+                message: `External import not explicitly configured: ${importName}`,
+                permissionIds: [permission.id],
+                reference: resolvePrimaryReference(permission),
+                metadata: grammar
+                    ? { policy: { language: { grammar, importName, source: "default" } } }
+                    : undefined,
+            });
+            continue;
+        }
+        if (permission.permission === "externalreference") {
+            const discoveryMethod = permission.metadata?.discoveryMethod;
+            const path = permission.args?.[0] ?? permission.tool;
+            const isSourceInclude = discoveryMethod === "source";
+            next = (0, helpers_js_1.addRisk)(next, {
+                type: "REFERENCE:external_file",
+                groupKey: `REFERENCE:external_file:${permission.tool}`,
+                severity: "warning",
+                message: isSourceInclude
+                    ? `Sourced external file not analyzed yet: ${path}`
+                    : `External reference not analyzed yet: ${path}`,
+                permissionIds: [permission.id],
+                reference: resolvePrimaryReference(permission),
+                metadata: isSourceInclude ? { discoveryMethod: "source" } : undefined,
+            });
+        }
+    }
+    return next;
+}
+function resolveGrammar(tool) {
+    return tool in registry_js_1.GRAMMAR_SPECS ? tool : null;
+}
+function resolvePrimaryReference(permission) {
+    const reference = permission.references[0];
+    if (reference)
+        return reference;
+    return {
+        file: "SKILL.md",
+        line: 1,
+        type: "content",
+    };
+}

package/script/analyzer/steps/003-risks/helpers.d.ts

@@ -2,6 +2,7 @@ import type { AnalyzerState } from "../../types.js";
 import type { RiskCode, Severity } from "../../../shared/mod.js";
 export declare function addRisk(state: AnalyzerState, input: {
     type: RiskCode;
+    groupKey?: string;
     severity: Severity;
     message: string;
     permissionIds: string[];

package/script/analyzer/steps/003-risks/helpers.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"helpers.d.ts","sourceRoot":"","sources":["../../../../src/analyzer/steps/003-risks/helpers.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,aAAa,EAAE,MAAM,gBAAgB,CAAC;AACpD,OAAO,KAAK,EAAQ,QAAQ,EAAE,QAAQ,EAAE,MAAM,wBAAwB,CAAC;AAGvE,wBAAgB,OAAO,CACnB,KAAK,EAAE,aAAa,EACpB,KAAK,EAAE;IACH,IAAI,EAAE,QAAQ,CAAC;IACf,QAAQ,EAAE,QAAQ,CAAC;IACnB,OAAO,EAAE,MAAM,CAAC;IAChB,aAAa,EAAE,MAAM,EAAE,CAAC;IACxB,SAAS,EAAE,aAAa,CAAC,UAAU,CAAC,CAAC,MAAM,CAAC,CAAC,WAAW,CAAC,CAAC;IAC1D,QAAQ,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;CACtC,GACF,aAAa,CAwBf"}
+{"version":3,"file":"helpers.d.ts","sourceRoot":"","sources":["../../../../src/analyzer/steps/003-risks/helpers.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,aAAa,EAAE,MAAM,gBAAgB,CAAC;AACpD,OAAO,KAAK,EAAQ,QAAQ,EAAE,QAAQ,EAAE,MAAM,wBAAwB,CAAC;AAGvE,wBAAgB,OAAO,CACnB,KAAK,EAAE,aAAa,EACpB,KAAK,EAAE;IACH,IAAI,EAAE,QAAQ,CAAC;IACf,QAAQ,CAAC,EAAE,MAAM,CAAC;IAClB,QAAQ,EAAE,QAAQ,CAAC;IACnB,OAAO,EAAE,MAAM,CAAC;IAChB,aAAa,EAAE,MAAM,EAAE,CAAC;IACxB,SAAS,EAAE,aAAa,CAAC,UAAU,CAAC,CAAC,MAAM,CAAC,CAAC,WAAW,CAAC,CAAC;IAC1D,QAAQ,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;CACtC,GACF,aAAa,CAyBf"}

package/script/analyzer/steps/003-risks/helpers.js

@@ -6,6 +6,7 @@ function addRisk(state, input) {
     const risk = {
         id: (0, id_generator_js_1.generateRiskId)(input.type, state.risks.length),
         type: input.type,
+        groupKey: input.groupKey,
         severity: input.severity,
         message: input.message,
         reference: input.reference,

package/script/analyzer/steps/003-risks/mod.d.ts

@@ -1,3 +1,4 @@
-import type { AnalyzerResult, AnalyzerState } from "../../types.js";
-export declare function run003Risks(state: AnalyzerState): AnalyzerResult;
+import { SkillAnalyzerResult } from "../../result.js";
+import type { AnalyzerContext, AnalyzerState } from "../../types.js";
+export declare function run003Risks(state: AnalyzerState, context?: Pick<AnalyzerContext, "showProgressBar" | "config">): Promise<SkillAnalyzerResult>;
 //# sourceMappingURL=mod.d.ts.map

package/script/analyzer/steps/003-risks/mod.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"mod.d.ts","sourceRoot":"","sources":["../../../../src/analyzer/steps/003-risks/mod.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,cAAc,EAAE,aAAa,EAAE,MAAM,gBAAgB,CAAC;AAMpE,wBAAgB,WAAW,CAAC,KAAK,EAAE,aAAa,GAAG,cAAc,CAKhE"}
+{"version":3,"file":"mod.d.ts","sourceRoot":"","sources":["../../../../src/analyzer/steps/003-risks/mod.ts"],"names":[],"mappings":"AAEA,OAAO,EAAE,mBAAmB,EAAE,MAAM,iBAAiB,CAAC;AACtD,OAAO,KAAK,EAAE,eAAe,EAAE,aAAa,EAAE,MAAM,gBAAgB,CAAC;AASrE,wBAAsB,WAAW,CAC7B,KAAK,EAAE,aAAa,EACpB,OAAO,CAAC,EAAE,IAAI,CAAC,eAAe,EAAE,iBAAiB,GAAG,QAAQ,CAAC,GAC9D,OAAO,CAAC,mBAAmB,CAAC,CAuC9B"}

package/script/analyzer/steps/003-risks/mod.js

@@ -1,14 +1,87 @@
 "use strict";
+var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    var desc = Object.getOwnPropertyDescriptor(m, k);
+    if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
+      desc = { enumerable: true, get: function() { return m[k]; } };
+    }
+    Object.defineProperty(o, k2, desc);
+}) : (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    o[k2] = m[k];
+}));
+var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) {
+    Object.defineProperty(o, "default", { enumerable: true, value: v });
+}) : function(o, v) {
+    o["default"] = v;
+});
+var __importStar = (this && this.__importStar) || (function () {
+    var ownKeys = function(o) {
+        ownKeys = Object.getOwnPropertyNames || function (o) {
+            var ar = [];
+            for (var k in o) if (Object.prototype.hasOwnProperty.call(o, k)) ar[ar.length] = k;
+            return ar;
+        };
+        return ownKeys(o);
+    };
+    return function (mod) {
+        if (mod && mod.__esModule) return mod;
+        var result = {};
+        if (mod != null) for (var k = ownKeys(mod), i = 0; i < k.length; i++) if (k[i] !== "default") __createBinding(result, mod, k[i]);
+        __setModuleDefault(result, mod);
+        return result;
+    };
+})();
+var __importDefault = (this && this.__importDefault) || function (mod) {
+    return (mod && mod.__esModule) ? mod : { "default": mod };
+};
 Object.defineProperty(exports, "__esModule", { value: true });
 exports.run003Risks = run003Risks;
-const output_js_1 = require("./output.js");
+const dntShim = __importStar(require("../../../_dnt.shims.js"));
+const mod_js_1 = __importDefault(require("../../../deps/jsr.io/@deno-library/progress/1.5.1/mod.js"));
+const result_js_1 = require("../../result.js");
+const mod_js_2 = require("../../config/mod.js");
+const dep_risks_js_1 = require("./dep-risks.js");
 const rule_mapped_js_1 = require("./rule-mapped.js");
 const REMOTE_SCRIPT_WARNING = "Remote script content analysis is NOT_IMPLEMENTED";
-function run003Risks(state) {
+const ANSI_SHOW_CURSOR = "\x1b[?25h";
+const ENCODER = new TextEncoder();
+async function run003Risks(state, context) {
     let next = state;
-    next = (0, rule_mapped_js_1.analyzeRuleMappedRisks)(next);
+    const resolvedConfig = context?.config ?? (0, mod_js_2.resolveConfig)(mod_js_2.DEFAULT_ANALYZER_CONFIG);
+    const shouldRenderProgress = (context?.showProgressBar ?? false) && dntShim.Deno.stderr.isTerminal();
+    const riskBar = shouldRenderProgress
+        ? new mod_js_1.default({
+            total: Math.max(1, next.findings.length),
+            clear: true,
+            output: dntShim.Deno.stderr,
+            display: "Finalizing [:bar] :completed/:total findings :percent",
+        })
+        : null;
+    let processed = 0;
+    try {
+        if (riskBar) {
+            await riskBar.render(processed);
+        }
+        const resolvedContext = { config: resolvedConfig };
+        next = (0, dep_risks_js_1.analyzeDependencyRisks)(next, resolvedContext);
+        next = (0, rule_mapped_js_1.analyzeRuleMappedRisks)(next, resolvedContext, () => {
+            processed += 1;
+            if (riskBar) {
+                void riskBar.render(processed);
+            }
+        });
+    }
+    finally {
+        if (riskBar) {
+            await riskBar.end();
+        }
+        if (shouldRenderProgress && dntShim.Deno.stderr.isTerminal()) {
+            dntShim.Deno.stderr.writeSync(ENCODER.encode(ANSI_SHOW_CURSOR));
+        }
+    }
     next = addRemoteScriptWarningIfNeeded(next);
-    return (0, output_js_1.toAnalyzerResult)(dedupeRisks(next));
+    return new result_js_1.SkillAnalyzerResult(dedupeRisks(next), resolvedConfig);
 }
 function addRemoteScriptWarningIfNeeded(state) {
     const hasRemoteCodeExecution = state.risks.some((risk) => risk.type === "NETWORK:remote_code_execution");

package/script/analyzer/steps/003-risks/policy.d.ts

@@ -0,0 +1,7 @@
+import type { TreesitterGrammar } from "../../treesitter/registry.js";
+import type { AnalyzerConfig } from "../../config/mod.js";
+export declare function isDenied(config: AnalyzerConfig, grammar: TreesitterGrammar, importName: string): boolean;
+export declare function isAllowed(config: AnalyzerConfig, grammar: TreesitterGrammar, importName: string): boolean;
+export declare function isNetworkDenied(config: AnalyzerConfig, host: string): boolean;
+export declare function isNetworkAllowed(config: AnalyzerConfig, host: string): boolean;
+//# sourceMappingURL=policy.d.ts.map

package/script/analyzer/steps/003-risks/policy.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"policy.d.ts","sourceRoot":"","sources":["../../../../src/analyzer/steps/003-risks/policy.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,iBAAiB,EAAE,MAAM,8BAA8B,CAAC;AACtE,OAAO,KAAK,EAAE,cAAc,EAAE,MAAM,qBAAqB,CAAC;AAY1D,wBAAgB,QAAQ,CACpB,MAAM,EAAE,cAAc,EACtB,OAAO,EAAE,iBAAiB,EAC1B,UAAU,EAAE,MAAM,GACnB,OAAO,CAGT;AAED,wBAAgB,SAAS,CACrB,MAAM,EAAE,cAAc,EACtB,OAAO,EAAE,iBAAiB,EAC1B,UAAU,EAAE,MAAM,GACnB,OAAO,CAGT;AAED,wBAAgB,eAAe,CAAC,MAAM,EAAE,cAAc,EAAE,IAAI,EAAE,MAAM,GAAG,OAAO,CAE7E;AAED,wBAAgB,gBAAgB,CAAC,MAAM,EAAE,cAAc,EAAE,IAAI,EAAE,MAAM,GAAG,OAAO,CAE9E"}

package/script/analyzer/steps/003-risks/policy.js

@@ -0,0 +1,29 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.isDenied = isDenied;
+exports.isAllowed = isAllowed;
+exports.isNetworkDenied = isNetworkDenied;
+exports.isNetworkAllowed = isNetworkAllowed;
+function normalizeEntry(value) {
+    return value.trim().toLowerCase();
+}
+function listHasValue(list, value) {
+    if (!value || !list || list.length === 0)
+        return false;
+    const normalized = normalizeEntry(value);
+    return list.some((entry) => normalizeEntry(entry) === normalized);
+}
+function isDenied(config, grammar, importName) {
+    const imports = config.denylist?.languages?.[grammar]?.imports;
+    return listHasValue(imports, importName);
+}
+function isAllowed(config, grammar, importName) {
+    const imports = config.allowlist?.languages?.[grammar]?.imports;
+    return listHasValue(imports, importName);
+}
+function isNetworkDenied(config, host) {
+    return listHasValue(config.denylist?.network?.domains, host);
+}
+function isNetworkAllowed(config, host) {
+    return listHasValue(config.allowlist?.network?.domains, host);
+}

package/script/analyzer/steps/003-risks/rule-mapped.d.ts

@@ -1,3 +1,3 @@
-import type { AnalyzerState } from "../../types.js";
-export declare function analyzeRuleMappedRisks(state: AnalyzerState): AnalyzerState;
+import type { AnalyzerContext, AnalyzerState } from "../../types.js";
+export declare function analyzeRuleMappedRisks(state: AnalyzerState, context: Pick<AnalyzerContext, "config">, onFindingProcessed?: () => void): AnalyzerState;
 //# sourceMappingURL=rule-mapped.d.ts.map

package/script/analyzer/steps/003-risks/rule-mapped.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"rule-mapped.d.ts","sourceRoot":"","sources":["../../../../src/analyzer/steps/003-risks/rule-mapped.ts"],"names":[],"mappings":"AACA,OAAO,KAAK,EAAE,aAAa,EAAE,MAAM,gBAAgB,CAAC;AAUpD,wBAAgB,sBAAsB,CAAC,KAAK,EAAE,aAAa,GAAG,aAAa,CA0B1E"}
+{"version":3,"file":"rule-mapped.d.ts","sourceRoot":"","sources":["../../../../src/analyzer/steps/003-risks/rule-mapped.ts"],"names":[],"mappings":"AACA,OAAO,KAAK,EAAE,eAAe,EAAE,aAAa,EAAE,MAAM,gBAAgB,CAAC;AAarE,wBAAgB,sBAAsB,CAClC,KAAK,EAAE,aAAa,EACpB,OAAO,EAAE,IAAI,CAAC,eAAe,EAAE,QAAQ,CAAC,EACxC,kBAAkB,CAAC,EAAE,MAAM,IAAI,GAChC,aAAa,CAsCf"}

package/script/analyzer/steps/003-risks/rule-mapped.js

@@ -3,12 +3,14 @@ Object.defineProperty(exports, "__esModule", { value: true });
 exports.analyzeRuleMappedRisks = analyzeRuleMappedRisks;
 const mod_js_1 = require("../../rules/mod.js");
 const helpers_js_1 = require("./helpers.js");
+const policy_js_1 = require("./policy.js");
+const registry_js_1 = require("../../treesitter/registry.js");
 const PROMPT_CATEGORY = "PROMPT";
 const INJECTION_CATEGORY = "INJECTION";
 const NETWORK_CATEGORY = "NETWORK";
 const SECRETS_CATEGORY = "SECRETS";
 const DESTRUCTIVE_CATEGORIES = new Set(["DESTRUCTIVE", "PRIVILEGE", "PERSISTENCE"]);
-function analyzeRuleMappedRisks(state) {
+function analyzeRuleMappedRisks(state, context, onFindingProcessed) {
     let next = state;
     for (const finding of next.findings) {
         const rule = mod_js_1.RULES_BY_ID.get(finding.ruleId);
@@ -17,21 +19,100 @@ function analyzeRuleMappedRisks(state) {
         const matchedPermission = resolvePermissionForFinding(next, finding);
         const mapped = (0, mod_js_1.evalRuleRiskMappings)(rule, { permission: matchedPermission, finding });
         for (const risk of mapped) {
+            const policy = resolvePolicyForRisk({
+                context,
+                rule,
+                finding,
+                permission: matchedPermission,
+                risk,
+            });
+            if (policy.skip)
+                continue;
             const permissionIds = selectPermissionIds(next, finding, risk.code, matchedPermission);
             if (permissionIds.length === 0)
                 continue;
             next = (0, helpers_js_1.addRisk)(next, {
                 type: risk.code,
+                groupKey: matchedPermission ? `${risk.code}:${matchedPermission.tool}` : risk.code,
                 severity: risk.severity,
                 message: risk.message,
                 permissionIds,
                 reference: finding.reference,
-                metadata: risk.metadata ?? finding.extracted,
+                metadata: policy.metadata,
             });
         }
+        onFindingProcessed?.();
     }
     return next;
 }
+function resolvePolicyForRisk(input) {
+    const { context, rule, finding, permission, risk } = input;
+    const baseMetadata = (risk.metadata ?? finding.extracted);
+    const policyMetadata = {};
+    if (risk.code.startsWith("NETWORK:")) {
+        const host = resolveHost(baseMetadata);
+        if (host) {
+            if ((0, policy_js_1.isNetworkDenied)(context.config, host)) {
+                policyMetadata.network = { host, source: "denylist" };
+            }
+            else if ((0, policy_js_1.isNetworkAllowed)(context.config, host)) {
+                return { skip: true };
+            }
+        }
+    }
+    const grammar = resolveRuleGrammar(rule);
+    const importName = resolveImportName(finding, permission);
+    if (grammar && importName) {
+        if ((0, policy_js_1.isDenied)(context.config, grammar, importName)) {
+            policyMetadata.language = { grammar, importName, source: "denylist" };
+        }
+        else if ((0, policy_js_1.isAllowed)(context.config, grammar, importName)) {
+            return { skip: true };
+        }
+    }
+    const metadata = Object.keys(policyMetadata).length
+        ? { ...(baseMetadata ?? {}), policy: policyMetadata }
+        : baseMetadata;
+    return { skip: false, metadata };
+}
+function resolveRuleGrammar(rule) {
+    if (!rule)
+        return null;
+    if ("grammar" in rule && typeof rule.grammar === "string") {
+        return rule.grammar in registry_js_1.GRAMMAR_SPECS ? rule.grammar : null;
+    }
+    return null;
+}
+function resolveImportName(finding, permission) {
+    const extracted = finding.extracted;
+    const candidates = [
+        extracted?.import,
+        extracted?.module,
+        extracted?.package,
+        extracted?.dependency,
+    ];
+    for (const value of candidates) {
+        if (typeof value === "string" && value.trim())
+            return value.trim();
+    }
+    if (permission?.metadata) {
+        const meta = permission.metadata;
+        const metaCandidates = [meta.import, meta.module, meta.package, meta.dependency];
+        for (const value of metaCandidates) {
+            if (typeof value === "string" && value.trim())
+                return value.trim();
+        }
+    }
+    return undefined;
+}
+function resolveHost(metadata) {
+    if (!metadata)
+        return undefined;
+    const raw = metadata.host;
+    if (typeof raw === "string" && raw.trim())
+        return raw.trim();
+    return undefined;
+}
 function resolvePermissionForFinding(state, finding) {
     return state.permissions.find((permission) => overlaps(permission, finding));
 }

package/script/analyzer/steps/003-risks/scoring.d.ts

@@ -1,7 +1,15 @@
+import type { AnalyzerConfig } from "../../config/mod.js";
 import type { AnalyzerState } from "../../types.js";
+type RiskLevel = "safe" | "caution" | "attention" | "risky" | "avoid";
 export declare function scoreState(state: AnalyzerState): {
     score: number;
-    riskLevel: "safe" | "caution" | "attention" | "risky" | "avoid";
+    riskLevel: RiskLevel;
     summary: string;
 };
+export declare function scoreState(state: AnalyzerState, config: AnalyzerConfig): {
+    score: number;
+    riskLevel: RiskLevel;
+    summary: string;
+};
+export {};
 //# sourceMappingURL=scoring.d.ts.map

package/script/analyzer/steps/003-risks/scoring.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"scoring.d.ts","sourceRoot":"","sources":["../../../../src/analyzer/steps/003-risks/scoring.ts"],"names":[],"mappings":"AACA,OAAO,KAAK,EAAE,aAAa,EAAE,MAAM,gBAAgB,CAAC;AAEpD,wBAAgB,UAAU,CAAC,KAAK,EAAE,aAAa,GAAG;IAC9C,KAAK,EAAE,MAAM,CAAC;IACd,SAAS,EAAE,MAAM,GAAG,SAAS,GAAG,WAAW,GAAG,OAAO,GAAG,OAAO,CAAC;IAChE,OAAO,EAAE,MAAM,CAAC;CACnB,CA0CA"}
+{"version":3,"file":"scoring.d.ts","sourceRoot":"","sources":["../../../../src/analyzer/steps/003-risks/scoring.ts"],"names":[],"mappings":"AACA,OAAO,KAAK,EAAE,cAAc,EAAE,MAAM,qBAAqB,CAAC;AAC1D,OAAO,KAAK,EAAE,aAAa,EAAE,MAAM,gBAAgB,CAAC;AAEpD,KAAK,SAAS,GAAG,MAAM,GAAG,SAAS,GAAG,WAAW,GAAG,OAAO,GAAG,OAAO,CAAC;AAGtE,wBAAgB,UAAU,CAAC,KAAK,EAAE,aAAa,GAAG;IAC9C,KAAK,EAAE,MAAM,CAAC;IACd,SAAS,EAAE,SAAS,CAAC;IACrB,OAAO,EAAE,MAAM,CAAC;CACnB,CAAC;AACF,wBAAgB,UAAU,CACtB,KAAK,EAAE,aAAa,EACpB,MAAM,EAAE,cAAc,GACvB;IACC,KAAK,EAAE,MAAM,CAAC;IACd,SAAS,EAAE,SAAS,CAAC;IACrB,OAAO,EAAE,MAAM,CAAC;CACnB,CAAC"}

package/script/analyzer/steps/003-risks/scoring.js

@@ -1,61 +1,74 @@
 "use strict";
 Object.defineProperty(exports, "__esModule", { value: true });
 exports.scoreState = scoreState;
-const config_js_1 = require("../../config.js");
-function scoreState(state) {
-    const severityScore = Math.max(0, ...state.risks.map((risk) => config_js_1.SCORING.severity[risk.severity]));
-    const permissionScore = Math.max(0, ...state.permissions.map((perm) => {
-        const base = config_js_1.SCORING.permissions[`${perm.scope}:${perm.permission}`] ?? 0;
-        const wildcard = perm.args?.includes("*") ? config_js_1.SCORING.scopeWildcard : 0;
-        return base + wildcard;
-    }));
-    let uplift = 0;
-    const hasExternalPost = state.risks.some((risk) => risk.type === "NETWORK:data_exfiltration" &&
-        ["POST", "PUT", "PATCH"].includes(String(risk.metadata?.method ?? "GET").toUpperCase()));
-    if (hasExternalPost)
-        uplift += config_js_1.SCORING.uplift.externalPost;
-    const hasPipeToShell = state.risks.some((risk) => risk.type === "NETWORK:remote_code_execution");
-    if (hasPipeToShell)
-        uplift += config_js_1.SCORING.uplift.pipeToShell;
-    const criticalCount = state.risks.filter((risk) => risk.severity === "critical").length;
-    if (criticalCount >= 3)
-        uplift += config_js_1.SCORING.uplift.multipleCritical;
-    const hasSecretTransfer = state.risks.some((risk) => risk.type === "NETWORK:credential_leak" ||
-        risk.type === "NETWORK:localhost_secret_exposure");
-    if (hasSecretTransfer)
-        uplift += config_js_1.SCORING.uplift.secretsInRequest;
-    const score = severityScore + permissionScore + uplift;
-    const riskLevel = toRiskLevel(score);
+const mod_js_1 = require("../../config/mod.js");
+const SEVERITY_ORDER = { critical: 0, warning: 1, info: 2 };
+function scoreState(state, config) {
+    const resolvedConfig = (0, mod_js_1.resolveConfig)(config ?? mod_js_1.DEFAULT_ANALYZER_CONFIG);
+    const baseScore = {
+        info: 0,
+        warning: 1,
+        critical: 5,
+        ...(resolvedConfig.riskReport?.baseScore ?? {}),
+    };
+    const upliftConfig = resolvedConfig.riskReport?.uplift ?? {};
+    const thresholds = {
+        safe: 0,
+        caution: 1,
+        attention: 3,
+        risky: 5,
+        avoid: 7,
+        ...(resolvedConfig.riskReport?.thresholds ?? {}),
+    };
+    const groupedSeverity = new Map();
+    const ungroupedSeverity = [];
+    for (const risk of state.risks) {
+        const score = baseScore[risk.severity] ?? 0;
+        if (risk.groupKey) {
+            groupedSeverity.set(risk.groupKey, Math.max(groupedSeverity.get(risk.groupKey) ?? 0, score));
+            continue;
+        }
+        ungroupedSeverity.push(score);
+    }
+    const severityScore = Math.max(0, ...ungroupedSeverity, ...groupedSeverity.values());
+    const riskTypes = new Set(state.risks.map((risk) => risk.type));
+    const upliftScore = Array.from(riskTypes).reduce((sum, riskType) => sum + (upliftConfig[riskType] ?? 0), 0);
+    const score = severityScore + upliftScore;
+    const riskLevel = toRiskLevel(score, thresholds);
     const summary = buildSummary(state, riskLevel);
     return { score, riskLevel, summary };
 }
-function toRiskLevel(score) {
-    if (score <= 0)
-        return "safe";
-    if (score <= 2)
-        return "caution";
-    if (score <= 4)
-        return "attention";
-    if (score <= 6)
+function toRiskLevel(score, thresholds) {
+    if (score >= thresholds.avoid)
+        return "avoid";
+    if (score >= thresholds.risky)
         return "risky";
-    return "avoid";
+    if (score >= thresholds.attention)
+        return "attention";
+    if (score >= thresholds.caution)
+        return "caution";
+    return "safe";
 }
 function buildSummary(state, riskLevel) {
-    const topRisk = state.risks[0]?.type ?? "no major risks";
-    const topPermission = state.permissions[0]
-        ? `${state.permissions[0].scope}:${state.permissions[0].permission}`
-        : "no permissions";
+    if (state.risks.length === 0)
+        return "No significant risk signals detected.";
+    const sorted = [...state.risks].sort((a, b) => SEVERITY_ORDER[a.severity] - SEVERITY_ORDER[b.severity]);
+    const topSeverity = sorted[0].severity;
+    const topTypes = [
+        ...new Set(sorted.filter((risk) => risk.severity === topSeverity).map((risk) => risk.type)),
+    ].slice(0, 3);
+    const typeList = topTypes.join(", ");
     if (riskLevel === "avoid") {
-        return `Critical risks detected (${topRisk}) with elevated capability (${topPermission}).`;
+        return `Severe risks detected: ${typeList}.`;
     }
     if (riskLevel === "risky") {
-        return `Elevated risk profile (${topRisk}) and broad access (${topPermission}).`;
+        return `Elevated risk: ${typeList}.`;
     }
     if (riskLevel === "attention") {
-        return `Moderate risk signal (${topRisk}) from detected capabilities.`;
+        return `Moderate risk: ${typeList}.`;
     }
     if (riskLevel === "caution") {
-        return `Low-risk profile with limited permissions (${topPermission}).`;
+        return `Low-risk signals: ${typeList}.`;
     }
     return "No significant risk signals detected.";
 }