npm - @feiyoug/skill-lab - Versions diffs - 0.0.0 → 0.0.2 - Mend

@feiyoug/skill-lab 0.0.0 → 0.0.2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (465) hide show

package/README.md +73 -0
package/esm/analyzer/astgrep/client.d.ts +20 -8
package/esm/analyzer/astgrep/client.d.ts.map +1 -1
package/esm/analyzer/astgrep/client.js +58 -31
package/esm/analyzer/config/default.d.ts +8 -0
package/esm/analyzer/config/default.d.ts.map +1 -0
package/esm/analyzer/config/default.js +91 -0
package/esm/analyzer/config/helpers.d.ts +8 -0
package/esm/analyzer/config/helpers.d.ts.map +1 -0
package/esm/analyzer/config/helpers.js +72 -0
package/esm/analyzer/config/mod.d.ts +4 -0
package/esm/analyzer/config/mod.d.ts.map +1 -0
package/esm/analyzer/config/mod.js +3 -0
package/esm/analyzer/config/types.d.ts +58 -0
package/esm/analyzer/config/types.d.ts.map +1 -0
package/esm/analyzer/{config.js → config/types.js} +0 -28
package/esm/analyzer/logging.d.ts +3 -0
package/esm/analyzer/logging.d.ts.map +1 -0
package/esm/analyzer/logging.js +6 -0
package/esm/analyzer/mod.d.ts +12 -5
package/esm/analyzer/mod.d.ts.map +1 -1
package/esm/analyzer/mod.js +25 -12
package/esm/analyzer/result.d.ts +35 -0
package/esm/analyzer/result.d.ts.map +1 -0
package/esm/analyzer/result.js +311 -0
package/esm/analyzer/rules/bash/commands/mod.d.ts +1 -0
package/esm/analyzer/rules/bash/commands/mod.d.ts.map +1 -1
package/esm/analyzer/rules/bash/commands/mod.js +3 -0
package/esm/analyzer/rules/bash/commands/pip.d.ts +3 -0
package/esm/analyzer/rules/bash/commands/pip.d.ts.map +1 -0
package/esm/analyzer/rules/bash/commands/pip.js +14 -0
package/esm/analyzer/rules/bash/extractFileRefs.d.ts +1 -1
package/esm/analyzer/rules/bash/extractFileRefs.d.ts.map +1 -1
package/esm/analyzer/rules/bash/extractFileRefs.js +2 -2
package/esm/analyzer/rules/bash/inline-command-classifier.d.ts +1 -1
package/esm/analyzer/rules/bash/inline-command-classifier.d.ts.map +1 -1
package/esm/analyzer/rules/bash/inline-command-classifier.js +4 -4
package/esm/analyzer/rules/javascript/extractFileRefs.d.ts +3 -4
package/esm/analyzer/rules/javascript/extractFileRefs.d.ts.map +1 -1
package/esm/analyzer/rules/javascript/extractFileRefs.js +3 -4
package/esm/analyzer/rules/markdown/extractCodeBlocks.d.ts.map +1 -1
package/esm/analyzer/rules/markdown/extractCodeBlocks.js +6 -3
package/esm/analyzer/rules/markdown/extractFileRefs.d.ts.map +1 -1
package/esm/analyzer/rules/markdown/extractFileRefs.js +2 -0
package/esm/analyzer/rules/python/extractFileRefs.d.ts +1 -1
package/esm/analyzer/rules/python/extractFileRefs.d.ts.map +1 -1
package/esm/analyzer/rules/python/extractFileRefs.js +2 -2
package/esm/analyzer/steps/001-discovery/discover-files.d.ts +4 -0
package/esm/analyzer/steps/001-discovery/discover-files.d.ts.map +1 -1
package/esm/analyzer/steps/001-discovery/discover-files.js +18 -2
package/esm/analyzer/steps/001-discovery/mod.d.ts.map +1 -1
package/esm/analyzer/steps/001-discovery/mod.js +39 -9
package/esm/analyzer/steps/002-permissions/mod.d.ts.map +1 -1
package/esm/analyzer/steps/002-permissions/mod.js +156 -73
package/esm/analyzer/steps/002-permissions/scan-file.d.ts +1 -1
package/esm/analyzer/steps/002-permissions/scan-file.d.ts.map +1 -1
package/esm/analyzer/steps/002-permissions/scan-file.js +40 -5
package/esm/analyzer/steps/002-permissions/seed-frontmatter.js +2 -2
package/esm/analyzer/steps/003-risks/dep-risks.d.ts +3 -0
package/esm/analyzer/steps/003-risks/dep-risks.d.ts.map +1 -0
package/esm/analyzer/steps/003-risks/dep-risks.js +74 -0
package/esm/analyzer/steps/003-risks/helpers.d.ts +1 -0
package/esm/analyzer/steps/003-risks/helpers.d.ts.map +1 -1
package/esm/analyzer/steps/003-risks/helpers.js +1 -0
package/esm/analyzer/steps/003-risks/mod.d.ts +3 -2
package/esm/analyzer/steps/003-risks/mod.d.ts.map +1 -1
package/esm/analyzer/steps/003-risks/mod.js +41 -4
package/esm/analyzer/steps/003-risks/policy.d.ts +7 -0
package/esm/analyzer/steps/003-risks/policy.d.ts.map +1 -0
package/esm/analyzer/steps/003-risks/policy.js +23 -0
package/esm/analyzer/steps/003-risks/rule-mapped.d.ts +2 -2
package/esm/analyzer/steps/003-risks/rule-mapped.d.ts.map +1 -1
package/esm/analyzer/steps/003-risks/rule-mapped.js +83 -2
package/esm/analyzer/steps/003-risks/scoring.d.ts +9 -1
package/esm/analyzer/steps/003-risks/scoring.d.ts.map +1 -1
package/esm/analyzer/steps/003-risks/scoring.js +55 -42
package/esm/analyzer/treesitter/client.d.ts +31 -0
package/esm/analyzer/treesitter/client.d.ts.map +1 -0
package/esm/analyzer/{treesiter → treesitter}/client.js +43 -39
package/esm/analyzer/treesitter/registry.d.ts +73 -0
package/esm/analyzer/treesitter/registry.d.ts.map +1 -0
package/esm/analyzer/treesitter/registry.js +165 -0
package/esm/analyzer/types.d.ts +14 -28
package/esm/analyzer/types.d.ts.map +1 -1
package/esm/deps/jsr.io/@deno-library/progress/1.5.1/deps.d.ts +3 -0
package/esm/deps/jsr.io/@deno-library/progress/1.5.1/deps.d.ts.map +1 -0
package/esm/deps/jsr.io/@deno-library/progress/1.5.1/deps.js +3 -0
package/esm/deps/jsr.io/@deno-library/progress/1.5.1/mod.d.ts +93 -0
package/esm/deps/jsr.io/@deno-library/progress/1.5.1/mod.d.ts.map +1 -0
package/esm/deps/jsr.io/@deno-library/progress/1.5.1/mod.js +297 -0
package/esm/deps/jsr.io/@deno-library/progress/1.5.1/multi.d.ts +84 -0
package/esm/deps/jsr.io/@deno-library/progress/1.5.1/multi.d.ts.map +1 -0
package/esm/deps/jsr.io/@deno-library/progress/1.5.1/multi.js +268 -0
package/esm/deps/jsr.io/@deno-library/progress/1.5.1/time.d.ts +18 -0
package/esm/deps/jsr.io/@deno-library/progress/1.5.1/time.d.ts.map +1 -0
package/esm/deps/jsr.io/@deno-library/progress/1.5.1/time.js +45 -0
package/esm/deps/jsr.io/@std/fmt/1.0.3/colors.d.ts +700 -0
package/esm/deps/jsr.io/@std/fmt/1.0.3/colors.d.ts.map +1 -0
package/esm/deps/jsr.io/@std/fmt/1.0.3/colors.js +903 -0
package/esm/deps/jsr.io/@std/io/0.225.0/types.d.ts +146 -0
package/esm/deps/jsr.io/@std/io/0.225.0/types.d.ts.map +1 -0
package/esm/deps/jsr.io/@std/io/0.225.0/types.js +15 -0
package/esm/deps/jsr.io/@std/io/0.225.0/write_all.d.ts +51 -0
package/esm/deps/jsr.io/@std/io/0.225.0/write_all.d.ts.map +1 -0
package/esm/deps/jsr.io/@std/io/0.225.0/write_all.js +61 -0
package/esm/shared/deep_merge.d.ts +12 -0
package/esm/shared/deep_merge.d.ts.map +1 -0
package/esm/shared/deep_merge.js +49 -0
package/esm/shared/mod.d.ts +1 -0
package/esm/shared/mod.d.ts.map +1 -1
package/esm/shared/mod.js +1 -0
package/esm/shared/types/filetypes.d.ts +2 -2
package/esm/shared/types/filetypes.d.ts.map +1 -1
package/esm/shared/types/permissions.d.ts +1 -1
package/esm/shared/types/permissions.d.ts.map +1 -1
package/esm/shared/types/risks.d.ts +4 -1
package/esm/shared/types/risks.d.ts.map +1 -1
package/esm/skillreader/types.d.ts +2 -2
package/esm/skillreader/types.d.ts.map +1 -1
package/esm/skillreader/types.js +2 -2
package/package.json +1 -1
package/script/analyzer/astgrep/client.d.ts +20 -8
package/script/analyzer/astgrep/client.d.ts.map +1 -1
package/script/analyzer/astgrep/client.js +58 -64
package/script/analyzer/config/default.d.ts +8 -0
package/script/analyzer/config/default.d.ts.map +1 -0
package/script/analyzer/config/default.js +94 -0
package/script/analyzer/config/helpers.d.ts +8 -0
package/script/analyzer/config/helpers.d.ts.map +1 -0
package/script/analyzer/config/helpers.js +76 -0
package/script/analyzer/config/mod.d.ts +4 -0
package/script/analyzer/config/mod.d.ts.map +1 -0
package/script/analyzer/config/mod.js +21 -0
package/script/analyzer/config/types.d.ts +58 -0
package/script/analyzer/config/types.d.ts.map +1 -0
package/script/analyzer/{config.js → config/types.js} +1 -29
package/script/analyzer/logging.d.ts +3 -0
package/script/analyzer/logging.d.ts.map +1 -0
package/script/analyzer/logging.js +9 -0
package/script/analyzer/mod.d.ts +12 -5
package/script/analyzer/mod.d.ts.map +1 -1
package/script/analyzer/mod.js +35 -20
package/script/analyzer/result.d.ts +35 -0
package/script/analyzer/result.d.ts.map +1 -0
package/script/analyzer/result.js +315 -0
package/script/analyzer/rules/bash/commands/mod.d.ts +1 -0
package/script/analyzer/rules/bash/commands/mod.d.ts.map +1 -1
package/script/analyzer/rules/bash/commands/mod.js +3 -0
package/script/analyzer/rules/bash/commands/pip.d.ts +3 -0
package/script/analyzer/rules/bash/commands/pip.d.ts.map +1 -0
package/script/analyzer/rules/bash/commands/pip.js +17 -0
package/script/analyzer/rules/bash/extractFileRefs.d.ts +1 -1
package/script/analyzer/rules/bash/extractFileRefs.d.ts.map +1 -1
package/script/analyzer/rules/bash/extractFileRefs.js +2 -2
package/script/analyzer/rules/bash/inline-command-classifier.d.ts +1 -1
package/script/analyzer/rules/bash/inline-command-classifier.d.ts.map +1 -1
package/script/analyzer/rules/bash/inline-command-classifier.js +4 -4
package/script/analyzer/rules/javascript/extractFileRefs.d.ts +3 -4
package/script/analyzer/rules/javascript/extractFileRefs.d.ts.map +1 -1
package/script/analyzer/rules/javascript/extractFileRefs.js +3 -4
package/script/analyzer/rules/markdown/extractCodeBlocks.d.ts.map +1 -1
package/script/analyzer/rules/markdown/extractCodeBlocks.js +6 -3
package/script/analyzer/rules/markdown/extractFileRefs.d.ts.map +1 -1
package/script/analyzer/rules/markdown/extractFileRefs.js +2 -0
package/script/analyzer/rules/python/extractFileRefs.d.ts +1 -1
package/script/analyzer/rules/python/extractFileRefs.d.ts.map +1 -1
package/script/analyzer/rules/python/extractFileRefs.js +2 -2
package/script/analyzer/steps/001-discovery/discover-files.d.ts +4 -0
package/script/analyzer/steps/001-discovery/discover-files.d.ts.map +1 -1
package/script/analyzer/steps/001-discovery/discover-files.js +18 -2
package/script/analyzer/steps/001-discovery/mod.d.ts.map +1 -1
package/script/analyzer/steps/001-discovery/mod.js +77 -11
package/script/analyzer/steps/002-permissions/mod.d.ts.map +1 -1
package/script/analyzer/steps/002-permissions/mod.js +194 -75
package/script/analyzer/steps/002-permissions/scan-file.d.ts +1 -1
package/script/analyzer/steps/002-permissions/scan-file.d.ts.map +1 -1
package/script/analyzer/steps/002-permissions/scan-file.js +40 -5
package/script/analyzer/steps/002-permissions/seed-frontmatter.js +3 -3
package/script/analyzer/steps/003-risks/dep-risks.d.ts +3 -0
package/script/analyzer/steps/003-risks/dep-risks.d.ts.map +1 -0
package/script/analyzer/steps/003-risks/dep-risks.js +77 -0
package/script/analyzer/steps/003-risks/helpers.d.ts +1 -0
package/script/analyzer/steps/003-risks/helpers.d.ts.map +1 -1
package/script/analyzer/steps/003-risks/helpers.js +1 -0
package/script/analyzer/steps/003-risks/mod.d.ts +3 -2
package/script/analyzer/steps/003-risks/mod.d.ts.map +1 -1
package/script/analyzer/steps/003-risks/mod.js +77 -4
package/script/analyzer/steps/003-risks/policy.d.ts +7 -0
package/script/analyzer/steps/003-risks/policy.d.ts.map +1 -0
package/script/analyzer/steps/003-risks/policy.js +29 -0
package/script/analyzer/steps/003-risks/rule-mapped.d.ts +2 -2
package/script/analyzer/steps/003-risks/rule-mapped.d.ts.map +1 -1
package/script/analyzer/steps/003-risks/rule-mapped.js +83 -2
package/script/analyzer/steps/003-risks/scoring.d.ts +9 -1
package/script/analyzer/steps/003-risks/scoring.d.ts.map +1 -1
package/script/analyzer/steps/003-risks/scoring.js +55 -42
package/script/analyzer/treesitter/client.d.ts +31 -0
package/script/analyzer/treesitter/client.d.ts.map +1 -0
package/script/analyzer/treesitter/client.js +136 -0
package/script/analyzer/treesitter/registry.d.ts +73 -0
package/script/analyzer/treesitter/registry.d.ts.map +1 -0
package/script/analyzer/treesitter/registry.js +206 -0
package/script/analyzer/types.d.ts +14 -28
package/script/analyzer/types.d.ts.map +1 -1
package/script/deps/jsr.io/@deno-library/progress/1.5.1/deps.d.ts +3 -0
package/script/deps/jsr.io/@deno-library/progress/1.5.1/deps.d.ts.map +1 -0
package/script/deps/jsr.io/@deno-library/progress/1.5.1/deps.js +10 -0
package/script/deps/jsr.io/@deno-library/progress/1.5.1/mod.d.ts +93 -0
package/script/deps/jsr.io/@deno-library/progress/1.5.1/mod.d.ts.map +1 -0
package/script/deps/jsr.io/@deno-library/progress/1.5.1/mod.js +334 -0
package/script/deps/jsr.io/@deno-library/progress/1.5.1/multi.d.ts +84 -0
package/script/deps/jsr.io/@deno-library/progress/1.5.1/multi.d.ts.map +1 -0
package/script/deps/jsr.io/@deno-library/progress/1.5.1/multi.js +305 -0
package/script/deps/jsr.io/@deno-library/progress/1.5.1/time.d.ts +18 -0
package/script/deps/jsr.io/@deno-library/progress/1.5.1/time.d.ts.map +1 -0
package/script/deps/jsr.io/@deno-library/progress/1.5.1/time.js +48 -0
package/script/deps/jsr.io/@std/fmt/1.0.3/colors.d.ts +700 -0
package/script/deps/jsr.io/@std/fmt/1.0.3/colors.d.ts.map +1 -0
package/script/deps/jsr.io/@std/fmt/1.0.3/colors.js +986 -0
package/script/deps/jsr.io/@std/io/0.225.0/types.d.ts +146 -0
package/script/deps/jsr.io/@std/io/0.225.0/types.d.ts.map +1 -0
package/script/deps/jsr.io/@std/io/0.225.0/types.js +18 -0
package/script/deps/jsr.io/@std/io/0.225.0/write_all.d.ts +51 -0
package/script/deps/jsr.io/@std/io/0.225.0/write_all.d.ts.map +1 -0
package/script/deps/jsr.io/@std/io/0.225.0/write_all.js +65 -0
package/script/shared/deep_merge.d.ts +12 -0
package/script/shared/deep_merge.d.ts.map +1 -0
package/script/shared/deep_merge.js +53 -0
package/script/shared/mod.d.ts +1 -0
package/script/shared/mod.d.ts.map +1 -1
package/script/shared/mod.js +1 -0
package/script/shared/types/filetypes.d.ts +2 -2
package/script/shared/types/filetypes.d.ts.map +1 -1
package/script/shared/types/permissions.d.ts +1 -1
package/script/shared/types/permissions.d.ts.map +1 -1
package/script/shared/types/risks.d.ts +4 -1
package/script/shared/types/risks.d.ts.map +1 -1
package/script/skillreader/types.d.ts +2 -2
package/script/skillreader/types.d.ts.map +1 -1
package/script/skillreader/types.js +2 -2
package/src/_dnt.polyfills.ts +27 -0
package/src/_dnt.shims.ts +64 -0
package/src/analyzer/astgrep/client.ts +184 -0
package/src/analyzer/astgrep/mod.ts +2 -0
package/src/analyzer/config/default.ts +98 -0
package/src/analyzer/config/helpers.ts +107 -0
package/src/analyzer/config/mod.ts +3 -0
package/src/analyzer/config/types.ts +103 -0
package/src/analyzer/logging.ts +8 -0
package/src/analyzer/mod.ts +118 -0
package/src/analyzer/result.ts +393 -0
package/src/analyzer/rules/bash/astTypes.ts +5 -0
package/src/analyzer/rules/bash/commands/bd.ts +23 -0
package/src/analyzer/rules/bash/commands/cron.ts +21 -0
package/src/analyzer/rules/bash/commands/docker.ts +37 -0
package/src/analyzer/rules/bash/commands/eval.ts +52 -0
package/src/analyzer/rules/bash/commands/generic.ts +16 -0
package/src/analyzer/rules/bash/commands/gh.ts +21 -0
package/src/analyzer/rules/bash/commands/git.ts +28 -0
package/src/analyzer/rules/bash/commands/mod.ts +38 -0
package/src/analyzer/rules/bash/commands/node.ts +64 -0
package/src/analyzer/rules/bash/commands/openspec.ts +16 -0
package/src/analyzer/rules/bash/commands/pip.ts +16 -0
package/src/analyzer/rules/bash/commands/sudo.ts +21 -0
package/src/analyzer/rules/bash/destructive.ts +28 -0
package/src/analyzer/rules/bash/extractFileRefs.ts +101 -0
package/src/analyzer/rules/bash/filesystem.ts +50 -0
package/src/analyzer/rules/bash/injection.ts +21 -0
package/src/analyzer/rules/bash/inline-command-classifier.ts +94 -0
package/src/analyzer/rules/bash/mod.ts +23 -0
package/src/analyzer/rules/bash/network.ts +64 -0
package/src/analyzer/rules/bash/secret-detection.ts +43 -0
package/src/analyzer/rules/javascript/astTypes.ts +8 -0
package/src/analyzer/rules/javascript/extractFileRefs.ts +131 -0
package/src/analyzer/rules/javascript/filesystem.ts +28 -0
package/src/analyzer/rules/javascript/injection.ts +21 -0
package/src/analyzer/rules/javascript/mod.ts +26 -0
package/src/analyzer/rules/javascript/network.ts +27 -0
package/src/analyzer/rules/javascript/secret-detection.ts +68 -0
package/src/analyzer/rules/javascript/subprocess.ts +16 -0
package/src/analyzer/rules/markdown/astTypes.ts +35 -0
package/src/analyzer/rules/markdown/extractCodeBlocks.ts +101 -0
package/src/analyzer/rules/markdown/extractFileRefs.ts +179 -0
package/src/analyzer/rules/markdown/mod.ts +12 -0
package/src/analyzer/rules/mod.ts +77 -0
package/src/analyzer/rules/python/astTypes.ts +9 -0
package/src/analyzer/rules/python/extractFileRefs.ts +92 -0
package/src/analyzer/rules/python/mod.ts +15 -0
package/src/analyzer/rules/python/network.ts +26 -0
package/src/analyzer/rules/python/secret-detection.ts +30 -0
package/src/analyzer/rules/shared/file-refs.ts +38 -0
package/src/analyzer/rules/shared/network-evaluators.ts +107 -0
package/src/analyzer/rules/shared/prompt-injection.ts +48 -0
package/src/analyzer/rules/shared/secret-evaluators.ts +13 -0
package/src/analyzer/rules/text/mod.ts +12 -0
package/src/analyzer/rules/typescript/mod.ts +7 -0
package/src/analyzer/steps/001-discovery/discover-files.ts +211 -0
package/src/analyzer/steps/001-discovery/filter-files.ts +72 -0
package/src/analyzer/steps/001-discovery/mod.ts +103 -0
package/src/analyzer/steps/002-permissions/mod.ts +329 -0
package/src/analyzer/steps/002-permissions/scan-file.ts +258 -0
package/src/analyzer/steps/002-permissions/seed-frontmatter.ts +66 -0
package/src/analyzer/steps/002-permissions/synthesize.ts +42 -0
package/src/analyzer/steps/003-risks/dep-risks.ts +89 -0
package/src/analyzer/steps/003-risks/helpers.ts +41 -0
package/src/analyzer/steps/003-risks/mod.ts +86 -0
package/src/analyzer/steps/003-risks/policy.ts +38 -0
package/src/analyzer/steps/003-risks/rule-mapped.ts +206 -0
package/src/analyzer/steps/003-risks/scoring.ts +117 -0
package/src/analyzer/steps/mod.ts +3 -0
package/src/analyzer/treesitter/client.ts +120 -0
package/src/analyzer/treesitter/registry.ts +198 -0
package/src/analyzer/types.ts +78 -0
package/src/analyzer/utils/code-block-path.ts +33 -0
package/src/analyzer/utils/id-generator.ts +59 -0
package/src/analyzer/utils/secret-validator.ts +29 -0
package/src/analyzer/utils/url-parser.ts +25 -0
package/src/deps/jsr.io/@deno-library/progress/1.5.1/deps.ts +3 -0
package/src/deps/jsr.io/@deno-library/progress/1.5.1/mod.ts +265 -0
package/src/deps/jsr.io/@deno-library/progress/1.5.1/multi.ts +250 -0
package/src/deps/jsr.io/@deno-library/progress/1.5.1/time.ts +69 -0
package/src/deps/jsr.io/@std/fmt/1.0.3/colors.ts +1004 -0
package/src/deps/jsr.io/@std/internal/1.0.12/_os.ts +15 -0
package/src/deps/jsr.io/@std/internal/1.0.12/os.ts +7 -0
package/src/deps/jsr.io/@std/io/0.225.0/types.ts +157 -0
package/src/deps/jsr.io/@std/io/0.225.0/write_all.ts +65 -0
package/src/deps/jsr.io/@std/path/1.1.4/_common/assert_path.ts +10 -0
package/src/deps/jsr.io/@std/path/1.1.4/_common/basename.ts +53 -0
package/src/deps/jsr.io/@std/path/1.1.4/_common/common.ts +26 -0
package/src/deps/jsr.io/@std/path/1.1.4/_common/constants.ts +49 -0
package/src/deps/jsr.io/@std/path/1.1.4/_common/dirname.ts +9 -0
package/src/deps/jsr.io/@std/path/1.1.4/_common/format.ts +25 -0
package/src/deps/jsr.io/@std/path/1.1.4/_common/from_file_url.ts +12 -0
package/src/deps/jsr.io/@std/path/1.1.4/_common/glob_to_reg_exp.ts +295 -0
package/src/deps/jsr.io/@std/path/1.1.4/_common/normalize.ts +9 -0
package/src/deps/jsr.io/@std/path/1.1.4/_common/normalize_string.ts +74 -0
package/src/deps/jsr.io/@std/path/1.1.4/_common/relative.ts +10 -0
package/src/deps/jsr.io/@std/path/1.1.4/_common/strip_trailing_separators.ts +25 -0
package/src/deps/jsr.io/@std/path/1.1.4/_common/to_file_url.ts +17 -0
package/src/deps/jsr.io/@std/path/1.1.4/basename.ts +37 -0
package/src/deps/jsr.io/@std/path/1.1.4/common.ts +35 -0
package/src/deps/jsr.io/@std/path/1.1.4/constants.ts +18 -0
package/src/deps/jsr.io/@std/path/1.1.4/dirname.ts +30 -0
package/src/deps/jsr.io/@std/path/1.1.4/extname.ts +29 -0
package/src/deps/jsr.io/@std/path/1.1.4/format.ts +30 -0
package/src/deps/jsr.io/@std/path/1.1.4/from_file_url.ts +30 -0
package/src/deps/jsr.io/@std/path/1.1.4/glob_to_regexp.ts +94 -0
package/src/deps/jsr.io/@std/path/1.1.4/is_absolute.ts +30 -0
package/src/deps/jsr.io/@std/path/1.1.4/is_glob.ts +49 -0
package/src/deps/jsr.io/@std/path/1.1.4/join.ts +31 -0
package/src/deps/jsr.io/@std/path/1.1.4/join_globs.ts +42 -0
package/src/deps/jsr.io/@std/path/1.1.4/mod.ts +217 -0
package/src/deps/jsr.io/@std/path/1.1.4/normalize.ts +33 -0
package/src/deps/jsr.io/@std/path/1.1.4/normalize_glob.ts +45 -0
package/src/deps/jsr.io/@std/path/1.1.4/parse.ts +44 -0
package/src/deps/jsr.io/@std/path/1.1.4/posix/_util.ts +10 -0
package/src/deps/jsr.io/@std/path/1.1.4/posix/basename.ts +62 -0
package/src/deps/jsr.io/@std/path/1.1.4/posix/constants.ts +15 -0
package/src/deps/jsr.io/@std/path/1.1.4/posix/dirname.ts +72 -0
package/src/deps/jsr.io/@std/path/1.1.4/posix/extname.ts +96 -0
package/src/deps/jsr.io/@std/path/1.1.4/posix/format.ts +31 -0
package/src/deps/jsr.io/@std/path/1.1.4/posix/from_file_url.ts +25 -0
package/src/deps/jsr.io/@std/path/1.1.4/posix/glob_to_regexp.ts +94 -0
package/src/deps/jsr.io/@std/path/1.1.4/posix/is_absolute.ts +25 -0
package/src/deps/jsr.io/@std/path/1.1.4/posix/join.ts +46 -0
package/src/deps/jsr.io/@std/path/1.1.4/posix/join_globs.ts +45 -0
package/src/deps/jsr.io/@std/path/1.1.4/posix/normalize.ts +63 -0
package/src/deps/jsr.io/@std/path/1.1.4/posix/normalize_glob.ts +43 -0
package/src/deps/jsr.io/@std/path/1.1.4/posix/parse.ts +121 -0
package/src/deps/jsr.io/@std/path/1.1.4/posix/relative.ts +103 -0
package/src/deps/jsr.io/@std/path/1.1.4/posix/resolve.ts +71 -0
package/src/deps/jsr.io/@std/path/1.1.4/posix/to_file_url.ts +32 -0
package/src/deps/jsr.io/@std/path/1.1.4/posix/to_namespaced_path.ts +21 -0
package/src/deps/jsr.io/@std/path/1.1.4/relative.ts +32 -0
package/src/deps/jsr.io/@std/path/1.1.4/resolve.ts +32 -0
package/src/deps/jsr.io/@std/path/1.1.4/to_file_url.ts +30 -0
package/src/deps/jsr.io/@std/path/1.1.4/to_namespaced_path.ts +31 -0
package/src/deps/jsr.io/@std/path/1.1.4/types.ts +40 -0
package/src/deps/jsr.io/@std/path/1.1.4/windows/_util.ts +28 -0
package/src/deps/jsr.io/@std/path/1.1.4/windows/basename.ts +54 -0
package/src/deps/jsr.io/@std/path/1.1.4/windows/constants.ts +15 -0
package/src/deps/jsr.io/@std/path/1.1.4/windows/dirname.ts +118 -0
package/src/deps/jsr.io/@std/path/1.1.4/windows/extname.ts +90 -0
package/src/deps/jsr.io/@std/path/1.1.4/windows/format.ts +31 -0
package/src/deps/jsr.io/@std/path/1.1.4/windows/from_file_url.ts +34 -0
package/src/deps/jsr.io/@std/path/1.1.4/windows/glob_to_regexp.ts +92 -0
package/src/deps/jsr.io/@std/path/1.1.4/windows/is_absolute.ts +40 -0
package/src/deps/jsr.io/@std/path/1.1.4/windows/join.ts +78 -0
package/src/deps/jsr.io/@std/path/1.1.4/windows/join_globs.ts +46 -0
package/src/deps/jsr.io/@std/path/1.1.4/windows/normalize.ts +136 -0
package/src/deps/jsr.io/@std/path/1.1.4/windows/normalize_glob.ts +43 -0
package/src/deps/jsr.io/@std/path/1.1.4/windows/parse.ts +184 -0
package/src/deps/jsr.io/@std/path/1.1.4/windows/relative.ts +128 -0
package/src/deps/jsr.io/@std/path/1.1.4/windows/resolve.ts +178 -0
package/src/deps/jsr.io/@std/path/1.1.4/windows/to_file_url.ts +38 -0
package/src/deps/jsr.io/@std/path/1.1.4/windows/to_namespaced_path.ts +60 -0
package/src/deps/jsr.io/@std/yaml/1.0.11/_chars.ts +55 -0
package/src/deps/jsr.io/@std/yaml/1.0.11/_dumper_state.ts +841 -0
package/src/deps/jsr.io/@std/yaml/1.0.11/_loader_state.ts +1780 -0
package/src/deps/jsr.io/@std/yaml/1.0.11/_schema.ts +183 -0
package/src/deps/jsr.io/@std/yaml/1.0.11/_type/binary.ts +127 -0
package/src/deps/jsr.io/@std/yaml/1.0.11/_type/bool.ts +37 -0
package/src/deps/jsr.io/@std/yaml/1.0.11/_type/float.ts +112 -0
package/src/deps/jsr.io/@std/yaml/1.0.11/_type/int.ts +174 -0
package/src/deps/jsr.io/@std/yaml/1.0.11/_type/map.ts +17 -0
package/src/deps/jsr.io/@std/yaml/1.0.11/_type/merge.ts +13 -0
package/src/deps/jsr.io/@std/yaml/1.0.11/_type/nil.ts +27 -0
package/src/deps/jsr.io/@std/yaml/1.0.11/_type/omap.ts +30 -0
package/src/deps/jsr.io/@std/yaml/1.0.11/_type/pairs.ts +22 -0
package/src/deps/jsr.io/@std/yaml/1.0.11/_type/regexp.ts +33 -0
package/src/deps/jsr.io/@std/yaml/1.0.11/_type/seq.ts +13 -0
package/src/deps/jsr.io/@std/yaml/1.0.11/_type/set.ts +17 -0
package/src/deps/jsr.io/@std/yaml/1.0.11/_type/str.ts +12 -0
package/src/deps/jsr.io/@std/yaml/1.0.11/_type/timestamp.ts +101 -0
package/src/deps/jsr.io/@std/yaml/1.0.11/_type/undefined.ts +23 -0
package/src/deps/jsr.io/@std/yaml/1.0.11/_type.ts +49 -0
package/src/deps/jsr.io/@std/yaml/1.0.11/_utils.ts +16 -0
package/src/deps/jsr.io/@std/yaml/1.0.11/mod.ts +54 -0
package/src/deps/jsr.io/@std/yaml/1.0.11/parse.ts +128 -0
package/src/deps/jsr.io/@std/yaml/1.0.11/stringify.ts +118 -0
package/src/shared/deep_merge.ts +73 -0
package/src/shared/mod.ts +2 -0
package/src/shared/types/filetypes.ts +101 -0
package/src/shared/types/findings.ts +7 -0
package/src/shared/types/mod.ts +6 -0
package/src/shared/types/permissions.ts +17 -0
package/src/shared/types/references.ts +62 -0
package/src/shared/types/risks.ts +72 -0
package/src/shared/types/syntaxNode.ts +7 -0
package/src/skillreader/cloudStorage/mod.ts +170 -0
package/src/skillreader/factory.ts +71 -0
package/src/skillreader/fs/git.ts +153 -0
package/src/skillreader/fs/mod.ts +84 -0
package/src/skillreader/github/base.ts +162 -0
package/src/skillreader/github/githubApi.ts +40 -0
package/src/skillreader/github/githubRaw.ts +24 -0
package/src/skillreader/github/mod.ts +45 -0
package/src/skillreader/github/utils.ts +40 -0
package/src/skillreader/manifest.ts +67 -0
package/src/skillreader/mod.ts +26 -0
package/src/skillreader/types.ts +150 -0
package/src/skillreader/utils/frontmatter-parser.ts +72 -0
package/src/skillreader/utils/http-range.ts +38 -0
package/src/skillreader/utils/mod.ts +12 -0
package/esm/analyzer/astgrep/registry.d.ts +0 -18
package/esm/analyzer/astgrep/registry.d.ts.map +0 -1
package/esm/analyzer/astgrep/registry.js +0 -71
package/esm/analyzer/config.d.ts +0 -27
package/esm/analyzer/config.d.ts.map +0 -1
package/esm/analyzer/steps/003-risks/output.d.ts +0 -3
package/esm/analyzer/steps/003-risks/output.d.ts.map +0 -1
package/esm/analyzer/steps/003-risks/output.js +0 -16
package/esm/analyzer/treesiter/client.d.ts +0 -26
package/esm/analyzer/treesiter/client.d.ts.map +0 -1
package/script/analyzer/astgrep/registry.d.ts +0 -18
package/script/analyzer/astgrep/registry.d.ts.map +0 -1
package/script/analyzer/astgrep/registry.js +0 -109
package/script/analyzer/config.d.ts +0 -27
package/script/analyzer/config.d.ts.map +0 -1
package/script/analyzer/steps/003-risks/output.d.ts +0 -3
package/script/analyzer/steps/003-risks/output.d.ts.map +0 -1
package/script/analyzer/steps/003-risks/output.js +0 -19
package/script/analyzer/treesiter/client.d.ts +0 -26
package/script/analyzer/treesiter/client.d.ts.map +0 -1
package/script/analyzer/treesiter/client.js +0 -165

package/esm/analyzer/rules/python/extractFileRefs.d.ts.map CHANGED Viewed

	@@ -1 +1 @@
1	- {"version":3,"file":"extractFileRefs.d.ts","sourceRoot":"","sources":["../../../../src/analyzer/rules/python/extractFileRefs.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;GAUG;AAGH,OAAO,KAAK,EAAE,eAAe,EAAE,gBAAgB,EAAE,MAAM,gBAAgB,CAAC;AAGxE,~~wBAAgB~~,qBAAqB,~~CACjC~~,OAAO,EAAE,eAAe,EACxB,OAAO,EAAE,MAAM,GAChB,gBAAgB,EAAE,~~CAwEpB~~"}
1	+ {"version":3,"file":"extractFileRefs.d.ts","sourceRoot":"","sources":["../../../../src/analyzer/rules/python/extractFileRefs.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;GAUG;AAGH,OAAO,KAAK,EAAE,eAAe,EAAE,gBAAgB,EAAE,MAAM,gBAAgB,CAAC;AAGxE,wBAAsB,qBAAqB,CACvC,OAAO,EAAE,eAAe,EACxB,OAAO,EAAE,MAAM,GAChB,OAAO,CAAC,gBAAgB,EAAE,CAAC,CAwE7B"}

package/esm/analyzer/rules/python/extractFileRefs.js CHANGED Viewed

@@ -11,9 +11,9 @@
  */
 import { isHostFsPath, isUrl } from "../shared/file-refs.js";
 import { PYTHON_NODE } from "./astTypes.js";
-export function extractPythonFileRefs(context, content) {
+export async function extractPythonFileRefs(context, content) {
     const refs = [];
-    const ast = context.astgrepClient.parse("python", content);
+    const ast = await context.astgrepClient.parse("python", content);
     const root = ast.root();
     // ── import_statement (e.g. `import os`, `import os.path`) ───────────────
     const importNodes = root.findAll({ rule: { kind: PYTHON_NODE.IMPORT_STATEMENT } });

package/esm/analyzer/steps/001-discovery/discover-files.d.ts CHANGED Viewed

@@ -21,6 +21,10 @@ export declare function discoverReferencedFiles(context: AnalyzerContext, input:
     allFiles: SkillFile[];
     readTextFile: (path: string) => Promise<string | null>;
     maxScanDepth: number;
+    onDiscover?: (progress: {
+        scannedCount: number;
+        discoveredCount: number;
+    }) => void;
 }): Promise<FileReference[]>;
 export type { FileRefDiscovery };
 //# sourceMappingURL=discover-files.d.ts.map

package/esm/analyzer/steps/001-discovery/discover-files.d.ts.map CHANGED Viewed

	@@ -1 +1 @@
1	- {"version":3,"file":"discover-files.d.ts","sourceRoot":"","sources":["../../../../src/analyzer/steps/001-discovery/discover-files.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,SAAS,EAAE,MAAM,6BAA6B,CAAC;AAG7D,OAAO,KAAK,EAAE,eAAe,EAAE,MAAM,gBAAgB,CAAC;AAGtD,OAAO,KAAK,EAAE,gBAAgB,EAAE,MAAM,gBAAgB,CAAC;AACvD,OAAO,KAAK,EAAE,aAAa,EAAE,SAAS,EAAE,MAAM,wBAAwB,CAAC;AAGvE,KAAK,cAAc,GAAG;IAAE,IAAI,EAAE,MAAM,CAAC;IAAC,KAAK,EAAE,MAAM,CAAC;IAAC,YAAY,CAAC,EAAE,SAAS,CAAA;CAAE,CAAC;AAEhF;;;;;;;;GAQG;AACH,wBAAsB,uBAAuB,CACzC,OAAO,EAAE,eAAe,EACxB,KAAK,EAAE;IACH,UAAU,EAAE,cAAc,EAAE,CAAC;IAC7B,QAAQ,EAAE,SAAS,EAAE,CAAC;IACtB,YAAY,EAAE,CAAC,IAAI,EAAE,MAAM,KAAK,OAAO,CAAC,MAAM,GAAG,IAAI,CAAC,CAAC;IACvD,YAAY,EAAE,MAAM,CAAC;~~CACxB~~,GACF,OAAO,CAAC,aAAa,EAAE,CAAC,~~CA6J1B~~;AAMD,YAAY,EAAE,gBAAgB,EAAE,CAAC"}
1	+ {"version":3,"file":"discover-files.d.ts","sourceRoot":"","sources":["../../../../src/analyzer/steps/001-discovery/discover-files.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,SAAS,EAAE,MAAM,6BAA6B,CAAC;AAG7D,OAAO,KAAK,EAAE,eAAe,EAAE,MAAM,gBAAgB,CAAC;AAGtD,OAAO,KAAK,EAAE,gBAAgB,EAAE,MAAM,gBAAgB,CAAC;AACvD,OAAO,KAAK,EAAE,aAAa,EAAE,SAAS,EAAE,MAAM,wBAAwB,CAAC;AAGvE,KAAK,cAAc,GAAG;IAAE,IAAI,EAAE,MAAM,CAAC;IAAC,KAAK,EAAE,MAAM,CAAC;IAAC,YAAY,CAAC,EAAE,SAAS,CAAA;CAAE,CAAC;AAEhF;;;;;;;;GAQG;AACH,wBAAsB,uBAAuB,CACzC,OAAO,EAAE,eAAe,EACxB,KAAK,EAAE;IACH,UAAU,EAAE,cAAc,EAAE,CAAC;IAC7B,QAAQ,EAAE,SAAS,EAAE,CAAC;IACtB,YAAY,EAAE,CAAC,IAAI,EAAE,MAAM,KAAK,OAAO,CAAC,MAAM,GAAG,IAAI,CAAC,CAAC;IACvD,YAAY,EAAE,MAAM,CAAC;IACrB,UAAU,CAAC,EAAE,CAAC,QAAQ,EAAE;QAAE,YAAY,EAAE,MAAM,CAAC;QAAC,eAAe,EAAE,MAAM,CAAA;KAAE,KAAK,IAAI,CAAC;CACtF,GACF,OAAO,CAAC,aAAa,EAAE,CAAC,CA8K1B;AAMD,YAAY,EAAE,gBAAgB,EAAE,CAAC"}

package/esm/analyzer/steps/001-discovery/discover-files.js CHANGED Viewed

@@ -14,6 +14,8 @@ import { encodeCodeBlockPath } from "../../utils/code-block-path.js";
 export async function discoverReferencedFiles(context, input) {
     const discovered = new Map();
     const queue = [...input.startQueue];
+    let scannedCount = 0;
+    let discoveredCount = 0;
     // A set of file paths which have been processed
     const processed = new Set();
     const startPaths = new Set(input.startQueue.map((item) => normalizePath(item.path)));
@@ -24,6 +26,7 @@ export async function discoverReferencedFiles(context, input) {
         if (processed.has(current.path) || current.depth > input.maxScanDepth)
             continue;
         processed.add(current.path);
+        input.onDiscover?.({ scannedCount: scannedCount++, discoveredCount });
         const content = await input.readTextFile(current.path);
         if (!content)
             continue;
@@ -77,6 +80,7 @@ export async function discoverReferencedFiles(context, input) {
                             depth: current.depth + 1,
                             referencedBy: localEntry.referencedBy,
                         });
+                        input.onDiscover?.({ scannedCount, discoveredCount: discoveredCount++ });
                     }
                     continue;
                 }
@@ -104,11 +108,23 @@ export async function discoverReferencedFiles(context, input) {
                     });
                     continue;
                 }
-                if (absoluteRef.via === "import" || absoluteRef.via === "source") {
+                if (absoluteRef.via === "import") {
                     discovered.set(normalizedPath, {
                         path: normalizedPath,
                         sourceType: "external",
-                        fileType: "unknown",
+                        fileType: block.language,
+                        role: "library",
+                        depth: current.depth + 1,
+                        discoveryMethod: absoluteRef.via,
+                        referencedBy: referenceFromCurrent,
+                    });
+                    continue;
+                }
+                if (absoluteRef.via === "source") {
+                    discovered.set(normalizedPath, {
+                        path: normalizedPath,
+                        sourceType: "external",
+                        fileType: block.language,
                         role: "library",
                         depth: current.depth + 1,
                         discoveryMethod: absoluteRef.via,

package/esm/analyzer/steps/001-discovery/mod.d.ts.map CHANGED Viewed

	@@ -1 +1 @@
1	- {"version":3,"file":"mod.d.ts","sourceRoot":"","sources":["../../../../src/analyzer/steps/001-discovery/mod.ts"],"names":[],"mappings":"~~AACA~~,OAAO,KAAK,EAAE,eAAe,EAAE,aAAa,EAAE,MAAM,gBAAgB,CAAC;AAIrE,wBAAsB,eAAe,CACjC,KAAK,EAAE,aAAa,EACpB,OAAO,EAAE,eAAe,GACzB,OAAO,CAAC,aAAa,CAAC,~~CA4DxB~~"}
1	+ {"version":3,"file":"mod.d.ts","sourceRoot":"","sources":["../../../../src/analyzer/steps/001-discovery/mod.ts"],"names":[],"mappings":"AAOA,OAAO,KAAK,EAAE,eAAe,EAAE,aAAa,EAAE,MAAM,gBAAgB,CAAC;AAIrE,wBAAsB,eAAe,CACjC,KAAK,EAAE,aAAa,EACpB,OAAO,EAAE,eAAe,GACzB,OAAO,CAAC,aAAa,CAAC,CAwFxB"}

package/esm/analyzer/steps/001-discovery/mod.js CHANGED Viewed

@@ -1,4 +1,6 @@
-import { DEFAULT_SKILL_VERSION, FRONTMATTER_SUPPORTED_FIELDS } from "../../config.js";
+import * as dntShim from "../../../_dnt.shims.js";
+import ProgressBar from "../../../deps/jsr.io/@deno-library/progress/1.5.1/mod.js";
+import { DEFAULT_ANALYZER_CONFIG, DEFAULT_SKILL_VERSION, FRONTMATTER_SUPPORTED_FIELDS, } from "../../config/mod.js";
 import { discoverReferencedFiles } from "./discover-files.js";
 import { filterScanQueue } from "./filter-files.js";
 export async function run001Discovery(state, context) {
@@ -20,12 +22,40 @@ export async function run001Discovery(state, context) {
             nextState.warnings.push(`Unknown frontmatter field '${field}' - analysis not supported yet`);
         }
     }
-    const discovered = await discoverReferencedFiles(context, {
-        startQueue: [{ path: skillMdPath, depth: 0 }],
-        allFiles: files,
-        readTextFile: (path) => context.skillReader.readTextFile(path),
-        maxScanDepth: state.metadata.config.maxScanDepth,
-    });
+    const shouldLogProgress = (context.showProgressBar ?? false) && dntShim.Deno.stderr.isTerminal();
+    const maxScanDepth = state.metadata.config.maxScanDepth ??
+        DEFAULT_ANALYZER_CONFIG.scan?.maxScanDepth ?? 5;
+    const maxFileCount = state.metadata.config.maxFileCount ??
+        DEFAULT_ANALYZER_CONFIG.scan?.maxFileCount ?? 100;
+    const maxFileSize = state.metadata.config.maxFileSize ??
+        DEFAULT_ANALYZER_CONFIG.scan?.maxFileSize ?? 1_000_000;
+    const discoveryBar = shouldLogProgress
+        ? new ProgressBar({
+            total: files.length,
+            clear: true,
+            output: dntShim.Deno.stderr,
+            complete: "=",
+            incomplete: "-",
+            display: "Readings skills [:bar] :percent ETA :eta",
+        })
+        : null;
+    let discovered = [];
+    try {
+        discovered = await discoverReferencedFiles(context, {
+            startQueue: [{ path: skillMdPath, depth: 0 }],
+            allFiles: files,
+            readTextFile: (path) => context.skillReader.readTextFile(path),
+            maxScanDepth,
+            onDiscover: (progress) => {
+                discoveryBar?.render(progress.scannedCount, {
+                    total: progress.discoveredCount + 1,
+                });
+            },
+        });
+    }
+    finally {
+        discoveryBar?.end();
+    }
     discovered.push({
         path: skillMdPath,
         sourceType: "local",
@@ -36,8 +66,8 @@ export async function run001Discovery(state, context) {
     const filtered = filterScanQueue({
         queue: discovered,
         allFiles: files,
-        maxFileCount: state.metadata.config.maxFileCount,
-        maxFileSize: state.metadata.config.maxFileSize,
+        maxFileCount,
+        maxFileSize,
     });
     return {
         ...nextState,

package/esm/analyzer/steps/002-permissions/mod.d.ts.map CHANGED Viewed

	@@ -1 +1 @@
1	- {"version":3,"file":"mod.d.ts","sourceRoot":"","sources":["../../../../src/analyzer/steps/002-permissions/mod.ts"],"names":[],"mappings":"~~AAAA~~,OAAO,KAAK,EAAE,eAAe,EAAE,aAAa,EAAE,MAAM,gBAAgB,CAAC;~~AAWrE~~,wBAAsB,iBAAiB,CACnC,KAAK,EAAE,aAAa,EACpB,OAAO,EAAE,eAAe,GACzB,OAAO,CAAC,aAAa,CAAC,~~CA+FxB~~"}
1	+ {"version":3,"file":"mod.d.ts","sourceRoot":"","sources":["../../../../src/analyzer/steps/002-permissions/mod.ts"],"names":[],"mappings":"AAEA,OAAO,KAAK,EAAE,eAAe,EAAE,aAAa,EAAE,MAAM,gBAAgB,CAAC;AAcrE,wBAAsB,iBAAiB,CACnC,KAAK,EAAE,aAAa,EACpB,OAAO,EAAE,eAAe,GACzB,OAAO,CAAC,aAAa,CAAC,CAsGxB"}

package/esm/analyzer/steps/002-permissions/mod.js CHANGED Viewed

@@ -1,3 +1,5 @@
+import * as dntShim from "../../../_dnt.shims.js";
+import ProgressBar from "../../../deps/jsr.io/@deno-library/progress/1.5.1/mod.js";
 import { PROMPT_REGEX_RULES } from "../../rules/mod.js";
 import { RULES_BY_FILETYPE } from "../../rules/mod.js";
 import { isLikelyInlineBashCommand } from "../../rules/bash/inline-command-classifier.js";
@@ -6,86 +8,98 @@ import { generatePermissionId } from "../../utils/id-generator.js";
 import { scanFileForPermissions } from "./scan-file.js";
 import { seedPermissionsFromFrontmatter } from "./seed-frontmatter.js";
 import { synthesizePermissions } from "./synthesize.js";
+const ANSI_SHOW_CURSOR = "\x1b[?25h";
+const ENCODER = new TextEncoder();
 export async function run002Permissions(state, context) {
     const skillMdPath = state.scanQueue.find((file) => file.role === "entrypoint")?.path ??
         "SKILL.md";
     let next = state;
     next = seedPermissionsFromFrontmatter(next, skillMdPath);
-    for (const fileRef of next.scanQueue) {
-        if (fileRef.sourceType === "external") {
-            if (fileRef.role === "host-fs") {
-                next = addHostFsPermission(next, fileRef.path, fileRef.referencedBy);
-            }
-            else if (fileRef.role === "library") {
-                next = {
-                    ...next,
-                    warnings: [
-                        ...next.warnings,
-                        `External library/import not analyzed yet: ${fileRef.path}`,
-                    ],
-                    metadata: {
-                        ...next.metadata,
-                        skippedFiles: [...next.metadata.skippedFiles, {
-                                path: fileRef.path,
-                                reason: "external_library_dependency",
-                                referenceBy: fileRef.referencedBy,
-                            }],
-                    },
-                };
-            }
-            else if (fileRef.discoveryMethod === "markdown-link" || fileRef.discoveryMethod === "url" ||
-                fileRef.discoveryMethod === undefined) {
-                next = {
-                    ...next,
-                    warnings: [
-                        ...next.warnings,
-                        `External reference not analyzed yet: ${fileRef.path}`,
-                    ],
-                    metadata: {
-                        ...next.metadata,
-                        skippedFiles: [...next.metadata.skippedFiles, {
-                                path: fileRef.path,
-                                reason: "external_reference",
-                                referenceBy: fileRef.referencedBy,
-                            }],
-                    },
-                };
-            }
-            continue;
-        }
-        const scanTargets = await resolveScanTargets(fileRef, context);
-        if (scanTargets.length === 0)
-            continue;
-        if (!RULES_BY_FILETYPE[fileRef.fileType]) {
-            next = {
-                ...next,
-                warnings: [
-                    ...next.warnings,
-                    `File type '${fileRef.fileType}' is not supported yet for analysis: ${fileRef.path}`,
-                ],
-                metadata: {
-                    ...next.metadata,
-                    skippedFiles: [...next.metadata.skippedFiles, {
+    const shouldRenderProgress = (context.showProgressBar ?? false) && dntShim.Deno.stderr.isTerminal();
+    const scanBar = shouldRenderProgress
+        ? new ProgressBar({
+            total: Math.max(1, next.scanQueue.length),
+            clear: true,
+            output: dntShim.Deno.stderr,
+            complete: "=",
+            incomplete: "-",
+            display: "Scanning skills [:bar] :percent ETA :eta",
+        })
+        : null;
+    let processed = 0;
+    try {
+        await scanBar?.render(processed);
+        for (const fileRef of next.scanQueue) {
+            try {
+                if (fileRef.sourceType === "external") {
+                    if (fileRef.role === "host-fs") {
+                        next = addHostFsPermission(next, fileRef.path, fileRef.referencedBy);
+                    }
+                    else if (fileRef.discoveryMethod === "import") {
+                        next = addImportDependencyPermission(next, fileRef);
+                        next = appendSkippedFile(next, {
                             path: fileRef.path,
-                            reason: `unsupported_type_${fileRef.fileType}`,
+                            reason: "external_library_dependency",
                             referenceBy: fileRef.referencedBy,
-                        }],
-                },
-            };
-            continue;
-        }
-        for (const scanTarget of scanTargets) {
-            next = scanFileForPermissions(context, {
-                state: next,
-                fileRef,
-                scanPath: scanTarget.scanPath,
-                content: scanTarget.content,
-                lineOffset: scanTarget.lineOffset,
-                referenceType: scanTarget.referenceType,
-            });
-            if (scanTarget.referenceType === "content") {
-                next = applyPromptRegexFindings(next, scanTarget.scanPath, scanTarget.content, scanTarget.lineOffset, fileRef.referencedBy);
+                        });
+                    }
+                    else {
+                        next = addExternalReferencePermission(next, fileRef);
+                        const reason = fileRef.role === "library"
+                            ? "external_library_dependency"
+                            : "external_reference";
+                        next = appendSkippedFile(next, {
+                            path: fileRef.path,
+                            reason,
+                            referenceBy: fileRef.referencedBy,
+                        });
+                    }
+                    continue;
+                }
+                const scanTargets = await resolveScanTargets(fileRef, context);
+                if (scanTargets.length === 0)
+                    continue;
+                if (!RULES_BY_FILETYPE[fileRef.fileType]) {
+                    next = {
+                        ...next,
+                        warnings: [
+                            ...next.warnings,
+                            `File type '${fileRef.fileType}' is not supported yet for analysis: ${fileRef.path}`,
+                        ],
+                        metadata: {
+                            ...next.metadata,
+                            skippedFiles: [...next.metadata.skippedFiles, {
+                                    path: fileRef.path,
+                                    reason: `unsupported_type_${fileRef.fileType}`,
+                                    referenceBy: fileRef.referencedBy,
+                                }],
+                        },
+                    };
+                    continue;
+                }
+                for (const scanTarget of scanTargets) {
+                    next = await scanFileForPermissions(context, {
+                        state: next,
+                        fileRef,
+                        scanPath: scanTarget.scanPath,
+                        content: scanTarget.content,
+                        lineOffset: scanTarget.lineOffset,
+                        referenceType: scanTarget.referenceType,
+                    });
+                    if (scanTarget.referenceType === "content") {
+                        next = applyPromptRegexFindings(next, scanTarget.scanPath, scanTarget.content, scanTarget.lineOffset, fileRef.referencedBy);
+                    }
+                }
             }
+            finally {
+                await scanBar?.render(++processed);
+            }
+        }
+    }
+    finally {
+        await scanBar?.end();
+        if (shouldRenderProgress && dntShim.Deno.stderr.isTerminal()) {
+            dntShim.Deno.stderr.writeSync(ENCODER.encode(ANSI_SHOW_CURSOR));
         }
     }
     return synthesizePermissions(next);
@@ -113,7 +127,8 @@ async function resolveScanTargets(fileRef, context) {
     if (referenceType === "inline") {
         const line = lines[decoded.startLine - 1] ?? "";
         const snippets = extractInlineSnippets(line);
-        const likelyCommands = snippets.filter((snippet) => isLikelyInlineBashCommand(context, { snippet, lineContext: line }));
+        const likelyCommandFlags = await Promise.all(snippets.map((snippet) => isLikelyInlineBashCommand(context, { snippet, lineContext: line })));
+        const likelyCommands = snippets.filter((_, i) => likelyCommandFlags[i]);
         return likelyCommands.map((snippet) => ({
             scanPath: decoded.parentPath,
             content: snippet,
@@ -161,6 +176,74 @@ function applyPromptRegexFindings(state, filePath, content, lineOffset, referenc
     }
     return { ...state, findings };
 }
+function appendSkippedFile(state, skipped) {
+    return {
+        ...state,
+        metadata: {
+            ...state.metadata,
+            skippedFiles: [...state.metadata.skippedFiles, skipped],
+        },
+    };
+}
+function addImportDependencyPermission(state, fileRef) {
+    const language = fileRef.fileType;
+    const importName = fileRef.path;
+    const metadata = {
+        language,
+        discoveryMethod: fileRef.discoveryMethod,
+    };
+    const permission = {
+        id: generatePermissionId("dep-import", [language, importName]),
+        tool: language,
+        scope: "dep",
+        permission: "import",
+        args: [importName],
+        metadata,
+        references: [toPermissionReference(fileRef)],
+        source: "inferred",
+        risks: [],
+    };
+    if (state.permissions.some((p) => p.id === permission.id))
+        return state;
+    return {
+        ...state,
+        permissions: [...state.permissions, permission],
+    };
+}
+function addExternalReferencePermission(state, fileRef) {
+    const path = fileRef.path;
+    const language = fileRef.fileType ?? "unknown";
+    const metadata = {
+        language,
+        discoveryMethod: fileRef.discoveryMethod,
+    };
+    const permission = {
+        id: generatePermissionId("dep-externalreference", [language, path]),
+        tool: language,
+        scope: "dep",
+        permission: "externalreference",
+        args: [path],
+        metadata,
+        references: [toPermissionReference(fileRef)],
+        source: "inferred",
+        risks: [],
+    };
+    if (state.permissions.some((p) => p.id === permission.id))
+        return state;
+    return {
+        ...state,
+        permissions: [...state.permissions, permission],
+    };
+}
+function toPermissionReference(fileRef) {
+    return {
+        file: fileRef.referencedBy?.file ?? fileRef.path,
+        line: fileRef.referencedBy?.line ?? 1,
+        lineEnd: fileRef.referencedBy?.lineEnd,
+        type: fileRef.referencedBy?.type ?? "content",
+        referencedBy: fileRef.referencedBy?.referencedBy,
+    };
+}
 function addHostFsPermission(state, path, referencedBy) {
     const reference = {
         file: referencedBy?.file ?? "SKILL.md",

package/esm/analyzer/steps/002-permissions/scan-file.d.ts CHANGED Viewed

@@ -10,5 +10,5 @@ export declare function scanFileForPermissions(context: AnalyzerContext, input:
     content: string;
     lineOffset?: number;
     referenceType?: "content" | "script" | "inline";
-}): AnalyzerState;
+}): Promise<AnalyzerState>;
 //# sourceMappingURL=scan-file.d.ts.map

package/esm/analyzer/steps/002-permissions/scan-file.d.ts.map CHANGED Viewed

	@@ -1 +1 @@
1	- {"version":3,"file":"scan-file.d.ts","sourceRoot":"","sources":["../../../../src/analyzer/steps/002-permissions/scan-file.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,eAAe,EAAE,aAAa,EAAE,MAAM,gBAAgB,CAAC;AACrE,OAAO,KAAK,EAAE,aAAa,EAA+B,MAAM,wBAAwB,CAAC;AAsCzF;;GAEG;AACH,~~wBAAgB~~,sBAAsB,~~CAClC~~,OAAO,EAAE,eAAe,EACxB,KAAK,EAAE;IACH,KAAK,EAAE,aAAa,CAAC;IACrB,OAAO,EAAE,aAAa,CAAC;IACvB,QAAQ,EAAE,MAAM,CAAC;IACjB,OAAO,EAAE,MAAM,CAAC;IAChB,UAAU,CAAC,EAAE,MAAM,CAAC;IACpB,aAAa,CAAC,EAAE,SAAS,GAAG,QAAQ,GAAG,QAAQ,CAAC;CACnD,GACF,aAAa,~~CAgFf~~"}
1	+ {"version":3,"file":"scan-file.d.ts","sourceRoot":"","sources":["../../../../src/analyzer/steps/002-permissions/scan-file.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,eAAe,EAAE,aAAa,EAAE,MAAM,gBAAgB,CAAC;AACrE,OAAO,KAAK,EAAE,aAAa,EAA+B,MAAM,wBAAwB,CAAC;AAsCzF;;GAEG;AACH,wBAAsB,sBAAsB,CACxC,OAAO,EAAE,eAAe,EACxB,KAAK,EAAE;IACH,KAAK,EAAE,aAAa,CAAC;IACrB,OAAO,EAAE,aAAa,CAAC;IACvB,QAAQ,EAAE,MAAM,CAAC;IACjB,OAAO,EAAE,MAAM,CAAC;IAChB,UAAU,CAAC,EAAE,MAAM,CAAC;IACpB,aAAa,CAAC,EAAE,SAAS,GAAG,QAAQ,GAAG,QAAQ,CAAC;CACnD,GACF,OAAO,CAAC,aAAa,CAAC,CAiFxB"}

package/esm/analyzer/steps/002-permissions/scan-file.js CHANGED Viewed

@@ -35,7 +35,7 @@ const SHELL_RESERVED_WORDS = new Set([
 /**
  * Scans a text-like file and returns updated state with permissions and findings.
  */
-export function scanFileForPermissions(context, input) {
+export async function scanFileForPermissions(context, input) {
     const { state, fileRef, scanPath, content, lineOffset = 0, referenceType = "content", } = input;
     const permissions = [];
     const findings = [...state.findings];
@@ -46,15 +46,16 @@ export function scanFileForPermissions(context, input) {
             ...state,
             metadata: {
                 ...state.metadata,
-                scannedFiles: [...state.metadata.scannedFiles, scanPath],
+                scannedFiles: new Set([...state.metadata.scannedFiles, scanPath]),
             },
         };
     }
     const scanLanguage = rules[0].grammar;
-    const matches = context.astgrepClient.scanWithRules(content, scanLanguage, rules);
+    const matches = await context.astgrepClient.scanWithRules(content, scanLanguage, rules);
     const lines = content.split("\n");
     const filteredMatches = matches.filter((match) => shouldKeepMatchForBlock(match, lineOffset + 1, lines));
-    const blockFindings = context.astgrepClient.matchesToFindings(scanPath, referenceType, filteredMatches.map((match) => ({
+    const deconflictedMatches = dropGenericShellDuplicates(filteredMatches, rules);
+    const blockFindings = context.astgrepClient.matchesToFindings(scanPath, referenceType, deconflictedMatches.map((match) => ({
         ...match,
         line: match.line + lineOffset,
         lineEnd: (match.lineEnd ?? match.line) + lineOffset,
@@ -91,7 +92,7 @@ export function scanFileForPermissions(context, input) {
         metadata: {
             ...state.metadata,
             rulesUsed,
-            scannedFiles: [...state.metadata.scannedFiles, scanPath],
+            scannedFiles: new Set([...state.metadata.scannedFiles, scanPath]),
         },
     };
 }
@@ -187,3 +188,37 @@ function buildPermissionArgs(metadata, detectedTool) {
     }
     return args;
 }
+function dropGenericShellDuplicates(matches, rules) {
+    const ruleById = new Map(rules.map((rule) => [rule.id, rule]));
+    const specificToolAtLine = new Set();
+    for (const match of matches) {
+        if (match.ruleId === GENERIC_SHELL_RULE_ID)
+            continue;
+        const rule = ruleById.get(match.ruleId);
+        if (!rule)
+            continue;
+        const tool = resolveToolForMatch(rule.permission.tool, match.extracted);
+        if (!tool)
+            continue;
+        specificToolAtLine.add(`${match.line}:${tool}`);
+    }
+    return matches.filter((match) => {
+        if (match.ruleId !== GENERIC_SHELL_RULE_ID)
+            return true;
+        const rule = ruleById.get(match.ruleId);
+        if (!rule)
+            return true;
+        const tool = resolveToolForMatch(rule.permission.tool, match.extracted);
+        if (!tool)
+            return true;
+        return !specificToolAtLine.has(`${match.line}:${tool}`);
+    });
+}
+function resolveToolForMatch(ruleTool, extracted) {
+    if (ruleTool !== "detected")
+        return ruleTool.toLowerCase();
+    const tool = extracted.tool;
+    if (typeof tool !== "string" || !tool.trim())
+        return null;
+    return tool.trim().toLowerCase();
+}

package/esm/analyzer/steps/002-permissions/seed-frontmatter.js CHANGED Viewed

@@ -1,4 +1,4 @@
-import { ALLOWED_TOOLS_MAPPING } from "../../config.js";
+import { ALLOWED_TOOLS_MAPPING } from "../../config/mod.js";
 import { generatePermissionId } from "../../utils/id-generator.js";
 export function seedPermissionsFromFrontmatter(state, skillMdPath) {
     const rawAllowed = state.frontmatter["allowed-tools"];
@@ -9,7 +9,7 @@ export function seedPermissionsFromFrontmatter(state, skillMdPath) {
     const baseRef = {
         file: skillMdPath,
         line: 1,
-        lineEnd: state.frontmatter.endLineNumer,
+        lineEnd: state.frontmatter.endLineNumber,
         type: "frontmatter",
     };
     const permissions = parsed.map((tool) => {

package/esm/analyzer/steps/003-risks/dep-risks.d.ts ADDED Viewed

@@ -0,0 +1,3 @@
+import type { AnalyzerContext, AnalyzerState } from "../../types.js";
+export declare function analyzeDependencyRisks(state: AnalyzerState, context: Pick<AnalyzerContext, "config">): AnalyzerState;
+//# sourceMappingURL=dep-risks.d.ts.map

package/esm/analyzer/steps/003-risks/dep-risks.d.ts.map ADDED Viewed

	@@ -0,0 +1 @@
1	+ {"version":3,"file":"dep-risks.d.ts","sourceRoot":"","sources":["../../../../src/analyzer/steps/003-risks/dep-risks.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,eAAe,EAAE,aAAa,EAAE,MAAM,gBAAgB,CAAC;AAOrE,wBAAgB,sBAAsB,CAClC,KAAK,EAAE,aAAa,EACpB,OAAO,EAAE,IAAI,CAAC,eAAe,EAAE,QAAQ,CAAC,GACzC,aAAa,CAgEf"}

package/esm/analyzer/steps/003-risks/dep-risks.js ADDED Viewed

@@ -0,0 +1,74 @@
+import { addRisk } from "./helpers.js";
+import { isAllowed, isDenied } from "./policy.js";
+import { GRAMMAR_SPECS } from "../../treesitter/registry.js";
+export function analyzeDependencyRisks(state, context) {
+    let next = state;
+    for (const permission of next.permissions) {
+        if (permission.scope !== "dep")
+            continue;
+        if (permission.permission === "import") {
+            const grammar = resolveGrammar(permission.tool);
+            const importName = permission.args?.[0]?.trim();
+            if (!importName)
+                continue;
+            const groupKey = `DEPENDENCY:external_import:${grammar ?? "unknown"}`;
+            if (grammar && isDenied(context.config, grammar, importName)) {
+                next = addRisk(next, {
+                    type: "DEPENDENCY:external_import",
+                    groupKey,
+                    severity: "critical",
+                    message: `Import '${importName}' is denied by config for ${grammar} and may execute untrusted dependency code.`,
+                    permissionIds: [permission.id],
+                    reference: resolvePrimaryReference(permission),
+                    metadata: { policy: { language: { grammar, importName, source: "denylist" } } },
+                });
+                continue;
+            }
+            if (grammar && isAllowed(context.config, grammar, importName)) {
+                continue;
+            }
+            next = addRisk(next, {
+                type: "DEPENDENCY:external_import",
+                groupKey,
+                severity: "warning",
+                message: `External import not explicitly configured: ${importName}`,
+                permissionIds: [permission.id],
+                reference: resolvePrimaryReference(permission),
+                metadata: grammar
+                    ? { policy: { language: { grammar, importName, source: "default" } } }
+                    : undefined,
+            });
+            continue;
+        }
+        if (permission.permission === "externalreference") {
+            const discoveryMethod = permission.metadata?.discoveryMethod;
+            const path = permission.args?.[0] ?? permission.tool;
+            const isSourceInclude = discoveryMethod === "source";
+            next = addRisk(next, {
+                type: "REFERENCE:external_file",
+                groupKey: `REFERENCE:external_file:${permission.tool}`,
+                severity: "warning",
+                message: isSourceInclude
+                    ? `Sourced external file not analyzed yet: ${path}`
+                    : `External reference not analyzed yet: ${path}`,
+                permissionIds: [permission.id],
+                reference: resolvePrimaryReference(permission),
+                metadata: isSourceInclude ? { discoveryMethod: "source" } : undefined,
+            });
+        }
+    }
+    return next;
+}
+function resolveGrammar(tool) {
+    return tool in GRAMMAR_SPECS ? tool : null;
+}
+function resolvePrimaryReference(permission) {
+    const reference = permission.references[0];
+    if (reference)
+        return reference;
+    return {
+        file: "SKILL.md",
+        line: 1,
+        type: "content",
+    };
+}

package/esm/analyzer/steps/003-risks/helpers.d.ts CHANGED Viewed

@@ -2,6 +2,7 @@ import type { AnalyzerState } from "../../types.js";
 import type { RiskCode, Severity } from "../../../shared/mod.js";
 export declare function addRisk(state: AnalyzerState, input: {
     type: RiskCode;
+    groupKey?: string;
     severity: Severity;
     message: string;
     permissionIds: string[];

package/esm/analyzer/steps/003-risks/helpers.d.ts.map CHANGED Viewed

	@@ -1 +1 @@
1	- {"version":3,"file":"helpers.d.ts","sourceRoot":"","sources":["../../../../src/analyzer/steps/003-risks/helpers.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,aAAa,EAAE,MAAM,gBAAgB,CAAC;AACpD,OAAO,KAAK,EAAQ,QAAQ,EAAE,QAAQ,EAAE,MAAM,wBAAwB,CAAC;AAGvE,wBAAgB,OAAO,CACnB,KAAK,EAAE,aAAa,EACpB,KAAK,EAAE;IACH,IAAI,EAAE,QAAQ,CAAC;IACf,QAAQ,EAAE,QAAQ,CAAC;IACnB,OAAO,EAAE,MAAM,CAAC;IAChB,aAAa,EAAE,MAAM,EAAE,CAAC;IACxB,SAAS,EAAE,aAAa,CAAC,UAAU,CAAC,CAAC,MAAM,CAAC,CAAC,WAAW,CAAC,CAAC;IAC1D,QAAQ,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;CACtC,GACF,aAAa,~~CAwBf~~"}
1	+ {"version":3,"file":"helpers.d.ts","sourceRoot":"","sources":["../../../../src/analyzer/steps/003-risks/helpers.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,aAAa,EAAE,MAAM,gBAAgB,CAAC;AACpD,OAAO,KAAK,EAAQ,QAAQ,EAAE,QAAQ,EAAE,MAAM,wBAAwB,CAAC;AAGvE,wBAAgB,OAAO,CACnB,KAAK,EAAE,aAAa,EACpB,KAAK,EAAE;IACH,IAAI,EAAE,QAAQ,CAAC;IACf,QAAQ,CAAC,EAAE,MAAM,CAAC;IAClB,QAAQ,EAAE,QAAQ,CAAC;IACnB,OAAO,EAAE,MAAM,CAAC;IAChB,aAAa,EAAE,MAAM,EAAE,CAAC;IACxB,SAAS,EAAE,aAAa,CAAC,UAAU,CAAC,CAAC,MAAM,CAAC,CAAC,WAAW,CAAC,CAAC;IAC1D,QAAQ,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;CACtC,GACF,aAAa,CAyBf"}

package/esm/analyzer/steps/003-risks/helpers.js CHANGED Viewed

@@ -3,6 +3,7 @@ export function addRisk(state, input) {
     const risk = {
         id: generateRiskId(input.type, state.risks.length),
         type: input.type,
+        groupKey: input.groupKey,
         severity: input.severity,
         message: input.message,
         reference: input.reference,

package/esm/analyzer/steps/003-risks/mod.d.ts CHANGED Viewed

@@ -1,3 +1,4 @@
-import type { AnalyzerResult, AnalyzerState } from "../../types.js";
-export declare function run003Risks(state: AnalyzerState): AnalyzerResult;
+import { SkillAnalyzerResult } from "../../result.js";
+import type { AnalyzerContext, AnalyzerState } from "../../types.js";
+export declare function run003Risks(state: AnalyzerState, context?: Pick<AnalyzerContext, "showProgressBar" | "config">): Promise<SkillAnalyzerResult>;
 //# sourceMappingURL=mod.d.ts.map