@goplus/agentguard 1.0.0 → 1.0.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +85 -156
- package/dist/action/detectors/exec.d.ts.map +1 -1
- package/dist/action/detectors/exec.js +62 -7
- package/dist/action/detectors/exec.js.map +1 -1
- package/dist/index.d.ts +0 -1
- package/dist/index.d.ts.map +1 -1
- package/dist/index.js +1 -4
- package/dist/index.js.map +1 -1
- package/dist/scanner/index.d.ts +14 -0
- package/dist/scanner/index.d.ts.map +1 -1
- package/dist/scanner/index.js +86 -21
- package/dist/scanner/index.js.map +1 -1
- package/dist/scanner/rules/exfiltration.js +1 -1
- package/dist/scanner/rules/exfiltration.js.map +1 -1
- package/dist/scanner/rules/index.d.ts.map +1 -1
- package/dist/scanner/rules/index.js +2 -0
- package/dist/scanner/rules/index.js.map +1 -1
- package/dist/scanner/rules/obfuscation.js +1 -1
- package/dist/scanner/rules/obfuscation.js.map +1 -1
- package/dist/scanner/rules/remote-loader.js +1 -1
- package/dist/scanner/rules/remote-loader.js.map +1 -1
- package/dist/scanner/rules/shell-exec.js +2 -2
- package/dist/scanner/rules/shell-exec.js.map +1 -1
- package/dist/scanner/rules/trojan.d.ts +6 -0
- package/dist/scanner/rules/trojan.d.ts.map +1 -0
- package/dist/scanner/rules/trojan.js +100 -0
- package/dist/scanner/rules/trojan.js.map +1 -0
- package/dist/tests/action.test.js +13 -2
- package/dist/tests/action.test.js.map +1 -1
- package/dist/tests/scanner.test.js +20 -2
- package/dist/tests/scanner.test.js.map +1 -1
- package/dist/types/action.d.ts +2 -0
- package/dist/types/action.d.ts.map +1 -1
- package/dist/types/scanner.d.ts +1 -1
- package/dist/types/scanner.d.ts.map +1 -1
- package/dist/types/scanner.js.map +1 -1
- package/package.json +1 -1
package/README.md
CHANGED
|
@@ -1,70 +1,73 @@
|
|
|
1
|
-
|
|
1
|
+
<p align="center">
|
|
2
|
+
<img src="assets/logo.png" alt="GoPlus AgentGuard" width="120" />
|
|
3
|
+
</p>
|
|
2
4
|
|
|
3
|
-
|
|
5
|
+
<h1 align="center">GoPlus AgentGuard</h1>
|
|
4
6
|
|
|
5
|
-
|
|
7
|
+
<p align="center"><b>The essential security guard for every AI agent user.</b></p>
|
|
6
8
|
|
|
9
|
+
<p align="center">Your AI agent has full access to your terminal, files, and secrets — but zero security awareness.<br/>A malicious skill or prompt injection can steal your keys, drain your wallet, or wipe your disk.<br/><b>AgentGuard stops all of that.</b></p>
|
|
10
|
+
|
|
11
|
+
[](https://www.npmjs.com/package/@goplus/agentguard)
|
|
12
|
+
[](https://github.com/GoPlusSecurity/agentguard)
|
|
7
13
|
[](LICENSE)
|
|
8
|
-
[](https://www.typescriptlang.org)
|
|
14
|
+
[](https://github.com/GoPlusSecurity/agentguard/actions/workflows/ci.yml)
|
|
10
15
|
[](https://agentskills.io)
|
|
11
16
|
|
|
12
|
-
##
|
|
13
|
-
|
|
14
|
-
GoPlus AgentGuard protects your AI coding agent with two layers:
|
|
17
|
+
## Why AgentGuard?
|
|
15
18
|
|
|
16
|
-
|
|
17
|
-
- Blocks `rm -rf /`, fork bombs, `curl | bash` and other destructive commands
|
|
18
|
-
- Prevents writes to `.env`, `.ssh/`, credentials files
|
|
19
|
-
- Detects data exfiltration to Discord/Telegram/Slack webhooks
|
|
20
|
-
- Flags requests to high-risk domains
|
|
19
|
+
AI coding agents can execute any command, read any file, and install any skill — with zero security review. The risks are real:
|
|
21
20
|
|
|
22
|
-
**
|
|
23
|
-
-
|
|
24
|
-
-
|
|
25
|
-
- Runtime action evaluation with GoPlus API integration
|
|
26
|
-
- Trust registry for managing skill permissions
|
|
21
|
+
- **Malicious skills** can hide backdoors, steal credentials, or exfiltrate data
|
|
22
|
+
- **Prompt injection** can trick your agent into running destructive commands
|
|
23
|
+
- **Unverified code** from the internet may contain wallet drainers or keyloggers
|
|
27
24
|
|
|
28
|
-
|
|
25
|
+
**AgentGuard is the first real-time security layer for AI agents.** It automatically scans every new skill, blocks dangerous actions before they execute, and tracks which skill initiated each action. One install, always protected.
|
|
29
26
|
|
|
30
|
-
|
|
27
|
+
## What It Does
|
|
31
28
|
|
|
32
|
-
|
|
33
|
-
|
|
34
|
-
|
|
35
|
-
|
|
36
|
-
|
|
37
|
-
| **Cursor** | Skill |
|
|
38
|
-
| **GitHub Copilot** | Skill |
|
|
39
|
-
| **Any Agent Skills-compatible agent** | Skill |
|
|
29
|
+
**Layer 1 — Automatic Guard (hooks)**: Install once, always protected.
|
|
30
|
+
- Blocks `rm -rf /`, fork bombs, `curl | bash` and destructive commands
|
|
31
|
+
- Prevents writes to `.env`, `.ssh/`, credentials files
|
|
32
|
+
- Detects data exfiltration to Discord/Telegram/Slack webhooks
|
|
33
|
+
- Tracks which skill initiated each action — holds malicious skills accountable
|
|
40
34
|
|
|
41
|
-
|
|
35
|
+
**Layer 2 — Deep Scan (skill)**: On-demand security audit with 24 detection rules.
|
|
36
|
+
- **Auto-scans new skills** on session start — malicious code blocked before it runs
|
|
37
|
+
- Static analysis for secrets, backdoors, obfuscation, and prompt injection
|
|
38
|
+
- Web3-specific: wallet draining, unlimited approvals, reentrancy, proxy exploits
|
|
39
|
+
- Trust registry with capability-based access control per skill
|
|
42
40
|
|
|
43
41
|
## Quick Start
|
|
44
42
|
|
|
45
|
-
### One-Click Install
|
|
46
|
-
|
|
47
43
|
```bash
|
|
48
|
-
|
|
49
|
-
cd agentguard && ./setup.sh
|
|
44
|
+
npm install @goplus/agentguard
|
|
50
45
|
```
|
|
51
46
|
|
|
52
|
-
|
|
53
|
-
|
|
54
|
-
To enable automatic hook protection, add GoPlus AgentGuard as a Claude Code plugin:
|
|
47
|
+
<details>
|
|
48
|
+
<summary><b>Full install with auto-guard hooks (Claude Code)</b></summary>
|
|
55
49
|
|
|
56
50
|
```bash
|
|
51
|
+
git clone https://github.com/GoPlusSecurity/agentguard.git
|
|
52
|
+
cd agentguard && ./setup.sh
|
|
57
53
|
claude plugin add /path/to/agentguard
|
|
58
54
|
```
|
|
59
55
|
|
|
60
|
-
|
|
56
|
+
This installs the skill, configures hooks, and sets your protection level.
|
|
57
|
+
|
|
58
|
+
</details>
|
|
59
|
+
|
|
60
|
+
<details>
|
|
61
|
+
<summary><b>Manual install (skill only)</b></summary>
|
|
61
62
|
|
|
62
63
|
```bash
|
|
63
64
|
git clone https://github.com/GoPlusSecurity/agentguard.git
|
|
64
65
|
cp -r agentguard/skills/agentguard ~/.claude/skills/agentguard
|
|
65
66
|
```
|
|
66
67
|
|
|
67
|
-
|
|
68
|
+
</details>
|
|
69
|
+
|
|
70
|
+
Then use `/agentguard` in your agent:
|
|
68
71
|
|
|
69
72
|
```
|
|
70
73
|
/agentguard scan ./src # Scan code for security risks
|
|
@@ -74,28 +77,6 @@ Then use `/agentguard` in Claude Code:
|
|
|
74
77
|
/agentguard config balanced # Set protection level
|
|
75
78
|
```
|
|
76
79
|
|
|
77
|
-
## How It Works
|
|
78
|
-
|
|
79
|
-
```
|
|
80
|
-
┌──────────────────────────────────────────────────────┐
|
|
81
|
-
│ Layer 1: Auto Guard (hooks — install once, forget) │
|
|
82
|
-
│ ┌──────────────┐ ┌──────────────┐ ┌──────────────┐ │
|
|
83
|
-
│ │ PreToolUse │ │ PostToolUse │ │ Config │ │
|
|
84
|
-
│ │ Block danger │ │ Audit log │ │ 3 levels │ │
|
|
85
|
-
│ └──────┬───────┘ └──────┬───────┘ └──────┬───────┘ │
|
|
86
|
-
│ └────────┬───────┘ │ │
|
|
87
|
-
│ ▼ │ │
|
|
88
|
-
│ ActionScanner Engine ◄────────────┘ │
|
|
89
|
-
└──────────────────────────────────────────────────────┘
|
|
90
|
-
┌──────────────────────────────────────────────────────┐
|
|
91
|
-
│ Layer 2: Deep Scan (skill — on demand) │
|
|
92
|
-
│ /agentguard scan — 20-rule static analysis │
|
|
93
|
-
│ /agentguard action — Runtime action evaluation │
|
|
94
|
-
│ /agentguard trust — Skill trust management │
|
|
95
|
-
│ /agentguard report — Security event log │
|
|
96
|
-
└──────────────────────────────────────────────────────┘
|
|
97
|
-
```
|
|
98
|
-
|
|
99
80
|
## Protection Levels
|
|
100
81
|
|
|
101
82
|
| Level | Behavior |
|
|
@@ -104,9 +85,7 @@ Then use `/agentguard` in Claude Code:
|
|
|
104
85
|
| `balanced` | Block dangerous, confirm risky. Good for daily use. **(default)** |
|
|
105
86
|
| `permissive` | Only block critical threats. For experienced users who want minimal friction. |
|
|
106
87
|
|
|
107
|
-
|
|
108
|
-
|
|
109
|
-
## Detection Rules (20)
|
|
88
|
+
## Detection Rules (24)
|
|
110
89
|
|
|
111
90
|
| Category | Rules | Severity |
|
|
112
91
|
|----------|-------|----------|
|
|
@@ -115,6 +94,7 @@ Change with: `/agentguard config <level>`
|
|
|
115
94
|
| **Exfiltration** | NET_EXFIL_UNRESTRICTED, WEBHOOK_EXFIL | HIGH-CRITICAL |
|
|
116
95
|
| **Obfuscation** | OBFUSCATION, PROMPT_INJECTION | HIGH-CRITICAL |
|
|
117
96
|
| **Web3** | WALLET_DRAINING, UNLIMITED_APPROVAL, DANGEROUS_SELFDESTRUCT, HIDDEN_TRANSFER, PROXY_UPGRADE, FLASH_LOAN_RISK, REENTRANCY_PATTERN, SIGNATURE_REPLAY | MEDIUM-CRITICAL |
|
|
97
|
+
| **Trojan & Social Engineering** | TROJAN_DISTRIBUTION, SUSPICIOUS_PASTE_URL, SUSPICIOUS_IP, SOCIAL_ENGINEERING | MEDIUM-CRITICAL |
|
|
118
98
|
|
|
119
99
|
## Try It
|
|
120
100
|
|
|
@@ -124,112 +104,59 @@ Scan the included vulnerable demo project:
|
|
|
124
104
|
/agentguard scan examples/vulnerable-skill
|
|
125
105
|
```
|
|
126
106
|
|
|
127
|
-
Expected output: **CRITICAL** risk level with
|
|
128
|
-
|
|
129
|
-
## Advanced Usage
|
|
130
|
-
|
|
131
|
-
### As MCP Server
|
|
132
|
-
|
|
133
|
-
```json
|
|
134
|
-
{
|
|
135
|
-
"mcpServers": {
|
|
136
|
-
"agentguard": {
|
|
137
|
-
"command": "npx",
|
|
138
|
-
"args": ["-y", "agentguard"],
|
|
139
|
-
"env": {
|
|
140
|
-
"GOPLUS_API_KEY": "your_key",
|
|
141
|
-
"GOPLUS_API_SECRET": "your_secret"
|
|
142
|
-
}
|
|
143
|
-
}
|
|
144
|
-
}
|
|
145
|
-
}
|
|
146
|
-
```
|
|
147
|
-
|
|
148
|
-
MCP tools: `skill_scanner_scan`, `registry_lookup`, `registry_attest`, `registry_revoke`, `registry_list`, `action_scanner_decide`, `action_scanner_simulate_web3`
|
|
149
|
-
|
|
150
|
-
### As SDK
|
|
107
|
+
Expected output: **CRITICAL** risk level with detection hits across JavaScript, Solidity, and Markdown files.
|
|
151
108
|
|
|
152
|
-
|
|
153
|
-
import { createAgentGuard } from 'agentguard';
|
|
154
|
-
|
|
155
|
-
const { scanner, registry, actionScanner } = createAgentGuard();
|
|
156
|
-
|
|
157
|
-
// Scan code
|
|
158
|
-
const result = await scanner.scan({
|
|
159
|
-
skill: { id: 'my-skill', source: 'github.com/org/skill', version_ref: 'v1.0.0', artifact_hash: '' },
|
|
160
|
-
payload: { type: 'dir', ref: '/path/to/skill' },
|
|
161
|
-
});
|
|
162
|
-
console.log(result.risk_level); // 'low' | 'medium' | 'high' | 'critical'
|
|
163
|
-
|
|
164
|
-
// Evaluate action
|
|
165
|
-
const decision = await actionScanner.decide({
|
|
166
|
-
actor: { skill: { id: 'my-skill', source: 'cli', version_ref: '1.0.0', artifact_hash: '' } },
|
|
167
|
-
action: { type: 'exec_command', data: { command: 'rm -rf /' } },
|
|
168
|
-
context: { session_id: 's1', user_present: true, env: 'prod', time: new Date().toISOString() },
|
|
169
|
-
});
|
|
170
|
-
console.log(decision.decision); // 'deny'
|
|
171
|
-
```
|
|
172
|
-
|
|
173
|
-
### Trust Management
|
|
174
|
-
|
|
175
|
-
```
|
|
176
|
-
/agentguard trust attest --id my-bot --source github.com/org/bot --version v1.0.0 --hash abc --trust-level restricted --preset trading_bot --reviewed-by admin
|
|
177
|
-
/agentguard trust lookup --source github.com/org/bot
|
|
178
|
-
/agentguard trust revoke --source github.com/org/bot --reason "security concern"
|
|
179
|
-
/agentguard trust list --trust-level trusted
|
|
180
|
-
```
|
|
181
|
-
|
|
182
|
-
Presets: `none` | `read_only` | `trading_bot` | `defi`
|
|
109
|
+
## Compatibility
|
|
183
110
|
|
|
184
|
-
|
|
111
|
+
GoPlus AgentGuard follows the [Agent Skills](https://agentskills.io) open standard:
|
|
185
112
|
|
|
186
|
-
|
|
113
|
+
| Platform | Support |
|
|
114
|
+
|----------|---------|
|
|
115
|
+
| **Claude Code** | Full (skill + hooks auto-guard) |
|
|
116
|
+
| **OpenAI Codex CLI** | Skill (scan/action/trust commands) |
|
|
117
|
+
| **Gemini CLI** | Skill |
|
|
118
|
+
| **Cursor** | Skill |
|
|
119
|
+
| **GitHub Copilot** | Skill |
|
|
187
120
|
|
|
188
|
-
|
|
189
|
-
export GOPLUS_API_KEY=your_key
|
|
190
|
-
export GOPLUS_API_SECRET=your_secret
|
|
191
|
-
```
|
|
121
|
+
> Hooks-based auto-guard (Layer 1) is specific to Claude Code's plugin system. The skill commands (Layer 2) work on any Agent Skills-compatible platform.
|
|
192
122
|
|
|
193
|
-
|
|
123
|
+
## Hook Limitations
|
|
194
124
|
|
|
195
|
-
|
|
125
|
+
The auto-guard hooks (Layer 1) have the following constraints:
|
|
196
126
|
|
|
197
|
-
|
|
127
|
+
- **Platform-specific**: Hooks rely on Claude Code's `PreToolUse` / `PostToolUse` / `SessionStart` events. Other platforms do not yet support this hook system.
|
|
128
|
+
- **Default-deny policy**: First-time use may trigger confirmation prompts for certain commands. A built-in safe-command allowlist (`ls`, `echo`, `pwd`, `git status`, etc.) reduces false positives.
|
|
129
|
+
- **Skill source tracking is heuristic**: AgentGuard infers which skill initiated an action by analyzing the conversation transcript. This is not 100% precise in all cases.
|
|
130
|
+
- **Cannot intercept skill installation itself**: Hooks can only intercept tool calls (Bash, Write, WebFetch, etc.) that a skill makes *after* loading — they cannot block the Skill tool invocation itself.
|
|
198
131
|
|
|
199
|
-
|
|
200
|
-
pip install cisco-ai-skill-scanner
|
|
201
|
-
```
|
|
132
|
+
## Roadmap
|
|
202
133
|
|
|
203
|
-
|
|
134
|
+
### v1.1 — Detection Enhancement
|
|
135
|
+
- [x] Extend scanner rules to Markdown files (detect malicious SKILL.md)
|
|
136
|
+
- [x] Base64 payload decoding and re-scanning
|
|
137
|
+
- [x] New rules: TROJAN_DISTRIBUTION, SUSPICIOUS_PASTE_URL, SUSPICIOUS_IP, SOCIAL_ENGINEERING
|
|
138
|
+
- [x] Safe-command allowlist to reduce hook false positives
|
|
139
|
+
- [x] Plugin manifest (`.claude-plugin/`) for one-step install
|
|
204
140
|
|
|
205
|
-
|
|
206
|
-
|
|
207
|
-
|
|
208
|
-
|
|
209
|
-
|
|
210
|
-
│ ├── action-policies.md # Action policy reference
|
|
211
|
-
│ ├── web3-patterns.md # Web3 patterns reference
|
|
212
|
-
│ └── scripts/ # CLI tools (trust-cli, action-cli, guard-hook)
|
|
213
|
-
├── hooks/hooks.json # Plugin hooks configuration
|
|
214
|
-
├── src/ # TypeScript source
|
|
215
|
-
│ ├── scanner/ # 20-rule static analysis engine
|
|
216
|
-
│ ├── action/ # Runtime action evaluator + GoPlus integration
|
|
217
|
-
│ ├── registry/ # Trust level management
|
|
218
|
-
│ ├── policy/ # Default policies and presets
|
|
219
|
-
│ └── tests/ # Test suite
|
|
220
|
-
├── examples/vulnerable-skill/ # Demo project for testing
|
|
221
|
-
├── data/registry.json # Trust registry storage
|
|
222
|
-
├── setup.sh # One-click install script
|
|
223
|
-
└── dist/ # Compiled output
|
|
224
|
-
```
|
|
141
|
+
### v2.0 — Multi-Platform
|
|
142
|
+
- [ ] OpenClaw gateway plugin integration
|
|
143
|
+
- [ ] `before_tool_call` / `after_tool_call` hook wiring
|
|
144
|
+
- [ ] OpenAI Codex CLI sandbox adapter
|
|
145
|
+
- [ ] Federated trust registry across platforms
|
|
225
146
|
|
|
226
|
-
|
|
147
|
+
### v3.0 — Ecosystem
|
|
148
|
+
- [ ] Threat intelligence feed (shared C2 IP/domain blocklist)
|
|
149
|
+
- [ ] Skill marketplace automated scanning pipeline
|
|
150
|
+
- [ ] VS Code extension for IDE-native security
|
|
151
|
+
- [ ] Community rule contributions (open rule format)
|
|
227
152
|
|
|
228
|
-
|
|
229
|
-
npm install && npm run build && npm test
|
|
230
|
-
```
|
|
153
|
+
## Documentation
|
|
231
154
|
|
|
232
|
-
|
|
155
|
+
- [MCP Server Setup](docs/mcp-server.md) — Run as a Model Context Protocol server
|
|
156
|
+
- [SDK Usage](docs/sdk.md) — Use as a TypeScript/JavaScript library
|
|
157
|
+
- [Trust Management](docs/trust-cli.md) — Manage skill trust levels and capability presets
|
|
158
|
+
- [GoPlus API (Web3)](docs/goplus-api.md) — Enhanced Web3 security with GoPlus integration
|
|
159
|
+
- [Architecture](docs/architecture.md) — Project structure and testing
|
|
233
160
|
|
|
234
161
|
## License
|
|
235
162
|
|
|
@@ -239,4 +166,6 @@ npm install && npm run build && npm test
|
|
|
239
166
|
|
|
240
167
|
Contributions welcome! See [CONTRIBUTING.md](CONTRIBUTING.md) for guidelines.
|
|
241
168
|
|
|
169
|
+
Found a security vulnerability? See [SECURITY.md](SECURITY.md).
|
|
170
|
+
|
|
242
171
|
Built by [GoPlus Security](https://gopluslabs.io).
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"exec.d.ts","sourceRoot":"","sources":["../../../src/action/detectors/exec.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,eAAe,EAAE,cAAc,EAAE,MAAM,uBAAuB,CAAC;AAE7E;;GAEG;AACH,MAAM,WAAW,kBAAkB;IACjC,iBAAiB;IACjB,UAAU,EAAE,KAAK,GAAG,QAAQ,GAAG,MAAM,GAAG,UAAU,CAAC;IACnD,gBAAgB;IAChB,SAAS,EAAE,MAAM,EAAE,CAAC;IACpB,eAAe;IACf,QAAQ,EAAE,cAAc,EAAE,CAAC;IAC3B,mBAAmB;IACnB,YAAY,EAAE,OAAO,CAAC;IACtB,mBAAmB;IACnB,YAAY,CAAC,EAAE,MAAM,CAAC;CACvB;
|
|
1
|
+
{"version":3,"file":"exec.d.ts","sourceRoot":"","sources":["../../../src/action/detectors/exec.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,eAAe,EAAE,cAAc,EAAE,MAAM,uBAAuB,CAAC;AAE7E;;GAEG;AACH,MAAM,WAAW,kBAAkB;IACjC,iBAAiB;IACjB,UAAU,EAAE,KAAK,GAAG,QAAQ,GAAG,MAAM,GAAG,UAAU,CAAC;IACnD,gBAAgB;IAChB,SAAS,EAAE,MAAM,EAAE,CAAC;IACpB,eAAe;IACf,QAAQ,EAAE,cAAc,EAAE,CAAC;IAC3B,mBAAmB;IACnB,YAAY,EAAE,OAAO,CAAC;IACtB,mBAAmB;IACnB,YAAY,CAAC,EAAE,MAAM,CAAC;CACvB;AAoGD;;GAEG;AACH,wBAAgB,kBAAkB,CAChC,OAAO,EAAE,eAAe,EACxB,WAAW,GAAE,OAAe,GAC3B,kBAAkB,CA2KpB"}
|
|
@@ -1,6 +1,29 @@
|
|
|
1
1
|
"use strict";
|
|
2
2
|
Object.defineProperty(exports, "__esModule", { value: true });
|
|
3
3
|
exports.analyzeExecCommand = analyzeExecCommand;
|
|
4
|
+
/**
|
|
5
|
+
* Safe read-only commands that should be allowed without restriction.
|
|
6
|
+
* Only applied when the command has no shell metacharacters.
|
|
7
|
+
*/
|
|
8
|
+
const SAFE_COMMAND_PREFIXES = [
|
|
9
|
+
'ls', 'echo', 'pwd', 'whoami', 'date', 'hostname', 'uname',
|
|
10
|
+
'cat', 'head', 'tail', 'wc', 'grep', 'find', 'which', 'type',
|
|
11
|
+
'git status', 'git log', 'git diff', 'git branch', 'git show', 'git remote',
|
|
12
|
+
'node --version', 'node -v', 'npm --version', 'npm -v', 'npx --version',
|
|
13
|
+
'python --version', 'python3 --version', 'pip --version',
|
|
14
|
+
'tsc --version', 'go version', 'rustc --version', 'java -version',
|
|
15
|
+
];
|
|
16
|
+
/**
|
|
17
|
+
* Shell metacharacters that disqualify a command from the safe list
|
|
18
|
+
*/
|
|
19
|
+
const SHELL_METACHAR_PATTERN = /[;|&`$(){}]/;
|
|
20
|
+
/**
|
|
21
|
+
* Fork bomb patterns (regex-based for variants with spaces)
|
|
22
|
+
*/
|
|
23
|
+
const FORK_BOMB_PATTERNS = [
|
|
24
|
+
/:\s*\(\s*\)\s*\{.*:\s*\|\s*:.*&.*\}/, // :(){ :|:& };: and space variants
|
|
25
|
+
/\bfork\s*bomb\b/i,
|
|
26
|
+
];
|
|
4
27
|
/**
|
|
5
28
|
* Dangerous commands that should always be blocked
|
|
6
29
|
*/
|
|
@@ -9,7 +32,6 @@ const DANGEROUS_COMMANDS = [
|
|
|
9
32
|
'rm -fr',
|
|
10
33
|
'mkfs',
|
|
11
34
|
'dd if=',
|
|
12
|
-
':(){:|:&};:', // Fork bomb
|
|
13
35
|
'chmod 777',
|
|
14
36
|
'chmod -R 777',
|
|
15
37
|
'> /dev/sda',
|
|
@@ -85,22 +107,55 @@ function analyzeExecCommand(command, execAllowed = false) {
|
|
|
85
107
|
let blockReason = execAllowed
|
|
86
108
|
? undefined
|
|
87
109
|
: 'Command execution not allowed';
|
|
88
|
-
// Check for
|
|
89
|
-
for (const
|
|
90
|
-
if (
|
|
110
|
+
// Check for fork bomb patterns (regex-based)
|
|
111
|
+
for (const pattern of FORK_BOMB_PATTERNS) {
|
|
112
|
+
if (pattern.test(fullCommand)) {
|
|
91
113
|
riskTags.push('DANGEROUS_COMMAND');
|
|
92
114
|
evidence.push({
|
|
93
115
|
type: 'dangerous_command',
|
|
94
116
|
field: 'command',
|
|
95
|
-
match:
|
|
96
|
-
description:
|
|
117
|
+
match: 'fork bomb',
|
|
118
|
+
description: 'Fork bomb detected',
|
|
97
119
|
});
|
|
98
120
|
riskLevel = 'critical';
|
|
99
121
|
shouldBlock = true;
|
|
100
|
-
blockReason =
|
|
122
|
+
blockReason = 'Dangerous command: fork bomb';
|
|
101
123
|
break;
|
|
102
124
|
}
|
|
103
125
|
}
|
|
126
|
+
// Check for dangerous commands
|
|
127
|
+
if (riskLevel !== 'critical') {
|
|
128
|
+
for (const dangerous of DANGEROUS_COMMANDS) {
|
|
129
|
+
if (lowerCommand.includes(dangerous.toLowerCase())) {
|
|
130
|
+
riskTags.push('DANGEROUS_COMMAND');
|
|
131
|
+
evidence.push({
|
|
132
|
+
type: 'dangerous_command',
|
|
133
|
+
field: 'command',
|
|
134
|
+
match: dangerous,
|
|
135
|
+
description: `Dangerous command pattern detected: ${dangerous}`,
|
|
136
|
+
});
|
|
137
|
+
riskLevel = 'critical';
|
|
138
|
+
shouldBlock = true;
|
|
139
|
+
blockReason = `Dangerous command: ${dangerous}`;
|
|
140
|
+
break;
|
|
141
|
+
}
|
|
142
|
+
}
|
|
143
|
+
}
|
|
144
|
+
// Safe command check: if not dangerous, no shell metacharacters, and no sensitive paths, allow
|
|
145
|
+
if (riskLevel !== 'critical' && !SHELL_METACHAR_PATTERN.test(fullCommand)) {
|
|
146
|
+
const hasSensitivePath = SENSITIVE_COMMANDS.some(s => lowerCommand.includes(s.toLowerCase()));
|
|
147
|
+
if (!hasSensitivePath) {
|
|
148
|
+
const isSafe = SAFE_COMMAND_PREFIXES.some(prefix => lowerCommand === prefix || lowerCommand.startsWith(prefix + ' '));
|
|
149
|
+
if (isSafe) {
|
|
150
|
+
return {
|
|
151
|
+
risk_level: 'low',
|
|
152
|
+
risk_tags: [],
|
|
153
|
+
evidence: [],
|
|
154
|
+
should_block: false,
|
|
155
|
+
};
|
|
156
|
+
}
|
|
157
|
+
}
|
|
158
|
+
}
|
|
104
159
|
// Check for sensitive data access
|
|
105
160
|
for (const sensitive of SENSITIVE_COMMANDS) {
|
|
106
161
|
if (lowerCommand.includes(sensitive.toLowerCase())) {
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"exec.js","sourceRoot":"","sources":["../../../src/action/detectors/exec.ts"],"names":[],"mappings":";;
|
|
1
|
+
{"version":3,"file":"exec.js","sourceRoot":"","sources":["../../../src/action/detectors/exec.ts"],"names":[],"mappings":";;AAuHA,gDA8KC;AAnRD;;;GAGG;AACH,MAAM,qBAAqB,GAAG;IAC5B,IAAI,EAAE,MAAM,EAAE,KAAK,EAAE,QAAQ,EAAE,MAAM,EAAE,UAAU,EAAE,OAAO;IAC1D,KAAK,EAAE,MAAM,EAAE,MAAM,EAAE,IAAI,EAAE,MAAM,EAAE,MAAM,EAAE,OAAO,EAAE,MAAM;IAC5D,YAAY,EAAE,SAAS,EAAE,UAAU,EAAE,YAAY,EAAE,UAAU,EAAE,YAAY;IAC3E,gBAAgB,EAAE,SAAS,EAAE,eAAe,EAAE,QAAQ,EAAE,eAAe;IACvE,kBAAkB,EAAE,mBAAmB,EAAE,eAAe;IACxD,eAAe,EAAE,YAAY,EAAE,iBAAiB,EAAE,eAAe;CAClE,CAAC;AAEF;;GAEG;AACH,MAAM,sBAAsB,GAAG,aAAa,CAAC;AAE7C;;GAEG;AACH,MAAM,kBAAkB,GAAG;IACzB,qCAAqC,EAAK,mCAAmC;IAC7E,kBAAkB;CACnB,CAAC;AAEF;;GAEG;AACH,MAAM,kBAAkB,GAAG;IACzB,QAAQ;IACR,QAAQ;IACR,MAAM;IACN,QAAQ;IACR,WAAW;IACX,cAAc;IACd,YAAY;IACZ,QAAQ;IACR,eAAe;IACf,eAAe;IACf,iBAAiB;IACjB,iBAAiB;CAClB,CAAC;AAEF;;GAEG;AACH,MAAM,kBAAkB,GAAG;IACzB,iBAAiB;IACjB,iBAAiB;IACjB,YAAY;IACZ,YAAY;IACZ,aAAa;IACb,cAAc;IACd,cAAc;IACd,UAAU;IACV,KAAK;IACL,KAAK;CACN,CAAC;AAEF;;GAEG;AACH,MAAM,eAAe,GAAG;IACtB,MAAM;IACN,KAAK;IACL,OAAO;IACP,OAAO;IACP,OAAO;IACP,SAAS;IACT,SAAS;IACT,UAAU;IACV,QAAQ;IACR,QAAQ;IACR,WAAW;IACX,UAAU;IACV,OAAO;IACP,UAAU;IACV,QAAQ;IACR,MAAM;CACP,CAAC;AAEF;;GAEG;AACH,MAAM,gBAAgB,GAAG;IACvB,OAAO;IACP,OAAO;IACP,KAAK;IACL,QAAQ;IACR,MAAM;IACN,MAAM;IACN,MAAM;IACN,QAAQ;IACR,MAAM;IACN,OAAO;CACR,CAAC;AAEF;;GAEG;AACH,SAAgB,kBAAkB,CAChC,OAAwB,EACxB,cAAuB,KAAK;IAE5B,MAAM,WAAW,GAAG,OAAO,CAAC,IAAI;QAC9B,CAAC,CAAC,GAAG,OAAO,CAAC,OAAO,IAAI,OAAO,CAAC,IAAI,CAAC,IAAI,CAAC,GAAG,CAAC,EAAE;QAChD,CAAC,CAAC,OAAO,CAAC,OAAO,CAAC;IAEpB,MAAM,YAAY,GAAG,WAAW,CAAC,WAAW,EAAE,CAAC;IAC/C,MAAM,QAAQ,GAAa,EAAE,CAAC;IAC9B,MAAM,QAAQ,GAAqB,EAAE,CAAC;IACtC,IAAI,SAAS,GAA2C,KAAK,CAAC;IAC9D,IAAI,WAAW,GAAG,CAAC,WAAW,CAAC,CAAC,uCAAuC;IACvE,IAAI,WAAW,GAAuB,WAAW;QAC/C,CAAC,CAAC,SAAS;QACX,CAAC,CAAC,+BAA+B,CAAC;IAEpC,6CAA6C;IAC7C,KAAK,MAAM,OAAO,IAAI,kBAAkB,EAAE,CAAC;QACzC,IAAI,OAAO,CAAC,IAAI,CAAC,WAAW,CAAC,EAAE,CAAC;YAC9B,QAAQ,CAAC,IAAI,CAAC,mBAAmB,CAAC,CAAC;YACnC,QAAQ,CAAC,IAAI,CAAC;gBACZ,IAAI,EAAE,mBAAmB;gBACzB,KAAK,EAAE,SAAS;gBAChB,KAAK,EAAE,WAAW;gBAClB,WAAW,EAAE,oBAAoB;aAClC,CAAC,CAAC;YACH,SAAS,GAAG,UAAU,CAAC;YACvB,WAAW,GAAG,IAAI,CAAC;YACnB,WAAW,GAAG,8BAA8B,CAAC;YAC7C,MAAM;QACR,CAAC;IACH,CAAC;IAED,+BAA+B;IAC/B,IAAI,SAAS,KAAK,UAAU,EAAE,CAAC;QAC7B,KAAK,MAAM,SAAS,IAAI,kBAAkB,EAAE,CAAC;YAC3C,IAAI,YAAY,CAAC,QAAQ,CAAC,SAAS,CAAC,WAAW,EAAE,CAAC,EAAE,CAAC;gBACnD,QAAQ,CAAC,IAAI,CAAC,mBAAmB,CAAC,CAAC;gBACnC,QAAQ,CAAC,IAAI,CAAC;oBACZ,IAAI,EAAE,mBAAmB;oBACzB,KAAK,EAAE,SAAS;oBAChB,KAAK,EAAE,SAAS;oBAChB,WAAW,EAAE,uCAAuC,SAAS,EAAE;iBAChE,CAAC,CAAC;gBACH,SAAS,GAAG,UAAU,CAAC;gBACvB,WAAW,GAAG,IAAI,CAAC;gBACnB,WAAW,GAAG,sBAAsB,SAAS,EAAE,CAAC;gBAChD,MAAM;YACR,CAAC;QACH,CAAC;IACH,CAAC;IAED,+FAA+F;IAC/F,IAAI,SAAS,KAAK,UAAU,IAAI,CAAC,sBAAsB,CAAC,IAAI,CAAC,WAAW,CAAC,EAAE,CAAC;QAC1E,MAAM,gBAAgB,GAAG,kBAAkB,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,YAAY,CAAC,QAAQ,CAAC,CAAC,CAAC,WAAW,EAAE,CAAC,CAAC,CAAC;QAC9F,IAAI,CAAC,gBAAgB,EAAE,CAAC;YACtB,MAAM,MAAM,GAAG,qBAAqB,CAAC,IAAI,CAAC,MAAM,CAAC,EAAE,CACjD,YAAY,KAAK,MAAM,IAAI,YAAY,CAAC,UAAU,CAAC,MAAM,GAAG,GAAG,CAAC,CACjE,CAAC;YACF,IAAI,MAAM,EAAE,CAAC;gBACX,OAAO;oBACL,UAAU,EAAE,KAAK;oBACjB,SAAS,EAAE,EAAE;oBACb,QAAQ,EAAE,EAAE;oBACZ,YAAY,EAAE,KAAK;iBACpB,CAAC;YACJ,CAAC;QACH,CAAC;IACH,CAAC;IAED,kCAAkC;IAClC,KAAK,MAAM,SAAS,IAAI,kBAAkB,EAAE,CAAC;QAC3C,IAAI,YAAY,CAAC,QAAQ,CAAC,SAAS,CAAC,WAAW,EAAE,CAAC,EAAE,CAAC;YACnD,QAAQ,CAAC,IAAI,CAAC,uBAAuB,CAAC,CAAC;YACvC,QAAQ,CAAC,IAAI,CAAC;gBACZ,IAAI,EAAE,kBAAkB;gBACxB,KAAK,EAAE,SAAS;gBAChB,KAAK,EAAE,SAAS;gBAChB,WAAW,EAAE,0BAA0B,SAAS,EAAE;aACnD,CAAC,CAAC;YACH,IAAI,SAAS,KAAK,UAAU;gBAAE,SAAS,GAAG,MAAM,CAAC;QACnD,CAAC;IACH,CAAC;IAED,4BAA4B;IAC5B,KAAK,MAAM,GAAG,IAAI,eAAe,EAAE,CAAC;QAClC,IACE,YAAY,CAAC,UAAU,CAAC,GAAG,CAAC,WAAW,EAAE,CAAC;YAC1C,YAAY,CAAC,QAAQ,CAAC,GAAG,GAAG,GAAG,CAAC,WAAW,EAAE,CAAC,EAC9C,CAAC;YACD,QAAQ,CAAC,IAAI,CAAC,gBAAgB,CAAC,CAAC;YAChC,QAAQ,CAAC,IAAI,CAAC;gBACZ,IAAI,EAAE,gBAAgB;gBACtB,KAAK,EAAE,SAAS;gBAChB,KAAK,EAAE,GAAG,CAAC,IAAI,EAAE;gBACjB,WAAW,EAAE,gCAAgC,GAAG,CAAC,IAAI,EAAE,EAAE;aAC1D,CAAC,CAAC;YACH,IAAI,SAAS,KAAK,KAAK;gBAAE,SAAS,GAAG,QAAQ,CAAC;QAChD,CAAC;IACH,CAAC;IAED,6BAA6B;IAC7B,KAAK,MAAM,GAAG,IAAI,gBAAgB,EAAE,CAAC;QACnC,IACE,YAAY,CAAC,UAAU,CAAC,GAAG,CAAC,WAAW,EAAE,CAAC;YAC1C,YAAY,CAAC,QAAQ,CAAC,GAAG,GAAG,GAAG,CAAC,WAAW,EAAE,CAAC,EAC9C,CAAC;YACD,QAAQ,CAAC,IAAI,CAAC,iBAAiB,CAAC,CAAC;YACjC,QAAQ,CAAC,IAAI,CAAC;gBACZ,IAAI,EAAE,iBAAiB;gBACvB,KAAK,EAAE,SAAS;gBAChB,KAAK,EAAE,GAAG,CAAC,IAAI,EAAE;gBACjB,WAAW,EAAE,oBAAoB,GAAG,CAAC,IAAI,EAAE,EAAE;aAC9C,CAAC,CAAC;YACH,IAAI,SAAS,KAAK,KAAK;gBAAE,SAAS,GAAG,QAAQ,CAAC;QAChD,CAAC;IACH,CAAC;IAED,qCAAqC;IACrC,MAAM,sBAAsB,GAAG;QAC7B,SAAS,EAAO,YAAY;QAC5B,UAAU,EAAM,YAAY;QAC5B,SAAS,EAAO,YAAY;QAC5B,aAAa,EAAG,aAAa;QAC7B,UAAU,EAAM,aAAa;QAC7B,YAAY,EAAI,aAAa;KAC9B,CAAC;IAEF,KAAK,MAAM,OAAO,IAAI,sBAAsB,EAAE,CAAC;QAC7C,IAAI,OAAO,CAAC,IAAI,CAAC,WAAW,CAAC,EAAE,CAAC;YAC9B,QAAQ,CAAC,IAAI,CAAC,sBAAsB,CAAC,CAAC;YACtC,QAAQ,CAAC,IAAI,CAAC;gBACZ,IAAI,EAAE,iBAAiB;gBACvB,KAAK,EAAE,SAAS;gBAChB,WAAW,EAAE,uCAAuC;aACrD,CAAC,CAAC;YACH,IAAI,SAAS,KAAK,KAAK;gBAAE,SAAS,GAAG,QAAQ,CAAC;YAC9C,MAAM;QACR,CAAC;IACH,CAAC;IAED,0CAA0C;IAC1C,IAAI,OAAO,CAAC,GAAG,EAAE,CAAC;QAChB,MAAM,gBAAgB,GAAG;YACvB,SAAS;YACT,QAAQ;YACR,UAAU;YACV,OAAO;YACP,SAAS;YACT,YAAY;SACb,CAAC;QAEF,KAAK,MAAM,CAAC,GAAG,EAAE,KAAK,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,OAAO,CAAC,GAAG,CAAC,EAAE,CAAC;YACvD,MAAM,QAAQ,GAAG,GAAG,CAAC,WAAW,EAAE,CAAC;YACnC,IAAI,gBAAgB,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,QAAQ,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC;gBACvD,QAAQ,CAAC,IAAI,CAAC,mBAAmB,CAAC,CAAC;gBACnC,QAAQ,CAAC,IAAI,CAAC;oBACZ,IAAI,EAAE,eAAe;oBACrB,KAAK,EAAE,KAAK;oBACZ,KAAK,EAAE,GAAG;oBACV,WAAW,EAAE,mCAAmC,GAAG,EAAE;iBACtD,CAAC,CAAC;YACL,CAAC;QACH,CAAC;IACH,CAAC;IAED,OAAO;QACL,UAAU,EAAE,SAAS;QACrB,SAAS,EAAE,QAAQ;QACnB,QAAQ;QACR,YAAY,EAAE,WAAW;QACzB,YAAY,EAAE,WAAW;KAC1B,CAAC;AACJ,CAAC"}
|
package/dist/index.d.ts
CHANGED
package/dist/index.d.ts.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAAA;;;;;;;GAOG;AAGH,cAAc,kBAAkB,CAAC;AAGjC,OAAO,EAAE,YAAY,EAAE,KAAK,cAAc,EAAE,MAAM,oBAAoB,CAAC;AACvE,OAAO,EACL,aAAa,EACb,eAAe,EACf,KAAK,eAAe,EACpB,KAAK,cAAc,EACnB,KAAK,YAAY,EACjB,KAAK,YAAY,GAClB,MAAM,qBAAqB,CAAC;AAC7B,OAAO,EACL,aAAa,EACb,YAAY,EACZ,KAAK,oBAAoB,GAC1B,MAAM,mBAAmB,CAAC;AAG3B,OAAO,EACL,gBAAgB,EAChB,sBAAsB,EACtB,qBAAqB,EACrB,kBAAkB,EAClB,KAAK,YAAY,GAClB,MAAM,qBAAqB,CAAC;AAG7B,OAAO,EACL,qBAAqB,EACrB,iBAAiB,EACjB,aAAa,EACb,eAAe,EACf,kBAAkB,GACnB,MAAM,qBAAqB,CAAC;AAG7B,OAAO,EAAE,YAAY,EAAE,MAAM,oBAAoB,CAAC;AAClD,OAAO,EAAE,aAAa,EAAE,MAAM,qBAAqB,CAAC;AACpD,OAAO,EAAE,aAAa,EAAE,MAAM,mBAAmB,CAAC;AAElD;;GAEG;AACH,wBAAgB,gBAAgB,CAAC,OAAO,CAAC,EAAE;IACzC,YAAY,CAAC,EAAE,MAAM,CAAC;IACtB,kBAAkB,CAAC,EAAE,OAAO,CAAC;CAC9B;;;;EAgBA;
|
|
1
|
+
{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAAA;;;;;;;GAOG;AAGH,cAAc,kBAAkB,CAAC;AAGjC,OAAO,EAAE,YAAY,EAAE,KAAK,cAAc,EAAE,MAAM,oBAAoB,CAAC;AACvE,OAAO,EACL,aAAa,EACb,eAAe,EACf,KAAK,eAAe,EACpB,KAAK,cAAc,EACnB,KAAK,YAAY,EACjB,KAAK,YAAY,GAClB,MAAM,qBAAqB,CAAC;AAC7B,OAAO,EACL,aAAa,EACb,YAAY,EACZ,KAAK,oBAAoB,GAC1B,MAAM,mBAAmB,CAAC;AAG3B,OAAO,EACL,gBAAgB,EAChB,sBAAsB,EACtB,qBAAqB,EACrB,kBAAkB,EAClB,KAAK,YAAY,GAClB,MAAM,qBAAqB,CAAC;AAG7B,OAAO,EACL,qBAAqB,EACrB,iBAAiB,EACjB,aAAa,EACb,eAAe,EACf,kBAAkB,GACnB,MAAM,qBAAqB,CAAC;AAG7B,OAAO,EAAE,YAAY,EAAE,MAAM,oBAAoB,CAAC;AAClD,OAAO,EAAE,aAAa,EAAE,MAAM,qBAAqB,CAAC;AACpD,OAAO,EAAE,aAAa,EAAE,MAAM,mBAAmB,CAAC;AAElD;;GAEG;AACH,wBAAgB,gBAAgB,CAAC,OAAO,CAAC,EAAE;IACzC,YAAY,CAAC,EAAE,MAAM,CAAC;IACtB,kBAAkB,CAAC,EAAE,OAAO,CAAC;CAC9B;;;;EAgBA;AAGD,eAAe,gBAAgB,CAAC"}
|
package/dist/index.js
CHANGED
|
@@ -22,7 +22,7 @@ var __exportStar = (this && this.__exportStar) || function(m, exports) {
|
|
|
22
22
|
for (var p in m) if (p !== "default" && !Object.prototype.hasOwnProperty.call(exports, p)) __createBinding(exports, m, p);
|
|
23
23
|
};
|
|
24
24
|
Object.defineProperty(exports, "__esModule", { value: true });
|
|
25
|
-
exports.
|
|
25
|
+
exports.SENSITIVE_PATTERNS = exports.isDomainAllowed = exports.extractDomain = exports.maskSensitiveData = exports.containsSensitiveData = exports.CAPABILITY_PRESETS = exports.PERMISSIVE_CAPABILITY = exports.RESTRICTIVE_CAPABILITY = exports.DEFAULT_POLICIES = exports.GoPlusClient = exports.ActionScanner = exports.RegistryStorage = exports.SkillRegistry = exports.SkillScanner = void 0;
|
|
26
26
|
exports.createAgentGuard = createAgentGuard;
|
|
27
27
|
// Export types
|
|
28
28
|
__exportStar(require("./types/index.js"), exports);
|
|
@@ -70,8 +70,5 @@ function createAgentGuard(options) {
|
|
|
70
70
|
};
|
|
71
71
|
}
|
|
72
72
|
// Default export
|
|
73
|
-
// Backwards compatibility alias
|
|
74
|
-
exports.createGuardSkills = createAgentGuard;
|
|
75
|
-
// Default export
|
|
76
73
|
exports.default = createAgentGuard;
|
|
77
74
|
//# sourceMappingURL=index.js.map
|
package/dist/index.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.js","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":";AAAA;;;;;;;GAOG;;;;;;;;;;;;;;;;;AA+CH,4CAmBC;AAhED,eAAe;AACf,mDAAiC;AAEjC,iBAAiB;AACjB,+CAAuE;AAA9D,wGAAA,YAAY,OAAA;AACrB,gDAO6B;AAN3B,yGAAA,aAAa,OAAA;AACb,2GAAA,eAAe,OAAA;AAMjB,8CAI2B;AAHzB,yGAAA,aAAa,OAAA;AACb,wGAAA,YAAY,OAAA;AAId,wBAAwB;AACxB,kDAM6B;AAL3B,8GAAA,gBAAgB,OAAA;AAChB,oHAAA,sBAAsB,OAAA;AACtB,mHAAA,qBAAqB,OAAA;AACrB,gHAAA,kBAAkB,OAAA;AAIpB,2BAA2B;AAC3B,mDAM6B;AAL3B,oHAAA,qBAAqB,OAAA;AACrB,gHAAA,iBAAiB,OAAA;AACjB,4GAAA,aAAa,OAAA;AACb,8GAAA,eAAe,OAAA;AACf,iHAAA,kBAAkB,OAAA;AAGpB,gCAAgC;AAChC,iDAAkD;AAClD,kDAAoD;AACpD,gDAAkD;AAElD;;GAEG;AACH,SAAgB,gBAAgB,CAAC,OAGhC;IACC,MAAM,QAAQ,GAAG,IAAI,wBAAa,CAAC;QACjC,QAAQ,EAAE,OAAO,EAAE,YAAY;KAChC,CAAC,CAAC;IAEH,MAAM,OAAO,GAAG,IAAI,uBAAY,CAAC;QAC/B,kBAAkB,EAAE,OAAO,EAAE,kBAAkB,IAAI,IAAI;KACxD,CAAC,CAAC;IAEH,MAAM,aAAa,GAAG,IAAI,wBAAa,CAAC,EAAE,QAAQ,EAAE,CAAC,CAAC;IAEtD,OAAO;QACL,OAAO;QACP,QAAQ;QACR,aAAa;KACd,CAAC;AACJ,CAAC;AAED,iBAAiB;AACjB,
|
|
1
|
+
{"version":3,"file":"index.js","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":";AAAA;;;;;;;GAOG;;;;;;;;;;;;;;;;;AA+CH,4CAmBC;AAhED,eAAe;AACf,mDAAiC;AAEjC,iBAAiB;AACjB,+CAAuE;AAA9D,wGAAA,YAAY,OAAA;AACrB,gDAO6B;AAN3B,yGAAA,aAAa,OAAA;AACb,2GAAA,eAAe,OAAA;AAMjB,8CAI2B;AAHzB,yGAAA,aAAa,OAAA;AACb,wGAAA,YAAY,OAAA;AAId,wBAAwB;AACxB,kDAM6B;AAL3B,8GAAA,gBAAgB,OAAA;AAChB,oHAAA,sBAAsB,OAAA;AACtB,mHAAA,qBAAqB,OAAA;AACrB,gHAAA,kBAAkB,OAAA;AAIpB,2BAA2B;AAC3B,mDAM6B;AAL3B,oHAAA,qBAAqB,OAAA;AACrB,gHAAA,iBAAiB,OAAA;AACjB,4GAAA,aAAa,OAAA;AACb,8GAAA,eAAe,OAAA;AACf,iHAAA,kBAAkB,OAAA;AAGpB,gCAAgC;AAChC,iDAAkD;AAClD,kDAAoD;AACpD,gDAAkD;AAElD;;GAEG;AACH,SAAgB,gBAAgB,CAAC,OAGhC;IACC,MAAM,QAAQ,GAAG,IAAI,wBAAa,CAAC;QACjC,QAAQ,EAAE,OAAO,EAAE,YAAY;KAChC,CAAC,CAAC;IAEH,MAAM,OAAO,GAAG,IAAI,uBAAY,CAAC;QAC/B,kBAAkB,EAAE,OAAO,EAAE,kBAAkB,IAAI,IAAI;KACxD,CAAC,CAAC;IAEH,MAAM,aAAa,GAAG,IAAI,wBAAa,CAAC,EAAE,QAAQ,EAAE,CAAC,CAAC;IAEtD,OAAO;QACL,OAAO;QACP,QAAQ;QACR,aAAa;KACd,CAAC;AACJ,CAAC;AAED,iBAAiB;AACjB,kBAAe,gBAAgB,CAAC"}
|
package/dist/scanner/index.d.ts
CHANGED
|
@@ -34,6 +34,20 @@ export declare class SkillScanner {
|
|
|
34
34
|
* Map external finding type to our risk tags
|
|
35
35
|
*/
|
|
36
36
|
private mapExternalFindingToTag;
|
|
37
|
+
/**
|
|
38
|
+
* Extract fenced code blocks from Markdown content.
|
|
39
|
+
* Returns the code block contents joined, preserving line positions for reporting.
|
|
40
|
+
*/
|
|
41
|
+
private extractMarkdownCodeBlocks;
|
|
42
|
+
/**
|
|
43
|
+
* Extract and decode base64 strings from content.
|
|
44
|
+
* Returns decoded strings for re-scanning.
|
|
45
|
+
*/
|
|
46
|
+
private extractAndDecodeBase64;
|
|
47
|
+
/**
|
|
48
|
+
* Scan content against rules and collect evidence
|
|
49
|
+
*/
|
|
50
|
+
private scanContent;
|
|
37
51
|
/**
|
|
38
52
|
* Run built-in scanner
|
|
39
53
|
*/
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/scanner/index.ts"],"names":[],"mappings":"AAEA,OAAO,KAAK,EACV,WAAW,EACX,UAAU,EAEV,SAAS,EACT,OAAO,EACP,QAAQ,EACT,MAAM,qBAAqB,CAAC;AAK7B;;GAEG;AACH,MAAM,WAAW,cAAc;IAC7B,sDAAsD;IACtD,kBAAkB,CAAC,EAAE,OAAO,CAAC;IAC7B,2BAA2B;IAC3B,IAAI,CAAC,EAAE,OAAO,CAAC;IACf,0BAA0B;IAC1B,eAAe,CAAC,EAAE,QAAQ,EAAE,CAAC;CAC9B;AAED;;;GAGG;AACH,qBAAa,YAAY;IACvB,OAAO,CAAC,OAAO,CAAiB;IAChC,OAAO,CAAC,wBAAwB,CAAwB;gBAE5C,OAAO,GAAE,cAAmB;IAQxC;;OAEG;YACW,oBAAoB;IAuBlC;;OAEG;YACW,kBAAkB;IA+ChC;;OAEG;IACH,OAAO,CAAC,mBAAmB;IA8C3B;;OAEG;IACH,OAAO,CAAC,uBAAuB;IAqB/B;;OAEG;YACW,iBAAiB;
|
|
1
|
+
{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/scanner/index.ts"],"names":[],"mappings":"AAEA,OAAO,KAAK,EACV,WAAW,EACX,UAAU,EAEV,SAAS,EACT,OAAO,EACP,QAAQ,EACT,MAAM,qBAAqB,CAAC;AAK7B;;GAEG;AACH,MAAM,WAAW,cAAc;IAC7B,sDAAsD;IACtD,kBAAkB,CAAC,EAAE,OAAO,CAAC;IAC7B,2BAA2B;IAC3B,IAAI,CAAC,EAAE,OAAO,CAAC;IACf,0BAA0B;IAC1B,eAAe,CAAC,EAAE,QAAQ,EAAE,CAAC;CAC9B;AAED;;;GAGG;AACH,qBAAa,YAAY;IACvB,OAAO,CAAC,OAAO,CAAiB;IAChC,OAAO,CAAC,wBAAwB,CAAwB;gBAE5C,OAAO,GAAE,cAAmB;IAQxC;;OAEG;YACW,oBAAoB;IAuBlC;;OAEG;YACW,kBAAkB;IA+ChC;;OAEG;IACH,OAAO,CAAC,mBAAmB;IA8C3B;;OAEG;IACH,OAAO,CAAC,uBAAuB;IAqB/B;;;OAGG;IACH,OAAO,CAAC,yBAAyB;IAkBjC;;;OAGG;IACH,OAAO,CAAC,sBAAsB;IAmB9B;;OAEG;IACH,OAAO,CAAC,WAAW;IAmCnB;;OAEG;YACW,iBAAiB;IAyC/B;;OAEG;IACH,OAAO,CAAC,kBAAkB;IAqB1B;;OAEG;IACH,OAAO,CAAC,eAAe;IA0BvB;;OAEG;IACG,qBAAqB,CAAC,OAAO,EAAE,MAAM,GAAG,OAAO,CAAC,MAAM,CAAC;IAe7D;;OAEG;IACG,IAAI,CAAC,OAAO,EAAE,WAAW,GAAG,OAAO,CAAC,UAAU,CAAC;IAqCrD;;OAEG;IACG,SAAS,CAAC,OAAO,EAAE,MAAM,GAAG,OAAO,CAAC;QACxC,UAAU,EAAE,SAAS,CAAC;QACtB,SAAS,EAAE,OAAO,EAAE,CAAC;QACrB,OAAO,EAAE,MAAM,CAAC;KACjB,CAAC;CAoBH;AAGD,eAAO,MAAM,OAAO,cAAqB,CAAC"}
|
package/dist/scanner/index.js
CHANGED
|
@@ -181,6 +181,81 @@ class SkillScanner {
|
|
|
181
181
|
};
|
|
182
182
|
return mapping[externalType?.toLowerCase()] || null;
|
|
183
183
|
}
|
|
184
|
+
/**
|
|
185
|
+
* Extract fenced code blocks from Markdown content.
|
|
186
|
+
* Returns the code block contents joined, preserving line positions for reporting.
|
|
187
|
+
*/
|
|
188
|
+
extractMarkdownCodeBlocks(content) {
|
|
189
|
+
const lines = content.split('\n');
|
|
190
|
+
const result = [];
|
|
191
|
+
let inBlock = false;
|
|
192
|
+
for (const line of lines) {
|
|
193
|
+
if (/^```/.test(line)) {
|
|
194
|
+
inBlock = !inBlock;
|
|
195
|
+
result.push(''); // keep line count aligned
|
|
196
|
+
}
|
|
197
|
+
else if (inBlock) {
|
|
198
|
+
result.push(line);
|
|
199
|
+
}
|
|
200
|
+
else {
|
|
201
|
+
result.push(''); // outside code block: blank line to preserve numbering
|
|
202
|
+
}
|
|
203
|
+
}
|
|
204
|
+
return result.join('\n');
|
|
205
|
+
}
|
|
206
|
+
/**
|
|
207
|
+
* Extract and decode base64 strings from content.
|
|
208
|
+
* Returns decoded strings for re-scanning.
|
|
209
|
+
*/
|
|
210
|
+
extractAndDecodeBase64(content) {
|
|
211
|
+
const decoded = [];
|
|
212
|
+
// Match base64 strings (min 20 chars, typical encoding length)
|
|
213
|
+
const b64Regex = /(?:['"`]|base64[,\s]+)([A-Za-z0-9+/]{20,}={0,2})(?:['"`]|\s|$)/g;
|
|
214
|
+
let m;
|
|
215
|
+
while ((m = b64Regex.exec(content)) !== null) {
|
|
216
|
+
try {
|
|
217
|
+
const text = Buffer.from(m[1], 'base64').toString('utf-8');
|
|
218
|
+
// Only keep if the decoded result looks like text (not binary)
|
|
219
|
+
if (/^[\x20-\x7e\t\r\n]+$/.test(text) && text.length > 5) {
|
|
220
|
+
decoded.push(text);
|
|
221
|
+
}
|
|
222
|
+
}
|
|
223
|
+
catch {
|
|
224
|
+
// invalid base64 — skip
|
|
225
|
+
}
|
|
226
|
+
}
|
|
227
|
+
return decoded;
|
|
228
|
+
}
|
|
229
|
+
/**
|
|
230
|
+
* Scan content against rules and collect evidence
|
|
231
|
+
*/
|
|
232
|
+
scanContent(content, rules, filePath, riskTags, evidence, context) {
|
|
233
|
+
for (const rule of rules) {
|
|
234
|
+
for (const pattern of rule.patterns) {
|
|
235
|
+
const lines = content.split('\n');
|
|
236
|
+
for (let i = 0; i < lines.length; i++) {
|
|
237
|
+
const line = lines[i];
|
|
238
|
+
const match = line.match(pattern);
|
|
239
|
+
if (match) {
|
|
240
|
+
if (rule.validator && !rule.validator(content, match)) {
|
|
241
|
+
continue;
|
|
242
|
+
}
|
|
243
|
+
riskTags.add(rule.id);
|
|
244
|
+
const ev = {
|
|
245
|
+
tag: rule.id,
|
|
246
|
+
file: filePath,
|
|
247
|
+
line: i + 1,
|
|
248
|
+
match: match[0].slice(0, 100),
|
|
249
|
+
};
|
|
250
|
+
if (context) {
|
|
251
|
+
ev.context = context;
|
|
252
|
+
}
|
|
253
|
+
evidence.push(ev);
|
|
254
|
+
}
|
|
255
|
+
}
|
|
256
|
+
}
|
|
257
|
+
}
|
|
258
|
+
}
|
|
184
259
|
/**
|
|
185
260
|
* Run built-in scanner
|
|
186
261
|
*/
|
|
@@ -189,29 +264,19 @@ class SkillScanner {
|
|
|
189
264
|
const files = await (0, file_walker_js_1.walkDirectory)(dirPath);
|
|
190
265
|
const evidence = [];
|
|
191
266
|
const riskTags = new Set();
|
|
192
|
-
const allRules = [...index_js_1.ALL_RULES, ...(this.options.additionalRules || [])];
|
|
193
267
|
for (const file of files) {
|
|
194
268
|
const rules = (0, index_js_1.getRulesForExtension)(file.extension);
|
|
195
|
-
|
|
196
|
-
|
|
197
|
-
|
|
198
|
-
|
|
199
|
-
|
|
200
|
-
|
|
201
|
-
|
|
202
|
-
|
|
203
|
-
|
|
204
|
-
|
|
205
|
-
|
|
206
|
-
riskTags.add(rule.id);
|
|
207
|
-
evidence.push({
|
|
208
|
-
tag: rule.id,
|
|
209
|
-
file: file.relativePath,
|
|
210
|
-
line: i + 1,
|
|
211
|
-
match: match[0].slice(0, 100), // Truncate long matches
|
|
212
|
-
});
|
|
213
|
-
}
|
|
214
|
-
}
|
|
269
|
+
// For Markdown files: only scan inside fenced code blocks
|
|
270
|
+
const contentToScan = file.extension === '.md'
|
|
271
|
+
? this.extractMarkdownCodeBlocks(file.content)
|
|
272
|
+
: file.content;
|
|
273
|
+
this.scanContent(contentToScan, rules, file.relativePath, riskTags, evidence);
|
|
274
|
+
// Base64 decode pass: extract encoded payloads and re-scan
|
|
275
|
+
const decodedPayloads = this.extractAndDecodeBase64(file.content);
|
|
276
|
+
if (decodedPayloads.length > 0) {
|
|
277
|
+
const allRules = [...index_js_1.ALL_RULES, ...(this.options.additionalRules || [])];
|
|
278
|
+
for (const decoded of decodedPayloads) {
|
|
279
|
+
this.scanContent(decoded, allRules, file.relativePath, riskTags, evidence, 'decoded_from:base64');
|
|
215
280
|
}
|
|
216
281
|
}
|
|
217
282
|
}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.js","sourceRoot":"","sources":["../../src/scanner/index.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAAA,iDAAsC;AACtC,+CAAiC;AAUjC,qDAA0E;AAC1E,+CAAmE;AAcnE;;;GAGG;AACH,MAAa,YAAY;IACf,OAAO,CAAiB;IACxB,wBAAwB,GAAmB,IAAI,CAAC;IAExD,YAAY,UAA0B,EAAE;QACtC,IAAI,CAAC,OAAO,GAAG;YACb,kBAAkB,EAAE,IAAI;YACxB,IAAI,EAAE,KAAK;YACX,GAAG,OAAO;SACX,CAAC;IACJ,CAAC;IAED;;OAEG;IACK,KAAK,CAAC,oBAAoB;QAChC,IAAI,IAAI,CAAC,wBAAwB,KAAK,IAAI,EAAE,CAAC;YAC3C,OAAO,IAAI,CAAC,wBAAwB,CAAC;QACvC,CAAC;QAED,OAAO,IAAI,OAAO,CAAC,CAAC,OAAO,EAAE,EAAE;YAC7B,MAAM,IAAI,GAAG,IAAA,qBAAK,EAAC,eAAe,EAAE,CAAC,WAAW,CAAC,EAAE;gBACjD,KAAK,EAAE,IAAI;gBACX,KAAK,EAAE,MAAM;aACd,CAAC,CAAC;YAEH,IAAI,CAAC,EAAE,CAAC,OAAO,EAAE,GAAG,EAAE;gBACpB,IAAI,CAAC,wBAAwB,GAAG,KAAK,CAAC;gBACtC,OAAO,CAAC,KAAK,CAAC,CAAC;YACjB,CAAC,CAAC,CAAC;YAEH,IAAI,CAAC,EAAE,CAAC,OAAO,EAAE,CAAC,IAAI,EAAE,EAAE;gBACxB,IAAI,CAAC,wBAAwB,GAAG,IAAI,KAAK,CAAC,CAAC;gBAC3C,OAAO,CAAC,IAAI,KAAK,CAAC,CAAC,CAAC;YACtB,CAAC,CAAC,CAAC;QACL,CAAC,CAAC,CAAC;IACL,CAAC;IAED;;OAEG;IACK,KAAK,CAAC,kBAAkB,CAAC,OAAe;QAC9C,OAAO,IAAI,OAAO,CAAC,CAAC,OAAO,EAAE,EAAE;YAC7B,MAAM,IAAI,GAAG,CAAC,MAAM,EAAE,OAAO,EAAE,UAAU,EAAE,MAAM,CAAC,CAAC;YAEnD,IAAI,IAAI,CAAC,OAAO,CAAC,IAAI,EAAE,CAAC;gBACtB,IAAI,CAAC,IAAI,CAAC,kBAAkB,CAAC,CAAC;YAChC,CAAC;YAED,MAAM,IAAI,GAAG,IAAA,qBAAK,EAAC,eAAe,EAAE,IAAI,EAAE;gBACxC,KAAK,EAAE,IAAI;gBACX,KAAK,EAAE,CAAC,QAAQ,EAAE,MAAM,EAAE,MAAM,CAAC;aAClC,CAAC,CAAC;YAEH,IAAI,MAAM,GAAG,EAAE,CAAC;YAChB,IAAI,MAAM,GAAG,EAAE,CAAC;YAEhB,IAAI,CAAC,MAAM,EAAE,EAAE,CAAC,MAAM,EAAE,CAAC,IAAI,EAAE,EAAE;gBAC/B,MAAM,IAAI,IAAI,CAAC,QAAQ,EAAE,CAAC;YAC5B,CAAC,CAAC,CAAC;YAEH,IAAI,CAAC,MAAM,EAAE,EAAE,CAAC,MAAM,EAAE,CAAC,IAAI,EAAE,EAAE;gBAC/B,MAAM,IAAI,IAAI,CAAC,QAAQ,EAAE,CAAC;YAC5B,CAAC,CAAC,CAAC;YAEH,IAAI,CAAC,EAAE,CAAC,OAAO,EAAE,GAAG,EAAE;gBACpB,OAAO,CAAC,IAAI,CAAC,CAAC;YAChB,CAAC,CAAC,CAAC;YAEH,IAAI,CAAC,EAAE,CAAC,OAAO,EAAE,CAAC,IAAI,EAAE,EAAE;gBACxB,IAAI,IAAI,KAAK,CAAC,IAAI,IAAI,KAAK,CAAC,EAAE,CAAC;oBAC7B,iCAAiC;oBACjC,OAAO,CAAC,IAAI,CAAC,0BAA0B,EAAE,MAAM,CAAC,CAAC;oBACjD,OAAO,CAAC,IAAI,CAAC,CAAC;oBACd,OAAO;gBACT,CAAC;gBAED,IAAI,CAAC;oBACH,MAAM,MAAM,GAAG,IAAI,CAAC,mBAAmB,CAAC,MAAM,CAAC,CAAC;oBAChD,OAAO,CAAC,MAAM,CAAC,CAAC;gBAClB,CAAC;gBAAC,OAAO,GAAG,EAAE,CAAC;oBACb,OAAO,CAAC,IAAI,CAAC,0CAA0C,EAAE,GAAG,CAAC,CAAC;oBAC9D,OAAO,CAAC,IAAI,CAAC,CAAC;gBAChB,CAAC;YACH,CAAC,CAAC,CAAC;QACL,CAAC,CAAC,CAAC;IACL,CAAC;IAED;;OAEG;IACK,mBAAmB,CAAC,UAAkB;QAC5C,8DAA8D;QAC9D,MAAM,SAAS,GAAG,UAAU,CAAC,KAAK,CAAC,aAAa,CAAC,CAAC;QAClD,IAAI,CAAC,SAAS,EAAE,CAAC;YACf,MAAM,IAAI,KAAK,CAAC,yBAAyB,CAAC,CAAC;QAC7C,CAAC;QAED,MAAM,IAAI,GAAG,IAAI,CAAC,KAAK,CAAC,SAAS,CAAC,CAAC,CAAC,CAAC,CAAC;QAEtC,sCAAsC;QACtC,MAAM,QAAQ,GAAmB,EAAE,CAAC;QACpC,MAAM,QAAQ,GAAiB,IAAI,GAAG,EAAE,CAAC;QAEzC,IAAI,IAAI,CAAC,QAAQ,IAAI,KAAK,CAAC,OAAO,CAAC,IAAI,CAAC,QAAQ,CAAC,EAAE,CAAC;YAClD,KAAK,MAAM,OAAO,IAAI,IAAI,CAAC,QAAQ,EAAE,CAAC;gBACpC,oCAAoC;gBACpC,MAAM,GAAG,GAAG,IAAI,CAAC,uBAAuB,CAAC,OAAO,CAAC,IAAI,IAAI,OAAO,CAAC,QAAQ,CAAC,CAAC;gBAC3E,IAAI,GAAG,EAAE,CAAC;oBACR,QAAQ,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC;oBAClB,QAAQ,CAAC,IAAI,CAAC;wBACZ,GAAG;wBACH,IAAI,EAAE,OAAO,CAAC,IAAI,IAAI,OAAO,CAAC,QAAQ,EAAE,IAAI,IAAI,SAAS;wBACzD,IAAI,EAAE,OAAO,CAAC,IAAI,IAAI,OAAO,CAAC,QAAQ,EAAE,IAAI,IAAI,CAAC;wBACjD,KAAK,EAAE,OAAO,CAAC,KAAK,IAAI,OAAO,CAAC,WAAW,IAAI,EAAE;wBACjD,OAAO,EAAE,OAAO,CAAC,OAAO;qBACzB,CAAC,CAAC;gBACL,CAAC;YACH,CAAC;QACH,CAAC;QAED,uBAAuB;QACvB,MAAM,SAAS,GAAG,IAAI,CAAC,kBAAkB,CAAC,KAAK,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC,CAAC;QAEhE,OAAO;YACL,UAAU,EAAE,SAAS;YACrB,SAAS,EAAE,KAAK,CAAC,IAAI,CAAC,QAAQ,CAAC;YAC/B,QAAQ;YACR,OAAO,EAAE,IAAI,CAAC,OAAO,IAAI,SAAS,QAAQ,CAAC,MAAM,oBAAoB;YACrE,QAAQ,EAAE;gBACR,aAAa,EAAE,IAAI,CAAC,aAAa,IAAI,CAAC;gBACtC,gBAAgB,EAAE,IAAI,CAAC,WAAW,IAAI,CAAC;gBACvC,SAAS,EAAE,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE;aACpC;SACF,CAAC;IACJ,CAAC;IAED;;OAEG;IACK,uBAAuB,CAAC,YAAoB;QAClD,MAAM,OAAO,GAA4B;YACvC,mBAAmB,EAAE,YAAY;YACjC,gBAAgB,EAAE,YAAY;YAC9B,qBAAqB,EAAE,eAAe;YACtC,gBAAgB,EAAE,eAAe;YACjC,YAAY,EAAE,kBAAkB;YAChC,eAAe,EAAE,kBAAkB;YACnC,gBAAgB,EAAE,eAAe;YACjC,mBAAmB,EAAE,eAAe;YACpC,mBAAmB,EAAE,wBAAwB;YAC7C,eAAe,EAAE,eAAe;YAChC,aAAa,EAAE,aAAa;YAC5B,kBAAkB,EAAE,kBAAkB;YACtC,aAAa,EAAE,qBAAqB;YACpC,UAAU,EAAE,kBAAkB;SAC/B,CAAC;QAEF,OAAO,OAAO,CAAC,YAAY,EAAE,WAAW,EAAE,CAAC,IAAI,IAAI,CAAC;IACtD,CAAC;IAED;;OAEG;IACK,KAAK,CAAC,iBAAiB,CAAC,OAAe;QAC7C,MAAM,SAAS,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC;QAC7B,MAAM,KAAK,GAAG,MAAM,IAAA,8BAAa,EAAC,OAAO,CAAC,CAAC;QAC3C,MAAM,QAAQ,GAAmB,EAAE,CAAC;QACpC,MAAM,QAAQ,GAAiB,IAAI,GAAG,EAAE,CAAC;QAEzC,MAAM,QAAQ,GAAG,CAAC,GAAG,oBAAS,EAAE,GAAG,CAAC,IAAI,CAAC,OAAO,CAAC,eAAe,IAAI,EAAE,CAAC,CAAC,CAAC;QAEzE,KAAK,MAAM,IAAI,IAAI,KAAK,EAAE,CAAC;YACzB,MAAM,KAAK,GAAG,IAAA,+BAAoB,EAAC,IAAI,CAAC,SAAS,CAAC,CAAC;YAEnD,KAAK,MAAM,IAAI,IAAI,KAAK,EAAE,CAAC;gBACzB,KAAK,MAAM,OAAO,IAAI,IAAI,CAAC,QAAQ,EAAE,CAAC;oBACpC,MAAM,KAAK,GAAG,IAAI,CAAC,OAAO,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;oBAEvC,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,KAAK,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;wBACtC,MAAM,IAAI,GAAG,KAAK,CAAC,CAAC,CAAC,CAAC;wBACtB,MAAM,KAAK,GAAG,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC;wBAElC,IAAI,KAAK,EAAE,CAAC;4BACV,2BAA2B;4BAC3B,IAAI,IAAI,CAAC,SAAS,IAAI,CAAC,IAAI,CAAC,SAAS,CAAC,IAAI,CAAC,OAAO,EAAE,KAAK,CAAC,EAAE,CAAC;gCAC3D,SAAS;4BACX,CAAC;4BAED,QAAQ,CAAC,GAAG,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;4BACtB,QAAQ,CAAC,IAAI,CAAC;gCACZ,GAAG,EAAE,IAAI,CAAC,EAAE;gCACZ,IAAI,EAAE,IAAI,CAAC,YAAY;gCACvB,IAAI,EAAE,CAAC,GAAG,CAAC;gCACX,KAAK,EAAE,KAAK,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,EAAE,GAAG,CAAC,EAAE,wBAAwB;6BACxD,CAAC,CAAC;wBACL,CAAC;oBACH,CAAC;gBACH,CAAC;YACH,CAAC;QACH,CAAC;QAED,MAAM,SAAS,GAAG,IAAI,CAAC,kBAAkB,CAAC,KAAK,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC,CAAC;QAEhE,OAAO;YACL,UAAU,EAAE,SAAS;YACrB,SAAS,EAAE,KAAK,CAAC,IAAI,CAAC,QAAQ,CAAC;YAC/B,QAAQ;YACR,OAAO,EAAE,IAAI,CAAC,eAAe,CAAC,QAAQ,EAAE,QAAQ,CAAC;YACjD,QAAQ,EAAE;gBACR,aAAa,EAAE,KAAK,CAAC,MAAM;gBAC3B,gBAAgB,EAAE,IAAI,CAAC,GAAG,EAAE,GAAG,SAAS;gBACxC,SAAS,EAAE,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE;aACpC;SACF,CAAC;IACJ,CAAC;IAED;;OAEG;IACK,kBAAkB,CAAC,IAAe;QACxC,MAAM,QAAQ,GAAG,CAAC,GAAG,oBAAS,EAAE,GAAG,CAAC,IAAI,CAAC,OAAO,CAAC,eAAe,IAAI,EAAE,CAAC,CAAC,CAAC;QAEzE,KAAK,MAAM,GAAG,IAAI,IAAI,EAAE,CAAC;YACvB,MAAM,IAAI,GAAG,QAAQ,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,EAAE,KAAK,GAAG,CAAC,CAAC;YAChD,IAAI,IAAI,EAAE,QAAQ,KAAK,UAAU;gBAAE,OAAO,UAAU,CAAC;QACvD,CAAC;QAED,KAAK,MAAM,GAAG,IAAI,IAAI,EAAE,CAAC;YACvB,MAAM,IAAI,GAAG,QAAQ,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,EAAE,KAAK,GAAG,CAAC,CAAC;YAChD,IAAI,IAAI,EAAE,QAAQ,KAAK,MAAM;gBAAE,OAAO,MAAM,CAAC;QAC/C,CAAC;QAED,KAAK,MAAM,GAAG,IAAI,IAAI,EAAE,CAAC;YACvB,MAAM,IAAI,GAAG,QAAQ,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,EAAE,KAAK,GAAG,CAAC,CAAC;YAChD,IAAI,IAAI,EAAE,QAAQ,KAAK,QAAQ;gBAAE,OAAO,QAAQ,CAAC;QACnD,CAAC;QAED,OAAO,KAAK,CAAC;IACf,CAAC;IAED;;OAEG;IACK,eAAe,CAAC,IAAkB,EAAE,QAAwB;QAClE,IAAI,IAAI,CAAC,IAAI,KAAK,CAAC,EAAE,CAAC;YACpB,OAAO,6BAA6B,CAAC;QACvC,CAAC;QAED,MAAM,KAAK,GAAa,EAAE,CAAC;QAE3B,IAAI,IAAI,CAAC,GAAG,CAAC,YAAY,CAAC,IAAI,IAAI,CAAC,GAAG,CAAC,eAAe,CAAC,EAAE,CAAC;YACxD,KAAK,CAAC,IAAI,CAAC,6BAA6B,CAAC,CAAC;QAC5C,CAAC;QACD,IAAI,IAAI,CAAC,GAAG,CAAC,qBAAqB,CAAC,IAAI,IAAI,CAAC,GAAG,CAAC,kBAAkB,CAAC,EAAE,CAAC;YACpE,KAAK,CAAC,IAAI,CAAC,mBAAmB,CAAC,CAAC;QAClC,CAAC;QACD,IAAI,IAAI,CAAC,GAAG,CAAC,kBAAkB,CAAC,EAAE,CAAC;YACjC,KAAK,CAAC,IAAI,CAAC,2BAA2B,CAAC,CAAC;QAC1C,CAAC;QACD,IAAI,IAAI,CAAC,GAAG,CAAC,iBAAiB,CAAC,IAAI,IAAI,CAAC,GAAG,CAAC,oBAAoB,CAAC,EAAE,CAAC;YAClE,KAAK,CAAC,IAAI,CAAC,yBAAyB,CAAC,CAAC;QACxC,CAAC;QACD,IAAI,IAAI,CAAC,GAAG,CAAC,eAAe,CAAC,IAAI,IAAI,CAAC,GAAG,CAAC,wBAAwB,CAAC,EAAE,CAAC;YACpE,KAAK,CAAC,IAAI,CAAC,yBAAyB,CAAC,CAAC;QACxC,CAAC;QAED,OAAO,SAAS,QAAQ,CAAC,MAAM,cAAc,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,IAAI,2BAA2B,EAAE,CAAC;IACjG,CAAC;IAED;;OAEG;IACH,KAAK,CAAC,qBAAqB,CAAC,OAAe;QACzC,MAAM,KAAK,GAAG,MAAM,IAAA,8BAAa,EAAC,OAAO,CAAC,CAAC;QAC3C,MAAM,IAAI,GAAG,MAAM,CAAC,UAAU,CAAC,QAAQ,CAAC,CAAC;QAEzC,oCAAoC;QACpC,KAAK,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,YAAY,CAAC,aAAa,CAAC,CAAC,CAAC,YAAY,CAAC,CAAC,CAAC;QAEnE,KAAK,MAAM,IAAI,IAAI,KAAK,EAAE,CAAC;YACzB,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,YAAY,CAAC,CAAC;YAC/B,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC;QAC5B,CAAC;QAED,OAAO,UAAU,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,EAAE,CAAC;IACxC,CAAC;IAED;;OAEG;IACH,KAAK,CAAC,IAAI,CAAC,OAAoB;QAC7B,MAAM,EAAE,KAAK,EAAE,OAAO,EAAE,WAAW,EAAE,OAAO,EAAE,GAAG,OAAO,CAAC;QAEzD,mBAAmB;QACnB,IAAI,WAAW,CAAC,IAAI,KAAK,KAAK,EAAE,CAAC;YAC/B,2CAA2C;YAC3C,iCAAiC;YACjC,MAAM,IAAI,KAAK,CAAC,6BAA6B,WAAW,CAAC,IAAI,4BAA4B,CAAC,CAAC;QAC7F,CAAC;QAED,MAAM,OAAO,GAAG,WAAW,CAAC,GAAG,CAAC,OAAO,CAAC,SAAS,EAAE,EAAE,CAAC,CAAC;QAEvD,4BAA4B;QAC5B,IAAI,CAAC,CAAC,MAAM,IAAA,2BAAU,EAAC,OAAO,CAAC,CAAC,EAAE,CAAC;YACjC,MAAM,IAAI,KAAK,CAAC,wBAAwB,OAAO,EAAE,CAAC,CAAC;QACrD,CAAC;QAED,IAAI,CAAC,CAAC,MAAM,IAAA,4BAAW,EAAC,OAAO,CAAC,CAAC,EAAE,CAAC;YAClC,MAAM,IAAI,KAAK,CAAC,4BAA4B,OAAO,EAAE,CAAC,CAAC;QACzD,CAAC;QAED,wCAAwC;QACxC,IAAI,IAAI,CAAC,OAAO,CAAC,kBAAkB,EAAE,CAAC;YACpC,MAAM,iBAAiB,GAAG,MAAM,IAAI,CAAC,oBAAoB,EAAE,CAAC;YAE5D,IAAI,iBAAiB,EAAE,CAAC;gBACtB,MAAM,cAAc,GAAG,MAAM,IAAI,CAAC,kBAAkB,CAAC,OAAO,CAAC,CAAC;gBAC9D,IAAI,cAAc,EAAE,CAAC;oBACnB,OAAO,cAAc,CAAC;gBACxB,CAAC;YACH,CAAC;QACH,CAAC;QAED,gCAAgC;QAChC,OAAO,IAAI,CAAC,iBAAiB,CAAC,OAAO,CAAC,CAAC;IACzC,CAAC;IAED;;OAEG;IACH,KAAK,CAAC,SAAS,CAAC,OAAe;QAK7B,MAAM,IAAI,GAAG,MAAM,IAAI,CAAC,qBAAqB,CAAC,OAAO,CAAC,CAAC;QACvD,MAAM,KAAK,GAAkB;YAC3B,EAAE,EAAE,SAAS;YACb,MAAM,EAAE,OAAO;YACf,WAAW,EAAE,SAAS;YACtB,aAAa,EAAE,IAAI;SACpB,CAAC;QAEF,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,IAAI,CAAC;YAC7B,KAAK;YACL,OAAO,EAAE,EAAE,IAAI,EAAE,KAAK,EAAE,GAAG,EAAE,OAAO,EAAE;SACvC,CAAC,CAAC;QAEH,OAAO;YACL,UAAU,EAAE,MAAM,CAAC,UAAU;YAC7B,SAAS,EAAE,MAAM,CAAC,SAAS;YAC3B,OAAO,EAAE,MAAM,CAAC,OAAO;SACxB,CAAC;IACJ,CAAC;CACF;AAnWD,oCAmWC;AAED,4BAA4B;AACf,QAAA,OAAO,GAAG,IAAI,YAAY,EAAE,CAAC"}
|
|
1
|
+
{"version":3,"file":"index.js","sourceRoot":"","sources":["../../src/scanner/index.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAAA,iDAAsC;AACtC,+CAAiC;AAUjC,qDAA0E;AAC1E,+CAAmE;AAcnE;;;GAGG;AACH,MAAa,YAAY;IACf,OAAO,CAAiB;IACxB,wBAAwB,GAAmB,IAAI,CAAC;IAExD,YAAY,UAA0B,EAAE;QACtC,IAAI,CAAC,OAAO,GAAG;YACb,kBAAkB,EAAE,IAAI;YACxB,IAAI,EAAE,KAAK;YACX,GAAG,OAAO;SACX,CAAC;IACJ,CAAC;IAED;;OAEG;IACK,KAAK,CAAC,oBAAoB;QAChC,IAAI,IAAI,CAAC,wBAAwB,KAAK,IAAI,EAAE,CAAC;YAC3C,OAAO,IAAI,CAAC,wBAAwB,CAAC;QACvC,CAAC;QAED,OAAO,IAAI,OAAO,CAAC,CAAC,OAAO,EAAE,EAAE;YAC7B,MAAM,IAAI,GAAG,IAAA,qBAAK,EAAC,eAAe,EAAE,CAAC,WAAW,CAAC,EAAE;gBACjD,KAAK,EAAE,IAAI;gBACX,KAAK,EAAE,MAAM;aACd,CAAC,CAAC;YAEH,IAAI,CAAC,EAAE,CAAC,OAAO,EAAE,GAAG,EAAE;gBACpB,IAAI,CAAC,wBAAwB,GAAG,KAAK,CAAC;gBACtC,OAAO,CAAC,KAAK,CAAC,CAAC;YACjB,CAAC,CAAC,CAAC;YAEH,IAAI,CAAC,EAAE,CAAC,OAAO,EAAE,CAAC,IAAI,EAAE,EAAE;gBACxB,IAAI,CAAC,wBAAwB,GAAG,IAAI,KAAK,CAAC,CAAC;gBAC3C,OAAO,CAAC,IAAI,KAAK,CAAC,CAAC,CAAC;YACtB,CAAC,CAAC,CAAC;QACL,CAAC,CAAC,CAAC;IACL,CAAC;IAED;;OAEG;IACK,KAAK,CAAC,kBAAkB,CAAC,OAAe;QAC9C,OAAO,IAAI,OAAO,CAAC,CAAC,OAAO,EAAE,EAAE;YAC7B,MAAM,IAAI,GAAG,CAAC,MAAM,EAAE,OAAO,EAAE,UAAU,EAAE,MAAM,CAAC,CAAC;YAEnD,IAAI,IAAI,CAAC,OAAO,CAAC,IAAI,EAAE,CAAC;gBACtB,IAAI,CAAC,IAAI,CAAC,kBAAkB,CAAC,CAAC;YAChC,CAAC;YAED,MAAM,IAAI,GAAG,IAAA,qBAAK,EAAC,eAAe,EAAE,IAAI,EAAE;gBACxC,KAAK,EAAE,IAAI;gBACX,KAAK,EAAE,CAAC,QAAQ,EAAE,MAAM,EAAE,MAAM,CAAC;aAClC,CAAC,CAAC;YAEH,IAAI,MAAM,GAAG,EAAE,CAAC;YAChB,IAAI,MAAM,GAAG,EAAE,CAAC;YAEhB,IAAI,CAAC,MAAM,EAAE,EAAE,CAAC,MAAM,EAAE,CAAC,IAAI,EAAE,EAAE;gBAC/B,MAAM,IAAI,IAAI,CAAC,QAAQ,EAAE,CAAC;YAC5B,CAAC,CAAC,CAAC;YAEH,IAAI,CAAC,MAAM,EAAE,EAAE,CAAC,MAAM,EAAE,CAAC,IAAI,EAAE,EAAE;gBAC/B,MAAM,IAAI,IAAI,CAAC,QAAQ,EAAE,CAAC;YAC5B,CAAC,CAAC,CAAC;YAEH,IAAI,CAAC,EAAE,CAAC,OAAO,EAAE,GAAG,EAAE;gBACpB,OAAO,CAAC,IAAI,CAAC,CAAC;YAChB,CAAC,CAAC,CAAC;YAEH,IAAI,CAAC,EAAE,CAAC,OAAO,EAAE,CAAC,IAAI,EAAE,EAAE;gBACxB,IAAI,IAAI,KAAK,CAAC,IAAI,IAAI,KAAK,CAAC,EAAE,CAAC;oBAC7B,iCAAiC;oBACjC,OAAO,CAAC,IAAI,CAAC,0BAA0B,EAAE,MAAM,CAAC,CAAC;oBACjD,OAAO,CAAC,IAAI,CAAC,CAAC;oBACd,OAAO;gBACT,CAAC;gBAED,IAAI,CAAC;oBACH,MAAM,MAAM,GAAG,IAAI,CAAC,mBAAmB,CAAC,MAAM,CAAC,CAAC;oBAChD,OAAO,CAAC,MAAM,CAAC,CAAC;gBAClB,CAAC;gBAAC,OAAO,GAAG,EAAE,CAAC;oBACb,OAAO,CAAC,IAAI,CAAC,0CAA0C,EAAE,GAAG,CAAC,CAAC;oBAC9D,OAAO,CAAC,IAAI,CAAC,CAAC;gBAChB,CAAC;YACH,CAAC,CAAC,CAAC;QACL,CAAC,CAAC,CAAC;IACL,CAAC;IAED;;OAEG;IACK,mBAAmB,CAAC,UAAkB;QAC5C,8DAA8D;QAC9D,MAAM,SAAS,GAAG,UAAU,CAAC,KAAK,CAAC,aAAa,CAAC,CAAC;QAClD,IAAI,CAAC,SAAS,EAAE,CAAC;YACf,MAAM,IAAI,KAAK,CAAC,yBAAyB,CAAC,CAAC;QAC7C,CAAC;QAED,MAAM,IAAI,GAAG,IAAI,CAAC,KAAK,CAAC,SAAS,CAAC,CAAC,CAAC,CAAC,CAAC;QAEtC,sCAAsC;QACtC,MAAM,QAAQ,GAAmB,EAAE,CAAC;QACpC,MAAM,QAAQ,GAAiB,IAAI,GAAG,EAAE,CAAC;QAEzC,IAAI,IAAI,CAAC,QAAQ,IAAI,KAAK,CAAC,OAAO,CAAC,IAAI,CAAC,QAAQ,CAAC,EAAE,CAAC;YAClD,KAAK,MAAM,OAAO,IAAI,IAAI,CAAC,QAAQ,EAAE,CAAC;gBACpC,oCAAoC;gBACpC,MAAM,GAAG,GAAG,IAAI,CAAC,uBAAuB,CAAC,OAAO,CAAC,IAAI,IAAI,OAAO,CAAC,QAAQ,CAAC,CAAC;gBAC3E,IAAI,GAAG,EAAE,CAAC;oBACR,QAAQ,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC;oBAClB,QAAQ,CAAC,IAAI,CAAC;wBACZ,GAAG;wBACH,IAAI,EAAE,OAAO,CAAC,IAAI,IAAI,OAAO,CAAC,QAAQ,EAAE,IAAI,IAAI,SAAS;wBACzD,IAAI,EAAE,OAAO,CAAC,IAAI,IAAI,OAAO,CAAC,QAAQ,EAAE,IAAI,IAAI,CAAC;wBACjD,KAAK,EAAE,OAAO,CAAC,KAAK,IAAI,OAAO,CAAC,WAAW,IAAI,EAAE;wBACjD,OAAO,EAAE,OAAO,CAAC,OAAO;qBACzB,CAAC,CAAC;gBACL,CAAC;YACH,CAAC;QACH,CAAC;QAED,uBAAuB;QACvB,MAAM,SAAS,GAAG,IAAI,CAAC,kBAAkB,CAAC,KAAK,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC,CAAC;QAEhE,OAAO;YACL,UAAU,EAAE,SAAS;YACrB,SAAS,EAAE,KAAK,CAAC,IAAI,CAAC,QAAQ,CAAC;YAC/B,QAAQ;YACR,OAAO,EAAE,IAAI,CAAC,OAAO,IAAI,SAAS,QAAQ,CAAC,MAAM,oBAAoB;YACrE,QAAQ,EAAE;gBACR,aAAa,EAAE,IAAI,CAAC,aAAa,IAAI,CAAC;gBACtC,gBAAgB,EAAE,IAAI,CAAC,WAAW,IAAI,CAAC;gBACvC,SAAS,EAAE,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE;aACpC;SACF,CAAC;IACJ,CAAC;IAED;;OAEG;IACK,uBAAuB,CAAC,YAAoB;QAClD,MAAM,OAAO,GAA4B;YACvC,mBAAmB,EAAE,YAAY;YACjC,gBAAgB,EAAE,YAAY;YAC9B,qBAAqB,EAAE,eAAe;YACtC,gBAAgB,EAAE,eAAe;YACjC,YAAY,EAAE,kBAAkB;YAChC,eAAe,EAAE,kBAAkB;YACnC,gBAAgB,EAAE,eAAe;YACjC,mBAAmB,EAAE,eAAe;YACpC,mBAAmB,EAAE,wBAAwB;YAC7C,eAAe,EAAE,eAAe;YAChC,aAAa,EAAE,aAAa;YAC5B,kBAAkB,EAAE,kBAAkB;YACtC,aAAa,EAAE,qBAAqB;YACpC,UAAU,EAAE,kBAAkB;SAC/B,CAAC;QAEF,OAAO,OAAO,CAAC,YAAY,EAAE,WAAW,EAAE,CAAC,IAAI,IAAI,CAAC;IACtD,CAAC;IAED;;;OAGG;IACK,yBAAyB,CAAC,OAAe;QAC/C,MAAM,KAAK,GAAG,OAAO,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;QAClC,MAAM,MAAM,GAAa,EAAE,CAAC;QAC5B,IAAI,OAAO,GAAG,KAAK,CAAC;QAEpB,KAAK,MAAM,IAAI,IAAI,KAAK,EAAE,CAAC;YACzB,IAAI,MAAM,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC;gBACtB,OAAO,GAAG,CAAC,OAAO,CAAC;gBACnB,MAAM,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC,CAAC,0BAA0B;YAC7C,CAAC;iBAAM,IAAI,OAAO,EAAE,CAAC;gBACnB,MAAM,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;YACpB,CAAC;iBAAM,CAAC;gBACN,MAAM,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC,CAAC,uDAAuD;YAC1E,CAAC;QACH,CAAC;QACD,OAAO,MAAM,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;IAC3B,CAAC;IAED;;;OAGG;IACK,sBAAsB,CAAC,OAAe;QAC5C,MAAM,OAAO,GAAa,EAAE,CAAC;QAC7B,+DAA+D;QAC/D,MAAM,QAAQ,GAAG,iEAAiE,CAAC;QACnF,IAAI,CAAyB,CAAC;QAC9B,OAAO,CAAC,CAAC,GAAG,QAAQ,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC,KAAK,IAAI,EAAE,CAAC;YAC7C,IAAI,CAAC;gBACH,MAAM,IAAI,GAAG,MAAM,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,CAAC,EAAE,QAAQ,CAAC,CAAC,QAAQ,CAAC,OAAO,CAAC,CAAC;gBAC3D,+DAA+D;gBAC/D,IAAI,sBAAsB,CAAC,IAAI,CAAC,IAAI,CAAC,IAAI,IAAI,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;oBACzD,OAAO,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;gBACrB,CAAC;YACH,CAAC;YAAC,MAAM,CAAC;gBACP,wBAAwB;YAC1B,CAAC;QACH,CAAC;QACD,OAAO,OAAO,CAAC;IACjB,CAAC;IAED;;OAEG;IACK,WAAW,CACjB,OAAe,EACf,KAAiB,EACjB,QAAgB,EAChB,QAAsB,EACtB,QAAwB,EACxB,OAAgB;QAEhB,KAAK,MAAM,IAAI,IAAI,KAAK,EAAE,CAAC;YACzB,KAAK,MAAM,OAAO,IAAI,IAAI,CAAC,QAAQ,EAAE,CAAC;gBACpC,MAAM,KAAK,GAAG,OAAO,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;gBAClC,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,KAAK,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;oBACtC,MAAM,IAAI,GAAG,KAAK,CAAC,CAAC,CAAC,CAAC;oBACtB,MAAM,KAAK,GAAG,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC;oBAClC,IAAI,KAAK,EAAE,CAAC;wBACV,IAAI,IAAI,CAAC,SAAS,IAAI,CAAC,IAAI,CAAC,SAAS,CAAC,OAAO,EAAE,KAAK,CAAC,EAAE,CAAC;4BACtD,SAAS;wBACX,CAAC;wBACD,QAAQ,CAAC,GAAG,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;wBACtB,MAAM,EAAE,GAAiB;4BACvB,GAAG,EAAE,IAAI,CAAC,EAAE;4BACZ,IAAI,EAAE,QAAQ;4BACd,IAAI,EAAE,CAAC,GAAG,CAAC;4BACX,KAAK,EAAE,KAAK,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,EAAE,GAAG,CAAC;yBAC9B,CAAC;wBACF,IAAI,OAAO,EAAE,CAAC;4BACZ,EAAE,CAAC,OAAO,GAAG,OAAO,CAAC;wBACvB,CAAC;wBACD,QAAQ,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;oBACpB,CAAC;gBACH,CAAC;YACH,CAAC;QACH,CAAC;IACH,CAAC;IAED;;OAEG;IACK,KAAK,CAAC,iBAAiB,CAAC,OAAe;QAC7C,MAAM,SAAS,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC;QAC7B,MAAM,KAAK,GAAG,MAAM,IAAA,8BAAa,EAAC,OAAO,CAAC,CAAC;QAC3C,MAAM,QAAQ,GAAmB,EAAE,CAAC;QACpC,MAAM,QAAQ,GAAiB,IAAI,GAAG,EAAE,CAAC;QAEzC,KAAK,MAAM,IAAI,IAAI,KAAK,EAAE,CAAC;YACzB,MAAM,KAAK,GAAG,IAAA,+BAAoB,EAAC,IAAI,CAAC,SAAS,CAAC,CAAC;YAEnD,0DAA0D;YAC1D,MAAM,aAAa,GAAG,IAAI,CAAC,SAAS,KAAK,KAAK;gBAC5C,CAAC,CAAC,IAAI,CAAC,yBAAyB,CAAC,IAAI,CAAC,OAAO,CAAC;gBAC9C,CAAC,CAAC,IAAI,CAAC,OAAO,CAAC;YAEjB,IAAI,CAAC,WAAW,CAAC,aAAa,EAAE,KAAK,EAAE,IAAI,CAAC,YAAY,EAAE,QAAQ,EAAE,QAAQ,CAAC,CAAC;YAE9E,2DAA2D;YAC3D,MAAM,eAAe,GAAG,IAAI,CAAC,sBAAsB,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC;YAClE,IAAI,eAAe,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;gBAC/B,MAAM,QAAQ,GAAG,CAAC,GAAG,oBAAS,EAAE,GAAG,CAAC,IAAI,CAAC,OAAO,CAAC,eAAe,IAAI,EAAE,CAAC,CAAC,CAAC;gBACzE,KAAK,MAAM,OAAO,IAAI,eAAe,EAAE,CAAC;oBACtC,IAAI,CAAC,WAAW,CAAC,OAAO,EAAE,QAAQ,EAAE,IAAI,CAAC,YAAY,EAAE,QAAQ,EAAE,QAAQ,EAAE,qBAAqB,CAAC,CAAC;gBACpG,CAAC;YACH,CAAC;QACH,CAAC;QAED,MAAM,SAAS,GAAG,IAAI,CAAC,kBAAkB,CAAC,KAAK,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC,CAAC;QAEhE,OAAO;YACL,UAAU,EAAE,SAAS;YACrB,SAAS,EAAE,KAAK,CAAC,IAAI,CAAC,QAAQ,CAAC;YAC/B,QAAQ;YACR,OAAO,EAAE,IAAI,CAAC,eAAe,CAAC,QAAQ,EAAE,QAAQ,CAAC;YACjD,QAAQ,EAAE;gBACR,aAAa,EAAE,KAAK,CAAC,MAAM;gBAC3B,gBAAgB,EAAE,IAAI,CAAC,GAAG,EAAE,GAAG,SAAS;gBACxC,SAAS,EAAE,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE;aACpC;SACF,CAAC;IACJ,CAAC;IAED;;OAEG;IACK,kBAAkB,CAAC,IAAe;QACxC,MAAM,QAAQ,GAAG,CAAC,GAAG,oBAAS,EAAE,GAAG,CAAC,IAAI,CAAC,OAAO,CAAC,eAAe,IAAI,EAAE,CAAC,CAAC,CAAC;QAEzE,KAAK,MAAM,GAAG,IAAI,IAAI,EAAE,CAAC;YACvB,MAAM,IAAI,GAAG,QAAQ,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,EAAE,KAAK,GAAG,CAAC,CAAC;YAChD,IAAI,IAAI,EAAE,QAAQ,KAAK,UAAU;gBAAE,OAAO,UAAU,CAAC;QACvD,CAAC;QAED,KAAK,MAAM,GAAG,IAAI,IAAI,EAAE,CAAC;YACvB,MAAM,IAAI,GAAG,QAAQ,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,EAAE,KAAK,GAAG,CAAC,CAAC;YAChD,IAAI,IAAI,EAAE,QAAQ,KAAK,MAAM;gBAAE,OAAO,MAAM,CAAC;QAC/C,CAAC;QAED,KAAK,MAAM,GAAG,IAAI,IAAI,EAAE,CAAC;YACvB,MAAM,IAAI,GAAG,QAAQ,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,EAAE,KAAK,GAAG,CAAC,CAAC;YAChD,IAAI,IAAI,EAAE,QAAQ,KAAK,QAAQ;gBAAE,OAAO,QAAQ,CAAC;QACnD,CAAC;QAED,OAAO,KAAK,CAAC;IACf,CAAC;IAED;;OAEG;IACK,eAAe,CAAC,IAAkB,EAAE,QAAwB;QAClE,IAAI,IAAI,CAAC,IAAI,KAAK,CAAC,EAAE,CAAC;YACpB,OAAO,6BAA6B,CAAC;QACvC,CAAC;QAED,MAAM,KAAK,GAAa,EAAE,CAAC;QAE3B,IAAI,IAAI,CAAC,GAAG,CAAC,YAAY,CAAC,IAAI,IAAI,CAAC,GAAG,CAAC,eAAe,CAAC,EAAE,CAAC;YACxD,KAAK,CAAC,IAAI,CAAC,6BAA6B,CAAC,CAAC;QAC5C,CAAC;QACD,IAAI,IAAI,CAAC,GAAG,CAAC,qBAAqB,CAAC,IAAI,IAAI,CAAC,GAAG,CAAC,kBAAkB,CAAC,EAAE,CAAC;YACpE,KAAK,CAAC,IAAI,CAAC,mBAAmB,CAAC,CAAC;QAClC,CAAC;QACD,IAAI,IAAI,CAAC,GAAG,CAAC,kBAAkB,CAAC,EAAE,CAAC;YACjC,KAAK,CAAC,IAAI,CAAC,2BAA2B,CAAC,CAAC;QAC1C,CAAC;QACD,IAAI,IAAI,CAAC,GAAG,CAAC,iBAAiB,CAAC,IAAI,IAAI,CAAC,GAAG,CAAC,oBAAoB,CAAC,EAAE,CAAC;YAClE,KAAK,CAAC,IAAI,CAAC,yBAAyB,CAAC,CAAC;QACxC,CAAC;QACD,IAAI,IAAI,CAAC,GAAG,CAAC,eAAe,CAAC,IAAI,IAAI,CAAC,GAAG,CAAC,wBAAwB,CAAC,EAAE,CAAC;YACpE,KAAK,CAAC,IAAI,CAAC,yBAAyB,CAAC,CAAC;QACxC,CAAC;QAED,OAAO,SAAS,QAAQ,CAAC,MAAM,cAAc,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,IAAI,2BAA2B,EAAE,CAAC;IACjG,CAAC;IAED;;OAEG;IACH,KAAK,CAAC,qBAAqB,CAAC,OAAe;QACzC,MAAM,KAAK,GAAG,MAAM,IAAA,8BAAa,EAAC,OAAO,CAAC,CAAC;QAC3C,MAAM,IAAI,GAAG,MAAM,CAAC,UAAU,CAAC,QAAQ,CAAC,CAAC;QAEzC,oCAAoC;QACpC,KAAK,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,YAAY,CAAC,aAAa,CAAC,CAAC,CAAC,YAAY,CAAC,CAAC,CAAC;QAEnE,KAAK,MAAM,IAAI,IAAI,KAAK,EAAE,CAAC;YACzB,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,YAAY,CAAC,CAAC;YAC/B,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC;QAC5B,CAAC;QAED,OAAO,UAAU,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,EAAE,CAAC;IACxC,CAAC;IAED;;OAEG;IACH,KAAK,CAAC,IAAI,CAAC,OAAoB;QAC7B,MAAM,EAAE,KAAK,EAAE,OAAO,EAAE,WAAW,EAAE,OAAO,EAAE,GAAG,OAAO,CAAC;QAEzD,mBAAmB;QACnB,IAAI,WAAW,CAAC,IAAI,KAAK,KAAK,EAAE,CAAC;YAC/B,2CAA2C;YAC3C,iCAAiC;YACjC,MAAM,IAAI,KAAK,CAAC,6BAA6B,WAAW,CAAC,IAAI,4BAA4B,CAAC,CAAC;QAC7F,CAAC;QAED,MAAM,OAAO,GAAG,WAAW,CAAC,GAAG,CAAC,OAAO,CAAC,SAAS,EAAE,EAAE,CAAC,CAAC;QAEvD,4BAA4B;QAC5B,IAAI,CAAC,CAAC,MAAM,IAAA,2BAAU,EAAC,OAAO,CAAC,CAAC,EAAE,CAAC;YACjC,MAAM,IAAI,KAAK,CAAC,wBAAwB,OAAO,EAAE,CAAC,CAAC;QACrD,CAAC;QAED,IAAI,CAAC,CAAC,MAAM,IAAA,4BAAW,EAAC,OAAO,CAAC,CAAC,EAAE,CAAC;YAClC,MAAM,IAAI,KAAK,CAAC,4BAA4B,OAAO,EAAE,CAAC,CAAC;QACzD,CAAC;QAED,wCAAwC;QACxC,IAAI,IAAI,CAAC,OAAO,CAAC,kBAAkB,EAAE,CAAC;YACpC,MAAM,iBAAiB,GAAG,MAAM,IAAI,CAAC,oBAAoB,EAAE,CAAC;YAE5D,IAAI,iBAAiB,EAAE,CAAC;gBACtB,MAAM,cAAc,GAAG,MAAM,IAAI,CAAC,kBAAkB,CAAC,OAAO,CAAC,CAAC;gBAC9D,IAAI,cAAc,EAAE,CAAC;oBACnB,OAAO,cAAc,CAAC;gBACxB,CAAC;YACH,CAAC;QACH,CAAC;QAED,gCAAgC;QAChC,OAAO,IAAI,CAAC,iBAAiB,CAAC,OAAO,CAAC,CAAC;IACzC,CAAC;IAED;;OAEG;IACH,KAAK,CAAC,SAAS,CAAC,OAAe;QAK7B,MAAM,IAAI,GAAG,MAAM,IAAI,CAAC,qBAAqB,CAAC,OAAO,CAAC,CAAC;QACvD,MAAM,KAAK,GAAkB;YAC3B,EAAE,EAAE,SAAS;YACb,MAAM,EAAE,OAAO;YACf,WAAW,EAAE,SAAS;YACtB,aAAa,EAAE,IAAI;SACpB,CAAC;QAEF,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,IAAI,CAAC;YAC7B,KAAK;YACL,OAAO,EAAE,EAAE,IAAI,EAAE,KAAK,EAAE,GAAG,EAAE,OAAO,EAAE;SACvC,CAAC,CAAC;QAEH,OAAO;YACL,UAAU,EAAE,MAAM,CAAC,UAAU;YAC7B,SAAS,EAAE,MAAM,CAAC,SAAS;YAC3B,OAAO,EAAE,MAAM,CAAC,OAAO;SACxB,CAAC;IACJ,CAAC;CACF;AA1aD,oCA0aC;AAED,4BAA4B;AACf,QAAA,OAAO,GAAG,IAAI,YAAY,EAAE,CAAC"}
|
|
@@ -9,7 +9,7 @@ exports.EXFILTRATION_RULES = [
|
|
|
9
9
|
id: 'NET_EXFIL_UNRESTRICTED',
|
|
10
10
|
description: 'Detects unrestricted network data exfiltration',
|
|
11
11
|
severity: 'high',
|
|
12
|
-
file_patterns: ['*.js', '*.ts', '*.mjs', '*.py'],
|
|
12
|
+
file_patterns: ['*.js', '*.ts', '*.mjs', '*.py', '*.md'],
|
|
13
13
|
patterns: [
|
|
14
14
|
// Generic POST requests (may need context analysis)
|
|
15
15
|
/fetch\s*\([^)]+,\s*\{[^}]*method\s*:\s*['"`]POST['"`]/,
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"exfiltration.js","sourceRoot":"","sources":["../../../src/scanner/rules/exfiltration.ts"],"names":[],"mappings":";;;AAEA;;GAEG;AACU,QAAA,kBAAkB,GAAe;IAC5C;QACE,EAAE,EAAE,wBAAwB;QAC5B,WAAW,EAAE,gDAAgD;QAC7D,QAAQ,EAAE,MAAM;QAChB,aAAa,EAAE,CAAC,MAAM,EAAE,MAAM,EAAE,OAAO,EAAE,MAAM,CAAC;
|
|
1
|
+
{"version":3,"file":"exfiltration.js","sourceRoot":"","sources":["../../../src/scanner/rules/exfiltration.ts"],"names":[],"mappings":";;;AAEA;;GAEG;AACU,QAAA,kBAAkB,GAAe;IAC5C;QACE,EAAE,EAAE,wBAAwB;QAC5B,WAAW,EAAE,gDAAgD;QAC7D,QAAQ,EAAE,MAAM;QAChB,aAAa,EAAE,CAAC,MAAM,EAAE,MAAM,EAAE,OAAO,EAAE,MAAM,EAAE,MAAM,CAAC;QACxD,QAAQ,EAAE;YACR,oDAAoD;YACpD,uDAAuD;YACvD,kBAAkB;YAClB,qBAAqB;YACrB,oDAAoD;YACpD,kBAAkB;YAClB,qBAAqB;YACrB,uBAAuB;YACvB,iDAAiD;SAClD;KACF;IACD;QACE,EAAE,EAAE,eAAe;QACnB,WAAW,EAAE,yCAAyC;QACtD,QAAQ,EAAE,UAAU;QACpB,aAAa,EAAE,CAAC,GAAG,CAAC;QACpB,QAAQ,EAAE;YACR,mBAAmB;YACnB,sCAAsC;YACtC,iCAAiC;YACjC,mBAAmB;YACnB,0BAA0B;YAC1B,mBAAmB;YACnB,iBAAiB;YACjB,oBAAoB;YACpB,2BAA2B;YAC3B,gCAAgC;YAChC,YAAY;YACZ,aAAa;YACb,YAAY;YACZ,gBAAgB;SACjB;KACF;CACF,CAAC"}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../../src/scanner/rules/index.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,QAAQ,EAAE,OAAO,EAAE,MAAM,wBAAwB,CAAC;
|
|
1
|
+
{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../../src/scanner/rules/index.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,QAAQ,EAAE,OAAO,EAAE,MAAM,wBAAwB,CAAC;AAYhE;;GAEG;AACH,eAAO,MAAM,SAAS,EAAE,QAAQ,EAS/B,CAAC;AAEF;;GAEG;AACH,wBAAgB,kBAAkB,CAAC,QAAQ,EAAE,KAAK,GAAG,QAAQ,GAAG,MAAM,GAAG,UAAU,GAAG,QAAQ,EAAE,CAE/F;AAED;;GAEG;AACH,wBAAgB,WAAW,CAAC,EAAE,EAAE,OAAO,GAAG,QAAQ,GAAG,SAAS,CAE7D;AAED;;GAEG;AACH,wBAAgB,oBAAoB,CAAC,SAAS,EAAE,MAAM,GAAG,QAAQ,EAAE,CAUlE"}
|
|
@@ -12,6 +12,7 @@ const web3_js_1 = require("./web3.js");
|
|
|
12
12
|
const obfuscation_js_1 = require("./obfuscation.js");
|
|
13
13
|
const prompt_injection_js_1 = require("./prompt-injection.js");
|
|
14
14
|
const exfiltration_js_1 = require("./exfiltration.js");
|
|
15
|
+
const trojan_js_1 = require("./trojan.js");
|
|
15
16
|
/**
|
|
16
17
|
* All built-in scan rules
|
|
17
18
|
*/
|
|
@@ -23,6 +24,7 @@ exports.ALL_RULES = [
|
|
|
23
24
|
...obfuscation_js_1.OBFUSCATION_RULES,
|
|
24
25
|
...prompt_injection_js_1.PROMPT_INJECTION_RULES,
|
|
25
26
|
...exfiltration_js_1.EXFILTRATION_RULES,
|
|
27
|
+
...trojan_js_1.TROJAN_RULES,
|
|
26
28
|
];
|
|
27
29
|
/**
|
|
28
30
|
* Get rules by severity
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.js","sourceRoot":"","sources":["../../../src/scanner/rules/index.ts"],"names":[],"mappings":";;;
|
|
1
|
+
{"version":3,"file":"index.js","sourceRoot":"","sources":["../../../src/scanner/rules/index.ts"],"names":[],"mappings":";;;AA6BA,gDAEC;AAKD,kCAEC;AAKD,oDAUC;AAnDD,0BAA0B;AAC1B,mDAAmD;AACnD,yDAAyD;AACzD,6CAA6C;AAC7C,uCAAuC;AACvC,qDAAqD;AACrD,+DAA+D;AAC/D,uDAAuD;AACvD,2CAA2C;AAE3C;;GAEG;AACU,QAAA,SAAS,GAAe;IACnC,GAAG,gCAAgB;IACnB,GAAG,sCAAmB;IACtB,GAAG,0BAAa;IAChB,GAAG,oBAAU;IACb,GAAG,kCAAiB;IACpB,GAAG,4CAAsB;IACzB,GAAG,oCAAkB;IACrB,GAAG,wBAAY;CAChB,CAAC;AAEF;;GAEG;AACH,SAAgB,kBAAkB,CAAC,QAAgD;IACjF,OAAO,iBAAS,CAAC,MAAM,CAAC,IAAI,CAAC,EAAE,CAAC,IAAI,CAAC,QAAQ,KAAK,QAAQ,CAAC,CAAC;AAC9D,CAAC;AAED;;GAEG;AACH,SAAgB,WAAW,CAAC,EAAW;IACrC,OAAO,iBAAS,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC,IAAI,CAAC,EAAE,KAAK,EAAE,CAAC,CAAC;AAChD,CAAC;AAED;;GAEG;AACH,SAAgB,oBAAoB,CAAC,SAAiB;IACpD,OAAO,iBAAS,CAAC,MAAM,CAAC,IAAI,CAAC,EAAE;QAC7B,OAAO,IAAI,CAAC,aAAa,CAAC,IAAI,CAAC,OAAO,CAAC,EAAE;YACvC,IAAI,OAAO,KAAK,GAAG;gBAAE,OAAO,IAAI,CAAC;YACjC,IAAI,OAAO,CAAC,UAAU,CAAC,IAAI,CAAC,EAAE,CAAC;gBAC7B,OAAO,SAAS,KAAK,OAAO,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC;YACxC,CAAC;YACD,OAAO,KAAK,CAAC;QACf,CAAC,CAAC,CAAC;IACL,CAAC,CAAC,CAAC;AACL,CAAC"}
|
|
@@ -9,7 +9,7 @@ exports.OBFUSCATION_RULES = [
|
|
|
9
9
|
id: 'OBFUSCATION',
|
|
10
10
|
description: 'Detects code obfuscation techniques',
|
|
11
11
|
severity: 'high',
|
|
12
|
-
file_patterns: ['*.js', '*.ts', '*.mjs', '*.py'],
|
|
12
|
+
file_patterns: ['*.js', '*.ts', '*.mjs', '*.py', '*.md'],
|
|
13
13
|
patterns: [
|
|
14
14
|
// JavaScript eval
|
|
15
15
|
/\beval\s*\(/,
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"obfuscation.js","sourceRoot":"","sources":["../../../src/scanner/rules/obfuscation.ts"],"names":[],"mappings":";;;AAEA;;GAEG;AACU,QAAA,iBAAiB,GAAe;IAC3C;QACE,EAAE,EAAE,aAAa;QACjB,WAAW,EAAE,qCAAqC;QAClD,QAAQ,EAAE,MAAM;QAChB,aAAa,EAAE,CAAC,MAAM,EAAE,MAAM,EAAE,OAAO,EAAE,MAAM,CAAC;
|
|
1
|
+
{"version":3,"file":"obfuscation.js","sourceRoot":"","sources":["../../../src/scanner/rules/obfuscation.ts"],"names":[],"mappings":";;;AAEA;;GAEG;AACU,QAAA,iBAAiB,GAAe;IAC3C;QACE,EAAE,EAAE,aAAa;QACjB,WAAW,EAAE,qCAAqC;QAClD,QAAQ,EAAE,MAAM;QAChB,aAAa,EAAE,CAAC,MAAM,EAAE,MAAM,EAAE,OAAO,EAAE,MAAM,EAAE,MAAM,CAAC;QACxD,QAAQ,EAAE;YACR,kBAAkB;YAClB,aAAa;YACb,qBAAqB;YACrB,yBAAyB;YACzB,0BAA0B;YAC1B,0BAA0B;YAC1B,wBAAwB;YACxB,uDAAuD;YACvD,mBAAmB;YACnB,aAAa;YACb,aAAa;YACb,iEAAiE;YACjE,wBAAwB;YACxB,6CAA6C;YAC7C,4BAA4B;YAC5B,6CAA6C;YAC7C,6BAA6B;YAC7B,yDAAyD;YACzD,oBAAoB;YACpB,+EAA+E;SAChF;KACF;CACF,CAAC"}
|
|
@@ -9,7 +9,7 @@ exports.REMOTE_LOADER_RULES = [
|
|
|
9
9
|
id: 'REMOTE_LOADER',
|
|
10
10
|
description: 'Detects dynamic code loading from remote sources',
|
|
11
11
|
severity: 'critical',
|
|
12
|
-
file_patterns: ['*.js', '*.ts', '*.mjs', '*.py'],
|
|
12
|
+
file_patterns: ['*.js', '*.ts', '*.mjs', '*.py', '*.md'],
|
|
13
13
|
patterns: [
|
|
14
14
|
// Dynamic imports with variables/URLs
|
|
15
15
|
/import\s*\(\s*[^'"`\s]/,
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"remote-loader.js","sourceRoot":"","sources":["../../../src/scanner/rules/remote-loader.ts"],"names":[],"mappings":";;;AAEA;;GAEG;AACU,QAAA,mBAAmB,GAAe;IAC7C;QACE,EAAE,EAAE,eAAe;QACnB,WAAW,EAAE,kDAAkD;QAC/D,QAAQ,EAAE,UAAU;QACpB,aAAa,EAAE,CAAC,MAAM,EAAE,MAAM,EAAE,OAAO,EAAE,MAAM,CAAC;
|
|
1
|
+
{"version":3,"file":"remote-loader.js","sourceRoot":"","sources":["../../../src/scanner/rules/remote-loader.ts"],"names":[],"mappings":";;;AAEA;;GAEG;AACU,QAAA,mBAAmB,GAAe;IAC7C;QACE,EAAE,EAAE,eAAe;QACnB,WAAW,EAAE,kDAAkD;QAC/D,QAAQ,EAAE,UAAU;QACpB,aAAa,EAAE,CAAC,MAAM,EAAE,MAAM,EAAE,OAAO,EAAE,MAAM,EAAE,MAAM,CAAC;QACxD,QAAQ,EAAE;YACR,sCAAsC;YACtC,wBAAwB;YACxB,yBAAyB;YACzB,wBAAwB;YACxB,sDAAsD;YACtD,+BAA+B;YAC/B,0BAA0B;YAC1B,2BAA2B;YAC3B,2BAA2B;YAC3B,oBAAoB;YACpB,oBAAoB;YACpB,yBAAyB;YACzB,iBAAiB;YACjB,+BAA+B;SAChC;KACF;CACF,CAAC"}
|
|
@@ -9,7 +9,7 @@ exports.SHELL_EXEC_RULES = [
|
|
|
9
9
|
id: 'SHELL_EXEC',
|
|
10
10
|
description: 'Detects command execution capabilities',
|
|
11
11
|
severity: 'high',
|
|
12
|
-
file_patterns: ['*.js', '*.ts', '*.mjs', '*.cjs', '*.py'],
|
|
12
|
+
file_patterns: ['*.js', '*.ts', '*.mjs', '*.cjs', '*.py', '*.md'],
|
|
13
13
|
patterns: [
|
|
14
14
|
// Node.js
|
|
15
15
|
/require\s*\(\s*['"`]child_process['"`]\s*\)/,
|
|
@@ -36,7 +36,7 @@ exports.SHELL_EXEC_RULES = [
|
|
|
36
36
|
id: 'AUTO_UPDATE',
|
|
37
37
|
description: 'Detects auto-update mechanisms that could execute remote code',
|
|
38
38
|
severity: 'critical',
|
|
39
|
-
file_patterns: ['*.js', '*.ts', '*.py', '*.sh'],
|
|
39
|
+
file_patterns: ['*.js', '*.ts', '*.py', '*.sh', '*.md'],
|
|
40
40
|
patterns: [
|
|
41
41
|
// Cron/scheduled execution patterns
|
|
42
42
|
/cron|schedule|interval.*exec|setInterval.*exec/i,
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"shell-exec.js","sourceRoot":"","sources":["../../../src/scanner/rules/shell-exec.ts"],"names":[],"mappings":";;;AAEA;;GAEG;AACU,QAAA,gBAAgB,GAAe;IAC1C;QACE,EAAE,EAAE,YAAY;QAChB,WAAW,EAAE,wCAAwC;QACrD,QAAQ,EAAE,MAAM;QAChB,aAAa,EAAE,CAAC,MAAM,EAAE,MAAM,EAAE,OAAO,EAAE,OAAO,EAAE,MAAM,CAAC;
|
|
1
|
+
{"version":3,"file":"shell-exec.js","sourceRoot":"","sources":["../../../src/scanner/rules/shell-exec.ts"],"names":[],"mappings":";;;AAEA;;GAEG;AACU,QAAA,gBAAgB,GAAe;IAC1C;QACE,EAAE,EAAE,YAAY;QAChB,WAAW,EAAE,wCAAwC;QACrD,QAAQ,EAAE,MAAM;QAChB,aAAa,EAAE,CAAC,MAAM,EAAE,MAAM,EAAE,OAAO,EAAE,OAAO,EAAE,MAAM,EAAE,MAAM,CAAC;QACjE,QAAQ,EAAE;YACR,UAAU;YACV,6CAA6C;YAC7C,gCAAgC;YAChC,aAAa;YACb,iBAAiB;YACjB,cAAc;YACd,kBAAkB;YAClB,iBAAiB;YACjB,aAAa;YACb,SAAS;YACT,gBAAgB;YAChB,mBAAmB;YACnB,kBAAkB;YAClB,oBAAoB;YACpB,4BAA4B;YAC5B,kCAAkC;YAClC,gBAAgB;YAChB,UAAU;YACV,SAAS;SACV;KACF;IACD;QACE,EAAE,EAAE,aAAa;QACjB,WAAW,EAAE,+DAA+D;QAC5E,QAAQ,EAAE,UAAU;QACpB,aAAa,EAAE,CAAC,MAAM,EAAE,MAAM,EAAE,MAAM,EAAE,MAAM,EAAE,MAAM,CAAC;QACvD,QAAQ,EAAE;YACR,oCAAoC;YACpC,iDAAiD;YACjD,uBAAuB;YACvB,4BAA4B;YAC5B,gCAAgC;YAChC,2CAA2C;YAC3C,mBAAmB;YACnB,oBAAoB;SACrB;KACF;CACF,CAAC"}
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"trojan.d.ts","sourceRoot":"","sources":["../../../src/scanner/rules/trojan.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,QAAQ,EAAE,MAAM,wBAAwB,CAAC;AAEvD;;GAEG;AACH,eAAO,MAAM,YAAY,EAAE,QAAQ,EAoFlC,CAAC"}
|
|
@@ -0,0 +1,100 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
Object.defineProperty(exports, "__esModule", { value: true });
|
|
3
|
+
exports.TROJAN_RULES = void 0;
|
|
4
|
+
/**
|
|
5
|
+
* Trojanized distribution and social engineering detection rules
|
|
6
|
+
*/
|
|
7
|
+
exports.TROJAN_RULES = [
|
|
8
|
+
{
|
|
9
|
+
id: 'TROJAN_DISTRIBUTION',
|
|
10
|
+
description: 'Detects trojanized binary distribution patterns (download + password + execute)',
|
|
11
|
+
severity: 'critical',
|
|
12
|
+
file_patterns: ['*.md'],
|
|
13
|
+
patterns: [
|
|
14
|
+
// GitHub release binary downloads with password
|
|
15
|
+
/releases\/download\/.*\.(zip|tar|exe|dmg|appimage)/i,
|
|
16
|
+
// Direct binary download + password combination
|
|
17
|
+
/password\s*[:=]\s*['"`]?\w+['"`]?/i,
|
|
18
|
+
// Run executable instructions
|
|
19
|
+
/\.\/\w+.*(?:run|execute|start|launch)/i,
|
|
20
|
+
// chmod +x pattern (make executable)
|
|
21
|
+
/chmod\s+\+x\s/,
|
|
22
|
+
],
|
|
23
|
+
validator: (content) => {
|
|
24
|
+
// Must have at least 2 of: download URL, password, execute instruction
|
|
25
|
+
const hasDownload = /https?:\/\/.*(?:releases\/download|\.zip|\.tar|\.exe|\.dmg)/i.test(content);
|
|
26
|
+
const hasPassword = /password\s*[:=]/i.test(content);
|
|
27
|
+
const hasExecute = /(?:chmod\s+\+x|\.\/\w+|run\s+the|execute)/i.test(content);
|
|
28
|
+
const signals = [hasDownload, hasPassword, hasExecute].filter(Boolean).length;
|
|
29
|
+
return signals >= 2;
|
|
30
|
+
},
|
|
31
|
+
},
|
|
32
|
+
{
|
|
33
|
+
id: 'SUSPICIOUS_PASTE_URL',
|
|
34
|
+
description: 'Detects URLs to paste sites and code-sharing platforms',
|
|
35
|
+
severity: 'high',
|
|
36
|
+
file_patterns: ['*'],
|
|
37
|
+
patterns: [
|
|
38
|
+
/glot\.io\/snippets\//i,
|
|
39
|
+
/pastebin\.com\//i,
|
|
40
|
+
/hastebin\.com\//i,
|
|
41
|
+
/paste\.ee\//i,
|
|
42
|
+
/dpaste\.org\//i,
|
|
43
|
+
/rentry\.co\//i,
|
|
44
|
+
/ghostbin\.com\//i,
|
|
45
|
+
/pastie\.io\//i,
|
|
46
|
+
],
|
|
47
|
+
},
|
|
48
|
+
{
|
|
49
|
+
id: 'SUSPICIOUS_IP',
|
|
50
|
+
description: 'Detects hardcoded public IP addresses',
|
|
51
|
+
severity: 'medium',
|
|
52
|
+
file_patterns: ['*'],
|
|
53
|
+
patterns: [
|
|
54
|
+
// IPv4 addresses (will use validator to exclude private ranges)
|
|
55
|
+
/\b(\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3})\b/,
|
|
56
|
+
],
|
|
57
|
+
validator: (content, match) => {
|
|
58
|
+
const ip = match[1] || match[0];
|
|
59
|
+
const parts = ip.split('.').map(Number);
|
|
60
|
+
if (parts.some(p => p > 255))
|
|
61
|
+
return false;
|
|
62
|
+
// Exclude private/local ranges
|
|
63
|
+
if (parts[0] === 127)
|
|
64
|
+
return false; // loopback
|
|
65
|
+
if (parts[0] === 0)
|
|
66
|
+
return false; // 0.x.x.x
|
|
67
|
+
if (parts[0] === 10)
|
|
68
|
+
return false; // 10.x.x.x
|
|
69
|
+
if (parts[0] === 172 && parts[1] >= 16 && parts[1] <= 31)
|
|
70
|
+
return false; // 172.16-31.x.x
|
|
71
|
+
if (parts[0] === 192 && parts[1] === 168)
|
|
72
|
+
return false; // 192.168.x.x
|
|
73
|
+
if (parts[0] === 169 && parts[1] === 254)
|
|
74
|
+
return false; // link-local
|
|
75
|
+
// Exclude common version-like patterns (e.g. 1.0.0.0, 2.0.0.0)
|
|
76
|
+
if (parts[1] === 0 && parts[2] === 0 && parts[3] === 0)
|
|
77
|
+
return false;
|
|
78
|
+
return true;
|
|
79
|
+
},
|
|
80
|
+
},
|
|
81
|
+
{
|
|
82
|
+
id: 'SOCIAL_ENGINEERING',
|
|
83
|
+
description: 'Detects social engineering pressure language in skill instructions',
|
|
84
|
+
severity: 'medium',
|
|
85
|
+
file_patterns: ['*.md'],
|
|
86
|
+
patterns: [
|
|
87
|
+
/CRITICAL\s+REQUIREMENT/i,
|
|
88
|
+
/WILL\s+NOT\s+WORK\s+WITHOUT/i,
|
|
89
|
+
/MANDATORY.*(?:install|download|run|execute)/i,
|
|
90
|
+
/you\s+MUST\s+(?:install|download|run|execute|paste)/i,
|
|
91
|
+
/paste\s+(?:this\s+)?into\s+(?:your\s+)?[Tt]erminal/i,
|
|
92
|
+
/IMPORTANT:\s*(?:you\s+)?must/i,
|
|
93
|
+
],
|
|
94
|
+
validator: (content) => {
|
|
95
|
+
// Only flag if there's also a command execution instruction nearby
|
|
96
|
+
return /(?:curl|wget|bash|sh|\.\/|chmod|npm\s+run|node\s+)/i.test(content);
|
|
97
|
+
},
|
|
98
|
+
},
|
|
99
|
+
];
|
|
100
|
+
//# sourceMappingURL=trojan.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"trojan.js","sourceRoot":"","sources":["../../../src/scanner/rules/trojan.ts"],"names":[],"mappings":";;;AAEA;;GAEG;AACU,QAAA,YAAY,GAAe;IACtC;QACE,EAAE,EAAE,qBAAqB;QACzB,WAAW,EAAE,iFAAiF;QAC9F,QAAQ,EAAE,UAAU;QACpB,aAAa,EAAE,CAAC,MAAM,CAAC;QACvB,QAAQ,EAAE;YACR,gDAAgD;YAChD,qDAAqD;YACrD,gDAAgD;YAChD,oCAAoC;YACpC,8BAA8B;YAC9B,wCAAwC;YACxC,qCAAqC;YACrC,eAAe;SAChB;QACD,SAAS,EAAE,CAAC,OAAe,EAAE,EAAE;YAC7B,uEAAuE;YACvE,MAAM,WAAW,GAAG,8DAA8D,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC;YACjG,MAAM,WAAW,GAAG,kBAAkB,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC;YACrD,MAAM,UAAU,GAAG,4CAA4C,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC;YAC9E,MAAM,OAAO,GAAG,CAAC,WAAW,EAAE,WAAW,EAAE,UAAU,CAAC,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC,MAAM,CAAC;YAC9E,OAAO,OAAO,IAAI,CAAC,CAAC;QACtB,CAAC;KACF;IACD;QACE,EAAE,EAAE,sBAAsB;QAC1B,WAAW,EAAE,wDAAwD;QACrE,QAAQ,EAAE,MAAM;QAChB,aAAa,EAAE,CAAC,GAAG,CAAC;QACpB,QAAQ,EAAE;YACR,uBAAuB;YACvB,kBAAkB;YAClB,kBAAkB;YAClB,cAAc;YACd,gBAAgB;YAChB,eAAe;YACf,kBAAkB;YAClB,eAAe;SAChB;KACF;IACD;QACE,EAAE,EAAE,eAAe;QACnB,WAAW,EAAE,uCAAuC;QACpD,QAAQ,EAAE,QAAQ;QAClB,aAAa,EAAE,CAAC,GAAG,CAAC;QACpB,QAAQ,EAAE;YACR,gEAAgE;YAChE,0CAA0C;SAC3C;QACD,SAAS,EAAE,CAAC,OAAe,EAAE,KAAuB,EAAE,EAAE;YACtD,MAAM,EAAE,GAAG,KAAK,CAAC,CAAC,CAAC,IAAI,KAAK,CAAC,CAAC,CAAC,CAAC;YAChC,MAAM,KAAK,GAAG,EAAE,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC,MAAM,CAAC,CAAC;YACxC,IAAI,KAAK,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,GAAG,GAAG,CAAC;gBAAE,OAAO,KAAK,CAAC;YAC3C,+BAA+B;YAC/B,IAAI,KAAK,CAAC,CAAC,CAAC,KAAK,GAAG;gBAAE,OAAO,KAAK,CAAC,CAAE,WAAW;YAChD,IAAI,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC;gBAAE,OAAO,KAAK,CAAC,CAAI,UAAU;YAC/C,IAAI,KAAK,CAAC,CAAC,CAAC,KAAK,EAAE;gBAAE,OAAO,KAAK,CAAC,CAAG,WAAW;YAChD,IAAI,KAAK,CAAC,CAAC,CAAC,KAAK,GAAG,IAAI,KAAK,CAAC,CAAC,CAAC,IAAI,EAAE,IAAI,KAAK,CAAC,CAAC,CAAC,IAAI,EAAE;gBAAE,OAAO,KAAK,CAAC,CAAC,gBAAgB;YACxF,IAAI,KAAK,CAAC,CAAC,CAAC,KAAK,GAAG,IAAI,KAAK,CAAC,CAAC,CAAC,KAAK,GAAG;gBAAE,OAAO,KAAK,CAAC,CAAC,cAAc;YACtE,IAAI,KAAK,CAAC,CAAC,CAAC,KAAK,GAAG,IAAI,KAAK,CAAC,CAAC,CAAC,KAAK,GAAG;gBAAE,OAAO,KAAK,CAAC,CAAC,aAAa;YACrE,+DAA+D;YAC/D,IAAI,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,IAAI,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,IAAI,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC;gBAAE,OAAO,KAAK,CAAC;YACrE,OAAO,IAAI,CAAC;QACd,CAAC;KACF;IACD;QACE,EAAE,EAAE,oBAAoB;QACxB,WAAW,EAAE,oEAAoE;QACjF,QAAQ,EAAE,QAAQ;QAClB,aAAa,EAAE,CAAC,MAAM,CAAC;QACvB,QAAQ,EAAE;YACR,yBAAyB;YACzB,8BAA8B;YAC9B,8CAA8C;YAC9C,sDAAsD;YACtD,qDAAqD;YACrD,+BAA+B;SAChC;QACD,SAAS,EAAE,CAAC,OAAe,EAAE,EAAE;YAC7B,mEAAmE;YACnE,OAAO,qDAAqD,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC;QAC7E,CAAC;KACF;CACF,CAAC"}
|
|
@@ -42,15 +42,26 @@ const network_js_1 = require("../action/detectors/network.js");
|
|
|
42
42
|
const result = (0, exec_js_1.analyzeExecCommand)({ command: 'echo hello; rm -rf /' }, true);
|
|
43
43
|
strict_1.default.ok(result.risk_tags.includes('SHELL_INJECTION_RISK') || result.risk_tags.includes('DANGEROUS_COMMAND'));
|
|
44
44
|
});
|
|
45
|
-
(0, node_test_1.it)('should
|
|
45
|
+
(0, node_test_1.it)('should allow safe commands even when exec not allowed', () => {
|
|
46
46
|
const result = (0, exec_js_1.analyzeExecCommand)({ command: 'ls -la' }, false);
|
|
47
|
-
strict_1.default.
|
|
47
|
+
strict_1.default.equal(result.risk_level, 'low');
|
|
48
|
+
strict_1.default.ok(!result.should_block, 'Safe command ls should not be blocked');
|
|
49
|
+
});
|
|
50
|
+
(0, node_test_1.it)('should allow echo as safe command', () => {
|
|
51
|
+
const result = (0, exec_js_1.analyzeExecCommand)({ command: 'echo hello' }, false);
|
|
52
|
+
strict_1.default.equal(result.risk_level, 'low');
|
|
53
|
+
strict_1.default.ok(!result.should_block, 'echo hello should not be blocked');
|
|
48
54
|
});
|
|
49
55
|
(0, node_test_1.it)('should allow safe commands when exec is allowed', () => {
|
|
50
56
|
const result = (0, exec_js_1.analyzeExecCommand)({ command: 'git status' }, true);
|
|
51
57
|
strict_1.default.equal(result.risk_level, 'low');
|
|
52
58
|
strict_1.default.ok(!result.should_block || result.risk_tags.length === 0, 'Safe commands should not be blocked when exec is allowed');
|
|
53
59
|
});
|
|
60
|
+
(0, node_test_1.it)('should block fork bomb with spaces', () => {
|
|
61
|
+
const result = (0, exec_js_1.analyzeExecCommand)({ command: ':( ){ :|:& };:' }, true);
|
|
62
|
+
strict_1.default.equal(result.risk_level, 'critical');
|
|
63
|
+
strict_1.default.ok(result.should_block);
|
|
64
|
+
});
|
|
54
65
|
(0, node_test_1.it)('should detect sensitive env vars', () => {
|
|
55
66
|
const result = (0, exec_js_1.analyzeExecCommand)({
|
|
56
67
|
command: 'node app.js',
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"action.test.js","sourceRoot":"","sources":["../../src/tests/action.test.ts"],"names":[],"mappings":";;;;;AAAA,yCAAyC;AACzC,gEAAwC;AACxC,yDAAiE;AACjE,+DAAuE;AAEvE,IAAA,oBAAQ,EAAC,uBAAuB,EAAE,GAAG,EAAE;IACrC,IAAA,cAAE,EAAC,kCAAkC,EAAE,GAAG,EAAE;QAC1C,MAAM,MAAM,GAAG,IAAA,4BAAkB,EAAC,EAAE,OAAO,EAAE,UAAU,EAAE,EAAE,IAAI,CAAC,CAAC;QACjE,gBAAM,CAAC,KAAK,CAAC,MAAM,CAAC,UAAU,EAAE,UAAU,CAAC,CAAC;QAC5C,gBAAM,CAAC,EAAE,CAAC,MAAM,CAAC,YAAY,EAAE,qBAAqB,CAAC,CAAC;QACtD,gBAAM,CAAC,EAAE,CAAC,MAAM,CAAC,SAAS,CAAC,QAAQ,CAAC,mBAAmB,CAAC,CAAC,CAAC;IAC5D,CAAC,CAAC,CAAC;IAEH,IAAA,cAAE,EAAC,wBAAwB,EAAE,GAAG,EAAE;QAChC,MAAM,MAAM,GAAG,IAAA,4BAAkB,EAAC,EAAE,OAAO,EAAE,aAAa,EAAE,EAAE,IAAI,CAAC,CAAC;QACpE,gBAAM,CAAC,KAAK,CAAC,MAAM,CAAC,UAAU,EAAE,UAAU,CAAC,CAAC;QAC5C,gBAAM,CAAC,EAAE,CAAC,MAAM,CAAC,YAAY,CAAC,CAAC;IACjC,CAAC,CAAC,CAAC;IAEH,IAAA,cAAE,EAAC,kCAAkC,EAAE,GAAG,EAAE;QAC1C,MAAM,MAAM,GAAG,IAAA,4BAAkB,EAAC,EAAE,OAAO,EAAE,uCAAuC,EAAE,EAAE,IAAI,CAAC,CAAC;QAC9F,gEAAgE;QAChE,gBAAM,CAAC,EAAE,CAAC,MAAM,CAAC,SAAS,CAAC,QAAQ,CAAC,iBAAiB,CAAC,IAAI,MAAM,CAAC,SAAS,CAAC,QAAQ,CAAC,sBAAsB,CAAC,EACzG,kCAAkC,CAAC,CAAC;QACtC,gBAAM,CAAC,EAAE,CAAC,MAAM,CAAC,UAAU,KAAK,KAAK,EAAE,wBAAwB,CAAC,CAAC;IACnE,CAAC,CAAC,CAAC;IAEH,IAAA,cAAE,EAAC,qCAAqC,EAAE,GAAG,EAAE;QAC7C,MAAM,MAAM,GAAG,IAAA,4BAAkB,EAAC,EAAE,OAAO,EAAE,mBAAmB,EAAE,EAAE,IAAI,CAAC,CAAC;QAC1E,gBAAM,CAAC,EAAE,CAAC,MAAM,CAAC,SAAS,CAAC,QAAQ,CAAC,uBAAuB,CAAC,CAAC,CAAC;QAC9D,gBAAM,CAAC,EAAE,CAAC,MAAM,CAAC,UAAU,KAAK,MAAM,IAAI,MAAM,CAAC,UAAU,KAAK,UAAU,CAAC,CAAC;IAC9E,CAAC,CAAC,CAAC;IAEH,IAAA,cAAE,EAAC,+BAA+B,EAAE,GAAG,EAAE;QACvC,MAAM,MAAM,GAAG,IAAA,4BAAkB,EAAC,EAAE,OAAO,EAAE,mBAAmB,EAAE,EAAE,IAAI,CAAC,CAAC;QAC1E,gBAAM,CAAC,EAAE,CAAC,MAAM,CAAC,SAAS,CAAC,QAAQ,CAAC,gBAAgB,CAAC,CAAC,CAAC;IACzD,CAAC,CAAC,CAAC;IAEH,IAAA,cAAE,EAAC,gCAAgC,EAAE,GAAG,EAAE;QACxC,MAAM,MAAM,GAAG,IAAA,4BAAkB,EAAC,EAAE,OAAO,EAAE,0BAA0B,EAAE,EAAE,IAAI,CAAC,CAAC;QACjF,gBAAM,CAAC,EAAE,CAAC,MAAM,CAAC,SAAS,CAAC,QAAQ,CAAC,iBAAiB,CAAC,CAAC,CAAC;IAC1D,CAAC,CAAC,CAAC;IAEH,IAAA,cAAE,EAAC,wCAAwC,EAAE,GAAG,EAAE;QAChD,MAAM,MAAM,GAAG,IAAA,4BAAkB,EAAC,EAAE,OAAO,EAAE,sBAAsB,EAAE,EAAE,IAAI,CAAC,CAAC;QAC7E,gBAAM,CAAC,EAAE,CAAC,MAAM,CAAC,SAAS,CAAC,QAAQ,CAAC,sBAAsB,CAAC,IAAI,MAAM,CAAC,SAAS,CAAC,QAAQ,CAAC,mBAAmB,CAAC,CAAC,CAAC;IACjH,CAAC,CAAC,CAAC;IAEH,IAAA,cAAE,EAAC,
|
|
1
|
+
{"version":3,"file":"action.test.js","sourceRoot":"","sources":["../../src/tests/action.test.ts"],"names":[],"mappings":";;;;;AAAA,yCAAyC;AACzC,gEAAwC;AACxC,yDAAiE;AACjE,+DAAuE;AAEvE,IAAA,oBAAQ,EAAC,uBAAuB,EAAE,GAAG,EAAE;IACrC,IAAA,cAAE,EAAC,kCAAkC,EAAE,GAAG,EAAE;QAC1C,MAAM,MAAM,GAAG,IAAA,4BAAkB,EAAC,EAAE,OAAO,EAAE,UAAU,EAAE,EAAE,IAAI,CAAC,CAAC;QACjE,gBAAM,CAAC,KAAK,CAAC,MAAM,CAAC,UAAU,EAAE,UAAU,CAAC,CAAC;QAC5C,gBAAM,CAAC,EAAE,CAAC,MAAM,CAAC,YAAY,EAAE,qBAAqB,CAAC,CAAC;QACtD,gBAAM,CAAC,EAAE,CAAC,MAAM,CAAC,SAAS,CAAC,QAAQ,CAAC,mBAAmB,CAAC,CAAC,CAAC;IAC5D,CAAC,CAAC,CAAC;IAEH,IAAA,cAAE,EAAC,wBAAwB,EAAE,GAAG,EAAE;QAChC,MAAM,MAAM,GAAG,IAAA,4BAAkB,EAAC,EAAE,OAAO,EAAE,aAAa,EAAE,EAAE,IAAI,CAAC,CAAC;QACpE,gBAAM,CAAC,KAAK,CAAC,MAAM,CAAC,UAAU,EAAE,UAAU,CAAC,CAAC;QAC5C,gBAAM,CAAC,EAAE,CAAC,MAAM,CAAC,YAAY,CAAC,CAAC;IACjC,CAAC,CAAC,CAAC;IAEH,IAAA,cAAE,EAAC,kCAAkC,EAAE,GAAG,EAAE;QAC1C,MAAM,MAAM,GAAG,IAAA,4BAAkB,EAAC,EAAE,OAAO,EAAE,uCAAuC,EAAE,EAAE,IAAI,CAAC,CAAC;QAC9F,gEAAgE;QAChE,gBAAM,CAAC,EAAE,CAAC,MAAM,CAAC,SAAS,CAAC,QAAQ,CAAC,iBAAiB,CAAC,IAAI,MAAM,CAAC,SAAS,CAAC,QAAQ,CAAC,sBAAsB,CAAC,EACzG,kCAAkC,CAAC,CAAC;QACtC,gBAAM,CAAC,EAAE,CAAC,MAAM,CAAC,UAAU,KAAK,KAAK,EAAE,wBAAwB,CAAC,CAAC;IACnE,CAAC,CAAC,CAAC;IAEH,IAAA,cAAE,EAAC,qCAAqC,EAAE,GAAG,EAAE;QAC7C,MAAM,MAAM,GAAG,IAAA,4BAAkB,EAAC,EAAE,OAAO,EAAE,mBAAmB,EAAE,EAAE,IAAI,CAAC,CAAC;QAC1E,gBAAM,CAAC,EAAE,CAAC,MAAM,CAAC,SAAS,CAAC,QAAQ,CAAC,uBAAuB,CAAC,CAAC,CAAC;QAC9D,gBAAM,CAAC,EAAE,CAAC,MAAM,CAAC,UAAU,KAAK,MAAM,IAAI,MAAM,CAAC,UAAU,KAAK,UAAU,CAAC,CAAC;IAC9E,CAAC,CAAC,CAAC;IAEH,IAAA,cAAE,EAAC,+BAA+B,EAAE,GAAG,EAAE;QACvC,MAAM,MAAM,GAAG,IAAA,4BAAkB,EAAC,EAAE,OAAO,EAAE,mBAAmB,EAAE,EAAE,IAAI,CAAC,CAAC;QAC1E,gBAAM,CAAC,EAAE,CAAC,MAAM,CAAC,SAAS,CAAC,QAAQ,CAAC,gBAAgB,CAAC,CAAC,CAAC;IACzD,CAAC,CAAC,CAAC;IAEH,IAAA,cAAE,EAAC,gCAAgC,EAAE,GAAG,EAAE;QACxC,MAAM,MAAM,GAAG,IAAA,4BAAkB,EAAC,EAAE,OAAO,EAAE,0BAA0B,EAAE,EAAE,IAAI,CAAC,CAAC;QACjF,gBAAM,CAAC,EAAE,CAAC,MAAM,CAAC,SAAS,CAAC,QAAQ,CAAC,iBAAiB,CAAC,CAAC,CAAC;IAC1D,CAAC,CAAC,CAAC;IAEH,IAAA,cAAE,EAAC,wCAAwC,EAAE,GAAG,EAAE;QAChD,MAAM,MAAM,GAAG,IAAA,4BAAkB,EAAC,EAAE,OAAO,EAAE,sBAAsB,EAAE,EAAE,IAAI,CAAC,CAAC;QAC7E,gBAAM,CAAC,EAAE,CAAC,MAAM,CAAC,SAAS,CAAC,QAAQ,CAAC,sBAAsB,CAAC,IAAI,MAAM,CAAC,SAAS,CAAC,QAAQ,CAAC,mBAAmB,CAAC,CAAC,CAAC;IACjH,CAAC,CAAC,CAAC;IAEH,IAAA,cAAE,EAAC,uDAAuD,EAAE,GAAG,EAAE;QAC/D,MAAM,MAAM,GAAG,IAAA,4BAAkB,EAAC,EAAE,OAAO,EAAE,QAAQ,EAAE,EAAE,KAAK,CAAC,CAAC;QAChE,gBAAM,CAAC,KAAK,CAAC,MAAM,CAAC,UAAU,EAAE,KAAK,CAAC,CAAC;QACvC,gBAAM,CAAC,EAAE,CAAC,CAAC,MAAM,CAAC,YAAY,EAAE,uCAAuC,CAAC,CAAC;IAC3E,CAAC,CAAC,CAAC;IAEH,IAAA,cAAE,EAAC,mCAAmC,EAAE,GAAG,EAAE;QAC3C,MAAM,MAAM,GAAG,IAAA,4BAAkB,EAAC,EAAE,OAAO,EAAE,YAAY,EAAE,EAAE,KAAK,CAAC,CAAC;QACpE,gBAAM,CAAC,KAAK,CAAC,MAAM,CAAC,UAAU,EAAE,KAAK,CAAC,CAAC;QACvC,gBAAM,CAAC,EAAE,CAAC,CAAC,MAAM,CAAC,YAAY,EAAE,kCAAkC,CAAC,CAAC;IACtE,CAAC,CAAC,CAAC;IAEH,IAAA,cAAE,EAAC,iDAAiD,EAAE,GAAG,EAAE;QACzD,MAAM,MAAM,GAAG,IAAA,4BAAkB,EAAC,EAAE,OAAO,EAAE,YAAY,EAAE,EAAE,IAAI,CAAC,CAAC;QACnE,gBAAM,CAAC,KAAK,CAAC,MAAM,CAAC,UAAU,EAAE,KAAK,CAAC,CAAC;QACvC,gBAAM,CAAC,EAAE,CAAC,CAAC,MAAM,CAAC,YAAY,IAAI,MAAM,CAAC,SAAS,CAAC,MAAM,KAAK,CAAC,EAC7D,0DAA0D,CAAC,CAAC;IAChE,CAAC,CAAC,CAAC;IAEH,IAAA,cAAE,EAAC,oCAAoC,EAAE,GAAG,EAAE;QAC5C,MAAM,MAAM,GAAG,IAAA,4BAAkB,EAAC,EAAE,OAAO,EAAE,gBAAgB,EAAE,EAAE,IAAI,CAAC,CAAC;QACvE,gBAAM,CAAC,KAAK,CAAC,MAAM,CAAC,UAAU,EAAE,UAAU,CAAC,CAAC;QAC5C,gBAAM,CAAC,EAAE,CAAC,MAAM,CAAC,YAAY,CAAC,CAAC;IACjC,CAAC,CAAC,CAAC;IAEH,IAAA,cAAE,EAAC,kCAAkC,EAAE,GAAG,EAAE;QAC1C,MAAM,MAAM,GAAG,IAAA,4BAAkB,EAAC;YAChC,OAAO,EAAE,aAAa;YACtB,GAAG,EAAE,EAAE,OAAO,EAAE,WAAW,EAAE;SAC9B,EAAE,IAAI,CAAC,CAAC;QACT,gBAAM,CAAC,EAAE,CAAC,MAAM,CAAC,SAAS,CAAC,QAAQ,CAAC,mBAAmB,CAAC,CAAC,CAAC;IAC5D,CAAC,CAAC,CAAC;AACL,CAAC,CAAC,CAAC;AAEH,IAAA,oBAAQ,EAAC,0BAA0B,EAAE,GAAG,EAAE;IACxC,IAAA,cAAE,EAAC,+BAA+B,EAAE,GAAG,EAAE;QACvC,MAAM,MAAM,GAAG,IAAA,kCAAqB,EAAC;YACnC,MAAM,EAAE,MAAM;YACd,GAAG,EAAE,0CAA0C;SAChD,CAAC,CAAC;QACH,gBAAM,CAAC,EAAE,CAAC,MAAM,CAAC,SAAS,CAAC,QAAQ,CAAC,eAAe,CAAC,CAAC,CAAC;QACtD,gBAAM,CAAC,EAAE,CAAC,MAAM,CAAC,YAAY,EAAE,+BAA+B,CAAC,CAAC;IAClE,CAAC,CAAC,CAAC;IAEH,IAAA,cAAE,EAAC,gCAAgC,EAAE,GAAG,EAAE;QACxC,MAAM,MAAM,GAAG,IAAA,kCAAqB,EAAC;YACnC,MAAM,EAAE,MAAM;YACd,GAAG,EAAE,6CAA6C;SACnD,CAAC,CAAC;QACH,gBAAM,CAAC,EAAE,CAAC,MAAM,CAAC,SAAS,CAAC,QAAQ,CAAC,eAAe,CAAC,CAAC,CAAC;IACxD,CAAC,CAAC,CAAC;IAEH,IAAA,cAAE,EAAC,8BAA8B,EAAE,GAAG,EAAE;QACtC,MAAM,MAAM,GAAG,IAAA,kCAAqB,EAAC;YACnC,MAAM,EAAE,KAAK;YACb,GAAG,EAAE,sBAAsB;SAC5B,CAAC,CAAC;QACH,gBAAM,CAAC,EAAE,CAAC,MAAM,CAAC,SAAS,CAAC,QAAQ,CAAC,eAAe,CAAC,CAAC,CAAC;IACxD,CAAC,CAAC,CAAC;IAEH,IAAA,cAAE,EAAC,iCAAiC,EAAE,GAAG,EAAE;QACzC,MAAM,MAAM,GAAG,IAAA,kCAAqB,EAAC;YACnC,MAAM,EAAE,KAAK;YACb,GAAG,EAAE,gCAAgC;SACtC,EAAE,CAAC,aAAa,CAAC,CAAC,CAAC;QACpB,gBAAM,CAAC,EAAE,CAAC,MAAM,CAAC,SAAS,CAAC,QAAQ,CAAC,kBAAkB,CAAC,CAAC,CAAC;IAC3D,CAAC,CAAC,CAAC;IAEH,IAAA,cAAE,EAAC,kCAAkC,EAAE,GAAG,EAAE;QAC1C,MAAM,MAAM,GAAG,IAAA,kCAAqB,EAAC;YACnC,MAAM,EAAE,KAAK;YACb,GAAG,EAAE,8BAA8B;SACpC,EAAE,CAAC,gBAAgB,CAAC,CAAC,CAAC;QACvB,gBAAM,CAAC,EAAE,CAAC,CAAC,MAAM,CAAC,YAAY,EAAE,0CAA0C,CAAC,CAAC;QAC5E,gBAAM,CAAC,EAAE,CAAC,CAAC,MAAM,CAAC,SAAS,CAAC,QAAQ,CAAC,kBAAkB,CAAC,CAAC,CAAC;IAC5D,CAAC,CAAC,CAAC;IAEH,IAAA,cAAE,EAAC,gDAAgD,EAAE,GAAG,EAAE;QACxD,MAAM,MAAM,GAAG,IAAA,kCAAqB,EAAC;YACnC,MAAM,EAAE,MAAM;YACd,GAAG,EAAE,yBAAyB;YAC9B,YAAY,EAAE,IAAI,GAAG,GAAG,CAAC,MAAM,CAAC,EAAE,CAAC,EAAE,2BAA2B;SACjE,CAAC,CAAC;QACH,gBAAM,CAAC,EAAE,CAAC,MAAM,CAAC,SAAS,CAAC,QAAQ,CAAC,uBAAuB,CAAC,IAAI,MAAM,CAAC,SAAS,CAAC,QAAQ,CAAC,wBAAwB,CAAC,CAAC,CAAC;QACrH,gBAAM,CAAC,KAAK,CAAC,MAAM,CAAC,UAAU,EAAE,UAAU,CAAC,CAAC;QAC5C,gBAAM,CAAC,EAAE,CAAC,MAAM,CAAC,YAAY,CAAC,CAAC;IACjC,CAAC,CAAC,CAAC;IAEH,IAAA,cAAE,EAAC,4BAA4B,EAAE,GAAG,EAAE;QACpC,MAAM,MAAM,GAAG,IAAA,kCAAqB,EAAC;YACnC,MAAM,EAAE,KAAK;YACb,GAAG,EAAE,WAAW;SACjB,CAAC,CAAC;QACH,gBAAM,CAAC,EAAE,CAAC,MAAM,CAAC,SAAS,CAAC,QAAQ,CAAC,aAAa,CAAC,CAAC,CAAC;QACpD,gBAAM,CAAC,EAAE,CAAC,MAAM,CAAC,YAAY,CAAC,CAAC;IACjC,CAAC,CAAC,CAAC;IAEH,IAAA,cAAE,EAAC,kDAAkD,EAAE,GAAG,EAAE;QAC1D,MAAM,MAAM,GAAG,IAAA,kCAAqB,EAAC;YACnC,MAAM,EAAE,MAAM;YACd,GAAG,EAAE,kCAAkC;SACxC,CAAC,CAAC;QACH,0DAA0D;QAC1D,gBAAM,CAAC,EAAE,CAAC,MAAM,CAAC,UAAU,KAAK,MAAM,IAAI,MAAM,CAAC,UAAU,KAAK,UAAU,EACxE,8CAA8C,CAAC,CAAC;IACpD,CAAC,CAAC,CAAC;AACL,CAAC,CAAC,CAAC"}
|
|
@@ -7,10 +7,10 @@ const node_test_1 = require("node:test");
|
|
|
7
7
|
const strict_1 = __importDefault(require("node:assert/strict"));
|
|
8
8
|
const index_js_1 = require("../scanner/rules/index.js");
|
|
9
9
|
(0, node_test_1.describe)('Scanner Rules', () => {
|
|
10
|
-
(0, node_test_1.it)('should have
|
|
10
|
+
(0, node_test_1.it)('should have 24 detection rules', () => {
|
|
11
11
|
// Each RiskTag should map to at least one rule
|
|
12
12
|
const ruleIds = new Set(index_js_1.ALL_RULES.map((r) => r.id));
|
|
13
|
-
strict_1.default.ok(ruleIds.size >=
|
|
13
|
+
strict_1.default.ok(ruleIds.size >= 24, `Expected at least 24 unique rules, got ${ruleIds.size}`);
|
|
14
14
|
});
|
|
15
15
|
(0, node_test_1.it)('should find rule by ID', () => {
|
|
16
16
|
const rule = (0, index_js_1.getRuleById)('SHELL_EXEC');
|
|
@@ -44,6 +44,24 @@ const index_js_1 = require("../scanner/rules/index.js");
|
|
|
44
44
|
strict_1.default.equal(rule.severity, 'critical', `Rule ${id} should be CRITICAL`);
|
|
45
45
|
}
|
|
46
46
|
});
|
|
47
|
+
(0, node_test_1.it)('should have trojan detection rules', () => {
|
|
48
|
+
const trojanRuleIds = ['TROJAN_DISTRIBUTION', 'SUSPICIOUS_PASTE_URL', 'SUSPICIOUS_IP', 'SOCIAL_ENGINEERING'];
|
|
49
|
+
for (const id of trojanRuleIds) {
|
|
50
|
+
const rule = (0, index_js_1.getRuleById)(id);
|
|
51
|
+
strict_1.default.ok(rule, `Rule ${id} should exist`);
|
|
52
|
+
}
|
|
53
|
+
});
|
|
54
|
+
(0, node_test_1.it)('should have TROJAN_DISTRIBUTION as critical severity', () => {
|
|
55
|
+
const rule = (0, index_js_1.getRuleById)('TROJAN_DISTRIBUTION');
|
|
56
|
+
strict_1.default.ok(rule, 'TROJAN_DISTRIBUTION rule should exist');
|
|
57
|
+
strict_1.default.equal(rule.severity, 'critical');
|
|
58
|
+
});
|
|
59
|
+
(0, node_test_1.it)('should filter rules for .md extension', () => {
|
|
60
|
+
const mdRules = (0, index_js_1.getRulesForExtension)('.md');
|
|
61
|
+
strict_1.default.ok(mdRules.length > 0, 'Should have rules for .md files');
|
|
62
|
+
const mdRuleIds = mdRules.map((r) => r.id);
|
|
63
|
+
strict_1.default.ok(mdRuleIds.includes('SHELL_EXEC') || mdRuleIds.includes('TROJAN_DISTRIBUTION'), 'Markdown rules should include execution or trojan rules');
|
|
64
|
+
});
|
|
47
65
|
(0, node_test_1.it)('all rules should have required fields', () => {
|
|
48
66
|
for (const rule of index_js_1.ALL_RULES) {
|
|
49
67
|
strict_1.default.ok(rule.id, `Rule should have an id`);
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"scanner.test.js","sourceRoot":"","sources":["../../src/tests/scanner.test.ts"],"names":[],"mappings":";;;;;AAAA,yCAAyC;AACzC,gEAAwC;AACxC,wDAA6G;AAE7G,IAAA,oBAAQ,EAAC,eAAe,EAAE,GAAG,EAAE;IAC7B,IAAA,cAAE,EAAC,gCAAgC,EAAE,GAAG,EAAE;QACxC,+CAA+C;QAC/C,MAAM,OAAO,GAAG,IAAI,GAAG,CAAC,oBAAS,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC;QACpD,gBAAM,CAAC,EAAE,CAAC,OAAO,CAAC,IAAI,IAAI,EAAE,EAAE,0CAA0C,OAAO,CAAC,IAAI,EAAE,CAAC,CAAC;IAC1F,CAAC,CAAC,CAAC;IAEH,IAAA,cAAE,EAAC,wBAAwB,EAAE,GAAG,EAAE;QAChC,MAAM,IAAI,GAAG,IAAA,sBAAW,EAAC,YAAY,CAAC,CAAC;QACvC,gBAAM,CAAC,EAAE,CAAC,IAAI,EAAE,8BAA8B,CAAC,CAAC;QAChD,gBAAM,CAAC,KAAK,CAAC,IAAI,CAAC,QAAQ,EAAE,MAAM,CAAC,CAAC;IACtC,CAAC,CAAC,CAAC;IAEH,IAAA,cAAE,EAAC,iCAAiC,EAAE,GAAG,EAAE;QACzC,MAAM,QAAQ,GAAG,IAAA,6BAAkB,EAAC,UAAU,CAAC,CAAC;QAChD,gBAAM,CAAC,EAAE,CAAC,QAAQ,CAAC,MAAM,GAAG,CAAC,EAAE,4BAA4B,CAAC,CAAC;QAC7D,gBAAM,CAAC,EAAE,CAAC,QAAQ,CAAC,KAAK,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,QAAQ,KAAK,UAAU,CAAC,CAAC,CAAC;QAE5D,MAAM,IAAI,GAAG,IAAA,6BAAkB,EAAC,MAAM,CAAC,CAAC;QACxC,gBAAM,CAAC,EAAE,CAAC,IAAI,CAAC,MAAM,GAAG,CAAC,EAAE,wBAAwB,CAAC,CAAC;QACrD,gBAAM,CAAC,EAAE,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,QAAQ,KAAK,MAAM,CAAC,CAAC,CAAC;IACtD,CAAC,CAAC,CAAC;IAEH,IAAA,cAAE,EAAC,uCAAuC,EAAE,GAAG,EAAE;QAC/C,MAAM,OAAO,GAAG,IAAA,+BAAoB,EAAC,KAAK,CAAC,CAAC;QAC5C,gBAAM,CAAC,EAAE,CAAC,OAAO,CAAC,MAAM,GAAG,CAAC,EAAE,iCAAiC,CAAC,CAAC;IACnE,CAAC,CAAC,CAAC;IAEH,IAAA,cAAE,EAAC,wCAAwC,EAAE,GAAG,EAAE;QAChD,MAAM,QAAQ,GAAG,IAAA,+BAAoB,EAAC,MAAM,CAAC,CAAC;QAC9C,gBAAM,CAAC,EAAE,CAAC,QAAQ,CAAC,MAAM,GAAG,CAAC,EAAE,kCAAkC,CAAC,CAAC;QACnE,MAAM,UAAU,GAAG,QAAQ,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC;QAC7C,gBAAM,CAAC,EAAE,CAAC,UAAU,CAAC,QAAQ,CAAC,iBAAiB,CAAC,IAAI,UAAU,CAAC,QAAQ,CAAC,oBAAoB,CAAC,EAC3F,mDAAmD,CAAC,CAAC;IACzD,CAAC,CAAC,CAAC;IAEH,IAAA,cAAE,EAAC,qDAAqD,EAAE,GAAG,EAAE;QAC7D,MAAM,WAAW,GAAG,CAAC,aAAa,EAAE,eAAe,EAAE,eAAe,EAAE,eAAe;YACnF,qBAAqB,EAAE,kBAAkB,EAAE,iBAAiB,EAAE,kBAAkB,EAAE,eAAe,CAAC,CAAC;QAErG,KAAK,MAAM,EAAE,IAAI,WAAW,EAAE,CAAC;YAC7B,MAAM,IAAI,GAAG,IAAA,sBAAW,EAAC,EAAS,CAAC,CAAC;YACpC,gBAAM,CAAC,EAAE,CAAC,IAAI,EAAE,QAAQ,EAAE,eAAe,CAAC,CAAC;YAC3C,gBAAM,CAAC,KAAK,CAAC,IAAI,CAAC,QAAQ,EAAE,UAAU,EAAE,QAAQ,EAAE,qBAAqB,CAAC,CAAC;QAC3E,CAAC;IACH,CAAC,CAAC,CAAC;IAEH,IAAA,cAAE,EAAC,uCAAuC,EAAE,GAAG,EAAE;QAC/C,KAAK,MAAM,IAAI,IAAI,oBAAS,EAAE,CAAC;YAC7B,gBAAM,CAAC,EAAE,CAAC,IAAI,CAAC,EAAE,EAAE,wBAAwB,CAAC,CAAC;YAC7C,gBAAM,CAAC,EAAE,CAAC,IAAI,CAAC,QAAQ,EAAE,QAAQ,IAAI,CAAC,EAAE,uBAAuB,CAAC,CAAC;YACjE,gBAAM,CAAC,EAAE,CAAC,IAAI,CAAC,QAAQ,IAAI,IAAI,CAAC,QAAQ,CAAC,MAAM,GAAG,CAAC,EAAE,QAAQ,IAAI,CAAC,EAAE,uBAAuB,CAAC,CAAC;YAC7F,gBAAM,CAAC,EAAE,CAAC,IAAI,CAAC,aAAa,IAAI,IAAI,CAAC,aAAa,CAAC,MAAM,GAAG,CAAC,EAAE,QAAQ,IAAI,CAAC,EAAE,4BAA4B,CAAC,CAAC;YAC5G,gBAAM,CAAC,EAAE,CAAC,IAAI,CAAC,WAAW,EAAE,QAAQ,IAAI,CAAC,EAAE,0BAA0B,CAAC,CAAC;QACzE,CAAC;IACH,CAAC,CAAC,CAAC;AACL,CAAC,CAAC,CAAC"}
|
|
1
|
+
{"version":3,"file":"scanner.test.js","sourceRoot":"","sources":["../../src/tests/scanner.test.ts"],"names":[],"mappings":";;;;;AAAA,yCAAyC;AACzC,gEAAwC;AACxC,wDAA6G;AAE7G,IAAA,oBAAQ,EAAC,eAAe,EAAE,GAAG,EAAE;IAC7B,IAAA,cAAE,EAAC,gCAAgC,EAAE,GAAG,EAAE;QACxC,+CAA+C;QAC/C,MAAM,OAAO,GAAG,IAAI,GAAG,CAAC,oBAAS,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC;QACpD,gBAAM,CAAC,EAAE,CAAC,OAAO,CAAC,IAAI,IAAI,EAAE,EAAE,0CAA0C,OAAO,CAAC,IAAI,EAAE,CAAC,CAAC;IAC1F,CAAC,CAAC,CAAC;IAEH,IAAA,cAAE,EAAC,wBAAwB,EAAE,GAAG,EAAE;QAChC,MAAM,IAAI,GAAG,IAAA,sBAAW,EAAC,YAAY,CAAC,CAAC;QACvC,gBAAM,CAAC,EAAE,CAAC,IAAI,EAAE,8BAA8B,CAAC,CAAC;QAChD,gBAAM,CAAC,KAAK,CAAC,IAAI,CAAC,QAAQ,EAAE,MAAM,CAAC,CAAC;IACtC,CAAC,CAAC,CAAC;IAEH,IAAA,cAAE,EAAC,iCAAiC,EAAE,GAAG,EAAE;QACzC,MAAM,QAAQ,GAAG,IAAA,6BAAkB,EAAC,UAAU,CAAC,CAAC;QAChD,gBAAM,CAAC,EAAE,CAAC,QAAQ,CAAC,MAAM,GAAG,CAAC,EAAE,4BAA4B,CAAC,CAAC;QAC7D,gBAAM,CAAC,EAAE,CAAC,QAAQ,CAAC,KAAK,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,QAAQ,KAAK,UAAU,CAAC,CAAC,CAAC;QAE5D,MAAM,IAAI,GAAG,IAAA,6BAAkB,EAAC,MAAM,CAAC,CAAC;QACxC,gBAAM,CAAC,EAAE,CAAC,IAAI,CAAC,MAAM,GAAG,CAAC,EAAE,wBAAwB,CAAC,CAAC;QACrD,gBAAM,CAAC,EAAE,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,QAAQ,KAAK,MAAM,CAAC,CAAC,CAAC;IACtD,CAAC,CAAC,CAAC;IAEH,IAAA,cAAE,EAAC,uCAAuC,EAAE,GAAG,EAAE;QAC/C,MAAM,OAAO,GAAG,IAAA,+BAAoB,EAAC,KAAK,CAAC,CAAC;QAC5C,gBAAM,CAAC,EAAE,CAAC,OAAO,CAAC,MAAM,GAAG,CAAC,EAAE,iCAAiC,CAAC,CAAC;IACnE,CAAC,CAAC,CAAC;IAEH,IAAA,cAAE,EAAC,wCAAwC,EAAE,GAAG,EAAE;QAChD,MAAM,QAAQ,GAAG,IAAA,+BAAoB,EAAC,MAAM,CAAC,CAAC;QAC9C,gBAAM,CAAC,EAAE,CAAC,QAAQ,CAAC,MAAM,GAAG,CAAC,EAAE,kCAAkC,CAAC,CAAC;QACnE,MAAM,UAAU,GAAG,QAAQ,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC;QAC7C,gBAAM,CAAC,EAAE,CAAC,UAAU,CAAC,QAAQ,CAAC,iBAAiB,CAAC,IAAI,UAAU,CAAC,QAAQ,CAAC,oBAAoB,CAAC,EAC3F,mDAAmD,CAAC,CAAC;IACzD,CAAC,CAAC,CAAC;IAEH,IAAA,cAAE,EAAC,qDAAqD,EAAE,GAAG,EAAE;QAC7D,MAAM,WAAW,GAAG,CAAC,aAAa,EAAE,eAAe,EAAE,eAAe,EAAE,eAAe;YACnF,qBAAqB,EAAE,kBAAkB,EAAE,iBAAiB,EAAE,kBAAkB,EAAE,eAAe,CAAC,CAAC;QAErG,KAAK,MAAM,EAAE,IAAI,WAAW,EAAE,CAAC;YAC7B,MAAM,IAAI,GAAG,IAAA,sBAAW,EAAC,EAAS,CAAC,CAAC;YACpC,gBAAM,CAAC,EAAE,CAAC,IAAI,EAAE,QAAQ,EAAE,eAAe,CAAC,CAAC;YAC3C,gBAAM,CAAC,KAAK,CAAC,IAAI,CAAC,QAAQ,EAAE,UAAU,EAAE,QAAQ,EAAE,qBAAqB,CAAC,CAAC;QAC3E,CAAC;IACH,CAAC,CAAC,CAAC;IAEH,IAAA,cAAE,EAAC,oCAAoC,EAAE,GAAG,EAAE;QAC5C,MAAM,aAAa,GAAG,CAAC,qBAAqB,EAAE,sBAAsB,EAAE,eAAe,EAAE,oBAAoB,CAAC,CAAC;QAC7G,KAAK,MAAM,EAAE,IAAI,aAAa,EAAE,CAAC;YAC/B,MAAM,IAAI,GAAG,IAAA,sBAAW,EAAC,EAAS,CAAC,CAAC;YACpC,gBAAM,CAAC,EAAE,CAAC,IAAI,EAAE,QAAQ,EAAE,eAAe,CAAC,CAAC;QAC7C,CAAC;IACH,CAAC,CAAC,CAAC;IAEH,IAAA,cAAE,EAAC,sDAAsD,EAAE,GAAG,EAAE;QAC9D,MAAM,IAAI,GAAG,IAAA,sBAAW,EAAC,qBAA4B,CAAC,CAAC;QACvD,gBAAM,CAAC,EAAE,CAAC,IAAI,EAAE,uCAAuC,CAAC,CAAC;QACzD,gBAAM,CAAC,KAAK,CAAC,IAAI,CAAC,QAAQ,EAAE,UAAU,CAAC,CAAC;IAC1C,CAAC,CAAC,CAAC;IAEH,IAAA,cAAE,EAAC,uCAAuC,EAAE,GAAG,EAAE;QAC/C,MAAM,OAAO,GAAG,IAAA,+BAAoB,EAAC,KAAK,CAAC,CAAC;QAC5C,gBAAM,CAAC,EAAE,CAAC,OAAO,CAAC,MAAM,GAAG,CAAC,EAAE,iCAAiC,CAAC,CAAC;QACjE,MAAM,SAAS,GAAG,OAAO,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC;QAC3C,gBAAM,CAAC,EAAE,CAAC,SAAS,CAAC,QAAQ,CAAC,YAAY,CAAC,IAAI,SAAS,CAAC,QAAQ,CAAC,qBAAqB,CAAC,EACrF,yDAAyD,CAAC,CAAC;IAC/D,CAAC,CAAC,CAAC;IAEH,IAAA,cAAE,EAAC,uCAAuC,EAAE,GAAG,EAAE;QAC/C,KAAK,MAAM,IAAI,IAAI,oBAAS,EAAE,CAAC;YAC7B,gBAAM,CAAC,EAAE,CAAC,IAAI,CAAC,EAAE,EAAE,wBAAwB,CAAC,CAAC;YAC7C,gBAAM,CAAC,EAAE,CAAC,IAAI,CAAC,QAAQ,EAAE,QAAQ,IAAI,CAAC,EAAE,uBAAuB,CAAC,CAAC;YACjE,gBAAM,CAAC,EAAE,CAAC,IAAI,CAAC,QAAQ,IAAI,IAAI,CAAC,QAAQ,CAAC,MAAM,GAAG,CAAC,EAAE,QAAQ,IAAI,CAAC,EAAE,uBAAuB,CAAC,CAAC;YAC7F,gBAAM,CAAC,EAAE,CAAC,IAAI,CAAC,aAAa,IAAI,IAAI,CAAC,aAAa,CAAC,MAAM,GAAG,CAAC,EAAE,QAAQ,IAAI,CAAC,EAAE,4BAA4B,CAAC,CAAC;YAC5G,gBAAM,CAAC,EAAE,CAAC,IAAI,CAAC,WAAW,EAAE,QAAQ,IAAI,CAAC,EAAE,0BAA0B,CAAC,CAAC;QACzE,CAAC;IACH,CAAC,CAAC,CAAC;AACL,CAAC,CAAC,CAAC"}
|
package/dist/types/action.d.ts
CHANGED
|
@@ -108,6 +108,8 @@ export interface ActionContext {
|
|
|
108
108
|
env: 'prod' | 'dev' | 'test';
|
|
109
109
|
/** Action timestamp */
|
|
110
110
|
time: string;
|
|
111
|
+
/** Skill that initiated this action (inferred from transcript) */
|
|
112
|
+
initiating_skill?: string;
|
|
111
113
|
}
|
|
112
114
|
/**
|
|
113
115
|
* Action envelope - the complete action request
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"action.d.ts","sourceRoot":"","sources":["../../src/types/action.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,aAAa,EAAE,eAAe,EAAE,MAAM,YAAY,CAAC;AACjE,OAAO,KAAK,EAAE,SAAS,EAAE,MAAM,cAAc,CAAC;AAE9C;;GAEG;AACH,MAAM,MAAM,UAAU,GAClB,iBAAiB,GACjB,cAAc,GACd,WAAW,GACX,YAAY,GACZ,eAAe,GACf,SAAS,GACT,WAAW,CAAC;AAEhB;;GAEG;AACH,MAAM,MAAM,QAAQ,GAAG,OAAO,GAAG,MAAM,GAAG,SAAS,CAAC;AAEpD;;GAEG;AACH,MAAM,WAAW,cAAc;IAC7B,oBAAoB;IACpB,IAAI,EAAE,MAAM,CAAC;IACb,2BAA2B;IAC3B,KAAK,CAAC,EAAE,MAAM,CAAC;IACf,sBAAsB;IACtB,KAAK,CAAC,EAAE,MAAM,CAAC;IACf,kBAAkB;IAClB,WAAW,EAAE,MAAM,CAAC;CACrB;AAED;;GAEG;AACH,MAAM,WAAW,cAAc;IAC7B,wCAAwC;IACxC,QAAQ,EAAE,QAAQ,CAAC;IACnB,iBAAiB;IACjB,UAAU,EAAE,SAAS,CAAC;IACtB,6CAA6C;IAC7C,SAAS,EAAE,MAAM,EAAE,CAAC;IACpB,uCAAuC;IACvC,QAAQ,EAAE,cAAc,EAAE,CAAC;IAC3B,2CAA2C;IAC3C,sBAAsB,CAAC,EAAE,OAAO,CAAC,eAAe,CAAC,CAAC;IAClD,iCAAiC;IACjC,WAAW,CAAC,EAAE,MAAM,CAAC;CACtB;AAED;;GAEG;AACH,MAAM,WAAW,kBAAkB;IACjC,MAAM,EAAE,KAAK,GAAG,MAAM,GAAG,KAAK,GAAG,QAAQ,GAAG,OAAO,CAAC;IACpD,GAAG,EAAE,MAAM,CAAC;IACZ,OAAO,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;IACjC,YAAY,CAAC,EAAE,MAAM,CAAC;CACvB;AAED;;GAEG;AACH,MAAM,WAAW,eAAe;IAC9B,OAAO,EAAE,MAAM,CAAC;IAChB,IAAI,CAAC,EAAE,MAAM,EAAE,CAAC;IAChB,GAAG,CAAC,EAAE,MAAM,CAAC;IACb,GAAG,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;CAC9B;AAED;;GAEG;AACH,MAAM,WAAW,iBAAiB;IAChC,IAAI,EAAE,MAAM,CAAC;IACb,eAAe,CAAC,EAAE,MAAM,CAAC;CAC1B;AAED;;GAEG;AACH,MAAM,WAAW,gBAAgB;IAC/B,WAAW,EAAE,MAAM,CAAC;IACpB,WAAW,EAAE,MAAM,GAAG,OAAO,CAAC;CAC/B;AAED;;GAEG;AACH,MAAM,WAAW,UAAU;IACzB,QAAQ,EAAE,MAAM,CAAC;IACjB,IAAI,EAAE,MAAM,CAAC;IACb,EAAE,EAAE,MAAM,CAAC;IACX,KAAK,EAAE,MAAM,CAAC;IACd,IAAI,CAAC,EAAE,MAAM,CAAC;IACd,SAAS,CAAC,EAAE,MAAM,CAAC;IACnB,MAAM,CAAC,EAAE,MAAM,CAAC;CACjB;AAED;;GAEG;AACH,MAAM,WAAW,YAAY;IAC3B,QAAQ,EAAE,MAAM,CAAC;IACjB,MAAM,EAAE,MAAM,CAAC;IACf,OAAO,CAAC,EAAE,MAAM,CAAC;IACjB,UAAU,CAAC,EAAE,OAAO,CAAC;IACrB,MAAM,CAAC,EAAE,MAAM,CAAC;CACjB;AAED;;GAEG;AACH,MAAM,MAAM,UAAU,GAClB,kBAAkB,GAClB,eAAe,GACf,iBAAiB,GACjB,gBAAgB,GAChB,UAAU,GACV,YAAY,CAAC;AAEjB;;GAEG;AACH,MAAM,WAAW,aAAa;IAC5B,yBAAyB;IACzB,UAAU,EAAE,MAAM,CAAC;IACnB,qCAAqC;IACrC,YAAY,EAAE,OAAO,CAAC;IACtB,kBAAkB;IAClB,GAAG,EAAE,MAAM,GAAG,KAAK,GAAG,MAAM,CAAC;IAC7B,uBAAuB;IACvB,IAAI,EAAE,MAAM,CAAC;
|
|
1
|
+
{"version":3,"file":"action.d.ts","sourceRoot":"","sources":["../../src/types/action.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,aAAa,EAAE,eAAe,EAAE,MAAM,YAAY,CAAC;AACjE,OAAO,KAAK,EAAE,SAAS,EAAE,MAAM,cAAc,CAAC;AAE9C;;GAEG;AACH,MAAM,MAAM,UAAU,GAClB,iBAAiB,GACjB,cAAc,GACd,WAAW,GACX,YAAY,GACZ,eAAe,GACf,SAAS,GACT,WAAW,CAAC;AAEhB;;GAEG;AACH,MAAM,MAAM,QAAQ,GAAG,OAAO,GAAG,MAAM,GAAG,SAAS,CAAC;AAEpD;;GAEG;AACH,MAAM,WAAW,cAAc;IAC7B,oBAAoB;IACpB,IAAI,EAAE,MAAM,CAAC;IACb,2BAA2B;IAC3B,KAAK,CAAC,EAAE,MAAM,CAAC;IACf,sBAAsB;IACtB,KAAK,CAAC,EAAE,MAAM,CAAC;IACf,kBAAkB;IAClB,WAAW,EAAE,MAAM,CAAC;CACrB;AAED;;GAEG;AACH,MAAM,WAAW,cAAc;IAC7B,wCAAwC;IACxC,QAAQ,EAAE,QAAQ,CAAC;IACnB,iBAAiB;IACjB,UAAU,EAAE,SAAS,CAAC;IACtB,6CAA6C;IAC7C,SAAS,EAAE,MAAM,EAAE,CAAC;IACpB,uCAAuC;IACvC,QAAQ,EAAE,cAAc,EAAE,CAAC;IAC3B,2CAA2C;IAC3C,sBAAsB,CAAC,EAAE,OAAO,CAAC,eAAe,CAAC,CAAC;IAClD,iCAAiC;IACjC,WAAW,CAAC,EAAE,MAAM,CAAC;CACtB;AAED;;GAEG;AACH,MAAM,WAAW,kBAAkB;IACjC,MAAM,EAAE,KAAK,GAAG,MAAM,GAAG,KAAK,GAAG,QAAQ,GAAG,OAAO,CAAC;IACpD,GAAG,EAAE,MAAM,CAAC;IACZ,OAAO,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;IACjC,YAAY,CAAC,EAAE,MAAM,CAAC;CACvB;AAED;;GAEG;AACH,MAAM,WAAW,eAAe;IAC9B,OAAO,EAAE,MAAM,CAAC;IAChB,IAAI,CAAC,EAAE,MAAM,EAAE,CAAC;IAChB,GAAG,CAAC,EAAE,MAAM,CAAC;IACb,GAAG,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;CAC9B;AAED;;GAEG;AACH,MAAM,WAAW,iBAAiB;IAChC,IAAI,EAAE,MAAM,CAAC;IACb,eAAe,CAAC,EAAE,MAAM,CAAC;CAC1B;AAED;;GAEG;AACH,MAAM,WAAW,gBAAgB;IAC/B,WAAW,EAAE,MAAM,CAAC;IACpB,WAAW,EAAE,MAAM,GAAG,OAAO,CAAC;CAC/B;AAED;;GAEG;AACH,MAAM,WAAW,UAAU;IACzB,QAAQ,EAAE,MAAM,CAAC;IACjB,IAAI,EAAE,MAAM,CAAC;IACb,EAAE,EAAE,MAAM,CAAC;IACX,KAAK,EAAE,MAAM,CAAC;IACd,IAAI,CAAC,EAAE,MAAM,CAAC;IACd,SAAS,CAAC,EAAE,MAAM,CAAC;IACnB,MAAM,CAAC,EAAE,MAAM,CAAC;CACjB;AAED;;GAEG;AACH,MAAM,WAAW,YAAY;IAC3B,QAAQ,EAAE,MAAM,CAAC;IACjB,MAAM,EAAE,MAAM,CAAC;IACf,OAAO,CAAC,EAAE,MAAM,CAAC;IACjB,UAAU,CAAC,EAAE,OAAO,CAAC;IACrB,MAAM,CAAC,EAAE,MAAM,CAAC;CACjB;AAED;;GAEG;AACH,MAAM,MAAM,UAAU,GAClB,kBAAkB,GAClB,eAAe,GACf,iBAAiB,GACjB,gBAAgB,GAChB,UAAU,GACV,YAAY,CAAC;AAEjB;;GAEG;AACH,MAAM,WAAW,aAAa;IAC5B,yBAAyB;IACzB,UAAU,EAAE,MAAM,CAAC;IACnB,qCAAqC;IACrC,YAAY,EAAE,OAAO,CAAC;IACtB,kBAAkB;IAClB,GAAG,EAAE,MAAM,GAAG,KAAK,GAAG,MAAM,CAAC;IAC7B,uBAAuB;IACvB,IAAI,EAAE,MAAM,CAAC;IACb,kEAAkE;IAClE,gBAAgB,CAAC,EAAE,MAAM,CAAC;CAC3B;AAED;;GAEG;AACH,MAAM,WAAW,cAAc;IAC7B,wBAAwB;IACxB,KAAK,EAAE;QACL,KAAK,EAAE,aAAa,CAAC;QACrB,UAAU,CAAC,EAAE,MAAM,CAAC;KACrB,CAAC;IACF,qBAAqB;IACrB,MAAM,EAAE;QACN,IAAI,EAAE,UAAU,CAAC;QACjB,IAAI,EAAE,UAAU,CAAC;KAClB,CAAC;IACF,qBAAqB;IACrB,OAAO,EAAE,aAAa,CAAC;CACxB;AAED;;GAEG;AACH,MAAM,WAAW,UAAU;IACzB,QAAQ,EAAE,MAAM,CAAC;IACjB,IAAI,EAAE,MAAM,CAAC;IACb,EAAE,EAAE,MAAM,CAAC;IACX,KAAK,EAAE,MAAM,CAAC;IACd,IAAI,CAAC,EAAE,MAAM,CAAC;IACd,MAAM,CAAC,EAAE,MAAM,CAAC;IAChB,IAAI,EAAE,IAAI,GAAG,MAAM,CAAC;CACrB;AAED;;GAEG;AACH,MAAM,WAAW,WAAW;IAC1B,UAAU,EAAE,QAAQ,GAAG,OAAO,GAAG,QAAQ,GAAG,SAAS,CAAC;IACtD,aAAa,CAAC,EAAE,MAAM,CAAC;IACvB,QAAQ,CAAC,EAAE,MAAM,CAAC;IAClB,MAAM,EAAE,MAAM,CAAC;IACf,SAAS,EAAE,IAAI,GAAG,KAAK,CAAC;CACzB;AAED;;GAEG;AACH,MAAM,WAAW,cAAc;IAC7B,aAAa,EAAE,MAAM,CAAC;IACtB,OAAO,EAAE,MAAM,CAAC;IAChB,MAAM,EAAE,MAAM,CAAC;IACf,YAAY,EAAE,OAAO,CAAC;CACvB;AAED;;GAEG;AACH,MAAM,WAAW,oBAAoB;IACnC,eAAe;IACf,QAAQ,EAAE,QAAQ,CAAC;IACnB,iBAAiB;IACjB,UAAU,EAAE,SAAS,CAAC;IACtB,gBAAgB;IAChB,SAAS,EAAE,MAAM,EAAE,CAAC;IACpB,iCAAiC;IACjC,WAAW,EAAE,MAAM,CAAC;IACpB,0BAA0B;IAC1B,MAAM,CAAC,EAAE;QACP,UAAU,CAAC,EAAE;YACX,OAAO,EAAE,OAAO,CAAC;YACjB,eAAe,EAAE,WAAW,EAAE,CAAC;YAC/B,gBAAgB,EAAE,cAAc,EAAE,CAAC;SACpC,CAAC;QACF,YAAY,CAAC,EAAE;YACb,YAAY,EAAE,OAAO,CAAC;YACtB,WAAW,EAAE,OAAO,CAAC;YACrB,SAAS,CAAC,EAAE,MAAM,EAAE,CAAC;SACtB,CAAC;QACF,UAAU,CAAC,EAAE;YACX,WAAW,EAAE,OAAO,CAAC;YACrB,cAAc,EAAE,OAAO,CAAC;YACxB,OAAO,CAAC,EAAE,MAAM,CAAC;YACjB,QAAQ,CAAC,EAAE,MAAM,CAAC;SACnB,CAAC;KACH,CAAC;IACF,gCAAgC;IAChC,SAAS,CAAC,EAAE;QACV,yBAAyB,EAAE,OAAO,CAAC;QACnC,gBAAgB,CAAC,EAAE,MAAM,CAAC;QAC1B,kBAAkB,CAAC,EAAE,OAAO,CAAC,eAAe,CAAC,CAAC;KAC/C,CAAC;CACH"}
|
package/dist/types/scanner.d.ts
CHANGED
|
@@ -6,7 +6,7 @@ export type RiskLevel = 'low' | 'medium' | 'high' | 'critical';
|
|
|
6
6
|
/**
|
|
7
7
|
* Risk tag identifiers
|
|
8
8
|
*/
|
|
9
|
-
export type RiskTag = 'SHELL_EXEC' | 'REMOTE_LOADER' | 'AUTO_UPDATE' | 'READ_ENV_SECRETS' | 'READ_SSH_KEYS' | 'READ_KEYCHAIN' | 'NET_EXFIL_UNRESTRICTED' | 'WEBHOOK_EXFIL' | 'OBFUSCATION' | 'PROMPT_INJECTION' | 'PRIVATE_KEY_PATTERN' | 'MNEMONIC_PATTERN' | 'WALLET_DRAINING' | 'UNLIMITED_APPROVAL' | 'DANGEROUS_SELFDESTRUCT' | 'HIDDEN_TRANSFER' | 'PROXY_UPGRADE' | 'FLASH_LOAN_RISK' | 'REENTRANCY_PATTERN' | 'SIGNATURE_REPLAY';
|
|
9
|
+
export type RiskTag = 'SHELL_EXEC' | 'REMOTE_LOADER' | 'AUTO_UPDATE' | 'READ_ENV_SECRETS' | 'READ_SSH_KEYS' | 'READ_KEYCHAIN' | 'NET_EXFIL_UNRESTRICTED' | 'WEBHOOK_EXFIL' | 'OBFUSCATION' | 'PROMPT_INJECTION' | 'PRIVATE_KEY_PATTERN' | 'MNEMONIC_PATTERN' | 'WALLET_DRAINING' | 'UNLIMITED_APPROVAL' | 'DANGEROUS_SELFDESTRUCT' | 'HIDDEN_TRANSFER' | 'PROXY_UPGRADE' | 'FLASH_LOAN_RISK' | 'REENTRANCY_PATTERN' | 'SIGNATURE_REPLAY' | 'TROJAN_DISTRIBUTION' | 'SUSPICIOUS_PASTE_URL' | 'SUSPICIOUS_IP' | 'SOCIAL_ENGINEERING';
|
|
10
10
|
/**
|
|
11
11
|
* Evidence of a detected risk
|
|
12
12
|
*/
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"scanner.d.ts","sourceRoot":"","sources":["../../src/types/scanner.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,aAAa,EAAE,MAAM,YAAY,CAAC;AAEhD;;GAEG;AACH,MAAM,MAAM,SAAS,GAAG,KAAK,GAAG,QAAQ,GAAG,MAAM,GAAG,UAAU,CAAC;AAE/D;;GAEG;AACH,MAAM,MAAM,OAAO,GAEf,YAAY,GACZ,eAAe,GACf,aAAa,GAEb,kBAAkB,GAClB,eAAe,GACf,eAAe,GAEf,wBAAwB,GACxB,eAAe,GAEf,aAAa,GAEb,kBAAkB,GAElB,qBAAqB,GACrB,kBAAkB,GAClB,iBAAiB,GACjB,oBAAoB,GACpB,wBAAwB,GACxB,iBAAiB,GACjB,eAAe,GACf,iBAAiB,GACjB,oBAAoB,GACpB,kBAAkB,CAAC;
|
|
1
|
+
{"version":3,"file":"scanner.d.ts","sourceRoot":"","sources":["../../src/types/scanner.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,aAAa,EAAE,MAAM,YAAY,CAAC;AAEhD;;GAEG;AACH,MAAM,MAAM,SAAS,GAAG,KAAK,GAAG,QAAQ,GAAG,MAAM,GAAG,UAAU,CAAC;AAE/D;;GAEG;AACH,MAAM,MAAM,OAAO,GAEf,YAAY,GACZ,eAAe,GACf,aAAa,GAEb,kBAAkB,GAClB,eAAe,GACf,eAAe,GAEf,wBAAwB,GACxB,eAAe,GAEf,aAAa,GAEb,kBAAkB,GAElB,qBAAqB,GACrB,kBAAkB,GAClB,iBAAiB,GACjB,oBAAoB,GACpB,wBAAwB,GACxB,iBAAiB,GACjB,eAAe,GACf,iBAAiB,GACjB,oBAAoB,GACpB,kBAAkB,GAElB,qBAAqB,GACrB,sBAAsB,GACtB,eAAe,GACf,oBAAoB,CAAC;AAEzB;;GAEG;AACH,MAAM,WAAW,YAAY;IAC3B,kCAAkC;IAClC,GAAG,EAAE,OAAO,CAAC;IACb,sCAAsC;IACtC,IAAI,EAAE,MAAM,CAAC;IACb,8BAA8B;IAC9B,IAAI,EAAE,MAAM,CAAC;IACb,8CAA8C;IAC9C,KAAK,EAAE,MAAM,CAAC;IACd,yBAAyB;IACzB,OAAO,CAAC,EAAE,MAAM,CAAC;CAClB;AAED;;GAEG;AACH,MAAM,MAAM,eAAe,GAAG,KAAK,GAAG,KAAK,GAAG,UAAU,CAAC;AAEzD;;GAEG;AACH,MAAM,WAAW,WAAW;IAC1B,qBAAqB;IACrB,KAAK,EAAE,aAAa,CAAC;IACrB,sBAAsB;IACtB,OAAO,EAAE;QACP,IAAI,EAAE,eAAe,CAAC;QACtB,GAAG,EAAE,MAAM,CAAC;KACb,CAAC;IACF,mBAAmB;IACnB,OAAO,CAAC,EAAE;QACR,iCAAiC;QACjC,aAAa,CAAC,EAAE,MAAM,EAAE,CAAC;QACzB,oCAAoC;QACpC,IAAI,CAAC,EAAE,OAAO,CAAC;KAChB,CAAC;CACH;AAED;;GAEG;AACH,MAAM,WAAW,UAAU;IACzB,yBAAyB;IACzB,UAAU,EAAE,SAAS,CAAC;IACtB,6BAA6B;IAC7B,SAAS,EAAE,OAAO,EAAE,CAAC;IACrB,yCAAyC;IACzC,QAAQ,EAAE,YAAY,EAAE,CAAC;IACzB,6BAA6B;IAC7B,OAAO,EAAE,MAAM,CAAC;IAChB,oBAAoB;IACpB,QAAQ,CAAC,EAAE;QACT,aAAa,EAAE,MAAM,CAAC;QACtB,gBAAgB,EAAE,MAAM,CAAC;QACzB,SAAS,EAAE,MAAM,CAAC;KACnB,CAAC;CACH;AAED;;GAEG;AACH,MAAM,WAAW,QAAQ;IACvB,sBAAsB;IACtB,EAAE,EAAE,OAAO,CAAC;IACZ,uBAAuB;IACvB,WAAW,EAAE,MAAM,CAAC;IACpB,gCAAgC;IAChC,QAAQ,EAAE,SAAS,CAAC;IACpB,mCAAmC;IACnC,aAAa,EAAE,MAAM,EAAE,CAAC;IACxB,iCAAiC;IACjC,QAAQ,EAAE,MAAM,EAAE,CAAC;IACnB,oDAAoD;IACpD,SAAS,CAAC,EAAE,CAAC,OAAO,EAAE,MAAM,EAAE,KAAK,EAAE,gBAAgB,KAAK,OAAO,CAAC;CACnE;AAED;;GAEG;AACH,wBAAgB,kBAAkB,CAAC,IAAI,EAAE,OAAO,EAAE,EAAE,KAAK,EAAE,QAAQ,EAAE,GAAG,SAAS,CAUhF"}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"scanner.js","sourceRoot":"","sources":["../../src/types/scanner.ts"],"names":[],"mappings":";;
|
|
1
|
+
{"version":3,"file":"scanner.js","sourceRoot":"","sources":["../../src/types/scanner.ts"],"names":[],"mappings":";;AA6HA,gDAUC;AAbD;;GAEG;AACH,SAAgB,kBAAkB,CAAC,IAAe,EAAE,KAAiB;IACnE,MAAM,UAAU,GAAG,IAAI,CAAC,GAAG,CAAC,CAAC,GAAG,EAAE,EAAE;QAClC,MAAM,IAAI,GAAG,KAAK,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,EAAE,KAAK,GAAG,CAAC,CAAC;QAC7C,OAAO,IAAI,EAAE,QAAQ,IAAI,KAAK,CAAC;IACjC,CAAC,CAAC,CAAC;IAEH,IAAI,UAAU,CAAC,QAAQ,CAAC,UAAU,CAAC;QAAE,OAAO,UAAU,CAAC;IACvD,IAAI,UAAU,CAAC,QAAQ,CAAC,MAAM,CAAC;QAAE,OAAO,MAAM,CAAC;IAC/C,IAAI,UAAU,CAAC,QAAQ,CAAC,QAAQ,CAAC;QAAE,OAAO,QAAQ,CAAC;IACnD,OAAO,KAAK,CAAC;AACf,CAAC"}
|
package/package.json
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "@goplus/agentguard",
|
|
3
|
-
"version": "1.0.
|
|
3
|
+
"version": "1.0.1",
|
|
4
4
|
"description": "GoPlus AgentGuard — Security guard for AI agents. Blocks dangerous commands, prevents data leaks, protects secrets. 20 detection rules, runtime action evaluation, trust registry.",
|
|
5
5
|
"main": "dist/index.js",
|
|
6
6
|
"types": "dist/index.d.ts",
|