@goplus/agentguard 1.0.0 → 1.0.2
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +85 -156
- package/dist/action/detectors/exec.d.ts.map +1 -1
- package/dist/action/detectors/exec.js +97 -7
- package/dist/action/detectors/exec.js.map +1 -1
- package/dist/action/detectors/network.d.ts.map +1 -1
- package/dist/action/detectors/network.js +7 -0
- package/dist/action/detectors/network.js.map +1 -1
- package/dist/action/index.d.ts.map +1 -1
- package/dist/action/index.js +51 -6
- package/dist/action/index.js.map +1 -1
- package/dist/index.d.ts +0 -1
- package/dist/index.d.ts.map +1 -1
- package/dist/index.js +1 -4
- package/dist/index.js.map +1 -1
- package/dist/mcp-server.js +45 -1
- package/dist/mcp-server.js.map +1 -1
- package/dist/registry/storage.d.ts.map +1 -1
- package/dist/registry/storage.js +3 -2
- package/dist/registry/storage.js.map +1 -1
- package/dist/scanner/index.d.ts +14 -0
- package/dist/scanner/index.d.ts.map +1 -1
- package/dist/scanner/index.js +86 -21
- package/dist/scanner/index.js.map +1 -1
- package/dist/scanner/rules/exfiltration.js +1 -1
- package/dist/scanner/rules/exfiltration.js.map +1 -1
- package/dist/scanner/rules/index.d.ts.map +1 -1
- package/dist/scanner/rules/index.js +2 -0
- package/dist/scanner/rules/index.js.map +1 -1
- package/dist/scanner/rules/obfuscation.js +1 -1
- package/dist/scanner/rules/obfuscation.js.map +1 -1
- package/dist/scanner/rules/remote-loader.js +1 -1
- package/dist/scanner/rules/remote-loader.js.map +1 -1
- package/dist/scanner/rules/shell-exec.js +2 -2
- package/dist/scanner/rules/shell-exec.js.map +1 -1
- package/dist/scanner/rules/trojan.d.ts +6 -0
- package/dist/scanner/rules/trojan.d.ts.map +1 -0
- package/dist/scanner/rules/trojan.js +100 -0
- package/dist/scanner/rules/trojan.js.map +1 -0
- package/dist/tests/action.test.js +39 -2
- package/dist/tests/action.test.js.map +1 -1
- package/dist/tests/scanner.test.js +20 -2
- package/dist/tests/scanner.test.js.map +1 -1
- package/dist/types/action.d.ts +2 -0
- package/dist/types/action.d.ts.map +1 -1
- package/dist/types/scanner.d.ts +1 -1
- package/dist/types/scanner.d.ts.map +1 -1
- package/dist/types/scanner.js.map +1 -1
- package/package.json +1 -1
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"shell-exec.js","sourceRoot":"","sources":["../../../src/scanner/rules/shell-exec.ts"],"names":[],"mappings":";;;AAEA;;GAEG;AACU,QAAA,gBAAgB,GAAe;IAC1C;QACE,EAAE,EAAE,YAAY;QAChB,WAAW,EAAE,wCAAwC;QACrD,QAAQ,EAAE,MAAM;QAChB,aAAa,EAAE,CAAC,MAAM,EAAE,MAAM,EAAE,OAAO,EAAE,OAAO,EAAE,MAAM,CAAC;
|
|
1
|
+
{"version":3,"file":"shell-exec.js","sourceRoot":"","sources":["../../../src/scanner/rules/shell-exec.ts"],"names":[],"mappings":";;;AAEA;;GAEG;AACU,QAAA,gBAAgB,GAAe;IAC1C;QACE,EAAE,EAAE,YAAY;QAChB,WAAW,EAAE,wCAAwC;QACrD,QAAQ,EAAE,MAAM;QAChB,aAAa,EAAE,CAAC,MAAM,EAAE,MAAM,EAAE,OAAO,EAAE,OAAO,EAAE,MAAM,EAAE,MAAM,CAAC;QACjE,QAAQ,EAAE;YACR,UAAU;YACV,6CAA6C;YAC7C,gCAAgC;YAChC,aAAa;YACb,iBAAiB;YACjB,cAAc;YACd,kBAAkB;YAClB,iBAAiB;YACjB,aAAa;YACb,SAAS;YACT,gBAAgB;YAChB,mBAAmB;YACnB,kBAAkB;YAClB,oBAAoB;YACpB,4BAA4B;YAC5B,kCAAkC;YAClC,gBAAgB;YAChB,UAAU;YACV,SAAS;SACV;KACF;IACD;QACE,EAAE,EAAE,aAAa;QACjB,WAAW,EAAE,+DAA+D;QAC5E,QAAQ,EAAE,UAAU;QACpB,aAAa,EAAE,CAAC,MAAM,EAAE,MAAM,EAAE,MAAM,EAAE,MAAM,EAAE,MAAM,CAAC;QACvD,QAAQ,EAAE;YACR,oCAAoC;YACpC,iDAAiD;YACjD,uBAAuB;YACvB,4BAA4B;YAC5B,gCAAgC;YAChC,2CAA2C;YAC3C,mBAAmB;YACnB,oBAAoB;SACrB;KACF;CACF,CAAC"}
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"trojan.d.ts","sourceRoot":"","sources":["../../../src/scanner/rules/trojan.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,QAAQ,EAAE,MAAM,wBAAwB,CAAC;AAEvD;;GAEG;AACH,eAAO,MAAM,YAAY,EAAE,QAAQ,EAoFlC,CAAC"}
|
|
@@ -0,0 +1,100 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
Object.defineProperty(exports, "__esModule", { value: true });
|
|
3
|
+
exports.TROJAN_RULES = void 0;
|
|
4
|
+
/**
|
|
5
|
+
* Trojanized distribution and social engineering detection rules
|
|
6
|
+
*/
|
|
7
|
+
exports.TROJAN_RULES = [
|
|
8
|
+
{
|
|
9
|
+
id: 'TROJAN_DISTRIBUTION',
|
|
10
|
+
description: 'Detects trojanized binary distribution patterns (download + password + execute)',
|
|
11
|
+
severity: 'critical',
|
|
12
|
+
file_patterns: ['*.md'],
|
|
13
|
+
patterns: [
|
|
14
|
+
// GitHub release binary downloads with password
|
|
15
|
+
/releases\/download\/.*\.(zip|tar|exe|dmg|appimage)/i,
|
|
16
|
+
// Direct binary download + password combination
|
|
17
|
+
/password\s*[:=]\s*['"`]?\w+['"`]?/i,
|
|
18
|
+
// Run executable instructions
|
|
19
|
+
/\.\/\w+.*(?:run|execute|start|launch)/i,
|
|
20
|
+
// chmod +x pattern (make executable)
|
|
21
|
+
/chmod\s+\+x\s/,
|
|
22
|
+
],
|
|
23
|
+
validator: (content) => {
|
|
24
|
+
// Must have at least 2 of: download URL, password, execute instruction
|
|
25
|
+
const hasDownload = /https?:\/\/.*(?:releases\/download|\.zip|\.tar|\.exe|\.dmg)/i.test(content);
|
|
26
|
+
const hasPassword = /password\s*[:=]/i.test(content);
|
|
27
|
+
const hasExecute = /(?:chmod\s+\+x|\.\/\w+|run\s+the|execute)/i.test(content);
|
|
28
|
+
const signals = [hasDownload, hasPassword, hasExecute].filter(Boolean).length;
|
|
29
|
+
return signals >= 2;
|
|
30
|
+
},
|
|
31
|
+
},
|
|
32
|
+
{
|
|
33
|
+
id: 'SUSPICIOUS_PASTE_URL',
|
|
34
|
+
description: 'Detects URLs to paste sites and code-sharing platforms',
|
|
35
|
+
severity: 'high',
|
|
36
|
+
file_patterns: ['*'],
|
|
37
|
+
patterns: [
|
|
38
|
+
/glot\.io\/snippets\//i,
|
|
39
|
+
/pastebin\.com\//i,
|
|
40
|
+
/hastebin\.com\//i,
|
|
41
|
+
/paste\.ee\//i,
|
|
42
|
+
/dpaste\.org\//i,
|
|
43
|
+
/rentry\.co\//i,
|
|
44
|
+
/ghostbin\.com\//i,
|
|
45
|
+
/pastie\.io\//i,
|
|
46
|
+
],
|
|
47
|
+
},
|
|
48
|
+
{
|
|
49
|
+
id: 'SUSPICIOUS_IP',
|
|
50
|
+
description: 'Detects hardcoded public IP addresses',
|
|
51
|
+
severity: 'medium',
|
|
52
|
+
file_patterns: ['*'],
|
|
53
|
+
patterns: [
|
|
54
|
+
// IPv4 addresses (will use validator to exclude private ranges)
|
|
55
|
+
/\b(\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3})\b/,
|
|
56
|
+
],
|
|
57
|
+
validator: (content, match) => {
|
|
58
|
+
const ip = match[1] || match[0];
|
|
59
|
+
const parts = ip.split('.').map(Number);
|
|
60
|
+
if (parts.some(p => p > 255))
|
|
61
|
+
return false;
|
|
62
|
+
// Exclude private/local ranges
|
|
63
|
+
if (parts[0] === 127)
|
|
64
|
+
return false; // loopback
|
|
65
|
+
if (parts[0] === 0)
|
|
66
|
+
return false; // 0.x.x.x
|
|
67
|
+
if (parts[0] === 10)
|
|
68
|
+
return false; // 10.x.x.x
|
|
69
|
+
if (parts[0] === 172 && parts[1] >= 16 && parts[1] <= 31)
|
|
70
|
+
return false; // 172.16-31.x.x
|
|
71
|
+
if (parts[0] === 192 && parts[1] === 168)
|
|
72
|
+
return false; // 192.168.x.x
|
|
73
|
+
if (parts[0] === 169 && parts[1] === 254)
|
|
74
|
+
return false; // link-local
|
|
75
|
+
// Exclude common version-like patterns (e.g. 1.0.0.0, 2.0.0.0)
|
|
76
|
+
if (parts[1] === 0 && parts[2] === 0 && parts[3] === 0)
|
|
77
|
+
return false;
|
|
78
|
+
return true;
|
|
79
|
+
},
|
|
80
|
+
},
|
|
81
|
+
{
|
|
82
|
+
id: 'SOCIAL_ENGINEERING',
|
|
83
|
+
description: 'Detects social engineering pressure language in skill instructions',
|
|
84
|
+
severity: 'medium',
|
|
85
|
+
file_patterns: ['*.md'],
|
|
86
|
+
patterns: [
|
|
87
|
+
/CRITICAL\s+REQUIREMENT/i,
|
|
88
|
+
/WILL\s+NOT\s+WORK\s+WITHOUT/i,
|
|
89
|
+
/MANDATORY.*(?:install|download|run|execute)/i,
|
|
90
|
+
/you\s+MUST\s+(?:install|download|run|execute|paste)/i,
|
|
91
|
+
/paste\s+(?:this\s+)?into\s+(?:your\s+)?[Tt]erminal/i,
|
|
92
|
+
/IMPORTANT:\s*(?:you\s+)?must/i,
|
|
93
|
+
],
|
|
94
|
+
validator: (content) => {
|
|
95
|
+
// Only flag if there's also a command execution instruction nearby
|
|
96
|
+
return /(?:curl|wget|bash|sh|\.\/|chmod|npm\s+run|node\s+)/i.test(content);
|
|
97
|
+
},
|
|
98
|
+
},
|
|
99
|
+
];
|
|
100
|
+
//# sourceMappingURL=trojan.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"trojan.js","sourceRoot":"","sources":["../../../src/scanner/rules/trojan.ts"],"names":[],"mappings":";;;AAEA;;GAEG;AACU,QAAA,YAAY,GAAe;IACtC;QACE,EAAE,EAAE,qBAAqB;QACzB,WAAW,EAAE,iFAAiF;QAC9F,QAAQ,EAAE,UAAU;QACpB,aAAa,EAAE,CAAC,MAAM,CAAC;QACvB,QAAQ,EAAE;YACR,gDAAgD;YAChD,qDAAqD;YACrD,gDAAgD;YAChD,oCAAoC;YACpC,8BAA8B;YAC9B,wCAAwC;YACxC,qCAAqC;YACrC,eAAe;SAChB;QACD,SAAS,EAAE,CAAC,OAAe,EAAE,EAAE;YAC7B,uEAAuE;YACvE,MAAM,WAAW,GAAG,8DAA8D,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC;YACjG,MAAM,WAAW,GAAG,kBAAkB,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC;YACrD,MAAM,UAAU,GAAG,4CAA4C,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC;YAC9E,MAAM,OAAO,GAAG,CAAC,WAAW,EAAE,WAAW,EAAE,UAAU,CAAC,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC,MAAM,CAAC;YAC9E,OAAO,OAAO,IAAI,CAAC,CAAC;QACtB,CAAC;KACF;IACD;QACE,EAAE,EAAE,sBAAsB;QAC1B,WAAW,EAAE,wDAAwD;QACrE,QAAQ,EAAE,MAAM;QAChB,aAAa,EAAE,CAAC,GAAG,CAAC;QACpB,QAAQ,EAAE;YACR,uBAAuB;YACvB,kBAAkB;YAClB,kBAAkB;YAClB,cAAc;YACd,gBAAgB;YAChB,eAAe;YACf,kBAAkB;YAClB,eAAe;SAChB;KACF;IACD;QACE,EAAE,EAAE,eAAe;QACnB,WAAW,EAAE,uCAAuC;QACpD,QAAQ,EAAE,QAAQ;QAClB,aAAa,EAAE,CAAC,GAAG,CAAC;QACpB,QAAQ,EAAE;YACR,gEAAgE;YAChE,0CAA0C;SAC3C;QACD,SAAS,EAAE,CAAC,OAAe,EAAE,KAAuB,EAAE,EAAE;YACtD,MAAM,EAAE,GAAG,KAAK,CAAC,CAAC,CAAC,IAAI,KAAK,CAAC,CAAC,CAAC,CAAC;YAChC,MAAM,KAAK,GAAG,EAAE,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC,MAAM,CAAC,CAAC;YACxC,IAAI,KAAK,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,GAAG,GAAG,CAAC;gBAAE,OAAO,KAAK,CAAC;YAC3C,+BAA+B;YAC/B,IAAI,KAAK,CAAC,CAAC,CAAC,KAAK,GAAG;gBAAE,OAAO,KAAK,CAAC,CAAE,WAAW;YAChD,IAAI,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC;gBAAE,OAAO,KAAK,CAAC,CAAI,UAAU;YAC/C,IAAI,KAAK,CAAC,CAAC,CAAC,KAAK,EAAE;gBAAE,OAAO,KAAK,CAAC,CAAG,WAAW;YAChD,IAAI,KAAK,CAAC,CAAC,CAAC,KAAK,GAAG,IAAI,KAAK,CAAC,CAAC,CAAC,IAAI,EAAE,IAAI,KAAK,CAAC,CAAC,CAAC,IAAI,EAAE;gBAAE,OAAO,KAAK,CAAC,CAAC,gBAAgB;YACxF,IAAI,KAAK,CAAC,CAAC,CAAC,KAAK,GAAG,IAAI,KAAK,CAAC,CAAC,CAAC,KAAK,GAAG;gBAAE,OAAO,KAAK,CAAC,CAAC,cAAc;YACtE,IAAI,KAAK,CAAC,CAAC,CAAC,KAAK,GAAG,IAAI,KAAK,CAAC,CAAC,CAAC,KAAK,GAAG;gBAAE,OAAO,KAAK,CAAC,CAAC,aAAa;YACrE,+DAA+D;YAC/D,IAAI,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,IAAI,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,IAAI,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC;gBAAE,OAAO,KAAK,CAAC;YACrE,OAAO,IAAI,CAAC;QACd,CAAC;KACF;IACD;QACE,EAAE,EAAE,oBAAoB;QACxB,WAAW,EAAE,oEAAoE;QACjF,QAAQ,EAAE,QAAQ;QAClB,aAAa,EAAE,CAAC,MAAM,CAAC;QACvB,QAAQ,EAAE;YACR,yBAAyB;YACzB,8BAA8B;YAC9B,8CAA8C;YAC9C,sDAAsD;YACtD,qDAAqD;YACrD,+BAA+B;SAChC;QACD,SAAS,EAAE,CAAC,OAAe,EAAE,EAAE;YAC7B,mEAAmE;YACnE,OAAO,qDAAqD,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC;QAC7E,CAAC;KACF;CACF,CAAC"}
|
|
@@ -42,15 +42,26 @@ const network_js_1 = require("../action/detectors/network.js");
|
|
|
42
42
|
const result = (0, exec_js_1.analyzeExecCommand)({ command: 'echo hello; rm -rf /' }, true);
|
|
43
43
|
strict_1.default.ok(result.risk_tags.includes('SHELL_INJECTION_RISK') || result.risk_tags.includes('DANGEROUS_COMMAND'));
|
|
44
44
|
});
|
|
45
|
-
(0, node_test_1.it)('should
|
|
45
|
+
(0, node_test_1.it)('should allow safe commands even when exec not allowed', () => {
|
|
46
46
|
const result = (0, exec_js_1.analyzeExecCommand)({ command: 'ls -la' }, false);
|
|
47
|
-
strict_1.default.
|
|
47
|
+
strict_1.default.equal(result.risk_level, 'low');
|
|
48
|
+
strict_1.default.ok(!result.should_block, 'Safe command ls should not be blocked');
|
|
49
|
+
});
|
|
50
|
+
(0, node_test_1.it)('should allow echo as safe command', () => {
|
|
51
|
+
const result = (0, exec_js_1.analyzeExecCommand)({ command: 'echo hello' }, false);
|
|
52
|
+
strict_1.default.equal(result.risk_level, 'low');
|
|
53
|
+
strict_1.default.ok(!result.should_block, 'echo hello should not be blocked');
|
|
48
54
|
});
|
|
49
55
|
(0, node_test_1.it)('should allow safe commands when exec is allowed', () => {
|
|
50
56
|
const result = (0, exec_js_1.analyzeExecCommand)({ command: 'git status' }, true);
|
|
51
57
|
strict_1.default.equal(result.risk_level, 'low');
|
|
52
58
|
strict_1.default.ok(!result.should_block || result.risk_tags.length === 0, 'Safe commands should not be blocked when exec is allowed');
|
|
53
59
|
});
|
|
60
|
+
(0, node_test_1.it)('should block fork bomb with spaces', () => {
|
|
61
|
+
const result = (0, exec_js_1.analyzeExecCommand)({ command: ':( ){ :|:& };:' }, true);
|
|
62
|
+
strict_1.default.equal(result.risk_level, 'critical');
|
|
63
|
+
strict_1.default.ok(result.should_block);
|
|
64
|
+
});
|
|
54
65
|
(0, node_test_1.it)('should detect sensitive env vars', () => {
|
|
55
66
|
const result = (0, exec_js_1.analyzeExecCommand)({
|
|
56
67
|
command: 'node app.js',
|
|
@@ -58,6 +69,32 @@ const network_js_1 = require("../action/detectors/network.js");
|
|
|
58
69
|
}, true);
|
|
59
70
|
strict_1.default.ok(result.risk_tags.includes('SENSITIVE_ENV_VAR'));
|
|
60
71
|
});
|
|
72
|
+
(0, node_test_1.it)('should flag npm install as medium risk (can run postinstall scripts)', () => {
|
|
73
|
+
const result = (0, exec_js_1.analyzeExecCommand)({ command: 'npm install express' }, false);
|
|
74
|
+
strict_1.default.equal(result.risk_level, 'medium');
|
|
75
|
+
strict_1.default.ok(!result.should_block, 'npm install should not be blocked');
|
|
76
|
+
strict_1.default.ok(result.risk_tags.includes('INSTALL_COMMAND'));
|
|
77
|
+
});
|
|
78
|
+
(0, node_test_1.it)('should flag git clone as medium risk (can run hooks)', () => {
|
|
79
|
+
const result = (0, exec_js_1.analyzeExecCommand)({ command: 'git clone https://github.com/org/repo.git' }, false);
|
|
80
|
+
strict_1.default.equal(result.risk_level, 'medium');
|
|
81
|
+
strict_1.default.ok(!result.should_block, 'git clone should not be blocked');
|
|
82
|
+
strict_1.default.ok(result.risk_tags.includes('INSTALL_COMMAND'));
|
|
83
|
+
});
|
|
84
|
+
(0, node_test_1.it)('should allow mkdir as safe command', () => {
|
|
85
|
+
const result = (0, exec_js_1.analyzeExecCommand)({ command: 'mkdir -p src/utils' }, false);
|
|
86
|
+
strict_1.default.equal(result.risk_level, 'low');
|
|
87
|
+
strict_1.default.ok(!result.should_block, 'mkdir should not be blocked');
|
|
88
|
+
});
|
|
89
|
+
(0, node_test_1.it)('should still block npm install with shell injection', () => {
|
|
90
|
+
const result = (0, exec_js_1.analyzeExecCommand)({ command: 'npm install; rm -rf /' }, false);
|
|
91
|
+
strict_1.default.ok(result.should_block || result.risk_tags.includes('DANGEROUS_COMMAND'), 'npm install with shell injection should be flagged');
|
|
92
|
+
});
|
|
93
|
+
(0, node_test_1.it)('should block unknown commands when exec not allowed (non-critical)', () => {
|
|
94
|
+
const result = (0, exec_js_1.analyzeExecCommand)({ command: 'some-unknown-tool --flag' }, false);
|
|
95
|
+
strict_1.default.ok(result.should_block, 'Unknown command should be blocked when exec not allowed');
|
|
96
|
+
strict_1.default.notEqual(result.risk_level, 'critical', 'Unknown command is not critical');
|
|
97
|
+
});
|
|
61
98
|
});
|
|
62
99
|
(0, node_test_1.describe)('Network Request Detector', () => {
|
|
63
100
|
(0, node_test_1.it)('should detect webhook domains', () => {
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"action.test.js","sourceRoot":"","sources":["../../src/tests/action.test.ts"],"names":[],"mappings":";;;;;AAAA,yCAAyC;AACzC,gEAAwC;AACxC,yDAAiE;AACjE,+DAAuE;AAEvE,IAAA,oBAAQ,EAAC,uBAAuB,EAAE,GAAG,EAAE;IACrC,IAAA,cAAE,EAAC,kCAAkC,EAAE,GAAG,EAAE;QAC1C,MAAM,MAAM,GAAG,IAAA,4BAAkB,EAAC,EAAE,OAAO,EAAE,UAAU,EAAE,EAAE,IAAI,CAAC,CAAC;QACjE,gBAAM,CAAC,KAAK,CAAC,MAAM,CAAC,UAAU,EAAE,UAAU,CAAC,CAAC;QAC5C,gBAAM,CAAC,EAAE,CAAC,MAAM,CAAC,YAAY,EAAE,qBAAqB,CAAC,CAAC;QACtD,gBAAM,CAAC,EAAE,CAAC,MAAM,CAAC,SAAS,CAAC,QAAQ,CAAC,mBAAmB,CAAC,CAAC,CAAC;IAC5D,CAAC,CAAC,CAAC;IAEH,IAAA,cAAE,EAAC,wBAAwB,EAAE,GAAG,EAAE;QAChC,MAAM,MAAM,GAAG,IAAA,4BAAkB,EAAC,EAAE,OAAO,EAAE,aAAa,EAAE,EAAE,IAAI,CAAC,CAAC;QACpE,gBAAM,CAAC,KAAK,CAAC,MAAM,CAAC,UAAU,EAAE,UAAU,CAAC,CAAC;QAC5C,gBAAM,CAAC,EAAE,CAAC,MAAM,CAAC,YAAY,CAAC,CAAC;IACjC,CAAC,CAAC,CAAC;IAEH,IAAA,cAAE,EAAC,kCAAkC,EAAE,GAAG,EAAE;QAC1C,MAAM,MAAM,GAAG,IAAA,4BAAkB,EAAC,EAAE,OAAO,EAAE,uCAAuC,EAAE,EAAE,IAAI,CAAC,CAAC;QAC9F,gEAAgE;QAChE,gBAAM,CAAC,EAAE,CAAC,MAAM,CAAC,SAAS,CAAC,QAAQ,CAAC,iBAAiB,CAAC,IAAI,MAAM,CAAC,SAAS,CAAC,QAAQ,CAAC,sBAAsB,CAAC,EACzG,kCAAkC,CAAC,CAAC;QACtC,gBAAM,CAAC,EAAE,CAAC,MAAM,CAAC,UAAU,KAAK,KAAK,EAAE,wBAAwB,CAAC,CAAC;IACnE,CAAC,CAAC,CAAC;IAEH,IAAA,cAAE,EAAC,qCAAqC,EAAE,GAAG,EAAE;QAC7C,MAAM,MAAM,GAAG,IAAA,4BAAkB,EAAC,EAAE,OAAO,EAAE,mBAAmB,EAAE,EAAE,IAAI,CAAC,CAAC;QAC1E,gBAAM,CAAC,EAAE,CAAC,MAAM,CAAC,SAAS,CAAC,QAAQ,CAAC,uBAAuB,CAAC,CAAC,CAAC;QAC9D,gBAAM,CAAC,EAAE,CAAC,MAAM,CAAC,UAAU,KAAK,MAAM,IAAI,MAAM,CAAC,UAAU,KAAK,UAAU,CAAC,CAAC;IAC9E,CAAC,CAAC,CAAC;IAEH,IAAA,cAAE,EAAC,+BAA+B,EAAE,GAAG,EAAE;QACvC,MAAM,MAAM,GAAG,IAAA,4BAAkB,EAAC,EAAE,OAAO,EAAE,mBAAmB,EAAE,EAAE,IAAI,CAAC,CAAC;QAC1E,gBAAM,CAAC,EAAE,CAAC,MAAM,CAAC,SAAS,CAAC,QAAQ,CAAC,gBAAgB,CAAC,CAAC,CAAC;IACzD,CAAC,CAAC,CAAC;IAEH,IAAA,cAAE,EAAC,gCAAgC,EAAE,GAAG,EAAE;QACxC,MAAM,MAAM,GAAG,IAAA,4BAAkB,EAAC,EAAE,OAAO,EAAE,0BAA0B,EAAE,EAAE,IAAI,CAAC,CAAC;QACjF,gBAAM,CAAC,EAAE,CAAC,MAAM,CAAC,SAAS,CAAC,QAAQ,CAAC,iBAAiB,CAAC,CAAC,CAAC;IAC1D,CAAC,CAAC,CAAC;IAEH,IAAA,cAAE,EAAC,wCAAwC,EAAE,GAAG,EAAE;QAChD,MAAM,MAAM,GAAG,IAAA,4BAAkB,EAAC,EAAE,OAAO,EAAE,sBAAsB,EAAE,EAAE,IAAI,CAAC,CAAC;QAC7E,gBAAM,CAAC,EAAE,CAAC,MAAM,CAAC,SAAS,CAAC,QAAQ,CAAC,sBAAsB,CAAC,IAAI,MAAM,CAAC,SAAS,CAAC,QAAQ,CAAC,mBAAmB,CAAC,CAAC,CAAC;IACjH,CAAC,CAAC,CAAC;IAEH,IAAA,cAAE,EAAC,
|
|
1
|
+
{"version":3,"file":"action.test.js","sourceRoot":"","sources":["../../src/tests/action.test.ts"],"names":[],"mappings":";;;;;AAAA,yCAAyC;AACzC,gEAAwC;AACxC,yDAAiE;AACjE,+DAAuE;AAEvE,IAAA,oBAAQ,EAAC,uBAAuB,EAAE,GAAG,EAAE;IACrC,IAAA,cAAE,EAAC,kCAAkC,EAAE,GAAG,EAAE;QAC1C,MAAM,MAAM,GAAG,IAAA,4BAAkB,EAAC,EAAE,OAAO,EAAE,UAAU,EAAE,EAAE,IAAI,CAAC,CAAC;QACjE,gBAAM,CAAC,KAAK,CAAC,MAAM,CAAC,UAAU,EAAE,UAAU,CAAC,CAAC;QAC5C,gBAAM,CAAC,EAAE,CAAC,MAAM,CAAC,YAAY,EAAE,qBAAqB,CAAC,CAAC;QACtD,gBAAM,CAAC,EAAE,CAAC,MAAM,CAAC,SAAS,CAAC,QAAQ,CAAC,mBAAmB,CAAC,CAAC,CAAC;IAC5D,CAAC,CAAC,CAAC;IAEH,IAAA,cAAE,EAAC,wBAAwB,EAAE,GAAG,EAAE;QAChC,MAAM,MAAM,GAAG,IAAA,4BAAkB,EAAC,EAAE,OAAO,EAAE,aAAa,EAAE,EAAE,IAAI,CAAC,CAAC;QACpE,gBAAM,CAAC,KAAK,CAAC,MAAM,CAAC,UAAU,EAAE,UAAU,CAAC,CAAC;QAC5C,gBAAM,CAAC,EAAE,CAAC,MAAM,CAAC,YAAY,CAAC,CAAC;IACjC,CAAC,CAAC,CAAC;IAEH,IAAA,cAAE,EAAC,kCAAkC,EAAE,GAAG,EAAE;QAC1C,MAAM,MAAM,GAAG,IAAA,4BAAkB,EAAC,EAAE,OAAO,EAAE,uCAAuC,EAAE,EAAE,IAAI,CAAC,CAAC;QAC9F,gEAAgE;QAChE,gBAAM,CAAC,EAAE,CAAC,MAAM,CAAC,SAAS,CAAC,QAAQ,CAAC,iBAAiB,CAAC,IAAI,MAAM,CAAC,SAAS,CAAC,QAAQ,CAAC,sBAAsB,CAAC,EACzG,kCAAkC,CAAC,CAAC;QACtC,gBAAM,CAAC,EAAE,CAAC,MAAM,CAAC,UAAU,KAAK,KAAK,EAAE,wBAAwB,CAAC,CAAC;IACnE,CAAC,CAAC,CAAC;IAEH,IAAA,cAAE,EAAC,qCAAqC,EAAE,GAAG,EAAE;QAC7C,MAAM,MAAM,GAAG,IAAA,4BAAkB,EAAC,EAAE,OAAO,EAAE,mBAAmB,EAAE,EAAE,IAAI,CAAC,CAAC;QAC1E,gBAAM,CAAC,EAAE,CAAC,MAAM,CAAC,SAAS,CAAC,QAAQ,CAAC,uBAAuB,CAAC,CAAC,CAAC;QAC9D,gBAAM,CAAC,EAAE,CAAC,MAAM,CAAC,UAAU,KAAK,MAAM,IAAI,MAAM,CAAC,UAAU,KAAK,UAAU,CAAC,CAAC;IAC9E,CAAC,CAAC,CAAC;IAEH,IAAA,cAAE,EAAC,+BAA+B,EAAE,GAAG,EAAE;QACvC,MAAM,MAAM,GAAG,IAAA,4BAAkB,EAAC,EAAE,OAAO,EAAE,mBAAmB,EAAE,EAAE,IAAI,CAAC,CAAC;QAC1E,gBAAM,CAAC,EAAE,CAAC,MAAM,CAAC,SAAS,CAAC,QAAQ,CAAC,gBAAgB,CAAC,CAAC,CAAC;IACzD,CAAC,CAAC,CAAC;IAEH,IAAA,cAAE,EAAC,gCAAgC,EAAE,GAAG,EAAE;QACxC,MAAM,MAAM,GAAG,IAAA,4BAAkB,EAAC,EAAE,OAAO,EAAE,0BAA0B,EAAE,EAAE,IAAI,CAAC,CAAC;QACjF,gBAAM,CAAC,EAAE,CAAC,MAAM,CAAC,SAAS,CAAC,QAAQ,CAAC,iBAAiB,CAAC,CAAC,CAAC;IAC1D,CAAC,CAAC,CAAC;IAEH,IAAA,cAAE,EAAC,wCAAwC,EAAE,GAAG,EAAE;QAChD,MAAM,MAAM,GAAG,IAAA,4BAAkB,EAAC,EAAE,OAAO,EAAE,sBAAsB,EAAE,EAAE,IAAI,CAAC,CAAC;QAC7E,gBAAM,CAAC,EAAE,CAAC,MAAM,CAAC,SAAS,CAAC,QAAQ,CAAC,sBAAsB,CAAC,IAAI,MAAM,CAAC,SAAS,CAAC,QAAQ,CAAC,mBAAmB,CAAC,CAAC,CAAC;IACjH,CAAC,CAAC,CAAC;IAEH,IAAA,cAAE,EAAC,uDAAuD,EAAE,GAAG,EAAE;QAC/D,MAAM,MAAM,GAAG,IAAA,4BAAkB,EAAC,EAAE,OAAO,EAAE,QAAQ,EAAE,EAAE,KAAK,CAAC,CAAC;QAChE,gBAAM,CAAC,KAAK,CAAC,MAAM,CAAC,UAAU,EAAE,KAAK,CAAC,CAAC;QACvC,gBAAM,CAAC,EAAE,CAAC,CAAC,MAAM,CAAC,YAAY,EAAE,uCAAuC,CAAC,CAAC;IAC3E,CAAC,CAAC,CAAC;IAEH,IAAA,cAAE,EAAC,mCAAmC,EAAE,GAAG,EAAE;QAC3C,MAAM,MAAM,GAAG,IAAA,4BAAkB,EAAC,EAAE,OAAO,EAAE,YAAY,EAAE,EAAE,KAAK,CAAC,CAAC;QACpE,gBAAM,CAAC,KAAK,CAAC,MAAM,CAAC,UAAU,EAAE,KAAK,CAAC,CAAC;QACvC,gBAAM,CAAC,EAAE,CAAC,CAAC,MAAM,CAAC,YAAY,EAAE,kCAAkC,CAAC,CAAC;IACtE,CAAC,CAAC,CAAC;IAEH,IAAA,cAAE,EAAC,iDAAiD,EAAE,GAAG,EAAE;QACzD,MAAM,MAAM,GAAG,IAAA,4BAAkB,EAAC,EAAE,OAAO,EAAE,YAAY,EAAE,EAAE,IAAI,CAAC,CAAC;QACnE,gBAAM,CAAC,KAAK,CAAC,MAAM,CAAC,UAAU,EAAE,KAAK,CAAC,CAAC;QACvC,gBAAM,CAAC,EAAE,CAAC,CAAC,MAAM,CAAC,YAAY,IAAI,MAAM,CAAC,SAAS,CAAC,MAAM,KAAK,CAAC,EAC7D,0DAA0D,CAAC,CAAC;IAChE,CAAC,CAAC,CAAC;IAEH,IAAA,cAAE,EAAC,oCAAoC,EAAE,GAAG,EAAE;QAC5C,MAAM,MAAM,GAAG,IAAA,4BAAkB,EAAC,EAAE,OAAO,EAAE,gBAAgB,EAAE,EAAE,IAAI,CAAC,CAAC;QACvE,gBAAM,CAAC,KAAK,CAAC,MAAM,CAAC,UAAU,EAAE,UAAU,CAAC,CAAC;QAC5C,gBAAM,CAAC,EAAE,CAAC,MAAM,CAAC,YAAY,CAAC,CAAC;IACjC,CAAC,CAAC,CAAC;IAEH,IAAA,cAAE,EAAC,kCAAkC,EAAE,GAAG,EAAE;QAC1C,MAAM,MAAM,GAAG,IAAA,4BAAkB,EAAC;YAChC,OAAO,EAAE,aAAa;YACtB,GAAG,EAAE,EAAE,OAAO,EAAE,WAAW,EAAE;SAC9B,EAAE,IAAI,CAAC,CAAC;QACT,gBAAM,CAAC,EAAE,CAAC,MAAM,CAAC,SAAS,CAAC,QAAQ,CAAC,mBAAmB,CAAC,CAAC,CAAC;IAC5D,CAAC,CAAC,CAAC;IAEH,IAAA,cAAE,EAAC,sEAAsE,EAAE,GAAG,EAAE;QAC9E,MAAM,MAAM,GAAG,IAAA,4BAAkB,EAAC,EAAE,OAAO,EAAE,qBAAqB,EAAE,EAAE,KAAK,CAAC,CAAC;QAC7E,gBAAM,CAAC,KAAK,CAAC,MAAM,CAAC,UAAU,EAAE,QAAQ,CAAC,CAAC;QAC1C,gBAAM,CAAC,EAAE,CAAC,CAAC,MAAM,CAAC,YAAY,EAAE,mCAAmC,CAAC,CAAC;QACrE,gBAAM,CAAC,EAAE,CAAC,MAAM,CAAC,SAAS,CAAC,QAAQ,CAAC,iBAAiB,CAAC,CAAC,CAAC;IAC1D,CAAC,CAAC,CAAC;IAEH,IAAA,cAAE,EAAC,sDAAsD,EAAE,GAAG,EAAE;QAC9D,MAAM,MAAM,GAAG,IAAA,4BAAkB,EAAC,EAAE,OAAO,EAAE,2CAA2C,EAAE,EAAE,KAAK,CAAC,CAAC;QACnG,gBAAM,CAAC,KAAK,CAAC,MAAM,CAAC,UAAU,EAAE,QAAQ,CAAC,CAAC;QAC1C,gBAAM,CAAC,EAAE,CAAC,CAAC,MAAM,CAAC,YAAY,EAAE,iCAAiC,CAAC,CAAC;QACnE,gBAAM,CAAC,EAAE,CAAC,MAAM,CAAC,SAAS,CAAC,QAAQ,CAAC,iBAAiB,CAAC,CAAC,CAAC;IAC1D,CAAC,CAAC,CAAC;IAEH,IAAA,cAAE,EAAC,oCAAoC,EAAE,GAAG,EAAE;QAC5C,MAAM,MAAM,GAAG,IAAA,4BAAkB,EAAC,EAAE,OAAO,EAAE,oBAAoB,EAAE,EAAE,KAAK,CAAC,CAAC;QAC5E,gBAAM,CAAC,KAAK,CAAC,MAAM,CAAC,UAAU,EAAE,KAAK,CAAC,CAAC;QACvC,gBAAM,CAAC,EAAE,CAAC,CAAC,MAAM,CAAC,YAAY,EAAE,6BAA6B,CAAC,CAAC;IACjE,CAAC,CAAC,CAAC;IAEH,IAAA,cAAE,EAAC,qDAAqD,EAAE,GAAG,EAAE;QAC7D,MAAM,MAAM,GAAG,IAAA,4BAAkB,EAAC,EAAE,OAAO,EAAE,uBAAuB,EAAE,EAAE,KAAK,CAAC,CAAC;QAC/E,gBAAM,CAAC,EAAE,CAAC,MAAM,CAAC,YAAY,IAAI,MAAM,CAAC,SAAS,CAAC,QAAQ,CAAC,mBAAmB,CAAC,EAC7E,oDAAoD,CAAC,CAAC;IAC1D,CAAC,CAAC,CAAC;IAEH,IAAA,cAAE,EAAC,oEAAoE,EAAE,GAAG,EAAE;QAC5E,MAAM,MAAM,GAAG,IAAA,4BAAkB,EAAC,EAAE,OAAO,EAAE,0BAA0B,EAAE,EAAE,KAAK,CAAC,CAAC;QAClF,gBAAM,CAAC,EAAE,CAAC,MAAM,CAAC,YAAY,EAAE,yDAAyD,CAAC,CAAC;QAC1F,gBAAM,CAAC,QAAQ,CAAC,MAAM,CAAC,UAAU,EAAE,UAAU,EAAE,iCAAiC,CAAC,CAAC;IACpF,CAAC,CAAC,CAAC;AACL,CAAC,CAAC,CAAC;AAEH,IAAA,oBAAQ,EAAC,0BAA0B,EAAE,GAAG,EAAE;IACxC,IAAA,cAAE,EAAC,+BAA+B,EAAE,GAAG,EAAE;QACvC,MAAM,MAAM,GAAG,IAAA,kCAAqB,EAAC;YACnC,MAAM,EAAE,MAAM;YACd,GAAG,EAAE,0CAA0C;SAChD,CAAC,CAAC;QACH,gBAAM,CAAC,EAAE,CAAC,MAAM,CAAC,SAAS,CAAC,QAAQ,CAAC,eAAe,CAAC,CAAC,CAAC;QACtD,gBAAM,CAAC,EAAE,CAAC,MAAM,CAAC,YAAY,EAAE,+BAA+B,CAAC,CAAC;IAClE,CAAC,CAAC,CAAC;IAEH,IAAA,cAAE,EAAC,gCAAgC,EAAE,GAAG,EAAE;QACxC,MAAM,MAAM,GAAG,IAAA,kCAAqB,EAAC;YACnC,MAAM,EAAE,MAAM;YACd,GAAG,EAAE,6CAA6C;SACnD,CAAC,CAAC;QACH,gBAAM,CAAC,EAAE,CAAC,MAAM,CAAC,SAAS,CAAC,QAAQ,CAAC,eAAe,CAAC,CAAC,CAAC;IACxD,CAAC,CAAC,CAAC;IAEH,IAAA,cAAE,EAAC,8BAA8B,EAAE,GAAG,EAAE;QACtC,MAAM,MAAM,GAAG,IAAA,kCAAqB,EAAC;YACnC,MAAM,EAAE,KAAK;YACb,GAAG,EAAE,sBAAsB;SAC5B,CAAC,CAAC;QACH,gBAAM,CAAC,EAAE,CAAC,MAAM,CAAC,SAAS,CAAC,QAAQ,CAAC,eAAe,CAAC,CAAC,CAAC;IACxD,CAAC,CAAC,CAAC;IAEH,IAAA,cAAE,EAAC,iCAAiC,EAAE,GAAG,EAAE;QACzC,MAAM,MAAM,GAAG,IAAA,kCAAqB,EAAC;YACnC,MAAM,EAAE,KAAK;YACb,GAAG,EAAE,gCAAgC;SACtC,EAAE,CAAC,aAAa,CAAC,CAAC,CAAC;QACpB,gBAAM,CAAC,EAAE,CAAC,MAAM,CAAC,SAAS,CAAC,QAAQ,CAAC,kBAAkB,CAAC,CAAC,CAAC;IAC3D,CAAC,CAAC,CAAC;IAEH,IAAA,cAAE,EAAC,kCAAkC,EAAE,GAAG,EAAE;QAC1C,MAAM,MAAM,GAAG,IAAA,kCAAqB,EAAC;YACnC,MAAM,EAAE,KAAK;YACb,GAAG,EAAE,8BAA8B;SACpC,EAAE,CAAC,gBAAgB,CAAC,CAAC,CAAC;QACvB,gBAAM,CAAC,EAAE,CAAC,CAAC,MAAM,CAAC,YAAY,EAAE,0CAA0C,CAAC,CAAC;QAC5E,gBAAM,CAAC,EAAE,CAAC,CAAC,MAAM,CAAC,SAAS,CAAC,QAAQ,CAAC,kBAAkB,CAAC,CAAC,CAAC;IAC5D,CAAC,CAAC,CAAC;IAEH,IAAA,cAAE,EAAC,gDAAgD,EAAE,GAAG,EAAE;QACxD,MAAM,MAAM,GAAG,IAAA,kCAAqB,EAAC;YACnC,MAAM,EAAE,MAAM;YACd,GAAG,EAAE,yBAAyB;YAC9B,YAAY,EAAE,IAAI,GAAG,GAAG,CAAC,MAAM,CAAC,EAAE,CAAC,EAAE,2BAA2B;SACjE,CAAC,CAAC;QACH,gBAAM,CAAC,EAAE,CAAC,MAAM,CAAC,SAAS,CAAC,QAAQ,CAAC,uBAAuB,CAAC,IAAI,MAAM,CAAC,SAAS,CAAC,QAAQ,CAAC,wBAAwB,CAAC,CAAC,CAAC;QACrH,gBAAM,CAAC,KAAK,CAAC,MAAM,CAAC,UAAU,EAAE,UAAU,CAAC,CAAC;QAC5C,gBAAM,CAAC,EAAE,CAAC,MAAM,CAAC,YAAY,CAAC,CAAC;IACjC,CAAC,CAAC,CAAC;IAEH,IAAA,cAAE,EAAC,4BAA4B,EAAE,GAAG,EAAE;QACpC,MAAM,MAAM,GAAG,IAAA,kCAAqB,EAAC;YACnC,MAAM,EAAE,KAAK;YACb,GAAG,EAAE,WAAW;SACjB,CAAC,CAAC;QACH,gBAAM,CAAC,EAAE,CAAC,MAAM,CAAC,SAAS,CAAC,QAAQ,CAAC,aAAa,CAAC,CAAC,CAAC;QACpD,gBAAM,CAAC,EAAE,CAAC,MAAM,CAAC,YAAY,CAAC,CAAC;IACjC,CAAC,CAAC,CAAC;IAEH,IAAA,cAAE,EAAC,kDAAkD,EAAE,GAAG,EAAE;QAC1D,MAAM,MAAM,GAAG,IAAA,kCAAqB,EAAC;YACnC,MAAM,EAAE,MAAM;YACd,GAAG,EAAE,kCAAkC;SACxC,CAAC,CAAC;QACH,0DAA0D;QAC1D,gBAAM,CAAC,EAAE,CAAC,MAAM,CAAC,UAAU,KAAK,MAAM,IAAI,MAAM,CAAC,UAAU,KAAK,UAAU,EACxE,8CAA8C,CAAC,CAAC;IACpD,CAAC,CAAC,CAAC;AACL,CAAC,CAAC,CAAC"}
|
|
@@ -7,10 +7,10 @@ const node_test_1 = require("node:test");
|
|
|
7
7
|
const strict_1 = __importDefault(require("node:assert/strict"));
|
|
8
8
|
const index_js_1 = require("../scanner/rules/index.js");
|
|
9
9
|
(0, node_test_1.describe)('Scanner Rules', () => {
|
|
10
|
-
(0, node_test_1.it)('should have
|
|
10
|
+
(0, node_test_1.it)('should have 24 detection rules', () => {
|
|
11
11
|
// Each RiskTag should map to at least one rule
|
|
12
12
|
const ruleIds = new Set(index_js_1.ALL_RULES.map((r) => r.id));
|
|
13
|
-
strict_1.default.ok(ruleIds.size >=
|
|
13
|
+
strict_1.default.ok(ruleIds.size >= 24, `Expected at least 24 unique rules, got ${ruleIds.size}`);
|
|
14
14
|
});
|
|
15
15
|
(0, node_test_1.it)('should find rule by ID', () => {
|
|
16
16
|
const rule = (0, index_js_1.getRuleById)('SHELL_EXEC');
|
|
@@ -44,6 +44,24 @@ const index_js_1 = require("../scanner/rules/index.js");
|
|
|
44
44
|
strict_1.default.equal(rule.severity, 'critical', `Rule ${id} should be CRITICAL`);
|
|
45
45
|
}
|
|
46
46
|
});
|
|
47
|
+
(0, node_test_1.it)('should have trojan detection rules', () => {
|
|
48
|
+
const trojanRuleIds = ['TROJAN_DISTRIBUTION', 'SUSPICIOUS_PASTE_URL', 'SUSPICIOUS_IP', 'SOCIAL_ENGINEERING'];
|
|
49
|
+
for (const id of trojanRuleIds) {
|
|
50
|
+
const rule = (0, index_js_1.getRuleById)(id);
|
|
51
|
+
strict_1.default.ok(rule, `Rule ${id} should exist`);
|
|
52
|
+
}
|
|
53
|
+
});
|
|
54
|
+
(0, node_test_1.it)('should have TROJAN_DISTRIBUTION as critical severity', () => {
|
|
55
|
+
const rule = (0, index_js_1.getRuleById)('TROJAN_DISTRIBUTION');
|
|
56
|
+
strict_1.default.ok(rule, 'TROJAN_DISTRIBUTION rule should exist');
|
|
57
|
+
strict_1.default.equal(rule.severity, 'critical');
|
|
58
|
+
});
|
|
59
|
+
(0, node_test_1.it)('should filter rules for .md extension', () => {
|
|
60
|
+
const mdRules = (0, index_js_1.getRulesForExtension)('.md');
|
|
61
|
+
strict_1.default.ok(mdRules.length > 0, 'Should have rules for .md files');
|
|
62
|
+
const mdRuleIds = mdRules.map((r) => r.id);
|
|
63
|
+
strict_1.default.ok(mdRuleIds.includes('SHELL_EXEC') || mdRuleIds.includes('TROJAN_DISTRIBUTION'), 'Markdown rules should include execution or trojan rules');
|
|
64
|
+
});
|
|
47
65
|
(0, node_test_1.it)('all rules should have required fields', () => {
|
|
48
66
|
for (const rule of index_js_1.ALL_RULES) {
|
|
49
67
|
strict_1.default.ok(rule.id, `Rule should have an id`);
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"scanner.test.js","sourceRoot":"","sources":["../../src/tests/scanner.test.ts"],"names":[],"mappings":";;;;;AAAA,yCAAyC;AACzC,gEAAwC;AACxC,wDAA6G;AAE7G,IAAA,oBAAQ,EAAC,eAAe,EAAE,GAAG,EAAE;IAC7B,IAAA,cAAE,EAAC,gCAAgC,EAAE,GAAG,EAAE;QACxC,+CAA+C;QAC/C,MAAM,OAAO,GAAG,IAAI,GAAG,CAAC,oBAAS,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC;QACpD,gBAAM,CAAC,EAAE,CAAC,OAAO,CAAC,IAAI,IAAI,EAAE,EAAE,0CAA0C,OAAO,CAAC,IAAI,EAAE,CAAC,CAAC;IAC1F,CAAC,CAAC,CAAC;IAEH,IAAA,cAAE,EAAC,wBAAwB,EAAE,GAAG,EAAE;QAChC,MAAM,IAAI,GAAG,IAAA,sBAAW,EAAC,YAAY,CAAC,CAAC;QACvC,gBAAM,CAAC,EAAE,CAAC,IAAI,EAAE,8BAA8B,CAAC,CAAC;QAChD,gBAAM,CAAC,KAAK,CAAC,IAAI,CAAC,QAAQ,EAAE,MAAM,CAAC,CAAC;IACtC,CAAC,CAAC,CAAC;IAEH,IAAA,cAAE,EAAC,iCAAiC,EAAE,GAAG,EAAE;QACzC,MAAM,QAAQ,GAAG,IAAA,6BAAkB,EAAC,UAAU,CAAC,CAAC;QAChD,gBAAM,CAAC,EAAE,CAAC,QAAQ,CAAC,MAAM,GAAG,CAAC,EAAE,4BAA4B,CAAC,CAAC;QAC7D,gBAAM,CAAC,EAAE,CAAC,QAAQ,CAAC,KAAK,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,QAAQ,KAAK,UAAU,CAAC,CAAC,CAAC;QAE5D,MAAM,IAAI,GAAG,IAAA,6BAAkB,EAAC,MAAM,CAAC,CAAC;QACxC,gBAAM,CAAC,EAAE,CAAC,IAAI,CAAC,MAAM,GAAG,CAAC,EAAE,wBAAwB,CAAC,CAAC;QACrD,gBAAM,CAAC,EAAE,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,QAAQ,KAAK,MAAM,CAAC,CAAC,CAAC;IACtD,CAAC,CAAC,CAAC;IAEH,IAAA,cAAE,EAAC,uCAAuC,EAAE,GAAG,EAAE;QAC/C,MAAM,OAAO,GAAG,IAAA,+BAAoB,EAAC,KAAK,CAAC,CAAC;QAC5C,gBAAM,CAAC,EAAE,CAAC,OAAO,CAAC,MAAM,GAAG,CAAC,EAAE,iCAAiC,CAAC,CAAC;IACnE,CAAC,CAAC,CAAC;IAEH,IAAA,cAAE,EAAC,wCAAwC,EAAE,GAAG,EAAE;QAChD,MAAM,QAAQ,GAAG,IAAA,+BAAoB,EAAC,MAAM,CAAC,CAAC;QAC9C,gBAAM,CAAC,EAAE,CAAC,QAAQ,CAAC,MAAM,GAAG,CAAC,EAAE,kCAAkC,CAAC,CAAC;QACnE,MAAM,UAAU,GAAG,QAAQ,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC;QAC7C,gBAAM,CAAC,EAAE,CAAC,UAAU,CAAC,QAAQ,CAAC,iBAAiB,CAAC,IAAI,UAAU,CAAC,QAAQ,CAAC,oBAAoB,CAAC,EAC3F,mDAAmD,CAAC,CAAC;IACzD,CAAC,CAAC,CAAC;IAEH,IAAA,cAAE,EAAC,qDAAqD,EAAE,GAAG,EAAE;QAC7D,MAAM,WAAW,GAAG,CAAC,aAAa,EAAE,eAAe,EAAE,eAAe,EAAE,eAAe;YACnF,qBAAqB,EAAE,kBAAkB,EAAE,iBAAiB,EAAE,kBAAkB,EAAE,eAAe,CAAC,CAAC;QAErG,KAAK,MAAM,EAAE,IAAI,WAAW,EAAE,CAAC;YAC7B,MAAM,IAAI,GAAG,IAAA,sBAAW,EAAC,EAAS,CAAC,CAAC;YACpC,gBAAM,CAAC,EAAE,CAAC,IAAI,EAAE,QAAQ,EAAE,eAAe,CAAC,CAAC;YAC3C,gBAAM,CAAC,KAAK,CAAC,IAAI,CAAC,QAAQ,EAAE,UAAU,EAAE,QAAQ,EAAE,qBAAqB,CAAC,CAAC;QAC3E,CAAC;IACH,CAAC,CAAC,CAAC;IAEH,IAAA,cAAE,EAAC,uCAAuC,EAAE,GAAG,EAAE;QAC/C,KAAK,MAAM,IAAI,IAAI,oBAAS,EAAE,CAAC;YAC7B,gBAAM,CAAC,EAAE,CAAC,IAAI,CAAC,EAAE,EAAE,wBAAwB,CAAC,CAAC;YAC7C,gBAAM,CAAC,EAAE,CAAC,IAAI,CAAC,QAAQ,EAAE,QAAQ,IAAI,CAAC,EAAE,uBAAuB,CAAC,CAAC;YACjE,gBAAM,CAAC,EAAE,CAAC,IAAI,CAAC,QAAQ,IAAI,IAAI,CAAC,QAAQ,CAAC,MAAM,GAAG,CAAC,EAAE,QAAQ,IAAI,CAAC,EAAE,uBAAuB,CAAC,CAAC;YAC7F,gBAAM,CAAC,EAAE,CAAC,IAAI,CAAC,aAAa,IAAI,IAAI,CAAC,aAAa,CAAC,MAAM,GAAG,CAAC,EAAE,QAAQ,IAAI,CAAC,EAAE,4BAA4B,CAAC,CAAC;YAC5G,gBAAM,CAAC,EAAE,CAAC,IAAI,CAAC,WAAW,EAAE,QAAQ,IAAI,CAAC,EAAE,0BAA0B,CAAC,CAAC;QACzE,CAAC;IACH,CAAC,CAAC,CAAC;AACL,CAAC,CAAC,CAAC"}
|
|
1
|
+
{"version":3,"file":"scanner.test.js","sourceRoot":"","sources":["../../src/tests/scanner.test.ts"],"names":[],"mappings":";;;;;AAAA,yCAAyC;AACzC,gEAAwC;AACxC,wDAA6G;AAE7G,IAAA,oBAAQ,EAAC,eAAe,EAAE,GAAG,EAAE;IAC7B,IAAA,cAAE,EAAC,gCAAgC,EAAE,GAAG,EAAE;QACxC,+CAA+C;QAC/C,MAAM,OAAO,GAAG,IAAI,GAAG,CAAC,oBAAS,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC;QACpD,gBAAM,CAAC,EAAE,CAAC,OAAO,CAAC,IAAI,IAAI,EAAE,EAAE,0CAA0C,OAAO,CAAC,IAAI,EAAE,CAAC,CAAC;IAC1F,CAAC,CAAC,CAAC;IAEH,IAAA,cAAE,EAAC,wBAAwB,EAAE,GAAG,EAAE;QAChC,MAAM,IAAI,GAAG,IAAA,sBAAW,EAAC,YAAY,CAAC,CAAC;QACvC,gBAAM,CAAC,EAAE,CAAC,IAAI,EAAE,8BAA8B,CAAC,CAAC;QAChD,gBAAM,CAAC,KAAK,CAAC,IAAI,CAAC,QAAQ,EAAE,MAAM,CAAC,CAAC;IACtC,CAAC,CAAC,CAAC;IAEH,IAAA,cAAE,EAAC,iCAAiC,EAAE,GAAG,EAAE;QACzC,MAAM,QAAQ,GAAG,IAAA,6BAAkB,EAAC,UAAU,CAAC,CAAC;QAChD,gBAAM,CAAC,EAAE,CAAC,QAAQ,CAAC,MAAM,GAAG,CAAC,EAAE,4BAA4B,CAAC,CAAC;QAC7D,gBAAM,CAAC,EAAE,CAAC,QAAQ,CAAC,KAAK,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,QAAQ,KAAK,UAAU,CAAC,CAAC,CAAC;QAE5D,MAAM,IAAI,GAAG,IAAA,6BAAkB,EAAC,MAAM,CAAC,CAAC;QACxC,gBAAM,CAAC,EAAE,CAAC,IAAI,CAAC,MAAM,GAAG,CAAC,EAAE,wBAAwB,CAAC,CAAC;QACrD,gBAAM,CAAC,EAAE,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,QAAQ,KAAK,MAAM,CAAC,CAAC,CAAC;IACtD,CAAC,CAAC,CAAC;IAEH,IAAA,cAAE,EAAC,uCAAuC,EAAE,GAAG,EAAE;QAC/C,MAAM,OAAO,GAAG,IAAA,+BAAoB,EAAC,KAAK,CAAC,CAAC;QAC5C,gBAAM,CAAC,EAAE,CAAC,OAAO,CAAC,MAAM,GAAG,CAAC,EAAE,iCAAiC,CAAC,CAAC;IACnE,CAAC,CAAC,CAAC;IAEH,IAAA,cAAE,EAAC,wCAAwC,EAAE,GAAG,EAAE;QAChD,MAAM,QAAQ,GAAG,IAAA,+BAAoB,EAAC,MAAM,CAAC,CAAC;QAC9C,gBAAM,CAAC,EAAE,CAAC,QAAQ,CAAC,MAAM,GAAG,CAAC,EAAE,kCAAkC,CAAC,CAAC;QACnE,MAAM,UAAU,GAAG,QAAQ,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC;QAC7C,gBAAM,CAAC,EAAE,CAAC,UAAU,CAAC,QAAQ,CAAC,iBAAiB,CAAC,IAAI,UAAU,CAAC,QAAQ,CAAC,oBAAoB,CAAC,EAC3F,mDAAmD,CAAC,CAAC;IACzD,CAAC,CAAC,CAAC;IAEH,IAAA,cAAE,EAAC,qDAAqD,EAAE,GAAG,EAAE;QAC7D,MAAM,WAAW,GAAG,CAAC,aAAa,EAAE,eAAe,EAAE,eAAe,EAAE,eAAe;YACnF,qBAAqB,EAAE,kBAAkB,EAAE,iBAAiB,EAAE,kBAAkB,EAAE,eAAe,CAAC,CAAC;QAErG,KAAK,MAAM,EAAE,IAAI,WAAW,EAAE,CAAC;YAC7B,MAAM,IAAI,GAAG,IAAA,sBAAW,EAAC,EAAS,CAAC,CAAC;YACpC,gBAAM,CAAC,EAAE,CAAC,IAAI,EAAE,QAAQ,EAAE,eAAe,CAAC,CAAC;YAC3C,gBAAM,CAAC,KAAK,CAAC,IAAI,CAAC,QAAQ,EAAE,UAAU,EAAE,QAAQ,EAAE,qBAAqB,CAAC,CAAC;QAC3E,CAAC;IACH,CAAC,CAAC,CAAC;IAEH,IAAA,cAAE,EAAC,oCAAoC,EAAE,GAAG,EAAE;QAC5C,MAAM,aAAa,GAAG,CAAC,qBAAqB,EAAE,sBAAsB,EAAE,eAAe,EAAE,oBAAoB,CAAC,CAAC;QAC7G,KAAK,MAAM,EAAE,IAAI,aAAa,EAAE,CAAC;YAC/B,MAAM,IAAI,GAAG,IAAA,sBAAW,EAAC,EAAS,CAAC,CAAC;YACpC,gBAAM,CAAC,EAAE,CAAC,IAAI,EAAE,QAAQ,EAAE,eAAe,CAAC,CAAC;QAC7C,CAAC;IACH,CAAC,CAAC,CAAC;IAEH,IAAA,cAAE,EAAC,sDAAsD,EAAE,GAAG,EAAE;QAC9D,MAAM,IAAI,GAAG,IAAA,sBAAW,EAAC,qBAA4B,CAAC,CAAC;QACvD,gBAAM,CAAC,EAAE,CAAC,IAAI,EAAE,uCAAuC,CAAC,CAAC;QACzD,gBAAM,CAAC,KAAK,CAAC,IAAI,CAAC,QAAQ,EAAE,UAAU,CAAC,CAAC;IAC1C,CAAC,CAAC,CAAC;IAEH,IAAA,cAAE,EAAC,uCAAuC,EAAE,GAAG,EAAE;QAC/C,MAAM,OAAO,GAAG,IAAA,+BAAoB,EAAC,KAAK,CAAC,CAAC;QAC5C,gBAAM,CAAC,EAAE,CAAC,OAAO,CAAC,MAAM,GAAG,CAAC,EAAE,iCAAiC,CAAC,CAAC;QACjE,MAAM,SAAS,GAAG,OAAO,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC;QAC3C,gBAAM,CAAC,EAAE,CAAC,SAAS,CAAC,QAAQ,CAAC,YAAY,CAAC,IAAI,SAAS,CAAC,QAAQ,CAAC,qBAAqB,CAAC,EACrF,yDAAyD,CAAC,CAAC;IAC/D,CAAC,CAAC,CAAC;IAEH,IAAA,cAAE,EAAC,uCAAuC,EAAE,GAAG,EAAE;QAC/C,KAAK,MAAM,IAAI,IAAI,oBAAS,EAAE,CAAC;YAC7B,gBAAM,CAAC,EAAE,CAAC,IAAI,CAAC,EAAE,EAAE,wBAAwB,CAAC,CAAC;YAC7C,gBAAM,CAAC,EAAE,CAAC,IAAI,CAAC,QAAQ,EAAE,QAAQ,IAAI,CAAC,EAAE,uBAAuB,CAAC,CAAC;YACjE,gBAAM,CAAC,EAAE,CAAC,IAAI,CAAC,QAAQ,IAAI,IAAI,CAAC,QAAQ,CAAC,MAAM,GAAG,CAAC,EAAE,QAAQ,IAAI,CAAC,EAAE,uBAAuB,CAAC,CAAC;YAC7F,gBAAM,CAAC,EAAE,CAAC,IAAI,CAAC,aAAa,IAAI,IAAI,CAAC,aAAa,CAAC,MAAM,GAAG,CAAC,EAAE,QAAQ,IAAI,CAAC,EAAE,4BAA4B,CAAC,CAAC;YAC5G,gBAAM,CAAC,EAAE,CAAC,IAAI,CAAC,WAAW,EAAE,QAAQ,IAAI,CAAC,EAAE,0BAA0B,CAAC,CAAC;QACzE,CAAC;IACH,CAAC,CAAC,CAAC;AACL,CAAC,CAAC,CAAC"}
|
package/dist/types/action.d.ts
CHANGED
|
@@ -108,6 +108,8 @@ export interface ActionContext {
|
|
|
108
108
|
env: 'prod' | 'dev' | 'test';
|
|
109
109
|
/** Action timestamp */
|
|
110
110
|
time: string;
|
|
111
|
+
/** Skill that initiated this action (inferred from transcript) */
|
|
112
|
+
initiating_skill?: string;
|
|
111
113
|
}
|
|
112
114
|
/**
|
|
113
115
|
* Action envelope - the complete action request
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"action.d.ts","sourceRoot":"","sources":["../../src/types/action.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,aAAa,EAAE,eAAe,EAAE,MAAM,YAAY,CAAC;AACjE,OAAO,KAAK,EAAE,SAAS,EAAE,MAAM,cAAc,CAAC;AAE9C;;GAEG;AACH,MAAM,MAAM,UAAU,GAClB,iBAAiB,GACjB,cAAc,GACd,WAAW,GACX,YAAY,GACZ,eAAe,GACf,SAAS,GACT,WAAW,CAAC;AAEhB;;GAEG;AACH,MAAM,MAAM,QAAQ,GAAG,OAAO,GAAG,MAAM,GAAG,SAAS,CAAC;AAEpD;;GAEG;AACH,MAAM,WAAW,cAAc;IAC7B,oBAAoB;IACpB,IAAI,EAAE,MAAM,CAAC;IACb,2BAA2B;IAC3B,KAAK,CAAC,EAAE,MAAM,CAAC;IACf,sBAAsB;IACtB,KAAK,CAAC,EAAE,MAAM,CAAC;IACf,kBAAkB;IAClB,WAAW,EAAE,MAAM,CAAC;CACrB;AAED;;GAEG;AACH,MAAM,WAAW,cAAc;IAC7B,wCAAwC;IACxC,QAAQ,EAAE,QAAQ,CAAC;IACnB,iBAAiB;IACjB,UAAU,EAAE,SAAS,CAAC;IACtB,6CAA6C;IAC7C,SAAS,EAAE,MAAM,EAAE,CAAC;IACpB,uCAAuC;IACvC,QAAQ,EAAE,cAAc,EAAE,CAAC;IAC3B,2CAA2C;IAC3C,sBAAsB,CAAC,EAAE,OAAO,CAAC,eAAe,CAAC,CAAC;IAClD,iCAAiC;IACjC,WAAW,CAAC,EAAE,MAAM,CAAC;CACtB;AAED;;GAEG;AACH,MAAM,WAAW,kBAAkB;IACjC,MAAM,EAAE,KAAK,GAAG,MAAM,GAAG,KAAK,GAAG,QAAQ,GAAG,OAAO,CAAC;IACpD,GAAG,EAAE,MAAM,CAAC;IACZ,OAAO,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;IACjC,YAAY,CAAC,EAAE,MAAM,CAAC;CACvB;AAED;;GAEG;AACH,MAAM,WAAW,eAAe;IAC9B,OAAO,EAAE,MAAM,CAAC;IAChB,IAAI,CAAC,EAAE,MAAM,EAAE,CAAC;IAChB,GAAG,CAAC,EAAE,MAAM,CAAC;IACb,GAAG,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;CAC9B;AAED;;GAEG;AACH,MAAM,WAAW,iBAAiB;IAChC,IAAI,EAAE,MAAM,CAAC;IACb,eAAe,CAAC,EAAE,MAAM,CAAC;CAC1B;AAED;;GAEG;AACH,MAAM,WAAW,gBAAgB;IAC/B,WAAW,EAAE,MAAM,CAAC;IACpB,WAAW,EAAE,MAAM,GAAG,OAAO,CAAC;CAC/B;AAED;;GAEG;AACH,MAAM,WAAW,UAAU;IACzB,QAAQ,EAAE,MAAM,CAAC;IACjB,IAAI,EAAE,MAAM,CAAC;IACb,EAAE,EAAE,MAAM,CAAC;IACX,KAAK,EAAE,MAAM,CAAC;IACd,IAAI,CAAC,EAAE,MAAM,CAAC;IACd,SAAS,CAAC,EAAE,MAAM,CAAC;IACnB,MAAM,CAAC,EAAE,MAAM,CAAC;CACjB;AAED;;GAEG;AACH,MAAM,WAAW,YAAY;IAC3B,QAAQ,EAAE,MAAM,CAAC;IACjB,MAAM,EAAE,MAAM,CAAC;IACf,OAAO,CAAC,EAAE,MAAM,CAAC;IACjB,UAAU,CAAC,EAAE,OAAO,CAAC;IACrB,MAAM,CAAC,EAAE,MAAM,CAAC;CACjB;AAED;;GAEG;AACH,MAAM,MAAM,UAAU,GAClB,kBAAkB,GAClB,eAAe,GACf,iBAAiB,GACjB,gBAAgB,GAChB,UAAU,GACV,YAAY,CAAC;AAEjB;;GAEG;AACH,MAAM,WAAW,aAAa;IAC5B,yBAAyB;IACzB,UAAU,EAAE,MAAM,CAAC;IACnB,qCAAqC;IACrC,YAAY,EAAE,OAAO,CAAC;IACtB,kBAAkB;IAClB,GAAG,EAAE,MAAM,GAAG,KAAK,GAAG,MAAM,CAAC;IAC7B,uBAAuB;IACvB,IAAI,EAAE,MAAM,CAAC;
|
|
1
|
+
{"version":3,"file":"action.d.ts","sourceRoot":"","sources":["../../src/types/action.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,aAAa,EAAE,eAAe,EAAE,MAAM,YAAY,CAAC;AACjE,OAAO,KAAK,EAAE,SAAS,EAAE,MAAM,cAAc,CAAC;AAE9C;;GAEG;AACH,MAAM,MAAM,UAAU,GAClB,iBAAiB,GACjB,cAAc,GACd,WAAW,GACX,YAAY,GACZ,eAAe,GACf,SAAS,GACT,WAAW,CAAC;AAEhB;;GAEG;AACH,MAAM,MAAM,QAAQ,GAAG,OAAO,GAAG,MAAM,GAAG,SAAS,CAAC;AAEpD;;GAEG;AACH,MAAM,WAAW,cAAc;IAC7B,oBAAoB;IACpB,IAAI,EAAE,MAAM,CAAC;IACb,2BAA2B;IAC3B,KAAK,CAAC,EAAE,MAAM,CAAC;IACf,sBAAsB;IACtB,KAAK,CAAC,EAAE,MAAM,CAAC;IACf,kBAAkB;IAClB,WAAW,EAAE,MAAM,CAAC;CACrB;AAED;;GAEG;AACH,MAAM,WAAW,cAAc;IAC7B,wCAAwC;IACxC,QAAQ,EAAE,QAAQ,CAAC;IACnB,iBAAiB;IACjB,UAAU,EAAE,SAAS,CAAC;IACtB,6CAA6C;IAC7C,SAAS,EAAE,MAAM,EAAE,CAAC;IACpB,uCAAuC;IACvC,QAAQ,EAAE,cAAc,EAAE,CAAC;IAC3B,2CAA2C;IAC3C,sBAAsB,CAAC,EAAE,OAAO,CAAC,eAAe,CAAC,CAAC;IAClD,iCAAiC;IACjC,WAAW,CAAC,EAAE,MAAM,CAAC;CACtB;AAED;;GAEG;AACH,MAAM,WAAW,kBAAkB;IACjC,MAAM,EAAE,KAAK,GAAG,MAAM,GAAG,KAAK,GAAG,QAAQ,GAAG,OAAO,CAAC;IACpD,GAAG,EAAE,MAAM,CAAC;IACZ,OAAO,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;IACjC,YAAY,CAAC,EAAE,MAAM,CAAC;CACvB;AAED;;GAEG;AACH,MAAM,WAAW,eAAe;IAC9B,OAAO,EAAE,MAAM,CAAC;IAChB,IAAI,CAAC,EAAE,MAAM,EAAE,CAAC;IAChB,GAAG,CAAC,EAAE,MAAM,CAAC;IACb,GAAG,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;CAC9B;AAED;;GAEG;AACH,MAAM,WAAW,iBAAiB;IAChC,IAAI,EAAE,MAAM,CAAC;IACb,eAAe,CAAC,EAAE,MAAM,CAAC;CAC1B;AAED;;GAEG;AACH,MAAM,WAAW,gBAAgB;IAC/B,WAAW,EAAE,MAAM,CAAC;IACpB,WAAW,EAAE,MAAM,GAAG,OAAO,CAAC;CAC/B;AAED;;GAEG;AACH,MAAM,WAAW,UAAU;IACzB,QAAQ,EAAE,MAAM,CAAC;IACjB,IAAI,EAAE,MAAM,CAAC;IACb,EAAE,EAAE,MAAM,CAAC;IACX,KAAK,EAAE,MAAM,CAAC;IACd,IAAI,CAAC,EAAE,MAAM,CAAC;IACd,SAAS,CAAC,EAAE,MAAM,CAAC;IACnB,MAAM,CAAC,EAAE,MAAM,CAAC;CACjB;AAED;;GAEG;AACH,MAAM,WAAW,YAAY;IAC3B,QAAQ,EAAE,MAAM,CAAC;IACjB,MAAM,EAAE,MAAM,CAAC;IACf,OAAO,CAAC,EAAE,MAAM,CAAC;IACjB,UAAU,CAAC,EAAE,OAAO,CAAC;IACrB,MAAM,CAAC,EAAE,MAAM,CAAC;CACjB;AAED;;GAEG;AACH,MAAM,MAAM,UAAU,GAClB,kBAAkB,GAClB,eAAe,GACf,iBAAiB,GACjB,gBAAgB,GAChB,UAAU,GACV,YAAY,CAAC;AAEjB;;GAEG;AACH,MAAM,WAAW,aAAa;IAC5B,yBAAyB;IACzB,UAAU,EAAE,MAAM,CAAC;IACnB,qCAAqC;IACrC,YAAY,EAAE,OAAO,CAAC;IACtB,kBAAkB;IAClB,GAAG,EAAE,MAAM,GAAG,KAAK,GAAG,MAAM,CAAC;IAC7B,uBAAuB;IACvB,IAAI,EAAE,MAAM,CAAC;IACb,kEAAkE;IAClE,gBAAgB,CAAC,EAAE,MAAM,CAAC;CAC3B;AAED;;GAEG;AACH,MAAM,WAAW,cAAc;IAC7B,wBAAwB;IACxB,KAAK,EAAE;QACL,KAAK,EAAE,aAAa,CAAC;QACrB,UAAU,CAAC,EAAE,MAAM,CAAC;KACrB,CAAC;IACF,qBAAqB;IACrB,MAAM,EAAE;QACN,IAAI,EAAE,UAAU,CAAC;QACjB,IAAI,EAAE,UAAU,CAAC;KAClB,CAAC;IACF,qBAAqB;IACrB,OAAO,EAAE,aAAa,CAAC;CACxB;AAED;;GAEG;AACH,MAAM,WAAW,UAAU;IACzB,QAAQ,EAAE,MAAM,CAAC;IACjB,IAAI,EAAE,MAAM,CAAC;IACb,EAAE,EAAE,MAAM,CAAC;IACX,KAAK,EAAE,MAAM,CAAC;IACd,IAAI,CAAC,EAAE,MAAM,CAAC;IACd,MAAM,CAAC,EAAE,MAAM,CAAC;IAChB,IAAI,EAAE,IAAI,GAAG,MAAM,CAAC;CACrB;AAED;;GAEG;AACH,MAAM,WAAW,WAAW;IAC1B,UAAU,EAAE,QAAQ,GAAG,OAAO,GAAG,QAAQ,GAAG,SAAS,CAAC;IACtD,aAAa,CAAC,EAAE,MAAM,CAAC;IACvB,QAAQ,CAAC,EAAE,MAAM,CAAC;IAClB,MAAM,EAAE,MAAM,CAAC;IACf,SAAS,EAAE,IAAI,GAAG,KAAK,CAAC;CACzB;AAED;;GAEG;AACH,MAAM,WAAW,cAAc;IAC7B,aAAa,EAAE,MAAM,CAAC;IACtB,OAAO,EAAE,MAAM,CAAC;IAChB,MAAM,EAAE,MAAM,CAAC;IACf,YAAY,EAAE,OAAO,CAAC;CACvB;AAED;;GAEG;AACH,MAAM,WAAW,oBAAoB;IACnC,eAAe;IACf,QAAQ,EAAE,QAAQ,CAAC;IACnB,iBAAiB;IACjB,UAAU,EAAE,SAAS,CAAC;IACtB,gBAAgB;IAChB,SAAS,EAAE,MAAM,EAAE,CAAC;IACpB,iCAAiC;IACjC,WAAW,EAAE,MAAM,CAAC;IACpB,0BAA0B;IAC1B,MAAM,CAAC,EAAE;QACP,UAAU,CAAC,EAAE;YACX,OAAO,EAAE,OAAO,CAAC;YACjB,eAAe,EAAE,WAAW,EAAE,CAAC;YAC/B,gBAAgB,EAAE,cAAc,EAAE,CAAC;SACpC,CAAC;QACF,YAAY,CAAC,EAAE;YACb,YAAY,EAAE,OAAO,CAAC;YACtB,WAAW,EAAE,OAAO,CAAC;YACrB,SAAS,CAAC,EAAE,MAAM,EAAE,CAAC;SACtB,CAAC;QACF,UAAU,CAAC,EAAE;YACX,WAAW,EAAE,OAAO,CAAC;YACrB,cAAc,EAAE,OAAO,CAAC;YACxB,OAAO,CAAC,EAAE,MAAM,CAAC;YACjB,QAAQ,CAAC,EAAE,MAAM,CAAC;SACnB,CAAC;KACH,CAAC;IACF,gCAAgC;IAChC,SAAS,CAAC,EAAE;QACV,yBAAyB,EAAE,OAAO,CAAC;QACnC,gBAAgB,CAAC,EAAE,MAAM,CAAC;QAC1B,kBAAkB,CAAC,EAAE,OAAO,CAAC,eAAe,CAAC,CAAC;KAC/C,CAAC;CACH"}
|
package/dist/types/scanner.d.ts
CHANGED
|
@@ -6,7 +6,7 @@ export type RiskLevel = 'low' | 'medium' | 'high' | 'critical';
|
|
|
6
6
|
/**
|
|
7
7
|
* Risk tag identifiers
|
|
8
8
|
*/
|
|
9
|
-
export type RiskTag = 'SHELL_EXEC' | 'REMOTE_LOADER' | 'AUTO_UPDATE' | 'READ_ENV_SECRETS' | 'READ_SSH_KEYS' | 'READ_KEYCHAIN' | 'NET_EXFIL_UNRESTRICTED' | 'WEBHOOK_EXFIL' | 'OBFUSCATION' | 'PROMPT_INJECTION' | 'PRIVATE_KEY_PATTERN' | 'MNEMONIC_PATTERN' | 'WALLET_DRAINING' | 'UNLIMITED_APPROVAL' | 'DANGEROUS_SELFDESTRUCT' | 'HIDDEN_TRANSFER' | 'PROXY_UPGRADE' | 'FLASH_LOAN_RISK' | 'REENTRANCY_PATTERN' | 'SIGNATURE_REPLAY';
|
|
9
|
+
export type RiskTag = 'SHELL_EXEC' | 'REMOTE_LOADER' | 'AUTO_UPDATE' | 'READ_ENV_SECRETS' | 'READ_SSH_KEYS' | 'READ_KEYCHAIN' | 'NET_EXFIL_UNRESTRICTED' | 'WEBHOOK_EXFIL' | 'OBFUSCATION' | 'PROMPT_INJECTION' | 'PRIVATE_KEY_PATTERN' | 'MNEMONIC_PATTERN' | 'WALLET_DRAINING' | 'UNLIMITED_APPROVAL' | 'DANGEROUS_SELFDESTRUCT' | 'HIDDEN_TRANSFER' | 'PROXY_UPGRADE' | 'FLASH_LOAN_RISK' | 'REENTRANCY_PATTERN' | 'SIGNATURE_REPLAY' | 'TROJAN_DISTRIBUTION' | 'SUSPICIOUS_PASTE_URL' | 'SUSPICIOUS_IP' | 'SOCIAL_ENGINEERING';
|
|
10
10
|
/**
|
|
11
11
|
* Evidence of a detected risk
|
|
12
12
|
*/
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"scanner.d.ts","sourceRoot":"","sources":["../../src/types/scanner.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,aAAa,EAAE,MAAM,YAAY,CAAC;AAEhD;;GAEG;AACH,MAAM,MAAM,SAAS,GAAG,KAAK,GAAG,QAAQ,GAAG,MAAM,GAAG,UAAU,CAAC;AAE/D;;GAEG;AACH,MAAM,MAAM,OAAO,GAEf,YAAY,GACZ,eAAe,GACf,aAAa,GAEb,kBAAkB,GAClB,eAAe,GACf,eAAe,GAEf,wBAAwB,GACxB,eAAe,GAEf,aAAa,GAEb,kBAAkB,GAElB,qBAAqB,GACrB,kBAAkB,GAClB,iBAAiB,GACjB,oBAAoB,GACpB,wBAAwB,GACxB,iBAAiB,GACjB,eAAe,GACf,iBAAiB,GACjB,oBAAoB,GACpB,kBAAkB,CAAC;
|
|
1
|
+
{"version":3,"file":"scanner.d.ts","sourceRoot":"","sources":["../../src/types/scanner.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,aAAa,EAAE,MAAM,YAAY,CAAC;AAEhD;;GAEG;AACH,MAAM,MAAM,SAAS,GAAG,KAAK,GAAG,QAAQ,GAAG,MAAM,GAAG,UAAU,CAAC;AAE/D;;GAEG;AACH,MAAM,MAAM,OAAO,GAEf,YAAY,GACZ,eAAe,GACf,aAAa,GAEb,kBAAkB,GAClB,eAAe,GACf,eAAe,GAEf,wBAAwB,GACxB,eAAe,GAEf,aAAa,GAEb,kBAAkB,GAElB,qBAAqB,GACrB,kBAAkB,GAClB,iBAAiB,GACjB,oBAAoB,GACpB,wBAAwB,GACxB,iBAAiB,GACjB,eAAe,GACf,iBAAiB,GACjB,oBAAoB,GACpB,kBAAkB,GAElB,qBAAqB,GACrB,sBAAsB,GACtB,eAAe,GACf,oBAAoB,CAAC;AAEzB;;GAEG;AACH,MAAM,WAAW,YAAY;IAC3B,kCAAkC;IAClC,GAAG,EAAE,OAAO,CAAC;IACb,sCAAsC;IACtC,IAAI,EAAE,MAAM,CAAC;IACb,8BAA8B;IAC9B,IAAI,EAAE,MAAM,CAAC;IACb,8CAA8C;IAC9C,KAAK,EAAE,MAAM,CAAC;IACd,yBAAyB;IACzB,OAAO,CAAC,EAAE,MAAM,CAAC;CAClB;AAED;;GAEG;AACH,MAAM,MAAM,eAAe,GAAG,KAAK,GAAG,KAAK,GAAG,UAAU,CAAC;AAEzD;;GAEG;AACH,MAAM,WAAW,WAAW;IAC1B,qBAAqB;IACrB,KAAK,EAAE,aAAa,CAAC;IACrB,sBAAsB;IACtB,OAAO,EAAE;QACP,IAAI,EAAE,eAAe,CAAC;QACtB,GAAG,EAAE,MAAM,CAAC;KACb,CAAC;IACF,mBAAmB;IACnB,OAAO,CAAC,EAAE;QACR,iCAAiC;QACjC,aAAa,CAAC,EAAE,MAAM,EAAE,CAAC;QACzB,oCAAoC;QACpC,IAAI,CAAC,EAAE,OAAO,CAAC;KAChB,CAAC;CACH;AAED;;GAEG;AACH,MAAM,WAAW,UAAU;IACzB,yBAAyB;IACzB,UAAU,EAAE,SAAS,CAAC;IACtB,6BAA6B;IAC7B,SAAS,EAAE,OAAO,EAAE,CAAC;IACrB,yCAAyC;IACzC,QAAQ,EAAE,YAAY,EAAE,CAAC;IACzB,6BAA6B;IAC7B,OAAO,EAAE,MAAM,CAAC;IAChB,oBAAoB;IACpB,QAAQ,CAAC,EAAE;QACT,aAAa,EAAE,MAAM,CAAC;QACtB,gBAAgB,EAAE,MAAM,CAAC;QACzB,SAAS,EAAE,MAAM,CAAC;KACnB,CAAC;CACH;AAED;;GAEG;AACH,MAAM,WAAW,QAAQ;IACvB,sBAAsB;IACtB,EAAE,EAAE,OAAO,CAAC;IACZ,uBAAuB;IACvB,WAAW,EAAE,MAAM,CAAC;IACpB,gCAAgC;IAChC,QAAQ,EAAE,SAAS,CAAC;IACpB,mCAAmC;IACnC,aAAa,EAAE,MAAM,EAAE,CAAC;IACxB,iCAAiC;IACjC,QAAQ,EAAE,MAAM,EAAE,CAAC;IACnB,oDAAoD;IACpD,SAAS,CAAC,EAAE,CAAC,OAAO,EAAE,MAAM,EAAE,KAAK,EAAE,gBAAgB,KAAK,OAAO,CAAC;CACnE;AAED;;GAEG;AACH,wBAAgB,kBAAkB,CAAC,IAAI,EAAE,OAAO,EAAE,EAAE,KAAK,EAAE,QAAQ,EAAE,GAAG,SAAS,CAUhF"}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"scanner.js","sourceRoot":"","sources":["../../src/types/scanner.ts"],"names":[],"mappings":";;
|
|
1
|
+
{"version":3,"file":"scanner.js","sourceRoot":"","sources":["../../src/types/scanner.ts"],"names":[],"mappings":";;AA6HA,gDAUC;AAbD;;GAEG;AACH,SAAgB,kBAAkB,CAAC,IAAe,EAAE,KAAiB;IACnE,MAAM,UAAU,GAAG,IAAI,CAAC,GAAG,CAAC,CAAC,GAAG,EAAE,EAAE;QAClC,MAAM,IAAI,GAAG,KAAK,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,EAAE,KAAK,GAAG,CAAC,CAAC;QAC7C,OAAO,IAAI,EAAE,QAAQ,IAAI,KAAK,CAAC;IACjC,CAAC,CAAC,CAAC;IAEH,IAAI,UAAU,CAAC,QAAQ,CAAC,UAAU,CAAC;QAAE,OAAO,UAAU,CAAC;IACvD,IAAI,UAAU,CAAC,QAAQ,CAAC,MAAM,CAAC;QAAE,OAAO,MAAM,CAAC;IAC/C,IAAI,UAAU,CAAC,QAAQ,CAAC,QAAQ,CAAC;QAAE,OAAO,QAAQ,CAAC;IACnD,OAAO,KAAK,CAAC;AACf,CAAC"}
|
package/package.json
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "@goplus/agentguard",
|
|
3
|
-
"version": "1.0.
|
|
3
|
+
"version": "1.0.2",
|
|
4
4
|
"description": "GoPlus AgentGuard — Security guard for AI agents. Blocks dangerous commands, prevents data leaks, protects secrets. 20 detection rules, runtime action evaluation, trust registry.",
|
|
5
5
|
"main": "dist/index.js",
|
|
6
6
|
"types": "dist/index.d.ts",
|