@goplus/agentguard 1.0.0

package/dist/types/skill.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"skill.js","sourceRoot":"","sources":["../../src/types/skill.ts"],"names":[],"mappings":";;;AAuDA,8CAEC;AAKD,sDASC;AA7BD;;GAEG;AACU,QAAA,kBAAkB,GAAoB;IACjD,iBAAiB,EAAE,EAAE;IACrB,oBAAoB,EAAE,EAAE;IACxB,IAAI,EAAE,MAAM;IACZ,iBAAiB,EAAE,EAAE;CACtB,CAAC;AAEF;;GAEG;AACH,SAAgB,iBAAiB,CAAC,KAAoB;IACpD,OAAO,GAAG,KAAK,CAAC,MAAM,IAAI,KAAK,CAAC,WAAW,IAAI,KAAK,CAAC,aAAa,EAAE,CAAC;AACvE,CAAC;AAED;;GAEG;AACH,SAAgB,qBAAqB,CAAC,KAAc;IAClD,IAAI,CAAC,KAAK,IAAI,OAAO,KAAK,KAAK,QAAQ;QAAE,OAAO,KAAK,CAAC;IACtD,MAAM,CAAC,GAAG,KAAgC,CAAC;IAC3C,OAAO,CACL,OAAO,CAAC,CAAC,EAAE,KAAK,QAAQ;QACxB,OAAO,CAAC,CAAC,MAAM,KAAK,QAAQ;QAC5B,OAAO,CAAC,CAAC,WAAW,KAAK,QAAQ;QACjC,OAAO,CAAC,CAAC,aAAa,KAAK,QAAQ,CACpC,CAAC;AACJ,CAAC"}

package/dist/utils/hash.d.ts

@@ -0,0 +1,21 @@
+/**
+ * Calculate SHA256 hash of a string
+ */
+export declare function sha256(content: string): string;
+/**
+ * Calculate SHA256 hash of a file
+ */
+export declare function hashFile(filePath: string): Promise<string>;
+/**
+ * Calculate SHA256 hash of a directory (deterministic)
+ */
+export declare function hashDirectory(dirPath: string): Promise<string>;
+/**
+ * Generate a short hash for display
+ */
+export declare function shortHash(hash: string, length?: number): string;
+/**
+ * Verify a hash matches content
+ */
+export declare function verifyHash(content: string, expectedHash: string): boolean;
+//# sourceMappingURL=hash.d.ts.map

package/dist/utils/hash.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"hash.d.ts","sourceRoot":"","sources":["../../src/utils/hash.ts"],"names":[],"mappings":"AAIA;;GAEG;AACH,wBAAgB,MAAM,CAAC,OAAO,EAAE,MAAM,GAAG,MAAM,CAE9C;AAED;;GAEG;AACH,wBAAsB,QAAQ,CAAC,QAAQ,EAAE,MAAM,GAAG,OAAO,CAAC,MAAM,CAAC,CAGhE;AAED;;GAEG;AACH,wBAAsB,aAAa,CAAC,OAAO,EAAE,MAAM,GAAG,OAAO,CAAC,MAAM,CAAC,CA6CpE;AAED;;GAEG;AACH,wBAAgB,SAAS,CAAC,IAAI,EAAE,MAAM,EAAE,MAAM,GAAE,MAAU,GAAG,MAAM,CAGlE;AAED;;GAEG;AACH,wBAAgB,UAAU,CAAC,OAAO,EAAE,MAAM,EAAE,YAAY,EAAE,MAAM,GAAG,OAAO,CAIzE"}

package/dist/utils/hash.js

@@ -0,0 +1,112 @@
+"use strict";
+var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    var desc = Object.getOwnPropertyDescriptor(m, k);
+    if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
+      desc = { enumerable: true, get: function() { return m[k]; } };
+    }
+    Object.defineProperty(o, k2, desc);
+}) : (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    o[k2] = m[k];
+}));
+var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) {
+    Object.defineProperty(o, "default", { enumerable: true, value: v });
+}) : function(o, v) {
+    o["default"] = v;
+});
+var __importStar = (this && this.__importStar) || (function () {
+    var ownKeys = function(o) {
+        ownKeys = Object.getOwnPropertyNames || function (o) {
+            var ar = [];
+            for (var k in o) if (Object.prototype.hasOwnProperty.call(o, k)) ar[ar.length] = k;
+            return ar;
+        };
+        return ownKeys(o);
+    };
+    return function (mod) {
+        if (mod && mod.__esModule) return mod;
+        var result = {};
+        if (mod != null) for (var k = ownKeys(mod), i = 0; i < k.length; i++) if (k[i] !== "default") __createBinding(result, mod, k[i]);
+        __setModuleDefault(result, mod);
+        return result;
+    };
+})();
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.sha256 = sha256;
+exports.hashFile = hashFile;
+exports.hashDirectory = hashDirectory;
+exports.shortHash = shortHash;
+exports.verifyHash = verifyHash;
+const crypto = __importStar(require("crypto"));
+const fs = __importStar(require("fs/promises"));
+const path = __importStar(require("path"));
+/**
+ * Calculate SHA256 hash of a string
+ */
+function sha256(content) {
+    return crypto.createHash('sha256').update(content).digest('hex');
+}
+/**
+ * Calculate SHA256 hash of a file
+ */
+async function hashFile(filePath) {
+    const content = await fs.readFile(filePath);
+    return crypto.createHash('sha256').update(content).digest('hex');
+}
+/**
+ * Calculate SHA256 hash of a directory (deterministic)
+ */
+async function hashDirectory(dirPath) {
+    const hash = crypto.createHash('sha256');
+    const files = [];
+    // Recursively collect all files
+    async function collectFiles(dir) {
+        const entries = await fs.readdir(dir, { withFileTypes: true });
+        for (const entry of entries) {
+            const fullPath = path.join(dir, entry.name);
+            // Skip common non-content directories
+            if (entry.name === 'node_modules' ||
+                entry.name === '.git' ||
+                entry.name === 'dist' ||
+                entry.name === '__pycache__') {
+                continue;
+            }
+            if (entry.isDirectory()) {
+                await collectFiles(fullPath);
+            }
+            else if (entry.isFile()) {
+                const content = await fs.readFile(fullPath);
+                files.push({
+                    path: path.relative(dirPath, fullPath),
+                    content,
+                });
+            }
+        }
+    }
+    await collectFiles(dirPath);
+    // Sort files by path for deterministic hashing
+    files.sort((a, b) => a.path.localeCompare(b.path));
+    // Hash each file path and content
+    for (const file of files) {
+        hash.update(file.path);
+        hash.update(file.content);
+    }
+    return `sha256:${hash.digest('hex')}`;
+}
+/**
+ * Generate a short hash for display
+ */
+function shortHash(hash, length = 8) {
+    const cleanHash = hash.replace(/^sha256:/, '');
+    return cleanHash.slice(0, length);
+}
+/**
+ * Verify a hash matches content
+ */
+function verifyHash(content, expectedHash) {
+    const actualHash = sha256(content);
+    const cleanExpected = expectedHash.replace(/^sha256:/, '');
+    return actualHash === cleanExpected;
+}
+//# sourceMappingURL=hash.js.map

package/dist/utils/hash.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"hash.js","sourceRoot":"","sources":["../../src/utils/hash.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAOA,wBAEC;AAKD,4BAGC;AAKD,sCA6CC;AAKD,8BAGC;AAKD,gCAIC;AApFD,+CAAiC;AACjC,gDAAkC;AAClC,2CAA6B;AAE7B;;GAEG;AACH,SAAgB,MAAM,CAAC,OAAe;IACpC,OAAO,MAAM,CAAC,UAAU,CAAC,QAAQ,CAAC,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC;AACnE,CAAC;AAED;;GAEG;AACI,KAAK,UAAU,QAAQ,CAAC,QAAgB;IAC7C,MAAM,OAAO,GAAG,MAAM,EAAE,CAAC,QAAQ,CAAC,QAAQ,CAAC,CAAC;IAC5C,OAAO,MAAM,CAAC,UAAU,CAAC,QAAQ,CAAC,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC;AACnE,CAAC;AAED;;GAEG;AACI,KAAK,UAAU,aAAa,CAAC,OAAe;IACjD,MAAM,IAAI,GAAG,MAAM,CAAC,UAAU,CAAC,QAAQ,CAAC,CAAC;IACzC,MAAM,KAAK,GAAwC,EAAE,CAAC;IAEtD,gCAAgC;IAChC,KAAK,UAAU,YAAY,CAAC,GAAW;QACrC,MAAM,OAAO,GAAG,MAAM,EAAE,CAAC,OAAO,CAAC,GAAG,EAAE,EAAE,aAAa,EAAE,IAAI,EAAE,CAAC,CAAC;QAE/D,KAAK,MAAM,KAAK,IAAI,OAAO,EAAE,CAAC;YAC5B,MAAM,QAAQ,GAAG,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE,KAAK,CAAC,IAAI,CAAC,CAAC;YAE5C,sCAAsC;YACtC,IACE,KAAK,CAAC,IAAI,KAAK,cAAc;gBAC7B,KAAK,CAAC,IAAI,KAAK,MAAM;gBACrB,KAAK,CAAC,IAAI,KAAK,MAAM;gBACrB,KAAK,CAAC,IAAI,KAAK,aAAa,EAC5B,CAAC;gBACD,SAAS;YACX,CAAC;YAED,IAAI,KAAK,CAAC,WAAW,EAAE,EAAE,CAAC;gBACxB,MAAM,YAAY,CAAC,QAAQ,CAAC,CAAC;YAC/B,CAAC;iBAAM,IAAI,KAAK,CAAC,MAAM,EAAE,EAAE,CAAC;gBAC1B,MAAM,OAAO,GAAG,MAAM,EAAE,CAAC,QAAQ,CAAC,QAAQ,CAAC,CAAC;gBAC5C,KAAK,CAAC,IAAI,CAAC;oBACT,IAAI,EAAE,IAAI,CAAC,QAAQ,CAAC,OAAO,EAAE,QAAQ,CAAC;oBACtC,OAAO;iBACR,CAAC,CAAC;YACL,CAAC;QACH,CAAC;IACH,CAAC;IAED,MAAM,YAAY,CAAC,OAAO,CAAC,CAAC;IAE5B,+CAA+C;IAC/C,KAAK,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,IAAI,CAAC,aAAa,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC;IAEnD,kCAAkC;IAClC,KAAK,MAAM,IAAI,IAAI,KAAK,EAAE,CAAC;QACzB,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;QACvB,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC;IAC5B,CAAC;IAED,OAAO,UAAU,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,EAAE,CAAC;AACxC,CAAC;AAED;;GAEG;AACH,SAAgB,SAAS,CAAC,IAAY,EAAE,SAAiB,CAAC;IACxD,MAAM,SAAS,GAAG,IAAI,CAAC,OAAO,CAAC,UAAU,EAAE,EAAE,CAAC,CAAC;IAC/C,OAAO,SAAS,CAAC,KAAK,CAAC,CAAC,EAAE,MAAM,CAAC,CAAC;AACpC,CAAC;AAED;;GAEG;AACH,SAAgB,UAAU,CAAC,OAAe,EAAE,YAAoB;IAC9D,MAAM,UAAU,GAAG,MAAM,CAAC,OAAO,CAAC,CAAC;IACnC,MAAM,aAAa,GAAG,YAAY,CAAC,OAAO,CAAC,UAAU,EAAE,EAAE,CAAC,CAAC;IAC3D,OAAO,UAAU,KAAK,aAAa,CAAC;AACtC,CAAC"}

package/dist/utils/patterns.d.ts

@@ -0,0 +1,74 @@
+/**
+ * Sensitive data patterns for detection
+ */
+/**
+ * Sensitive data patterns
+ */
+export declare const SENSITIVE_PATTERNS: {
+    /**
+     * Ethereum private key (64 hex characters with 0x prefix)
+     */
+    PRIVATE_KEY: RegExp;
+    /**
+     * Mnemonic/seed phrase (12, 15, 18, 21, or 24 words)
+     */
+    MNEMONIC: RegExp;
+    /**
+     * API key/secret patterns
+     */
+    API_SECRET: RegExp;
+    /**
+     * SSH private key
+     */
+    SSH_KEY: RegExp;
+    /**
+     * JWT/Bearer token
+     */
+    BEARER_TOKEN: RegExp;
+    /**
+     * AWS credentials
+     */
+    AWS_KEY: RegExp;
+    AWS_SECRET: RegExp;
+    /**
+     * GitHub token
+     */
+    GITHUB_TOKEN: RegExp;
+    /**
+     * Generic password in config
+     */
+    PASSWORD_CONFIG: RegExp;
+    /**
+     * Database connection string
+     */
+    DB_CONNECTION: RegExp;
+};
+/**
+ * Check if content contains sensitive data
+ */
+export declare function containsSensitiveData(content: string): {
+    found: boolean;
+    types: string[];
+    matches: {
+        type: string;
+        match: string;
+        truncated: string;
+    }[];
+};
+/**
+ * Mask sensitive data in content
+ */
+export declare function maskSensitiveData(content: string): string;
+/**
+ * Extract domain from URL
+ */
+export declare function extractDomain(url: string): string | null;
+/**
+ * Check if domain matches a pattern (supports wildcards)
+ */
+export declare function domainMatchesPattern(domain: string, pattern: string): boolean;
+/**
+ * Check if domain is in allowlist
+ */
+export declare function isDomainAllowed(domain: string, allowlist: string[]): boolean;
+//# sourceMappingURL=patterns.d.ts.map

package/dist/utils/patterns.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"patterns.d.ts","sourceRoot":"","sources":["../../src/utils/patterns.ts"],"names":[],"mappings":"AAAA;;GAEG;AA+BH;;GAEG;AACH,eAAO,MAAM,kBAAkB;IAC7B;;OAEG;;IAGH;;OAEG;;IAMH;;OAEG;;IAGH;;OAEG;;IAGH;;OAEG;;IAGH;;OAEG;;;IAIH;;OAEG;;IAGH;;OAEG;;IAGH;;OAEG;;CAEJ,CAAC;AAEF;;GAEG;AACH,wBAAgB,qBAAqB,CAAC,OAAO,EAAE,MAAM,GAAG;IACtD,KAAK,EAAE,OAAO,CAAC;IACf,KAAK,EAAE,MAAM,EAAE,CAAC;IAChB,OAAO,EAAE;QAAE,IAAI,EAAE,MAAM,CAAC;QAAC,KAAK,EAAE,MAAM,CAAC;QAAC,SAAS,EAAE,MAAM,CAAA;KAAE,EAAE,CAAC;CAC/D,CA6BA;AAED;;GAEG;AACH,wBAAgB,iBAAiB,CAAC,OAAO,EAAE,MAAM,GAAG,MAAM,CAczD;AAED;;GAEG;AACH,wBAAgB,aAAa,CAAC,GAAG,EAAE,MAAM,GAAG,MAAM,GAAG,IAAI,CAOxD;AAED;;GAEG;AACH,wBAAgB,oBAAoB,CAAC,MAAM,EAAE,MAAM,EAAE,OAAO,EAAE,MAAM,GAAG,OAAO,CAS7E;AAED;;GAEG;AACH,wBAAgB,eAAe,CAC7B,MAAM,EAAE,MAAM,EACd,SAAS,EAAE,MAAM,EAAE,GAClB,OAAO,CAET"}

package/dist/utils/patterns.js

@@ -0,0 +1,157 @@
+"use strict";
+/**
+ * Sensitive data patterns for detection
+ */
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.SENSITIVE_PATTERNS = void 0;
+exports.containsSensitiveData = containsSensitiveData;
+exports.maskSensitiveData = maskSensitiveData;
+exports.extractDomain = extractDomain;
+exports.domainMatchesPattern = domainMatchesPattern;
+exports.isDomainAllowed = isDomainAllowed;
+// BIP-39 English wordlist (first 100 words for pattern matching)
+const BIP39_WORDS = [
+    'abandon', 'ability', 'able', 'about', 'above', 'absent', 'absorb', 'abstract',
+    'absurd', 'abuse', 'access', 'accident', 'account', 'accuse', 'achieve', 'acid',
+    'acoustic', 'acquire', 'across', 'act', 'action', 'actor', 'actress', 'actual',
+    'adapt', 'add', 'addict', 'address', 'adjust', 'admit', 'adult', 'advance',
+    'advice', 'aerobic', 'affair', 'afford', 'afraid', 'again', 'age', 'agent',
+    'agree', 'ahead', 'aim', 'air', 'airport', 'aisle', 'alarm', 'album',
+    'alcohol', 'alert', 'alien', 'all', 'alley', 'allow', 'almost', 'alone',
+    'alpha', 'already', 'also', 'alter', 'always', 'amateur', 'amazing', 'among',
+    'amount', 'amused', 'analyst', 'anchor', 'ancient', 'anger', 'angle', 'angry',
+    'animal', 'ankle', 'announce', 'annual', 'another', 'answer', 'antenna', 'antique',
+    'anxiety', 'any', 'apart', 'apology', 'appear', 'apple', 'approve', 'april',
+    'arch', 'arctic', 'area', 'arena', 'argue', 'arm', 'armed', 'armor',
+    'army', 'around', 'arrange', 'arrest', 'arrive', 'arrow', 'art', 'artefact',
+    'artist', 'artwork', 'ask', 'aspect', 'assault', 'asset', 'assist', 'assume',
+    'asthma', 'athlete', 'atom', 'attack', 'attend', 'attitude', 'attract', 'auction',
+    'audit', 'august', 'aunt', 'author', 'auto', 'autumn', 'average', 'avocado',
+    'avoid', 'awake', 'aware', 'away', 'awesome', 'awful', 'awkward', 'axis',
+    'baby', 'bachelor', 'bacon', 'badge', 'bag', 'balance', 'balcony', 'ball',
+    'bamboo', 'banana', 'banner', 'bar', 'barely', 'bargain', 'barrel', 'base',
+    'basic', 'basket', 'battle', 'beach', 'bean', 'beauty', 'because', 'become',
+    'beef', 'before', 'begin', 'behave', 'behind', 'believe', 'below', 'belt',
+    'bench', 'benefit', 'best', 'betray', 'better', 'between', 'beyond', 'bicycle',
+    'bid', 'bike', 'bind', 'biology', 'bird', 'birth', 'bitter', 'black',
+    'blade', 'blame', 'blanket', 'blast', 'bleak', 'bless', 'blind', 'blood',
+    'blossom', 'blouse', 'blue', 'blur', 'blush', 'board', 'boat', 'body',
+].join('|');
+/**
+ * Sensitive data patterns
+ */
+exports.SENSITIVE_PATTERNS = {
+    /**
+     * Ethereum private key (64 hex characters with 0x prefix)
+     */
+    PRIVATE_KEY: /0x[a-fA-F0-9]{64}/g,
+    /**
+     * Mnemonic/seed phrase (12, 15, 18, 21, or 24 words)
+     */
+    MNEMONIC: new RegExp(`\\b(${BIP39_WORDS})\\b(\\s+\\b(${BIP39_WORDS})\\b){11,23}`, 'gi'),
+    /**
+     * API key/secret patterns
+     */
+    API_SECRET: /(api[_\-]?secret|secret[_\-]?key|api[_\-]?key)\s*[:=]\s*['"]?[A-Za-z0-9\-_]{20,}['"]?/gi,
+    /**
+     * SSH private key
+     */
+    SSH_KEY: /-----BEGIN (OPENSSH|RSA|DSA|EC|PGP) PRIVATE KEY-----/g,
+    /**
+     * JWT/Bearer token
+     */
+    BEARER_TOKEN: /Bearer\s+[A-Za-z0-9\-_]+\.[A-Za-z0-9\-_]+\.[A-Za-z0-9\-_]*/g,
+    /**
+     * AWS credentials
+     */
+    AWS_KEY: /(AKIA|ABIA|ACCA|ASIA)[0-9A-Z]{16}/g,
+    AWS_SECRET: /aws[_\-]?secret[_\-]?access[_\-]?key\s*[:=]\s*['"]?[A-Za-z0-9/+=]{40}['"]?/gi,
+    /**
+     * GitHub token
+     */
+    GITHUB_TOKEN: /gh[pousr]_[A-Za-z0-9_]{36,}/g,
+    /**
+     * Generic password in config
+     */
+    PASSWORD_CONFIG: /(password|passwd|pwd)\s*[:=]\s*['"][^'"]{8,}['"]/gi,
+    /**
+     * Database connection string
+     */
+    DB_CONNECTION: /(mongodb|postgres|mysql|redis):\/\/[^\s'"]+/gi,
+};
+/**
+ * Check if content contains sensitive data
+ */
+function containsSensitiveData(content) {
+    const matches = [];
+    const types = new Set();
+    for (const [type, pattern] of Object.entries(exports.SENSITIVE_PATTERNS)) {
+        // Reset lastIndex for global patterns
+        pattern.lastIndex = 0;
+        let match;
+        while ((match = pattern.exec(content)) !== null) {
+            types.add(type);
+            matches.push({
+                type,
+                match: match[0],
+                truncated: match[0].slice(0, 20) + (match[0].length > 20 ? '...' : ''),
+            });
+            // Prevent infinite loop for zero-length matches
+            if (match.index === pattern.lastIndex) {
+                pattern.lastIndex++;
+            }
+        }
+    }
+    return {
+        found: types.size > 0,
+        types: Array.from(types),
+        matches,
+    };
+}
+/**
+ * Mask sensitive data in content
+ */
+function maskSensitiveData(content) {
+    let masked = content;
+    for (const pattern of Object.values(exports.SENSITIVE_PATTERNS)) {
+        pattern.lastIndex = 0;
+        masked = masked.replace(pattern, (match) => {
+            if (match.length <= 8) {
+                return '*'.repeat(match.length);
+            }
+            return match.slice(0, 4) + '*'.repeat(match.length - 8) + match.slice(-4);
+        });
+    }
+    return masked;
+}
+/**
+ * Extract domain from URL
+ */
+function extractDomain(url) {
+    try {
+        const parsed = new URL(url);
+        return parsed.hostname;
+    }
+    catch {
+        return null;
+    }
+}
+/**
+ * Check if domain matches a pattern (supports wildcards)
+ */
+function domainMatchesPattern(domain, pattern) {
+    if (pattern === '*')
+        return true;
+    if (pattern.startsWith('*.')) {
+        const suffix = pattern.slice(2);
+        return domain === suffix || domain.endsWith('.' + suffix);
+    }
+    return domain === pattern;
+}
+/**
+ * Check if domain is in allowlist
+ */
+function isDomainAllowed(domain, allowlist) {
+    return allowlist.some((pattern) => domainMatchesPattern(domain, pattern));
+}
+//# sourceMappingURL=patterns.js.map

package/dist/utils/patterns.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"patterns.js","sourceRoot":"","sources":["../../src/utils/patterns.ts"],"names":[],"mappings":";AAAA;;GAEG;;;AAwFH,sDAiCC;AAKD,8CAcC;AAKD,sCAOC;AAKD,oDASC;AAKD,0CAKC;AA9KD,iEAAiE;AACjE,MAAM,WAAW,GAAG;IAClB,SAAS,EAAE,SAAS,EAAE,MAAM,EAAE,OAAO,EAAE,OAAO,EAAE,QAAQ,EAAE,QAAQ,EAAE,UAAU;IAC9E,QAAQ,EAAE,OAAO,EAAE,QAAQ,EAAE,UAAU,EAAE,SAAS,EAAE,QAAQ,EAAE,SAAS,EAAE,MAAM;IAC/E,UAAU,EAAE,SAAS,EAAE,QAAQ,EAAE,KAAK,EAAE,QAAQ,EAAE,OAAO,EAAE,SAAS,EAAE,QAAQ;IAC9E,OAAO,EAAE,KAAK,EAAE,QAAQ,EAAE,SAAS,EAAE,QAAQ,EAAE,OAAO,EAAE,OAAO,EAAE,SAAS;IAC1E,QAAQ,EAAE,SAAS,EAAE,QAAQ,EAAE,QAAQ,EAAE,QAAQ,EAAE,OAAO,EAAE,KAAK,EAAE,OAAO;IAC1E,OAAO,EAAE,OAAO,EAAE,KAAK,EAAE,KAAK,EAAE,SAAS,EAAE,OAAO,EAAE,OAAO,EAAE,OAAO;IACpE,SAAS,EAAE,OAAO,EAAE,OAAO,EAAE,KAAK,EAAE,OAAO,EAAE,OAAO,EAAE,QAAQ,EAAE,OAAO;IACvE,OAAO,EAAE,SAAS,EAAE,MAAM,EAAE,OAAO,EAAE,QAAQ,EAAE,SAAS,EAAE,SAAS,EAAE,OAAO;IAC5E,QAAQ,EAAE,QAAQ,EAAE,SAAS,EAAE,QAAQ,EAAE,SAAS,EAAE,OAAO,EAAE,OAAO,EAAE,OAAO;IAC7E,QAAQ,EAAE,OAAO,EAAE,UAAU,EAAE,QAAQ,EAAE,SAAS,EAAE,QAAQ,EAAE,SAAS,EAAE,SAAS;IAClF,SAAS,EAAE,KAAK,EAAE,OAAO,EAAE,SAAS,EAAE,QAAQ,EAAE,OAAO,EAAE,SAAS,EAAE,OAAO;IAC3E,MAAM,EAAE,QAAQ,EAAE,MAAM,EAAE,OAAO,EAAE,OAAO,EAAE,KAAK,EAAE,OAAO,EAAE,OAAO;IACnE,MAAM,EAAE,QAAQ,EAAE,SAAS,EAAE,QAAQ,EAAE,QAAQ,EAAE,OAAO,EAAE,KAAK,EAAE,UAAU;IAC3E,QAAQ,EAAE,SAAS,EAAE,KAAK,EAAE,QAAQ,EAAE,SAAS,EAAE,OAAO,EAAE,QAAQ,EAAE,QAAQ;IAC5E,QAAQ,EAAE,SAAS,EAAE,MAAM,EAAE,QAAQ,EAAE,QAAQ,EAAE,UAAU,EAAE,SAAS,EAAE,SAAS;IACjF,OAAO,EAAE,QAAQ,EAAE,MAAM,EAAE,QAAQ,EAAE,MAAM,EAAE,QAAQ,EAAE,SAAS,EAAE,SAAS;IAC3E,OAAO,EAAE,OAAO,EAAE,OAAO,EAAE,MAAM,EAAE,SAAS,EAAE,OAAO,EAAE,SAAS,EAAE,MAAM;IACxE,MAAM,EAAE,UAAU,EAAE,OAAO,EAAE,OAAO,EAAE,KAAK,EAAE,SAAS,EAAE,SAAS,EAAE,MAAM;IACzE,QAAQ,EAAE,QAAQ,EAAE,QAAQ,EAAE,KAAK,EAAE,QAAQ,EAAE,SAAS,EAAE,QAAQ,EAAE,MAAM;IAC1E,OAAO,EAAE,QAAQ,EAAE,QAAQ,EAAE,OAAO,EAAE,MAAM,EAAE,QAAQ,EAAE,SAAS,EAAE,QAAQ;IAC3E,MAAM,EAAE,QAAQ,EAAE,OAAO,EAAE,QAAQ,EAAE,QAAQ,EAAE,SAAS,EAAE,OAAO,EAAE,MAAM;IACzE,OAAO,EAAE,SAAS,EAAE,MAAM,EAAE,QAAQ,EAAE,QAAQ,EAAE,SAAS,EAAE,QAAQ,EAAE,SAAS;IAC9E,KAAK,EAAE,MAAM,EAAE,MAAM,EAAE,SAAS,EAAE,MAAM,EAAE,OAAO,EAAE,QAAQ,EAAE,OAAO;IACpE,OAAO,EAAE,OAAO,EAAE,SAAS,EAAE,OAAO,EAAE,OAAO,EAAE,OAAO,EAAE,OAAO,EAAE,OAAO;IACxE,SAAS,EAAE,QAAQ,EAAE,MAAM,EAAE,MAAM,EAAE,OAAO,EAAE,OAAO,EAAE,MAAM,EAAE,MAAM;CACtE,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;AAEZ;;GAEG;AACU,QAAA,kBAAkB,GAAG;IAChC;;OAEG;IACH,WAAW,EAAE,oBAAoB;IAEjC;;OAEG;IACH,QAAQ,EAAE,IAAI,MAAM,CAClB,OAAO,WAAW,gBAAgB,WAAW,cAAc,EAC3D,IAAI,CACL;IAED;;OAEG;IACH,UAAU,EAAE,yFAAyF;IAErG;;OAEG;IACH,OAAO,EAAE,uDAAuD;IAEhE;;OAEG;IACH,YAAY,EAAE,6DAA6D;IAE3E;;OAEG;IACH,OAAO,EAAE,oCAAoC;IAC7C,UAAU,EAAE,8EAA8E;IAE1F;;OAEG;IACH,YAAY,EAAE,8BAA8B;IAE5C;;OAEG;IACH,eAAe,EAAE,oDAAoD;IAErE;;OAEG;IACH,aAAa,EAAE,+CAA+C;CAC/D,CAAC;AAEF;;GAEG;AACH,SAAgB,qBAAqB,CAAC,OAAe;IAKnD,MAAM,OAAO,GAAyD,EAAE,CAAC;IACzE,MAAM,KAAK,GAAgB,IAAI,GAAG,EAAE,CAAC;IAErC,KAAK,MAAM,CAAC,IAAI,EAAE,OAAO,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,0BAAkB,CAAC,EAAE,CAAC;QACjE,sCAAsC;QACtC,OAAO,CAAC,SAAS,GAAG,CAAC,CAAC;QAEtB,IAAI,KAA6B,CAAC;QAClC,OAAO,CAAC,KAAK,GAAG,OAAO,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC,KAAK,IAAI,EAAE,CAAC;YAChD,KAAK,CAAC,GAAG,CAAC,IAAI,CAAC,CAAC;YAChB,OAAO,CAAC,IAAI,CAAC;gBACX,IAAI;gBACJ,KAAK,EAAE,KAAK,CAAC,CAAC,CAAC;gBACf,SAAS,EAAE,KAAK,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,EAAE,EAAE,CAAC,GAAG,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,MAAM,GAAG,EAAE,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,EAAE,CAAC;aACvE,CAAC,CAAC;YAEH,gDAAgD;YAChD,IAAI,KAAK,CAAC,KAAK,KAAK,OAAO,CAAC,SAAS,EAAE,CAAC;gBACtC,OAAO,CAAC,SAAS,EAAE,CAAC;YACtB,CAAC;QACH,CAAC;IACH,CAAC;IAED,OAAO;QACL,KAAK,EAAE,KAAK,CAAC,IAAI,GAAG,CAAC;QACrB,KAAK,EAAE,KAAK,CAAC,IAAI,CAAC,KAAK,CAAC;QACxB,OAAO;KACR,CAAC;AACJ,CAAC;AAED;;GAEG;AACH,SAAgB,iBAAiB,CAAC,OAAe;IAC/C,IAAI,MAAM,GAAG,OAAO,CAAC;IAErB,KAAK,MAAM,OAAO,IAAI,MAAM,CAAC,MAAM,CAAC,0BAAkB,CAAC,EAAE,CAAC;QACxD,OAAO,CAAC,SAAS,GAAG,CAAC,CAAC;QACtB,MAAM,GAAG,MAAM,CAAC,OAAO,CAAC,OAAO,EAAE,CAAC,KAAK,EAAE,EAAE;YACzC,IAAI,KAAK,CAAC,MAAM,IAAI,CAAC,EAAE,CAAC;gBACtB,OAAO,GAAG,CAAC,MAAM,CAAC,KAAK,CAAC,MAAM,CAAC,CAAC;YAClC,CAAC;YACD,OAAO,KAAK,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC,GAAG,GAAG,CAAC,MAAM,CAAC,KAAK,CAAC,MAAM,GAAG,CAAC,CAAC,GAAG,KAAK,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC;QAC5E,CAAC,CAAC,CAAC;IACL,CAAC;IAED,OAAO,MAAM,CAAC;AAChB,CAAC;AAED;;GAEG;AACH,SAAgB,aAAa,CAAC,GAAW;IACvC,IAAI,CAAC;QACH,MAAM,MAAM,GAAG,IAAI,GAAG,CAAC,GAAG,CAAC,CAAC;QAC5B,OAAO,MAAM,CAAC,QAAQ,CAAC;IACzB,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,IAAI,CAAC;IACd,CAAC;AACH,CAAC;AAED;;GAEG;AACH,SAAgB,oBAAoB,CAAC,MAAc,EAAE,OAAe;IAClE,IAAI,OAAO,KAAK,GAAG;QAAE,OAAO,IAAI,CAAC;IAEjC,IAAI,OAAO,CAAC,UAAU,CAAC,IAAI,CAAC,EAAE,CAAC;QAC7B,MAAM,MAAM,GAAG,OAAO,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC;QAChC,OAAO,MAAM,KAAK,MAAM,IAAI,MAAM,CAAC,QAAQ,CAAC,GAAG,GAAG,MAAM,CAAC,CAAC;IAC5D,CAAC;IAED,OAAO,MAAM,KAAK,OAAO,CAAC;AAC5B,CAAC;AAED;;GAEG;AACH,SAAgB,eAAe,CAC7B,MAAc,EACd,SAAmB;IAEnB,OAAO,SAAS,CAAC,IAAI,CAAC,CAAC,OAAO,EAAE,EAAE,CAAC,oBAAoB,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC,CAAC;AAC5E,CAAC"}

package/package.json

@@ -0,0 +1,60 @@
+{
+  "name": "@goplus/agentguard",
+  "version": "1.0.0",
+  "description": "GoPlus AgentGuard — Security guard for AI agents. Blocks dangerous commands, prevents data leaks, protects secrets. 20 detection rules, runtime action evaluation, trust registry.",
+  "main": "dist/index.js",
+  "types": "dist/index.d.ts",
+  "bin": {
+    "agentguard": "./dist/mcp-server.js"
+  },
+  "scripts": {
+    "build": "tsc",
+    "start": "node dist/mcp-server.js",
+    "dev": "tsc -w",
+    "test": "node --test dist/tests/*.test.js",
+    "prepublishOnly": "npm run build"
+  },
+  "keywords": [
+    "claude-code-skill",
+    "agent-skills",
+    "mcp",
+    "security",
+    "ai-agent",
+    "web3",
+    "goplus",
+    "claude-code",
+    "codex",
+    "scanner",
+    "trust-registry",
+    "hooks"
+  ],
+  "author": "GoPlusSecurity",
+  "license": "MIT",
+  "repository": {
+    "type": "git",
+    "url": "git+https://github.com/GoPlusSecurity/agentguard.git"
+  },
+  "engines": {
+    "node": ">=18.0.0"
+  },
+  "dependencies": {
+    "@modelcontextprotocol/sdk": "^1.0.0",
+    "axios": "^1.6.7",
+    "commander": "^12.0.0",
+    "glob": "^10.3.10",
+    "zod": "^3.25.32"
+  },
+  "devDependencies": {
+    "@types/node": "^20.11.24",
+    "typescript": "^5.3.3"
+  },
+  "homepage": "https://github.com/GoPlusSecurity/agentguard#readme",
+  "bugs": {
+    "url": "https://github.com/GoPlusSecurity/agentguard/issues"
+  },
+  "files": [
+    "dist",
+    "README.md",
+    "LICENSE"
+  ]
+}